15 files changed, 187 insertions, 41 deletions

diff --git a/src/DotNetOAuth.Test/Mocks/InMemoryTokenManager.cs b/src/DotNetOAuth.Test/Mocks/InMemoryTokenManager.cs
index c00e181..5713707 100644
--- a/src/DotNetOAuth.Test/Mocks/InMemoryTokenManager.cs
+++ b/src/DotNetOAuth.Test/Mocks/InMemoryTokenManager.cs
@@ -35,9 +35,9 @@ namespace DotNetOAuth.Test.Mocks {
 			return this.tokensAndSecrets[token];

 		}

 

-		public void StoreNewRequestToken(GetRequestTokenMessage request, GrantRequestTokenMessage response) {

-			this.tokensAndSecrets[response.RequestToken] = response.TokenSecret;

-			this.requestTokens.Add(response.RequestToken, false);

+		public void StoreNewRequestToken(GetRequestTokenMessage request, ITokenSecretContainingMessage response) {

+			this.tokensAndSecrets[response.Token] = response.TokenSecret;

+			this.requestTokens.Add(response.Token, false);

 		}

 

 		/// <summary>

diff --git a/src/DotNetOAuth/ChannelElements/ITokenManager.cs b/src/DotNetOAuth/ChannelElements/ITokenManager.cs
index 2b8c3b5..878f176 100644
--- a/src/DotNetOAuth/ChannelElements/ITokenManager.cs
+++ b/src/DotNetOAuth/ChannelElements/ITokenManager.cs
@@ -42,7 +42,7 @@ namespace DotNetOAuth.ChannelElements {
 		/// <param name="request">The request message that resulted in the generation of a new unauthorized request token.</param>

 		/// <param name="response">The response message that includes the unauthorized request token.</param>

 		/// <exception cref="ArgumentException">Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.</exception>

-		void StoreNewRequestToken(GetRequestTokenMessage request, GrantRequestTokenMessage response);

+		void StoreNewRequestToken(GetRequestTokenMessage request, ITokenSecretContainingMessage response);

 

 		/// <summary>

 		/// Checks whether a given request token has already been authorized

diff --git a/src/DotNetOAuth/ConsumerBase.cs b/src/DotNetOAuth/ConsumerBase.cs
index a8bdc99..c3a11e1 100644
--- a/src/DotNetOAuth/ConsumerBase.cs
+++ b/src/DotNetOAuth/ConsumerBase.cs
@@ -118,9 +118,9 @@ namespace DotNetOAuth {
 			this.TokenManager.StoreNewRequestToken(requestToken, requestTokenResponse);

 

 			// Request user authorization.

-			var requestAuthorization = new DirectUserToServiceProviderMessage(this.ServiceProvider.UserAuthorizationEndpoint) {

+			ITokenContainingMessage assignedRequestToken = requestTokenResponse;

+			var requestAuthorization = new DirectUserToServiceProviderMessage(this.ServiceProvider.UserAuthorizationEndpoint, assignedRequestToken.Token) {

 				Callback = callback,

-				RequestToken = requestTokenResponse.RequestToken,

 			};

 			requestAuthorization.AddNonOAuthParameters(redirectParameters);

 			token = requestAuthorization.RequestToken;

diff --git a/src/DotNetOAuth/DotNetOAuth.csproj b/src/DotNetOAuth/DotNetOAuth.csproj
index 4238e0c..7f8fc51 100644
--- a/src/DotNetOAuth/DotNetOAuth.csproj
+++ b/src/DotNetOAuth/DotNetOAuth.csproj
@@ -71,6 +71,7 @@
     <Compile Include="ChannelElements\TokenType.cs" />

     <Compile Include="ConsumerBase.cs" />

     <Compile Include="DesktopConsumer.cs" />

+    <Compile Include="Messages\ITokenSecretContainingMessage.cs" />

     <Compile Include="Messaging\ITamperProtectionChannelBindingElement.cs" />

     <Compile Include="ServiceProviderDescription.cs" />

     <Compile Include="Messages\ITokenContainingMessage.cs" />

diff --git a/src/DotNetOAuth/Messages/AccessProtectedResourceMessage.cs b/src/DotNetOAuth/Messages/AccessProtectedResourceMessage.cs
index df037cf..d1f6af0 100644
--- a/src/DotNetOAuth/Messages/AccessProtectedResourceMessage.cs
+++ b/src/DotNetOAuth/Messages/AccessProtectedResourceMessage.cs
@@ -32,6 +32,12 @@ namespace DotNetOAuth.Messages {
 		/// <summary>

 		/// Gets or sets the Access Token.

