2 files changed, 47 insertions, 25 deletions
diff --git a/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs b/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs
index 0693926..9e9deb4 100644
--- a/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs
+++ b/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs
@@ -293,28 +293,24 @@ namespace DotNetOpenAuth.Messaging {
 		}
 
 		/// <summary>
-		/// Gets the query or form data from the original request (before any URL rewriting has occurred.)
-		/// </summary>
-		/// <returns>A set of name=value pairs.</returns>
-		[SuppressMessage("Microsoft.Design", "CA1024:UsePropertiesWhereAppropriate", Justification = "Expensive call")]
-		internal NameValueCollection GetQueryOrFormFromContext() {
-			NameValueCollection query;
-			if (this.HttpMethod == "GET") {
-				query = this.QueryStringBeforeRewriting;
-			} else {
-				query = this.Form;
-			}
-			return query;
-		}
-
-		/// <summary>
 		/// Gets the public facing URL for the given incoming HTTP request.
 		/// </summary>
 		/// <param name="request">The request.</param>
-		/// <returns>The URI that the outside world used to create this request.</returns>
-		private static Uri GetPublicFacingUrl(HttpRequest request) {
+		/// <param name="serverVariables">The server variables to consider part of the request.</param>
+		/// <returns>
+		/// The URI that the outside world used to create this request.
+		/// </returns>
+		/// <remarks>
+		/// Although the <paramref name="serverVariables"/> value can be obtained from
+		/// <see cref="HttpRequest.ServerVariables"/>, it's useful to be able to pass them
+		/// in so we can simulate injected values from our unit tests since the actual property
+		/// is a read-only kind of <see cref="NameValueCollection"/>.
+		/// </remarks>
+		internal static Uri GetPublicFacingUrl(HttpRequest request, NameValueCollection serverVariables) {
 			Contract.Requires(request != null);
+			Contract.Requires(serverVariables != null);
 			ErrorUtilities.VerifyArgumentNotNull(request, "request");
+			ErrorUtilities.VerifyArgumentNotNull(serverVariables, "serverVariables");
 
 			// Due to URL rewriting, cloud computing (i.e. Azure)
 			// and web farms, etc., we have to be VERY careful about what
@@ -323,15 +319,14 @@ namespace DotNetOpenAuth.Messaging {
 			// HttpRequest.Url gives us the internal URL in a cloud environment,
 			// So we use a variable that (at least from what I can tell) gives us
 			// the public URL:
-			if (request.ServerVariables["HTTP_HOST"] != null) {
+			if (serverVariables["HTTP_HOST"] != null) {
 				ErrorUtilities.VerifySupported(request.Url.Scheme == Uri.UriSchemeHttps || request.Url.Scheme == Uri.UriSchemeHttp, "Only HTTP and HTTPS are supported protocols.");
+				string scheme = serverVariables["HTTP_X_FORWARDED_PROTO"] ?? request.Url.Scheme;
+				Uri hostAndPort = new Uri(scheme + Uri.SchemeDelimiter + serverVariables["HTTP_HOST"]);
 				UriBuilder publicRequestUri = new UriBuilder(request.Url);
-				Uri hostAndPort = new Uri(request.Url.Scheme + Uri.SchemeDelimiter + request.ServerVariables["HTTP_HOST"]);
+				publicRequestUri.Scheme = scheme;
 				publicRequestUri.Host = hostAndPort.Host;
 				publicRequestUri.Port = hostAndPort.Port;
-				if (request.ServerVariables["HTTP_X_FORWARDED_PROTO"] != null) {
-					publicRequestUri.Scheme = request.ServerVariables["HTTP_X_FORWARDED_PROTO"];
-				}
 				return publicRequestUri.Uri;
 			} else {
 				// Failover to the method that works for non-web farm enviroments.
@@ -347,6 +342,33 @@ namespace DotNetOpenAuth.Messaging {
 		}
 
 		/// <summary>
+		/// Gets the query or form data from the original request (before any URL rewriting has occurred.)
+		/// </summary>
+		/// <returns>A set of name=value pairs.</returns>
+		[SuppressMessage("Microsoft.Design", "CA1024:UsePropertiesWhereAppropriate", Justification = "Expensive call")]
+		internal NameValueCollection GetQueryOrFormFromContext() {
+			NameValueCollection query;
+			if (this.HttpMethod == "GET") {
+				query = this.QueryStringBeforeRewriting;
+			} else {
+				query = this.Form;
+			}
+			return query;
+		}
+
+		/// <summary>
+		/// Gets the public facing URL for the given incoming HTTP request.
+		/// </summary>
+		/// <param name="request">The request.</param>
+		/// <returns>The URI that the outside world used to create this request.</returns>
+		private static Uri GetPublicFacingUrl(HttpRequest request) {
+			Contract.Requires(request != null);
+			ErrorUtilities.VerifyArgumentNotNull(request, "request");
+
+			return GetPublicFacingUrl(request, request.ServerVariables);
+		}
+
+		/// <summary>
 		/// Makes up a reasonable guess at the raw URL from the possibly rewritten URL.
 		/// </summary>
 		/// <param name="url">A full URL.</param>
diff --git a/src/DotNetOpenAuth/OpenId/Provider/StandardProviderApplicationStore.cs b/src/DotNetOpenAuth/OpenId/Provider/StandardProviderApplicationStore.cs
index 7085e72..f33a655 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/StandardProviderApplicationStore.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/StandardProviderApplicationStore.cs
@@ -122,7 +122,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// </summary>
 		/// <param name="context">The context, or namespace, within which the <paramref name="nonce"/> must be unique.</param>
 		/// <param name="nonce">A series of random characters.</param>
-		/// <param name="timestamp">The timestamp that together with the nonce string make it unique.
+		/// <param name="timestampUtc">The timestamp that together with the nonce string make it unique.
 		/// The timestamp may also be used by the data store to clear out old nonces.</param>
 		/// <returns>
 		/// True if the nonce+timestamp (combination) was not previously in the database.
@@ -135,8 +135,8 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// is retrieved or set using the
 		/// <see cref="StandardExpirationBindingElement.MaximumMessageAge"/> property.
 		/// </remarks>
-		public bool StoreNonce(string context, string nonce, DateTime timestamp) {
-			return this.nonceStore.StoreNonce(context, nonce, timestamp);
+		public bool StoreNonce(string context, string nonce, DateTime timestampUtc) {
+			return this.nonceStore.StoreNonce(context, nonce, timestampUtc);
 		}
 
 		#endregion