1 files changed, 35 insertions, 1 deletions

diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/TokenEndpointProtocolException.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/TokenEndpointProtocolException.cs
index 308bfe2..e86c27e 100644
--- a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/TokenEndpointProtocolException.cs
+++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/TokenEndpointProtocolException.cs
@@ -12,24 +12,40 @@ namespace DotNetOpenAuth.OAuth2 {
 	using System.Text;
 
 	using DotNetOpenAuth.Messaging;
+	using DotNetOpenAuth.OAuth2.Messages;
 
 	/// <summary>
 	/// Describes an error generated by an Authorization Server's token endpoint.
 	/// </summary>
 	public class TokenEndpointProtocolException : ProtocolException {
 		/// <summary>
+		/// The message being processed that caused this exception to be thrown.
+		/// </summary>
+		private readonly AccessTokenRequestBase requestMessage;
+
+		/// <summary>
+		/// The WWW-Authenticate header to add to the response message.
+		/// </summary>
+		private readonly string authenticateHeader;
+
+		/// <summary>
 		/// Initializes a new instance of the <see cref="TokenEndpointProtocolException"/> class.
 		/// </summary>
+		/// <param name="requestMessage">The message whose processing resulted in this error.</param>
 		/// <param name="error">A single error code from <see cref="Protocol.AccessTokenRequestErrorCodes"/>.</param>
 		/// <param name="description">A human-readable UTF-8 encoded text providing additional information, used to assist the client developer in understanding the error that occurred.</param>
 		/// <param name="moreInformation">A URI identifying a human-readable web page with information about the error, used to provide the client developer with additional information about the error.</param>
-		public TokenEndpointProtocolException(string error, string description = null, Uri moreInformation = null)
+		/// <param name="authenticateHeader">The WWW-Authenticate header to add to the response.</param>
+		public TokenEndpointProtocolException(AccessTokenRequestBase requestMessage, string error, string description = null, Uri moreInformation = null, string authenticateHeader = null)
 			: base(string.Format(CultureInfo.CurrentCulture, ClientAuthorizationStrings.TokenEndpointErrorFormat, error, description)) {
+			Requires.NotNull(requestMessage, "requestMessage");
 			Requires.NotNullOrEmpty(error, "error");
 
+			this.requestMessage = requestMessage;
 			this.Error = error;
 			this.Description = description;
 			this.MoreInformation = moreInformation;
+			this.authenticateHeader = authenticateHeader;
 		}
 
 		/// <summary>
@@ -55,5 +71,23 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// Gets a URI identifying a human-readable web page with information about the error, used to provide the client developer with additional information about the error.
 		/// </summary>
 		public Uri MoreInformation { get; private set; }
+
+		/// <summary>
+		/// Gets the response message to send to the client.
+		/// </summary>
+		/// <returns>A message.</returns>
+		public IDirectResponseProtocolMessage GetResponse() {
+			var response = this.requestMessage != null
+				? new AccessTokenFailedResponse(this.requestMessage, this.authenticateHeader != null)
+				: new AccessTokenFailedResponse();
+			response.Error = this.Error;
+			response.ErrorDescription = this.Description;
+			response.ErrorUri = this.MoreInformation;
+			if (this.authenticateHeader != null) {
+				response.Headers.Add(HttpRequestHeaders.WwwAuthenticate, this.authenticateHeader);
+			}
+
+			return response;
+		}
 	}
 }