From 3c9456e2a33ce0d5a518ebad59b399421b96f87b Mon Sep 17 00:00:00 2001
From: Kirthi Krishnamraju <kirthik@microsoft.com>
Date: Fri, 24 Apr 2015 12:25:38 -0700
Subject: [PATCH] AntiForgery: Add documentation and update variable names for
 readability

---
 .../AntiForgery/AntiForgery.cs                |  8 ++-
 ...rovider.cs => AntiForgeryTokenProvider.cs} |  4 +-
 .../AntiForgery/AntiForgeryTokenSet.cs        | 17 +++++-
 .../AntiForgery/AntiForgeryTokenStore.cs      |  2 +-
 .../AntiForgery/AntiForgeryWorker.cs          | 60 +++++++++----------
 ...efaultAntiForgeryAdditionalDataProvider.cs |  5 ++
 .../AntiForgery/DefaultClaimUidExtractor.cs   |  5 +-
 ...rator.cs => IAntiForgeryTokenGenerator.cs} |  2 +-
 ...okenStore.cs => IAntiForgeryTokenStore.cs} |  2 +-
 ...dator.cs => IAntiForgeryTokenValidator.cs} |  2 +-
 .../AntiForgery/IClaimUidExtractor.cs         |  9 ++-
 .../AntiXsrf/AntiForgeryWorkerTest.cs         | 58 +++++++++++++-----
 ...ovider.cs => IAntiForgeryTokenProvider.cs} |  2 +-
 .../AntiXsrf/TokenProviderTest.cs             | 38 ++++++------
 14 files changed, 138 insertions(+), 76 deletions(-)
 rename src/Microsoft.AspNet.Mvc.Core/AntiForgery/{TokenProvider.cs => AntiForgeryTokenProvider.cs} (97%)
 rename src/Microsoft.AspNet.Mvc.Core/AntiForgery/{ITokenGenerator.cs => IAntiForgeryTokenGenerator.cs} (93%)
 rename src/Microsoft.AspNet.Mvc.Core/AntiForgery/{ITokenStore.cs => IAntiForgeryTokenStore.cs} (92%)
 rename src/Microsoft.AspNet.Mvc.Core/AntiForgery/{ITokenValidator.cs => IAntiForgeryTokenValidator.cs} (94%)
 rename test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/{ITokenProvider.cs => IAntiForgeryTokenProvider.cs} (72%)

diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgery.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgery.cs
index cc04379a88..38956221a6 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgery.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgery.cs
@@ -38,7 +38,7 @@ namespace Microsoft.AspNet.Mvc
 
             var serializer = new AntiForgeryTokenSerializer(dataProtectionProvider.CreateProtector(_purpose));
             var tokenStore = new AntiForgeryTokenStore(config, serializer);
-            var tokenProvider = new TokenProvider(config, claimUidExtractor, additionalDataProvider);
+            var tokenProvider = new AntiForgeryTokenProvider(config, claimUidExtractor, additionalDataProvider);
             _worker = new AntiForgeryWorker(serializer, config, tokenStore, tokenProvider, tokenProvider, htmlEncoder);
         }
 
@@ -105,6 +105,12 @@ namespace Microsoft.AspNet.Mvc
             _worker.Validate(context, cookieToken, formToken);
         }
 
+        /// <summary>
+        /// Validates an anti-forgery token pair that was generated by the GetTokens method.
+        /// </summary>
+        /// <param name="context">The HTTP context associated with the current call.</param>
+        /// <param name="antiForgeryTokenSet">The anti-forgery token pair (cookie and form token) for this request.
+        /// </param>
         public void Validate([NotNull] HttpContext context, AntiForgeryTokenSet antiForgeryTokenSet)
         {
             Validate(context, antiForgeryTokenSet.CookieToken, antiForgeryTokenSet.FormToken);
diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/TokenProvider.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenProvider.cs
similarity index 97%
rename from src/Microsoft.AspNet.Mvc.Core/AntiForgery/TokenProvider.cs
rename to src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenProvider.cs
index 6c709f3141..2be1f6ac02 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/TokenProvider.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenProvider.cs
@@ -9,13 +9,13 @@ using Microsoft.AspNet.Mvc.Core;
 
 namespace Microsoft.AspNet.Mvc
 {
-    internal sealed class TokenProvider : ITokenValidator, ITokenGenerator
+    internal sealed class AntiForgeryTokenProvider : IAntiForgeryTokenValidator, IAntiForgeryTokenGenerator
     {
         private readonly IClaimUidExtractor _claimUidExtractor;
         private readonly AntiForgeryOptions _config;
         private readonly IAntiForgeryAdditionalDataProvider _additionalDataProvider;
 