 		/// </summary>

+		/// <remarks>

+		/// In addition to just allowing OAuth to verify a valid message,

+		/// this property is useful on the Service Provider to verify that the access token

+		/// has proper authorization for the resource being requested, and to know the

+		/// context around which user provided the authorization.

+		/// </remarks>

 		[MessagePart(Name = "oauth_token", IsRequired = true)]

 		public string AccessToken { get; set; }

 	}

diff --git a/src/DotNetOAuth/Messages/DirectUserToConsumerMessage.cs b/src/DotNetOAuth/Messages/DirectUserToConsumerMessage.cs
index b13c48c..d8069cf 100644
--- a/src/DotNetOAuth/Messages/DirectUserToConsumerMessage.cs
+++ b/src/DotNetOAuth/Messages/DirectUserToConsumerMessage.cs
@@ -11,16 +11,27 @@ namespace DotNetOAuth.Messages {
 	/// <summary>

 	/// A message used to redirect the user from a Service Provider to a Consumer's web site.

 	/// </summary>

-	internal class DirectUserToConsumerMessage : MessageBase {

+	internal sealed class DirectUserToConsumerMessage : MessageBase, ITokenContainingMessage {

 		/// <summary>

 		/// Initializes a new instance of the <see cref="DirectUserToConsumerMessage"/> class.

 		/// </summary>

 		/// <param name="consumer">The URI of the Consumer endpoint to send this message to.</param>

+		/// <remarks>

+		/// The class is sealed because extra parameters are determined by the callback URI provided by the Consumer.

+		/// </remarks>

 		internal DirectUserToConsumerMessage(Uri consumer)

 			: base(MessageProtection.None, MessageTransport.Indirect, new MessageReceivingEndpoint(consumer, HttpDeliveryMethod.GetRequest)) {

 		}

 

 		/// <summary>

+		/// Gets or sets the Request or Access Token.

+		/// </summary>

+		string ITokenContainingMessage.Token {

+			get { return this.RequestToken; }

+			set { this.RequestToken = value; }

+		}

+

+		/// <summary>

 		/// Gets or sets the Request Token.

 		/// </summary>

 		[MessagePart(Name = "oauth_token", IsRequired = true)]

diff --git a/src/DotNetOAuth/Messages/DirectUserToServiceProviderMessage.cs b/src/DotNetOAuth/Messages/DirectUserToServiceProviderMessage.cs
index 65e83aa..5e3dbca 100644
--- a/src/DotNetOAuth/Messages/DirectUserToServiceProviderMessage.cs
+++ b/src/DotNetOAuth/Messages/DirectUserToServiceProviderMessage.cs
@@ -6,12 +6,23 @@
 

 namespace DotNetOAuth.Messages {

 	using System;

+	using System.Collections.Generic;

 	using DotNetOAuth.Messaging;

 

 	/// <summary>

 	/// A message used to redirect the user from a Consumer to a Service Provider's web site.

 	/// </summary>

-	public class DirectUserToServiceProviderMessage : MessageBase {

+	public class DirectUserToServiceProviderMessage : MessageBase, ITokenContainingMessage {

+		/// <summary>

+		/// Initializes a new instance of the <see cref="DirectUserToServiceProviderMessage"/> class.

