1 files changed, 13 insertions, 7 deletions

diff --git a/samples/OAuthServiceProvider/App_Code/DataApi.cs b/samples/OAuthServiceProvider/App_Code/DataApi.cs
index a765159..00876f6 100644
--- a/samples/OAuthServiceProvider/App_Code/DataApi.cs
+++ b/samples/OAuthServiceProvider/App_Code/DataApi.cs
@@ -1,20 +1,26 @@
 using System.Linq;
 using System.ServiceModel;
 
+/// <summary>
+/// The WCF service API.
+/// </summary>
+/// <remarks>
+/// Note how there is no code here that is bound to OAuth or any other
+/// credential/authorization scheme.  That's all part of the channel/binding elsewhere.
+/// And the reference to Global.LoggedInUser is the user being impersonated by the WCF client.
+/// In the OAuth case, it is the user who authorized the OAuth access token that was used
+/// to gain access to the service.
+/// </remarks>
 public class DataApi : IDataApi {
-	private static OAuthToken AccessToken {
-		get { return OperationContext.Current.IncomingMessageProperties["OAuthAccessToken"] as OAuthToken; }
-	}
-
 	public int? GetAge() {
-		return AccessToken.User.Age;
+		return Global.LoggedInUser.Age;
 	}
 
 	public string GetName() {
-		return AccessToken.User.FullName;
+		return Global.LoggedInUser.FullName;
 	}
 
 	public string[] GetFavoriteSites() {
-		return AccessToken.User.FavoriteSites.Select(site => site.SiteUrl).ToArray();
+		return Global.LoggedInUser.FavoriteSites.Select(site => site.SiteUrl).ToArray();
 	}
 }