-        internal TokenProvider(AntiForgeryOptions config,
+        internal AntiForgeryTokenProvider(AntiForgeryOptions config,
                                IClaimUidExtractor claimUidExtractor,
                                IAntiForgeryAdditionalDataProvider additionalDataProvider)
         {
diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenSet.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenSet.cs
index 23feebbf7f..c417d6f747 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenSet.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenSet.cs
@@ -6,8 +6,16 @@ using Microsoft.AspNet.Mvc.Core;
 
 namespace Microsoft.AspNet.Mvc
 {
+    /// <summary>
+    /// The anti-forgery token pair (cookie and form token) for a request.
+    /// </summary>
     public class AntiForgeryTokenSet
     {
+        /// <summary>
+        /// Creates the anti-forgery token pair (cookie and form token) for a request.
+        /// </summary>
+        /// <param name="formToken">The token that is supplied in the request form body.</param>
+        /// <param name="cookieToken">The token that is supplied in the request cookie.</param>
         public AntiForgeryTokenSet(string formToken, string cookieToken)
         {
             if (string.IsNullOrEmpty(formToken))
@@ -22,11 +30,14 @@ namespace Microsoft.AspNet.Mvc
             CookieToken = cookieToken;
         }
 
+        /// <summary>
+        /// The token that is supplied in the request form body.
+        /// </summary>
         public string FormToken { get; private set; }
 
-        // The cookie token is allowed to be null.
-        // This would be the case when the old cookie token is still valid.
-        // In such cases a call to GetTokens would return a token set with null cookie token.
+        /// The cookie token is allowed to be null.
+        /// This would be the case when the old cookie token is still valid.
+        /// In such cases a call to GetTokens would return a token set with null cookie token.
         public string CookieToken { get; private set; }
     }
 }
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenStore.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenStore.cs
index 694d4ed333..b0f6cf6825 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenStore.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenStore.cs
@@ -10,7 +10,7 @@ using Microsoft.Framework.Internal;
 namespace Microsoft.AspNet.Mvc
 {
     // Saves anti-XSRF tokens split between HttpRequest.Cookies and HttpRequest.Form
-    internal sealed class AntiForgeryTokenStore : ITokenStore
+    internal sealed class AntiForgeryTokenStore : IAntiForgeryTokenStore
     {
         private readonly AntiForgeryOptions _config;
         private readonly IAntiForgeryTokenSerializer _serializer;
diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryWorker.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryWorker.cs
index 6cb662fe32..3cda823118 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryWorker.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryWorker.cs
@@ -17,16 +17,16 @@ namespace Microsoft.AspNet.Mvc
     {
         private readonly AntiForgeryOptions _config;
         private readonly IAntiForgeryTokenSerializer _serializer;
-        private readonly ITokenStore _tokenStore;
-        private readonly ITokenValidator _validator;
-        private readonly ITokenGenerator _generator;
+        private readonly IAntiForgeryTokenStore _tokenStore;
+        private readonly IAntiForgeryTokenValidator _validator;
+        private readonly IAntiForgeryTokenGenerator _generator;
         private readonly IHtmlEncoder _htmlEncoder;
 
         internal AntiForgeryWorker([NotNull] IAntiForgeryTokenSerializer serializer,
                                    [NotNull] AntiForgeryOptions config,
-                                   [NotNull] ITokenStore tokenStore,
-                                   [NotNull] ITokenGenerator generator,
-                                   [NotNull] ITokenValidator validator,
+                                   [NotNull] IAntiForgeryTokenStore tokenStore,
+                                   [NotNull] IAntiForgeryTokenGenerator generator,
+                                   [NotNull] IAntiForgeryTokenValidator validator,
                                    [NotNull] IHtmlEncoder htmlEncoder)
         {
             _serializer = serializer;
@@ -52,7 +52,7 @@ namespace Microsoft.AspNet.Mvc
                 : null;
         }
 
-        private AntiForgeryToken DeserializeTokenNoThrow(string serializedToken)
+        private AntiForgeryToken DeserializeTokenDoesNotThrow(string serializedToken)
         {
             try
             {
@@ -81,7 +81,7 @@ namespace Microsoft.AspNet.Mvc
             return null;
         }
 