+		/// </summary>

+		/// <param name="serviceProvider">The URI of the Service Provider endpoint to send this message to.</param>

+		/// <param name="requestToken">The request token.</param>

+		internal DirectUserToServiceProviderMessage(MessageReceivingEndpoint serviceProvider, string requestToken)

+			: this(serviceProvider) {

+			this.RequestToken = requestToken;

+		}

+

 		/// <summary>

 		/// Initializes a new instance of the <see cref="DirectUserToServiceProviderMessage"/> class.

 		/// </summary>

@@ -21,6 +32,21 @@ namespace DotNetOAuth.Messages {
 		}

 

 		/// <summary>

+		/// Gets or sets the Request or Access Token.

+		/// </summary>

+		string ITokenContainingMessage.Token {

+			get { return this.RequestToken; }

+			set { this.RequestToken = value; }

+		}

+

+		/// <summary>

+		/// Gets the extra, non-OAuth parameters that will be included in the message.

+		/// </summary>

+		public IDictionary<string, string> ExtraData {

+			get { return ((IProtocolMessage)this).ExtraData; }

+		}

+

+		/// <summary>

 		/// Gets or sets the Request Token obtained in the previous step.

 		/// </summary>

 		/// <remarks>

@@ -29,7 +55,7 @@ namespace DotNetOAuth.Messages {
 		/// case it will prompt the User to enter it manually.

 		/// </remarks>

 		[MessagePart(Name = "oauth_token", IsRequired = false)]

-		public string RequestToken { get; set; }

+		internal string RequestToken { get; set; }

 

 		/// <summary>

 		/// Gets or sets a URL the Service Provider will use to redirect the User back 

diff --git a/src/DotNetOAuth/Messages/GetAccessTokenMessage.cs b/src/DotNetOAuth/Messages/GetAccessTokenMessage.cs
index d5f4700..8828876 100644
--- a/src/DotNetOAuth/Messages/GetAccessTokenMessage.cs
+++ b/src/DotNetOAuth/Messages/GetAccessTokenMessage.cs
@@ -12,12 +12,15 @@ namespace DotNetOAuth.Messages {
 	/// A direct message sent by the Consumer to exchange an authorized Request Token

 	/// for an Access Token and Token Secret.

 	/// </summary>

-	public class GetAccessTokenMessage : SignedMessageBase, ITokenContainingMessage {

+	/// <remarks>

+	/// The class is sealed because the OAuth spec forbids adding parameters to this message.

+	/// </remarks>

+	public sealed class GetAccessTokenMessage : SignedMessageBase, ITokenContainingMessage {

 		/// <summary>

 		/// Initializes a new instance of the <see cref="GetAccessTokenMessage"/> class.

 		/// </summary>

 		/// <param name="serviceProvider">The URI of the Service Provider endpoint to send this message to.</param>

-		protected internal GetAccessTokenMessage(MessageReceivingEndpoint serviceProvider)

+		internal GetAccessTokenMessage(MessageReceivingEndpoint serviceProvider)

 			: base(MessageTransport.Direct, serviceProvider) {

 		}

 

diff --git a/src/DotNetOAuth/Messages/GetRequestTokenMessage.cs b/src/DotNetOAuth/Messages/GetRequestTokenMessage.cs
index e980f08..8b77927 100644
--- a/src/DotNetOAuth/Messages/GetRequestTokenMessage.cs
+++ b/src/DotNetOAuth/Messages/GetRequestTokenMessage.cs
@@ -5,6 +5,7 @@
 //-----------------------------------------------------------------------

 

 namespace DotNetOAuth.Messages {

+	using System.Collections.Generic;

 	using DotNetOAuth.Messaging;

 

 	/// <summary>

@@ -18,5 +19,12 @@ namespace DotNetOAuth.Messages {
 		protected internal GetRequestTokenMessage(MessageReceivingEndpoint serviceProvider)

 			: base(MessageTransport.Direct, serviceProvider) {

 		}

+

+		/// <summary>

+		/// Gets the extra, non-OAuth parameters that will be included in the message.

