6 files changed, 74 insertions, 2 deletions

diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AggregatingClientCredentialReader.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AggregatingClientCredentialReader.cs
index 4248c6f..6eff5f5 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AggregatingClientCredentialReader.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AggregatingClientCredentialReader.cs
@@ -32,6 +32,12 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 			this.authenticators = authenticators;
 		}
 
+		/// <summary>
+		/// Attempts to extract client identification/authentication information from a message.
+		/// </summary>
+		/// <param name="requestMessage">The incoming message.</param>
+		/// <param name="clientIdentifier">Receives the client identifier, if one was found.</param>
+		/// <returns>The level of the extracted client information.</returns>
 		public override ClientAuthenticationResult TryAuthenticateClient(AuthenticatedClientRequestBase requestMessage, out string clientIdentifier) {
 			Requires.NotNull(requestMessage, "requestMessage");
 
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialReader.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientAuthenticationModuleBase.cs
index 085600a..262116d 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialReader.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientAuthenticationModuleBase.cs
@@ -1,5 +1,5 @@
 //-----------------------------------------------------------------------
-// <copyright file="ClientCredentialReader.cs" company="Andrew Arnott">
+// <copyright file="ClientAuthenticationModuleBase.cs" company="Andrew Arnott">
 //     Copyright (c) Andrew Arnott. All rights reserved.
 // </copyright>
 //-----------------------------------------------------------------------
@@ -14,16 +14,41 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 	using DotNetOpenAuth.Messaging;
 	using DotNetOpenAuth.OAuth2.Messages;
 
+	/// <summary>
+	/// A convenient base class for imlementations of the <see cref="IClientAuthenticationModule"/> interface.
+	/// </summary>
 	public abstract class ClientAuthenticationModuleBase : IClientAuthenticationModule {
+		/// <summary>
+		/// Initializes a new instance of the <see cref="ClientAuthenticationModuleBase"/> class.
+		/// </summary>
 		protected ClientAuthenticationModuleBase() {
 		}
 
+		/// <summary>
+		/// Attempts to extract client identification/authentication information from a message.
+		/// </summary>
+		/// <param name="requestMessage">The incoming message.</param>
+		/// <param name="clientIdentifier">Receives the client identifier, if one was found.</param>
+		/// <returns>The level of the extracted client information.</returns>
 		public abstract ClientAuthenticationResult TryAuthenticateClient(AuthenticatedClientRequestBase requestMessage, out string clientIdentifier);
 
+		/// <summary>
+		/// Attempts to extract client identification/authentication information from a message.
+		/// </summary>
+		/// <param name="requestMessage">The incoming message.  Always an instance of <see cref="AuthenticatedClientRequestBase"/></param>
+		/// <param name="clientIdentifier">Receives the client identifier, if one was found.</param>
+		/// <returns>The level of the extracted client information.</returns>
 		public ClientAuthenticationResult TryAuthenticateClient(IDirectedProtocolMessage requestMessage, out string clientIdentifier) {
 			return this.TryAuthenticateClient((AuthenticatedClientRequestBase)requestMessage, out clientIdentifier);
 		}
 
+		/// <summary>
+		/// Validates a client identifier and shared secret against the authoriation server's database.
+		/// </summary>
+		/// <param name="authorizationServerHost">The authorization server host; cannot be <c>null</c>.</param>
+		/// <param name="clientIdentifier">The alleged client identifier.</param>
+		/// <param name="clientSecret">The alleged client secret to be verified.</param>
+		/// <returns>An indication as to the outcome of the validation.</returns>
 		protected static ClientAuthenticationResult TryAuthenticateClient(IAuthorizationServerHost authorizationServerHost, string clientIdentifier, string clientSecret) {
 			Requires.NotNull(authorizationServerHost, "authorizationServerHost");
 
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs
index da3f8ff..b375d29 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs
@@ -13,14 +13,30 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 	using DotNetOpenAuth.Messaging;
 	using DotNetOpenAuth.OAuth2.Messages;
 
+	/// <summary>
+	/// Reads client authentication information from the HTTP Authorization header via Basic authentication.
+	/// </summary>
 	public class ClientCredentialHttpBasicReader : ClientAuthenticationModuleBase {
+		/// <summary>
+		/// The authorization server host.
+		/// </summary>
 		private readonly IAuthorizationServerHost authorizationServerHost;
 
+		/// <summary>
+		/// Initializes a new instance of the <see cref="ClientCredentialHttpBasicReader"/> class.
+		/// </summary>
+		/// <param name="authorizationServerHost">The authorization server host.</param>
 		public ClientCredentialHttpBasicReader(IAuthorizationServerHost authorizationServerHost) {
 			Requires.NotNull(authorizationServerHost, "authorizationServerHost");
 			this.authorizationServerHost = authorizationServerHost;
 		}
 