-        private AntiForgeryToken GetCookieTokenNoThrow(HttpContext httpContext)
+        private AntiForgeryToken GetCookieTokenDoesNotThrow(HttpContext httpContext)
         {
             try
             {
@@ -103,12 +103,12 @@ namespace Microsoft.AspNet.Mvc
         {
             CheckSSLConfig(httpContext);
 
-            var oldCookieToken = GetCookieTokenNoThrow(httpContext);
-            var tokenSet = GetTokens(httpContext, oldCookieToken);
-            var newCookieToken = tokenSet.CookieToken;
+            var cookieToken = GetCookieTokenDoesNotThrow(httpContext);
+            var tokenSet = GetTokens(httpContext, cookieToken);
+            cookieToken = tokenSet.CookieToken;
             var formToken = tokenSet.FormToken;
 
-            SaveCookieTokenAndHeader(httpContext, newCookieToken);
+            SaveCookieTokenAndHeader(httpContext, cookieToken);
 
             // <input type="hidden" name="__AntiForgeryToken" value="..." />
             var inputTag = new TagBuilder("input", _htmlEncoder)
@@ -129,28 +129,28 @@ namespace Microsoft.AspNet.Mvc
         // 'new cookie value' out param is non-null, the caller *must* persist
         // the new value to cookie storage since the original value was null or
         // invalid. This method is side-effect free.
-        public AntiForgeryTokenSet GetTokens([NotNull] HttpContext httpContext, string serializedOldCookieToken)
+        public AntiForgeryTokenSet GetTokens([NotNull] HttpContext httpContext, string cookieToken)
         {
             CheckSSLConfig(httpContext);
-            var oldCookieToken = DeserializeTokenNoThrow(serializedOldCookieToken);
-            var tokenSet = GetTokens(httpContext, oldCookieToken);
+            var deSerializedcookieToken = DeserializeTokenDoesNotThrow(cookieToken);
+            var tokenSet = GetTokens(httpContext, deSerializedcookieToken);
 
-            var serializedNewCookieToken = Serialize(tokenSet.CookieToken);
+            var serializedCookieToken = Serialize(tokenSet.CookieToken);
             var serializedFormToken = Serialize(tokenSet.FormToken);
-            return new AntiForgeryTokenSet(serializedFormToken, serializedNewCookieToken);
+            return new AntiForgeryTokenSet(serializedFormToken, serializedCookieToken);
         }
 
-        private AntiForgeryTokenSetInternal GetTokens(HttpContext httpContext, AntiForgeryToken oldCookieToken)
+        private AntiForgeryTokenSetInternal GetTokens(HttpContext httpContext, AntiForgeryToken cookieToken)
         {
-            var newCookieToken = ValidateAndGenerateNewToken(oldCookieToken);
+            var newCookieToken = ValidateAndGenerateNewCookieToken(cookieToken);
             if (newCookieToken != null)
             {
-                oldCookieToken = newCookieToken;
+                cookieToken = newCookieToken;
             }
             var formToken = _generator.GenerateFormToken(
                 httpContext,
                 ExtractIdentity(httpContext),
-                oldCookieToken);
+                cookieToken);
 
             return new AntiForgeryTokenSetInternal()
             {
@@ -208,16 +208,16 @@ namespace Microsoft.AspNet.Mvc
         {
             CheckSSLConfig(httpContext);
 
-            var oldCookieToken = GetCookieTokenNoThrow(httpContext);
-            var newCookieToken = ValidateAndGenerateNewToken(oldCookieToken);
-            
-            SaveCookieTokenAndHeader(httpContext, newCookieToken);
+            var cookieToken = GetCookieTokenDoesNotThrow(httpContext);
+            cookieToken = ValidateAndGenerateNewCookieToken(cookieToken);
+
+            SaveCookieTokenAndHeader(httpContext, cookieToken);
         }
 
