4 files changed, 12 insertions, 15 deletions

diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj
index f68e60a..2861467 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj
@@ -23,7 +23,7 @@
     <Compile Include="OAuth2\ChannelElements\AccessRequestBindingElement.cs" />
     <Compile Include="OAuth2\ChannelElements\AccessTokenBindingElement.cs" />
     <Compile Include="OAuth2\ChannelElements\AuthorizationCode.cs" />
-    <Compile Include="OAuth2\ChannelElements\IncomingMessageValidationBindingElement.cs" />
+    <Compile Include="OAuth2\ChannelElements\MessageValidationBindingElement.cs" />
     <Compile Include="OAuth2\ChannelElements\AuthServerBindingElementBase.cs" />
     <Compile Include="OAuth2\ChannelElements\IOAuth2ChannelWithAuthorizationServer.cs" />
     <Compile Include="OAuth2\ChannelElements\OAuth2AuthorizationServerChannel.cs" />
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessRequestBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessRequestBindingElement.cs
index 0c0f365..14391a6 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessRequestBindingElement.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessRequestBindingElement.cs
@@ -50,9 +50,6 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 		/// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable.
 		/// </remarks>
 		public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) {
-			var responseWithOriginatingRequest = message as IDirectResponseProtocolMessage;
-			var accessRequest = responseWithOriginatingRequest.OriginatingRequest as IAccessTokenRequestInternal;
-
 			var authCodeCarrier = message as IAuthorizationCodeCarryingRequest;
 			if (authCodeCarrier != null) {
 				var codeFormatter = AuthorizationCode.CreateFormatter(this.AuthorizationServer);
@@ -61,13 +58,6 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 				return MessageProtections.None;
 			}
 
-			var accessTokenResponse = message as AccessTokenSuccessResponse;
-			if (accessTokenResponse != null) {
-				var directResponseMessage = (IDirectResponseProtocolMessage)accessTokenResponse;
-				var accessTokenRequest = (AccessTokenRequestBase)directResponseMessage.OriginatingRequest;
-				ErrorUtilities.VerifyProtocol(accessTokenRequest.GrantType != GrantType.ClientCredentials || accessTokenResponse.RefreshToken == null, OAuthStrings.NoGrantNoRefreshToken);
-			}
-
 			return null;
 		}
 
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/IncomingMessageValidationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
index b23643b..46a3de2 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/IncomingMessageValidationBindingElement.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
@@ -1,5 +1,5 @@
 //-----------------------------------------------------------------------
-// <copyright file="IncomingMessageValidationBindingElement.cs" company="Outercurve Foundation">
+// <copyright file="MessageValidationBindingElement.cs" company="Outercurve Foundation">
 //     Copyright (c) Outercurve Foundation. All rights reserved.
 // </copyright>
 //-----------------------------------------------------------------------
@@ -14,10 +14,10 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 	using Messaging;
 
 	/// <summary>
-	/// A guard for all messages incoming to an Authorization Server to ensure that they are well formed,
+	/// A guard for all messages to or from an Authorization Server to ensure that they are well formed,
 	/// have valid secrets, callback URIs, etc.
 	/// </summary>
-	internal class IncomingMessageValidationBindingElement : AuthServerBindingElementBase {
+	internal class MessageValidationBindingElement : AuthServerBindingElementBase {
 		/// <summary>
 		/// Gets the protection commonly offered (if any) by this binding element.
 		/// </summary>
@@ -41,6 +41,13 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 		/// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable.
 		/// </remarks>
 		public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) {
+			var accessTokenResponse = message as AccessTokenSuccessResponse;
+			if (accessTokenResponse != null) {
+				var directResponseMessage = (IDirectResponseProtocolMessage)accessTokenResponse;
+				var accessTokenRequest = (AccessTokenRequestBase)directResponseMessage.OriginatingRequest;
+				ErrorUtilities.VerifyProtocol(accessTokenRequest.GrantType != GrantType.ClientCredentials || accessTokenResponse.RefreshToken == null, OAuthStrings.NoGrantNoRefreshToken);
+			}
+
 			return null;
 		}
 
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs
index dc05fea..ff12ca1 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs
@@ -113,7 +113,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
 			Requires.NotNull(authorizationServer, "authorizationServer");
 			var bindingElements = new List<IChannelBindingElement>();
 
-			bindingElements.Add(new IncomingMessageValidationBindingElement());
+			bindingElements.Add(new MessageValidationBindingElement());
 			bindingElements.Add(new AccessTokenBindingElement());
 			bindingElements.Add(new AccessRequestBindingElement());