+		/// </summary>

+		public IDictionary<string, string> ExtraData {

+			get { return ((IProtocolMessage)this).ExtraData; }

+		}

 	}

 }

diff --git a/src/DotNetOAuth/Messages/GrantAccessTokenMessage.cs b/src/DotNetOAuth/Messages/GrantAccessTokenMessage.cs
index dbcd6a1..ea1c6d1 100644
--- a/src/DotNetOAuth/Messages/GrantAccessTokenMessage.cs
+++ b/src/DotNetOAuth/Messages/GrantAccessTokenMessage.cs
@@ -5,13 +5,14 @@
 //-----------------------------------------------------------------------

 

 namespace DotNetOAuth.Messages {

+	using System.Collections.Generic;

 	using DotNetOAuth.Messaging;

 

 	/// <summary>

 	/// A direct message sent from Service Provider to Consumer in response to 

 	/// a Consumer's <see cref="GetAccessTokenMessage"/> request.

 	/// </summary>

-	public class GrantAccessTokenMessage : MessageBase {

+	public class GrantAccessTokenMessage : MessageBase, ITokenSecretContainingMessage {

 		/// <summary>

 		/// Initializes a new instance of the <see cref="GrantAccessTokenMessage"/> class.

 		/// </summary>

@@ -26,6 +27,29 @@ namespace DotNetOAuth.Messages {
 		public string AccessToken { get; set; }

 

 		/// <summary>

+		/// Gets or sets the Request or Access Token.

+		/// </summary>

+		string ITokenContainingMessage.Token {

+			get { return this.AccessToken; }

+			set { this.AccessToken = value; }

+		}

+

+		/// <summary>

+		/// Gets or sets the Request or Access Token secret.

+		/// </summary>

+		string ITokenSecretContainingMessage.TokenSecret {

+			get { return this.TokenSecret; }

+			set { this.TokenSecret = value; }

+		}

+

+		/// <summary>

+		/// Gets the extra, non-OAuth parameters that will be included in the message.

+		/// </summary>

+		public IDictionary<string, string> ExtraData {

+			get { return ((IProtocolMessage)this).ExtraData; }

+		}

+

+		/// <summary>

 		/// Gets or sets the Token Secret.

 		/// </summary>

 		[MessagePart(Name = "oauth_token_secret", IsRequired = true)]

diff --git a/src/DotNetOAuth/Messages/GrantRequestTokenMessage.cs b/src/DotNetOAuth/Messages/GrantRequestTokenMessage.cs
index 9caf6e6..1838970 100644
--- a/src/DotNetOAuth/Messages/GrantRequestTokenMessage.cs
+++ b/src/DotNetOAuth/Messages/GrantRequestTokenMessage.cs
@@ -5,13 +5,24 @@
 //-----------------------------------------------------------------------

 

 namespace DotNetOAuth.Messages {

+	using System.Collections.Generic;

 	using DotNetOAuth.Messaging;

 

 	/// <summary>

 	/// A direct message sent from Service Provider to Consumer in response to 

 	/// a Consumer's <see cref="GetRequestTokenMessage"/> request.

 	/// </summary>

-	public class GrantRequestTokenMessage : MessageBase {

+	public class GrantRequestTokenMessage : MessageBase, ITokenSecretContainingMessage {

+		/// <summary>

+		/// Initializes a new instance of the <see cref="GrantRequestTokenMessage"/> class.

+		/// </summary>

+		/// <param name="requestToken">The request token.</param>

+		/// <param name="tokenSecret">The token secret.</param>

+		protected internal GrantRequestTokenMessage(string requestToken, string tokenSecret) : this() {

+			this.RequestToken = requestToken;

+			this.TokenSecret = tokenSecret;

+		}

+

 		/// <summary>

 		/// Initializes a new instance of the <see cref="GrantRequestTokenMessage"/> class.

 		/// </summary>

@@ -20,15 +31,38 @@ namespace DotNetOAuth.Messages {
 		}

 

 		/// <summary>

+		/// Gets or sets the Request or Access Token.

+		/// </summary>

+		string ITokenContainingMessage.Token {

+			get { return this.RequestToken; }

+			set { this.RequestToken = value; }

+		}

+

+		/// <summary>

+		/// Gets or sets the Request or Access Token secret.