         // This method returns null if oldCookieToken is valid.
-        private AntiForgeryToken ValidateAndGenerateNewToken(AntiForgeryToken oldCookieToken)
+        private AntiForgeryToken ValidateAndGenerateNewCookieToken(AntiForgeryToken cookieToken)
         {
-            if (!_validator.IsCookieTokenValid(oldCookieToken))
+            if (!_validator.IsCookieTokenValid(cookieToken))
             {
                 // Need to make sure we're always operating with a good cookie token.
                 var newCookieToken = _generator.GenerateCookieToken();
@@ -230,12 +230,12 @@ namespace Microsoft.AspNet.Mvc
 
         private void SaveCookieTokenAndHeader(
             [NotNull] HttpContext httpContext,
-            AntiForgeryToken newCookieToken)
+            AntiForgeryToken cookieToken)
         {
-            if (newCookieToken != null)
+            if (cookieToken != null)
             {
                 // Persist the new cookie if it is not null.
-                _tokenStore.SaveCookieToken(httpContext, newCookieToken);
+                _tokenStore.SaveCookieToken(httpContext, cookieToken);
             }
 
             if (!_config.SuppressXFrameOptionsHeader)
diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/DefaultAntiForgeryAdditionalDataProvider.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/DefaultAntiForgeryAdditionalDataProvider.cs
index b6c00e56e6..89dac757e2 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/DefaultAntiForgeryAdditionalDataProvider.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/DefaultAntiForgeryAdditionalDataProvider.cs
@@ -5,13 +5,18 @@ using Microsoft.AspNet.Http;
 
 namespace Microsoft.AspNet.Mvc
 {
+    /// <summary>
+    /// A default <see cref="IAntiForgeryAdditionalDataProvider"/> implementation.
+    /// </summary>
     public class DefaultAntiForgeryAdditionalDataProvider : IAntiForgeryAdditionalDataProvider
     {
+        /// <inheritdoc />
         public virtual string GetAdditionalData(HttpContext context)
         {
             return string.Empty;
         }
 
+        /// <inheritdoc />
         public virtual bool ValidateAdditionalData(HttpContext context, string additionalData)
         {
             // Default implementation does not understand anything but empty data.
diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/DefaultClaimUidExtractor.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/DefaultClaimUidExtractor.cs
index 3de9bda75e..8687bdc44b 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/DefaultClaimUidExtractor.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/DefaultClaimUidExtractor.cs
@@ -10,9 +10,12 @@ using System.Security.Cryptography;
 
 namespace Microsoft.AspNet.Mvc
 {
-    // Can extract unique identifers for a claims-based identity
+    /// <summary>
+    /// Default implementation of <see cref="IClaimUidExtractor"/>.
+    /// </summary>
     public class DefaultClaimUidExtractor : IClaimUidExtractor
     {
+        /// <inheritdoc />
         public string ExtractClaimUid(ClaimsIdentity claimsIdentity)
         {
             if (claimsIdentity == null || !claimsIdentity.IsAuthenticated)
diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenGenerator.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenGenerator.cs
similarity index 93%
rename from src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenGenerator.cs
rename to src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenGenerator.cs
index 535b95a7bf..4f330338e6 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenGenerator.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenGenerator.cs
@@ -7,7 +7,7 @@ using Microsoft.AspNet.Http;
 namespace Microsoft.AspNet.Mvc
 {
     // Provides configuration information about the anti-forgery system.
-    internal interface ITokenGenerator
+    internal interface IAntiForgeryTokenGenerator
     {
         // Generates a new random cookie token.
         AntiForgeryToken GenerateCookieToken();
diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenStore.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenStore.cs
similarity index 92%
rename from src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenStore.cs
rename to src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenStore.cs
index a7abffc9d0..72d565d9f1 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenStore.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenStore.cs
@@ -7,7 +7,7 @@ using Microsoft.AspNet.Http;
 namespace Microsoft.AspNet.Mvc
 {
     // Provides an abstraction around how tokens are persisted and retrieved for a request
-    internal interface ITokenStore
+    internal interface IAntiForgeryTokenStore
     {
         AntiForgeryToken GetCookieToken(HttpContext httpContext);
         Task<AntiForgeryToken> GetFormTokenAsync(HttpContext httpContext);
diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenValidator.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenValidator.cs
similarity index 94%
rename from src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenValidator.cs
rename to src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenValidator.cs
index f66bf88a48..a72cd8cf95 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenValidator.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenValidator.cs
@@ -7,7 +7,7 @@ using Microsoft.AspNet.Http;
 namespace Microsoft.AspNet.Mvc
 {
     // Provides an abstraction around something that can validate anti-XSRF tokens
-    internal interface ITokenValidator
+    internal interface IAntiForgeryTokenValidator
     {
         // Determines whether an existing cookie token is valid (well-formed).
         // If it is not, the caller must call GenerateCookieToken() before calling GenerateFormToken().
diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/IClaimUidExtractor.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/IClaimUidExtractor.cs
index 9210fa9245..9466b59680 100644
--- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/IClaimUidExtractor.cs
+++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/IClaimUidExtractor.cs
@@ -5,9 +5,16 @@ using System.Security.Claims;
 
