2 files changed, 6 insertions, 4 deletions

diff --git a/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs b/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs
index 41b1d23..3c8a3be 100644
--- a/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs
+++ b/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs
@@ -83,11 +83,11 @@
 					OAuth2AuthorizationServer.AsymmetricKey,
 					OAuth2AuthorizationServer.AsymmetricKey));
 
-			string username, scope;
+			string username;
+			HashSet<string> scope;
 			var error = resourceServer.VerifyAccess(new HttpRequestInfo(httpDetails, requestUri), out username, out scope);
 			if (error == null) {
-				string[] scopes = scope.Split(new char[] { ' ' });
-				var principal = new OAuthPrincipal(username, scopes);
+				var principal = new OAuthPrincipal(username, scope.ToArray());
 				return principal;
 			} else {
 				return null;
diff --git a/samples/OAuthServiceProvider/Members/Authorize2.aspx.cs b/samples/OAuthServiceProvider/Members/Authorize2.aspx.cs
index 0c14bfd..88c3049 100644
--- a/samples/OAuthServiceProvider/Members/Authorize2.aspx.cs
+++ b/samples/OAuthServiceProvider/Members/Authorize2.aspx.cs
@@ -8,6 +8,8 @@
 	using System.Web.UI.WebControls;
 	using Code;
 
+	using DotNetOpenAuth.OAuth2;
+
 	public partial class Authorize2 : System.Web.UI.Page {
 		private static readonly RandomNumberGenerator CryptoRandomDataGenerator = new RNGCryptoServiceProvider();
 
@@ -22,7 +24,7 @@
 					Response.Redirect("~/Members/AuthorizedConsumers.aspx");
 				} else {
 					var pendingRequest = Global.PendingOAuth2Authorization;
-					this.desiredAccessLabel.Text = pendingRequest.Scope;
+					this.desiredAccessLabel.Text = OAuthUtilities.JoinScopes(pendingRequest.Scope);
 					this.consumerLabel.Text = pendingRequest.ClientIdentifier;
 
 					// Generate an unpredictable secret that goes to the user agent and must come back