+		/// </summary>

+		string ITokenSecretContainingMessage.TokenSecret {

+			get { return this.TokenSecret; }

+			set { this.TokenSecret = value; }

+		}

+

+		/// <summary>

+		/// Gets the extra, non-OAuth parameters that will be included in the message.

+		/// </summary>

+		public IDictionary<string, string> ExtraData {

+			get { return ((IProtocolMessage)this).ExtraData; }

+		}

+

+		/// <summary>

 		/// Gets or sets the Request Token.

 		/// </summary>

 		[MessagePart(Name = "oauth_token", IsRequired = true)]

-		public string RequestToken { get; set; }

+		internal string RequestToken { get; set; }

 

 		/// <summary>

 		/// Gets or sets the Token Secret.

 		/// </summary>

 		[MessagePart(Name = "oauth_token_secret", IsRequired = true)]

-		public string TokenSecret { get; set; }

+		internal string TokenSecret { get; set; }

 	}

 }

diff --git a/src/DotNetOAuth/Messages/ITokenContainingMessage.cs b/src/DotNetOAuth/Messages/ITokenContainingMessage.cs
index 37322d6..1c7b39d 100644
--- a/src/DotNetOAuth/Messages/ITokenContainingMessage.cs
+++ b/src/DotNetOAuth/Messages/ITokenContainingMessage.cs
@@ -8,7 +8,7 @@ namespace DotNetOAuth.Messages {
 	/// <summary>

 	/// An interface implemented by all OAuth messages that have a request or access token property.

 	/// </summary>

-	internal interface ITokenContainingMessage {

+	public interface ITokenContainingMessage {

 		/// <summary>

 		/// Gets or sets the Request or Access Token.

 		/// </summary>

diff --git a/src/DotNetOAuth/Messages/ITokenSecretContainingMessage.cs b/src/DotNetOAuth/Messages/ITokenSecretContainingMessage.cs
new file mode 100644
index 0000000..41fcae9
--- /dev/null
+++ b/src/DotNetOAuth/Messages/ITokenSecretContainingMessage.cs
@@ -0,0 +1,17 @@
+//-----------------------------------------------------------------------

+// <copyright file="ITokenSecretContainingMessage.cs" company="Andrew Arnott">

+//     Copyright (c) Andrew Arnott. All rights reserved.

+// </copyright>

+//-----------------------------------------------------------------------

+

+namespace DotNetOAuth.Messages {

+	/// <summary>

+	/// An interface implemented by all OAuth messages that have a request or access token and secret properties.

+	/// </summary>

+	public interface ITokenSecretContainingMessage : ITokenContainingMessage {

+		/// <summary>

+		/// Gets or sets the Request or Access Token secret.

+		/// </summary>

+		string TokenSecret { get; set; }

+	}

+}

diff --git a/src/DotNetOAuth/Messages/OAuth Messages.cd b/src/DotNetOAuth/Messages/OAuth Messages.cd
index dfe4c03..4a555bb 100644
--- a/src/DotNetOAuth/Messages/OAuth Messages.cd
+++ b/src/DotNetOAuth/Messages/OAuth Messages.cd
@@ -7,12 +7,12 @@
     <Position X="4.36" Y="0.683" Height="0.291" Width="2.02" />

   </Comment>

   <Class Name="DotNetOAuth.Messages.AccessProtectedResourceMessage">

-    <Position X="3.75" Y="7.5" Width="3.5" />

+    <Position X="3.75" Y="8.25" Width="3.5" />

     <InheritanceLine Type="DotNetOAuth.Messages.SignedMessageBase" ManuallyRouted="true" FixedFromPoint="true" FixedToPoint="true">

       <Path>

         <Point X="3.562" Y="5.367" />

-        <Point X="3.562" Y="7.625" />

-        <Point X="3.75" Y="7.625" />

+        <Point X="3.562" Y="8.375" />

+        <Point X="3.75" Y="8.375" />

       </Path>

     </InheritanceLine>

     <TypeIdentifier>

@@ -27,47 +27,56 @@
       <Compartment Name="Methods" Collapsed="true" />

     </Compartments>

     <TypeIdentifier>

-      <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAIAAIAAAAAAAAAAAAAA=</HashCode>