+		/// <summary>
+		/// Attempts to extract client identification/authentication information from a message.
+		/// </summary>
+		/// <param name="requestMessage">The incoming message.</param>
+		/// <param name="clientIdentifier">Receives the client identifier, if one was found.</param>
+		/// <returns>The level of the extracted client information.</returns>
 		public override ClientAuthenticationResult TryAuthenticateClient(AuthenticatedClientRequestBase requestMessage, out string clientIdentifier) {
 			Requires.NotNull(requestMessage, "requestMessage");
 
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialMessagePartReader.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialMessagePartReader.cs
index 07ededf..2df68a6 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialMessagePartReader.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialMessagePartReader.cs
@@ -12,14 +12,30 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 	using System.Web;
 	using DotNetOpenAuth.OAuth2.Messages;
 
+	/// <summary>
+	/// Reads client authentication information from the message payload itself (POST entity as a URI-encoded parameter).
+	/// </summary>
 	public class ClientCredentialMessagePartReader : ClientAuthenticationModuleBase {
+		/// <summary>
+		/// The authorization server host.
+		/// </summary>
 		private readonly IAuthorizationServerHost authorizationServerHost;
 
+		/// <summary>
+		/// Initializes a new instance of the <see cref="ClientCredentialMessagePartReader"/> class.
+		/// </summary>
+		/// <param name="authorizationServerHost">The authorization server host.</param>
 		public ClientCredentialMessagePartReader(IAuthorizationServerHost authorizationServerHost) {
 			Requires.NotNull(authorizationServerHost, "authorizationServerHost");
 			this.authorizationServerHost = authorizationServerHost;
 		}
 
+		/// <summary>
+		/// Attempts to extract client identification/authentication information from a message.
+		/// </summary>
+		/// <param name="requestMessage">The incoming message.</param>
+		/// <param name="clientIdentifier">Receives the client identifier, if one was found.</param>
+		/// <returns>The level of the extracted client information.</returns>
 		public override ClientAuthenticationResult TryAuthenticateClient(AuthenticatedClientRequestBase requestMessage, out string clientIdentifier) {
 			Requires.NotNull(requestMessage, "requestMessage");
 			clientIdentifier = requestMessage.ClientIdentifier;
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
index fa21bdd..40f3df8 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
@@ -23,8 +23,15 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 	/// not been revoked and that an access token has not expired.
 	/// </remarks>
 	internal class MessageValidationBindingElement : AuthServerBindingElementBase {
+		/// <summary>
+		/// The aggregating client authentication module.
+		/// </summary>
 		private readonly IClientAuthenticationModule clientAuthenticationModule;
 
+		/// <summary>
+		/// Initializes a new instance of the <see cref="MessageValidationBindingElement"/> class.
+		/// </summary>
+		/// <param name="clientAuthenticationModule">The aggregating client authentication module.</param>
 		internal MessageValidationBindingElement(IClientAuthenticationModule clientAuthenticationModule) {
 			Requires.NotNull(clientAuthenticationModule, "clientAuthenticationModule");
 			this.clientAuthenticationModule = clientAuthenticationModule;
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs
index 2521e5f..8c3ed4a 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs
@@ -35,6 +35,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 		/// Initializes a new instance of the <see cref="OAuth2AuthorizationServerChannel"/> class.
 		/// </summary>
 		/// <param name="authorizationServer">The authorization server.</param>
+		/// <param name="clientAuthenticationModule">The aggregating client authentication module.</param>
 		protected internal OAuth2AuthorizationServerChannel(IAuthorizationServerHost authorizationServer, IClientAuthenticationModule clientAuthenticationModule)
 			: base(MessageTypes, InitializeBindingElements(authorizationServer, clientAuthenticationModule)) {
 			Requires.NotNull(authorizationServer, "authorizationServer");
@@ -106,13 +107,14 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 		/// Initializes the binding elements for the OAuth channel.
 		/// </summary>
 		/// <param name="authorizationServer">The authorization server.</param>
+		/// <param name="clientAuthenticationModule">The aggregating client authentication module.</param>
 		/// <returns>
 		/// An array of binding elements used to initialize the channel.
 		/// </returns>
 		private static IChannelBindingElement[] InitializeBindingElements(IAuthorizationServerHost authorizationServer, IClientAuthenticationModule clientAuthenticationModule) {
 			Requires.NotNull(authorizationServer, "authorizationServer");
 			Requires.NotNull(clientAuthenticationModule, "clientAuthenticationModule");
-			
+
 			var bindingElements = new List<IChannelBindingElement>();
 
 			// The order they are provided is used for outgoing messgaes, and reversed for incoming messages.