3 files changed, 29 insertions, 35 deletions

diff --git a/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs b/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs
index 8589932..ee90364 100644
--- a/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs
+++ b/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs
@@ -24,34 +24,38 @@ public class OAuthAuthorizationManager : ServiceAuthorizationManager {
 		HttpRequestMessageProperty httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty;
 		Uri requestUri = operationContext.RequestContext.RequestMessage.Properties["OriginalHttpRequestUri"] as Uri;
 		ServiceProvider sp = Constants.CreateServiceProvider();
-		var auth = sp.ReadProtectedResourceAuthorization(httpDetails, requestUri);
-		if (auth != null) {
-			var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken);
-
-			var principal = sp.CreatePrincipal(auth);
-			var policy = new OAuthPrincipalAuthorizationPolicy(principal);
-			var policies = new List<IAuthorizationPolicy> {
-				policy,
-			};
-
-			var securityContext = new ServiceSecurityContext(policies.AsReadOnly());
-			if (operationContext.IncomingMessageProperties.Security != null) {
-				operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext;
-			} else {
-				operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty {
-					ServiceSecurityContext = securityContext,
+		try {
+			var auth = sp.ReadProtectedResourceAuthorization(httpDetails, requestUri);
+			if (auth != null) {
+				var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken);
+
+				var principal = sp.CreatePrincipal(auth);
+				var policy = new OAuthPrincipalAuthorizationPolicy(principal);
+				var policies = new List<IAuthorizationPolicy> {
+					policy,
 				};
-			}
 
-			securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> {
-				principal.Identity,
-			};
+				var securityContext = new ServiceSecurityContext(policies.AsReadOnly());
+				if (operationContext.IncomingMessageProperties.Security != null) {
+					operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext;
+				} else {
+					operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty {
+						ServiceSecurityContext = securityContext,
+					};
+				}
+
+				securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> {
+					principal.Identity,
+				};
 
-			// Only allow this method call if the access token scope permits it.
-			string[] scopes = accessToken.Scope.Split('|');
-			if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) {
-				return true;
+				// Only allow this method call if the access token scope permits it.
+				string[] scopes = accessToken.Scope.Split('|');
+				if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) {
+					return true;
+				}
 			}
+		} catch (ProtocolException ex) {
+			Global.Logger.Error("Error processing OAuth messages.", ex);
 		}
 
 		return false;
diff --git a/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx b/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx
index 78179f7..a00eccd 100644
--- a/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx
+++ b/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx
@@ -12,5 +12,4 @@
 		Visible="False" />
 	<asp:Label ID="loginCanceledLabel" runat="server" EnableViewState="False" Text="Login canceled"
 		Visible="False" />
-	<asp:CheckBox ID="noLoginCheckBox" runat="server" Text="Extensions only (no login) -- most OPs don't yet support this" />
 </asp:Content>
\ No newline at end of file
diff --git a/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx.designer.cs b/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx.designer.cs
index 239d7b8..088e305 100644
--- a/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx.designer.cs
+++ b/samples/OpenIdRelyingPartyWebForms/loginProgrammatic.aspx.designer.cs
@@ -1,7 +1,7 @@
 //------------------------------------------------------------------------------
 // <auto-generated>
 //     This code was generated by a tool.
-//     Runtime Version:2.0.50727.4918
+//     Runtime Version:2.0.50727.4927
 //
 //     Changes to this file may cause incorrect behavior and will be lost if
 //     the code is regenerated.
@@ -66,14 +66,5 @@ namespace OpenIdRelyingPartyWebForms {
         /// To modify move field declaration from designer file to code-behind file.
         /// </remarks>
         protected global::System.Web.UI.WebControls.Label loginCanceledLabel;
-        
-        /// <summary>
-        /// noLoginCheckBox control.
-        /// </summary>
-        /// <remarks>
-        /// Auto-generated field.
-        /// To modify move field declaration from designer file to code-behind file.
-        /// </remarks>
-        protected global::System.Web.UI.WebControls.CheckBox noLoginCheckBox;
     }
 }