+      <HashCode>AAAAAAACAAAAAAAAAAAAAAAAAIAAIAAAIAAAAAAAAAA=</HashCode>

       <FileName>Messages\GrantRequestTokenMessage.cs</FileName>

     </TypeIdentifier>

+    <Lollipop Position="0.2" />

   </Class>

   <Class Name="DotNetOAuth.Messages.DirectUserToConsumerMessage">

-    <Position X="7.5" Y="3.75" Width="2.5" />

+    <Position X="7.5" Y="5.25" Width="3" />

     <Compartments>

       <Compartment Name="Methods" Collapsed="true" />

     </Compartments>

     <TypeIdentifier>

-      <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAA=</HashCode>

+      <HashCode>AAAAAAACAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAA=</HashCode>

       <FileName>Messages\DirectUserToConsumerMessage.cs</FileName>

     </TypeIdentifier>

+    <Lollipop Position="0.2" />

   </Class>

   <Class Name="DotNetOAuth.Messages.DirectUserToServiceProviderMessage">

-    <Position X="4.25" Y="2.75" Width="3" />

+    <Position X="4.25" Y="3" Width="3" />

     <Compartments>

       <Compartment Name="Methods" Collapsed="true" />

     </Compartments>

+    <InheritanceLine Type="DotNetOAuth.Messages.MessageBase" FixedToPoint="true">

+      <Path>

+        <Point X="10.75" Y="4.875" />

+        <Point X="7.25" Y="4.875" />

+      </Path>

+    </InheritanceLine>

     <TypeIdentifier>

-      <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAQAA=</HashCode>

+      <HashCode>AAAAAAACAAAAAAAAAAAAAAAAAIAAAAAAIAAAAAAAQAA=</HashCode>

       <FileName>Messages\DirectUserToServiceProviderMessage.cs</FileName>

     </TypeIdentifier>

+    <Lollipop Position="0.2" />

   </Class>

   <Class Name="DotNetOAuth.Messages.GrantAccessTokenMessage">

-    <Position X="7.5" Y="5.75" Width="2.5" />

+    <Position X="7.5" Y="7.5" Width="3" />

     <Compartments>

       <Compartment Name="Methods" Collapsed="true" />

     </Compartments>

     <InheritanceLine Type="DotNetOAuth.Messages.MessageBase" ManuallyRouted="true" FixedFromPoint="true" FixedToPoint="true">

       <Path>

-        <Point X="10.75" Y="5.875" />

-        <Point X="10.375" Y="5.875" />

-        <Point X="10.375" Y="5.875" />

-        <Point X="10" Y="5.875" />

+        <Point X="11" Y="5.958" />

+        <Point X="11" Y="8.25" />

+        <Point X="10.5" Y="8.25" />

       </Path>

     </InheritanceLine>

     <TypeIdentifier>

-      <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAEAAAIAAAAAAAAAAAAAA=</HashCode>

+      <HashCode>AAAAAAACAAAAAAAAAAAAAAAAEAAAIAAAIAAAAAAAAAA=</HashCode>

       <FileName>Messages\GrantAccessTokenMessage.cs</FileName>

     </TypeIdentifier>

+    <Lollipop Position="0.2" />

   </Class>

   <Class Name="DotNetOAuth.Messages.MessageBase">

     <Position X="10.75" Y="1" Width="3.5" />

@@ -81,14 +90,16 @@
     <Lollipop Position="0.2" />

   </Class>

   <Class Name="DotNetOAuth.Messages.GetAccessTokenMessage">

-    <Position X="4.25" Y="5" Width="2.5" />

+    <Position X="4.25" Y="6" Width="3" />

     <Compartments>

       <Compartment Name="Methods" Collapsed="true" />

     </Compartments>

     <InheritanceLine Type="DotNetOAuth.Messages.SignedMessageBase" ManuallyRouted="true" FixedFromPoint="true" FixedToPoint="true">

