1 files changed, 10 insertions, 8 deletions

diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs
index f2acf79..1871ad6 100644
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs
+++ b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs
@@ -10,10 +10,13 @@ namespace DotNetOpenAuth.OAuth2 {
 	using System.Globalization;
 	using System.Linq;
 	using System.Net;
+	using System.Net.Http.Headers;
 	using System.Text;
 	using DotNetOpenAuth.Messaging;
 	using Validation;
 
+	using HttpRequestHeaders = DotNetOpenAuth.Messaging.HttpRequestHeaders;
+
 	/// <summary>
 	/// Some common utility methods for OAuth 2.0.
 	/// </summary>
@@ -26,7 +29,7 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// <summary>
 		/// The string "Basic ".
 		/// </summary>
-		private const string HttpBasicAuthScheme = "Basic ";
+		private const string HttpBasicAuthScheme = "Basic";
 
 		/// <summary>
 		/// The delimiter between scope elements.
@@ -161,7 +164,7 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// <param name="headers">The headers collection to set the authorization header to.</param>
 		/// <param name="userName">The username.  Cannot be empty.</param>
 		/// <param name="password">The password.  Cannot be null.</param>
-		internal static void ApplyHttpBasicAuth(WebHeaderCollection headers, string userName, string password) {
+		internal static void ApplyHttpBasicAuth(System.Net.Http.Headers.HttpRequestHeaders headers, string userName, string password) {
 			Requires.NotNull(headers, "headers");
 			Requires.NotNullOrEmpty(userName, "userName");
 			Requires.NotNull(password, "password");
@@ -169,8 +172,7 @@ namespace DotNetOpenAuth.OAuth2 {
 			string concat = userName + ":" + password;
 			byte[] bits = HttpBasicEncoding.GetBytes(concat);
 			string base64 = Convert.ToBase64String(bits);
-			string header = HttpBasicAuthScheme + base64;
-			headers[HttpRequestHeader.Authorization] = header;
+			headers.Authorization = new AuthenticationHeaderValue(HttpBasicAuthScheme, base64);
 		}
 
 		/// <summary>
@@ -178,12 +180,12 @@ namespace DotNetOpenAuth.OAuth2 {
 		/// </summary>
 		/// <param name="headers">The incoming web headers.</param>
 		/// <returns>The network credentials; or <c>null</c> if none could be discovered in the request.</returns>
-		internal static NetworkCredential ParseHttpBasicAuth(WebHeaderCollection headers) {
+		internal static NetworkCredential ParseHttpBasicAuth(System.Net.Http.Headers.HttpRequestHeaders headers) {
 			Requires.NotNull(headers, "headers");
 
-			string authorizationHeader = headers[HttpRequestHeaders.Authorization];
-			if (authorizationHeader != null && authorizationHeader.StartsWith(HttpBasicAuthScheme, StringComparison.Ordinal)) {
-				string base64 = authorizationHeader.Substring(HttpBasicAuthScheme.Length);
+			var authorizationHeader = headers.Authorization;
+			if (authorizationHeader != null && string.Equals(authorizationHeader.Scheme, HttpBasicAuthScheme, StringComparison.Ordinal)) {
+				string base64 = authorizationHeader.Parameter;
 				byte[] bits = Convert.FromBase64String(base64);
 				string usernameColonPassword = HttpBasicEncoding.GetString(bits);
 				string[] usernameAndPassword = usernameColonPassword.Split(ColonSeparator, 2);