 namespace Microsoft.AspNet.Mvc
 {
-    // Can extract unique identifers for a claims-based identity
+    /// <summary>
+    /// This interface can extract unique identifers for a claims-based identity.
+    /// </summary>
     public interface IClaimUidExtractor
     {
+        /// <summary>
+        /// Extracts claims identifier.
+        /// </summary>
+        /// <param name="identity">The <see cref="ClaimsIdentity"/>.</param>
+        /// <returns>The claims identifier.</returns>
         string ExtractClaimUid(ClaimsIdentity identity);
     }
 }
\ No newline at end of file
diff --git a/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/AntiForgeryWorkerTest.cs b/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/AntiForgeryWorkerTest.cs
index bce2d80372..d81310e06e 100644
--- a/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/AntiForgeryWorkerTest.cs
+++ b/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/AntiForgeryWorkerTest.cs
@@ -130,7 +130,8 @@ namespace Microsoft.AspNet.Mvc.Core.Test
                 htmlEncoder: new CommonTestEncoder());
 
             // Act & assert
-            var ex = Assert.Throws<InvalidOperationException>(() => worker.GetTokens(mockHttpContext.Object, "cookie-token"));
+            var ex = Assert.Throws<InvalidOperationException>(() =>
+                worker.GetTokens(mockHttpContext.Object, "cookie-token"));
             Assert.Equal(
              @"The anti-forgery system has the configuration value AntiForgeryOptions.RequireSsl = true, " +
              "but the current request is not an SSL request.",
@@ -241,7 +242,10 @@ namespace Microsoft.AspNet.Mvc.Core.Test
         {
             // Arrange
             // Genreate a new cookie.
-            var context = GetAntiForgeryWorkerContext(new AntiForgeryOptions(), useOldCookie: false, isOldCookieValid: false);
+            var context = GetAntiForgeryWorkerContext(
+                new AntiForgeryOptions(),
+                useOldCookie: false,
+                isOldCookieValid: false);
             var worker = GetAntiForgeryWorker(context);
 
             // Act
@@ -257,7 +261,10 @@ namespace Microsoft.AspNet.Mvc.Core.Test
         {
             // Arrange
             // Make sure the existing cookie is invalid.
-            var context = GetAntiForgeryWorkerContext(new AntiForgeryOptions(), useOldCookie: false, isOldCookieValid: false);
+            var context = GetAntiForgeryWorkerContext(
+                new AntiForgeryOptions(),
+                useOldCookie: false,
+                isOldCookieValid: false);
 
             // This will cause the cookieToken to be null.
             context.TokenSerializer.Setup(o => o.Deserialize("serialized-old-cookie-token"))
@@ -280,7 +287,10 @@ namespace Microsoft.AspNet.Mvc.Core.Test
         public void GetTokens_ExistingValidCookieToken_GeneratesANewFormToken()
         {
             // Arrange
-            var context = GetAntiForgeryWorkerContext(new AntiForgeryOptions(), useOldCookie: true, isOldCookieValid: true);
+            var context = GetAntiForgeryWorkerContext(
+                new AntiForgeryOptions(),
+                useOldCookie: true,
+                isOldCookieValid: true);
             context.TokenStore = null;
             var worker = GetAntiForgeryWorker(context);
 
@@ -390,7 +400,9 @@ namespace Microsoft.AspNet.Mvc.Core.Test
         [Theory]
         [InlineData(false, "SAMEORIGIN")]
         [InlineData(true, null)]
-        public void SetCookieTokenAndHeader_AddsXFrameOptionsHeader(bool suppressXFrameOptions, string expectedHeaderValue)
+        public void SetCookieTokenAndHeader_AddsXFrameOptionsHeader(
+            bool suppressXFrameOptions,
+            string expectedHeaderValue)
         {
             // Arrange
             var options = new AntiForgeryOptions()
@@ -440,13 +452,21 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             return mockHttpContext;
         }
 