       <Path>

         <Point X="4" Y="5.125" />

-        <Point X="4.25" Y="5.125" />

+        <Point X="4.123" Y="5.125" />

+        <Point X="4.123" Y="6.11" />

+        <Point X="4.25" Y="6.11" />

       </Path>

     </InheritanceLine>

     <TypeIdentifier>

@@ -98,7 +109,7 @@
     <Lollipop Position="0.2" />

   </Class>

   <Class Name="DotNetOAuth.Messages.GetRequestTokenMessage">

-    <Position X="4.25" Y="1" Width="2.25" />

+    <Position X="4.25" Y="1" Width="3" />

     <Compartments>

       <Compartment Name="Internal" Collapsed="true" />

       <Compartment Name="Private" Collapsed="true" />

@@ -111,7 +122,7 @@
       </Path>

     </InheritanceLine>

     <TypeIdentifier>

-      <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=</HashCode>

+      <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAA=</HashCode>

       <FileName>Messages\GetRequestTokenMessage.cs</FileName>

     </TypeIdentifier>

   </Class>

@@ -126,20 +137,28 @@
       </Path>

     </InheritanceLine>

     <TypeIdentifier>

-      <HashCode>IAAAFAAAAIAAAAAAAACAAgAAAgAAIAQAAAAAIAAQAAA=</HashCode>

+      <HashCode>IAAAFAAAAIAAAAAAgACAAgAAAgAAAAAAAAEAIAAQAAA=</HashCode>

       <FileName>Messages\SignedMessageBase.cs</FileName>

     </TypeIdentifier>

     <Lollipop Position="0.2" />

   </Class>

   <Interface Name="DotNetOAuth.ChannelElements.ITamperResistantOAuthMessage">

-    <Position X="10.75" Y="6.25" Width="2.5" />

+    <Position X="11.25" Y="6.25" Width="2.5" />

     <TypeIdentifier>

       <HashCode>AIAAAAAAAAAAAAAAAIAAAgAAAAAAIAQAAAAAAAAAAAA=</HashCode>

       <FileName>ChannelElements\ITamperResistantOAuthMessage.cs</FileName>

     </TypeIdentifier>

   </Interface>

+  <Interface Name="DotNetOAuth.Messages.ITokenSecretContainingMessage">

+    <Position X="1" Y="7" Width="2" />

+    <TypeIdentifier>

+      <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAA=</HashCode>

+      <FileName>Messages\ITokenSecretContainingMessage.cs</FileName>

+      <NewMemberFileName>Messages\ITokenContainingMessage.cs</NewMemberFileName>

+    </TypeIdentifier>

+  </Interface>

   <Interface Name="DotNetOAuth.Messages.ITokenContainingMessage">

-    <Position X="1" Y="6" Width="2" />

+    <Position X="1" Y="5.5" Width="2" />

     <TypeIdentifier>

       <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAA=</HashCode>

       <FileName>Messages\ITokenContainingMessage.cs</FileName>

diff --git a/src/DotNetOAuth/ServiceProvider.cs b/src/DotNetOAuth/ServiceProvider.cs
index f93599e..f2e8730 100644
--- a/src/DotNetOAuth/ServiceProvider.cs
+++ b/src/DotNetOAuth/ServiceProvider.cs
@@ -134,10 +134,7 @@ namespace DotNetOAuth {
 		public Response SendUnauthorizedTokenResponse(GetRequestTokenMessage request, IDictionary<string, string> extraParameters) {

 			string token = this.TokenGenerator.GenerateRequestToken(request.ConsumerKey);

 			string secret = this.TokenGenerator.GenerateSecret();

-			GrantRequestTokenMessage response = new GrantRequestTokenMessage {

-				RequestToken = token,

-				TokenSecret = secret,

-			};

+			GrantRequestTokenMessage response = new GrantRequestTokenMessage(token, secret);

 			response.AddNonOAuthParameters(extraParameters);

 			this.TokenManager.StoreNewRequestToken(request, response);