1 files changed, 15 insertions, 8 deletions

diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs
index d2ede6f..5131b10 100644
--- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs
+++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs
@@ -64,15 +64,19 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// this client to access protected data at some resource server.
 		/// </summary>
 		/// <param name="authorization">The authorization state that is tracking this particular request.  Optional.</param>
+		/// <param name="implicitResponseType">
+		/// <c>true</c> to request an access token in the fragment of the response's URL;
+		/// <c>false</c> to authenticate to the authorization server and acquire the access token (and possibly a refresh token) via a private channel.
+		/// </param>
 		/// <param name="state">The client state that should be returned with the authorization response.</param>
 		/// <returns>
 		/// A fully-qualified URL suitable to initiate the authorization flow.
 		/// </returns>
-		public Uri RequestUserAuthorization(IAuthorizationState authorization, string state = null) {
+		public Uri RequestUserAuthorization(IAuthorizationState authorization, bool implicitResponseType = false, string state = null) {
 			Requires.NotNull(authorization, "authorization");
 			Requires.ValidState(!string.IsNullOrEmpty(this.ClientIdentifier));
 
-			var request = this.PrepareRequestUserAuthorization(authorization, state);
+			var request = this.PrepareRequestUserAuthorization(authorization, implicitResponseType, state);
 			return this.Channel.PrepareResponse(request).GetDirectUriRequest(this.Channel);
 		}
 
@@ -130,11 +134,15 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// this client to access protected data at some resource server.
 		/// </summary>
 		/// <param name="authorization">The authorization state that is tracking this particular request.  Optional.</param>
+		/// <param name="implicitResponseType">
+		/// <c>true</c> to request an access token in the fragment of the response's URL;
+		/// <c>false</c> to authenticate to the authorization server and acquire the access token (and possibly a refresh token) via a private channel.
+		/// </param>
 		/// <param name="state">The client state that should be returned with the authorization response.</param>
 		/// <returns>
 		/// A message to send to the authorization server.
 		/// </returns>
-		internal EndUserAuthorizationRequest PrepareRequestUserAuthorization(IAuthorizationState authorization, string state = null) {
+		internal EndUserAuthorizationRequest PrepareRequestUserAuthorization(IAuthorizationState authorization, bool implicitResponseType = false, string state = null) {
 			Requires.NotNull(authorization, "authorization");
 			Requires.ValidState(!string.IsNullOrEmpty(this.ClientIdentifier));
 
@@ -142,11 +150,10 @@ namespace DotNetOpenAuth.OAuth2 {
 				authorization.Callback = new Uri("http://localhost/");
 			}
 
-			var request = new EndUserAuthorizationRequest(this.AuthorizationServer) {
-				ClientIdentifier = this.ClientIdentifier,
-				Callback = authorization.Callback,
-				ClientState = state,
-			};
+			var request = implicitResponseType ? new EndUserAuthorizationImplicitRequest(this.AuthorizationServer) : new EndUserAuthorizationRequest(this.AuthorizationServer);
+			request.ClientIdentifier = this.ClientIdentifier;
+			request.Callback = authorization.Callback;
+			request.ClientState = state;
 			request.Scope.ResetContents(authorization.Scope);
 
 			return request;