-        private Mock<ITokenProvider> GetTokenProvider(HttpContext context, TestTokenSet testTokenSet, bool useOldCookie, bool isOldCookieValid = true, bool isNewCookieValid = true)
+        private Mock<IAntiForgeryTokenProvider> GetTokenProvider(
+            HttpContext context,
+            TestTokenSet testTokenSet,
+            bool useOldCookie,
+            bool isOldCookieValid = true,
+            bool isNewCookieValid = true)
         {
             var oldCookieToken = testTokenSet.OldCookieToken;
             var newCookieToken = testTokenSet.NewCookieToken;
             var formToken = testTokenSet.FormToken;
-            var mockValidator = new Mock<ITokenProvider>(MockBehavior.Strict);
-            mockValidator.Setup(o => o.GenerateFormToken(context, context.User.Identity as ClaimsIdentity, useOldCookie ? oldCookieToken : newCookieToken))
+            var mockValidator = new Mock<IAntiForgeryTokenProvider>(MockBehavior.Strict);
+            mockValidator.Setup(o => o.GenerateFormToken(
+                context,
+                context.User.Identity as ClaimsIdentity,
+                useOldCookie ? oldCookieToken : newCookieToken))
                          .Returns(formToken);
             mockValidator.Setup(o => o.IsCookieTokenValid(oldCookieToken))
                          .Returns(isOldCookieValid);
@@ -459,11 +479,14 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             return mockValidator;
         }
 
-        private Mock<ITokenStore> GetTokenStore(HttpContext context, TestTokenSet testTokenSet, bool saveNewCookie = true)
+        private Mock<IAntiForgeryTokenStore> GetTokenStore(
+            HttpContext context,
+            TestTokenSet testTokenSet,
+            bool saveNewCookie = true)
         {
             var oldCookieToken = testTokenSet.OldCookieToken;
             var formToken = testTokenSet.FormToken;
-            var mockTokenStore = new Mock<ITokenStore>(MockBehavior.Strict);
+            var mockTokenStore = new Mock<IAntiForgeryTokenStore>(MockBehavior.Strict);
             mockTokenStore.Setup(o => o.GetCookieToken(context))
                           .Returns(oldCookieToken);
             mockTokenStore.Setup(o => o.GetFormTokenAsync(context))
@@ -504,7 +527,10 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             };
         }
 
-        private AntiForgeryWorkerContext GetAntiForgeryWorkerContext(AntiForgeryOptions config, bool useOldCookie = false, bool isOldCookieValid = true)
+        private AntiForgeryWorkerContext GetAntiForgeryWorkerContext(
+            AntiForgeryOptions config,
+            bool useOldCookie = false,
+            bool isOldCookieValid = true)
         {
             // Arrange
             var mockHttpContext = GetHttpContext();
@@ -513,7 +539,11 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             var mockSerializer = GetTokenSerializer(testTokenSet);
 
             var mockTokenStore = GetTokenStore(mockHttpContext.Object, testTokenSet);
-            var mockTokenProvider = GetTokenProvider(mockHttpContext.Object, testTokenSet, useOldCookie: useOldCookie, isOldCookieValid: isOldCookieValid);
+            var mockTokenProvider = GetTokenProvider(
+                mockHttpContext.Object,
+                testTokenSet,
+                useOldCookie: useOldCookie,
+                isOldCookieValid: isOldCookieValid);
 
             return new AntiForgeryWorkerContext()
             {
@@ -544,9 +574,9 @@ namespace Microsoft.AspNet.Mvc.Core.Test
 
             public Mock<HttpContext> HttpContext { get; set; }
 
-            public Mock<ITokenProvider> TokenProvider { get; set; }
+            public Mock<IAntiForgeryTokenProvider> TokenProvider { get; set; }
 
-            public Mock<ITokenStore> TokenStore { get; set; }
+            public Mock<IAntiForgeryTokenStore> TokenStore { get; set; }
 
             public Mock<IAntiForgeryTokenSerializer> TokenSerializer { get; set; }
         }
diff --git a/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/ITokenProvider.cs b/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/IAntiForgeryTokenProvider.cs
similarity index 72%
rename from test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/ITokenProvider.cs
rename to test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/IAntiForgeryTokenProvider.cs
index e685865c74..03e257442c 100644
--- a/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/ITokenProvider.cs
+++ b/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/IAntiForgeryTokenProvider.cs
@@ -4,7 +4,7 @@
 namespace Microsoft.AspNet.Mvc.Core.Test
 {
     // A TokenProvider that can be passed to MoQ
-    internal interface ITokenProvider : ITokenValidator, ITokenGenerator
+    internal interface IAntiForgeryTokenProvider : IAntiForgeryTokenValidator, IAntiForgeryTokenGenerator
     {
     }
 }
\ No newline at end of file
diff --git a/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/TokenProviderTest.cs b/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/TokenProviderTest.cs
index f035ecf991..e80d9cbc81 100644
--- a/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/TokenProviderTest.cs
+++ b/test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/TokenProviderTest.cs
@@ -16,7 +16,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
         public void GenerateCookieToken()
         {
             // Arrange
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                                             config: null,
                                             claimUidExtractor: null,
                                             additionalDataProvider: null);
@@ -40,7 +40,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
 
             var config = new AntiForgeryOptions();
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: null,
                 additionalDataProvider: null);
@@ -71,7 +71,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             var config = new AntiForgeryOptions();
             IClaimUidExtractor claimUidExtractor = new Mock<IClaimUidExtractor>().Object;
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: claimUidExtractor,
                 additionalDataProvider: null);
@@ -106,7 +106,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             var config = new AntiForgeryOptions();
             IClaimUidExtractor claimUidExtractor = new Mock<IClaimUidExtractor>().Object;
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: claimUidExtractor,
                 additionalDataProvider: mockAdditionalDataProvider.Object);
@@ -145,7 +145,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             mockClaimUidExtractor.Setup(o => o.ExtractClaimUid(identity))
                                  .Returns(base64ClaimUId);
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: mockClaimUidExtractor.Object,
                 additionalDataProvider: null);
@@ -178,7 +178,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             var config = new AntiForgeryOptions();
             IClaimUidExtractor claimUidExtractor = new Mock<IClaimUidExtractor>().Object;
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: claimUidExtractor,
                 additionalDataProvider: null);
@@ -204,7 +204,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
                 IsSessionToken = false
             };
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: null,
                 claimUidExtractor: null,
                 additionalDataProvider: null);
@@ -221,7 +221,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
         {
             // Arrange
             AntiForgeryToken cookieToken = null;
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: null,
                 claimUidExtractor: null,
                 additionalDataProvider: null);
@@ -242,7 +242,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
                 IsSessionToken = true
             };
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: null,
                 claimUidExtractor: null,
                 additionalDataProvider: null);
@@ -267,7 +267,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             {
                 CookieName = "my-cookie-name"
             };
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: null,
                 additionalDataProvider: null);
@@ -293,7 +293,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
                 FormFieldName = "my-form-field-name"
             };
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: null,
                 additionalDataProvider: null);
@@ -320,7 +320,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
                 FormFieldName = "my-form-field-name"
             };
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: null,
                 additionalDataProvider: null);
@@ -352,7 +352,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             var sessionToken = new AntiForgeryToken() { IsSessionToken = true };
             var fieldtoken = new AntiForgeryToken() { IsSessionToken = false };
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: null,
                 claimUidExtractor: null,
                 additionalDataProvider: null);
@@ -385,7 +385,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             mockClaimUidExtractor.Setup(o => o.ExtractClaimUid(identity))
                                  .Returns((string)null);
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: null,
                 claimUidExtractor: mockClaimUidExtractor.Object,
                 additionalDataProvider: null);
@@ -418,7 +418,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
             mockClaimUidExtractor.Setup(o => o.ExtractClaimUid(identity))
                                  .Returns(Convert.ToBase64String(differentToken.GetData()));
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: null,
                 claimUidExtractor: mockClaimUidExtractor.Object,
                 additionalDataProvider: null);
@@ -452,7 +452,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
                                       .Returns(false);
 
             var config = new AntiForgeryOptions();
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: null,
                 additionalDataProvider: mockAdditionalDataProvider.Object);
@@ -484,7 +484,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
                                       .Returns(true);
 
             var config = new AntiForgeryOptions();
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: null,
                 additionalDataProvider: mockAdditionalDataProvider.Object);
@@ -516,7 +516,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
                                       .Returns(true);
 
             var config = new AntiForgeryOptions();
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: new Mock<IClaimUidExtractor>().Object,
                 additionalDataProvider: mockAdditionalDataProvider.Object);
@@ -548,7 +548,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
 
             var config = new AntiForgeryOptions();
 
-            var tokenProvider = new TokenProvider(
+            var tokenProvider = new AntiForgeryTokenProvider(
                 config: config,
                 claimUidExtractor: mockClaimUidExtractor.Object,
                 additionalDataProvider: null);