diff --git a/setup.cfg b/setup.cfg
index b26f51c7d2a99651edd8bf75fe8a5ced8069c170..e2df42db47b97f69717533155ee89c281eedb433 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -27,4 +27,10 @@ package_dir =
 # the plugins package we want to ship.
 packages =
     _secureaccesstokenauthorizer
+    _secureaccesstokenauthorizer.tests
     twisted.plugins
+
+install_requires =
+    zope.interface
+    twisted
+    tahoe-lafs
diff --git a/src/_secureaccesstokenauthorizer/__init__.py b/src/_secureaccesstokenauthorizer/__init__.py
index 51b6aadfbd94abea8e8d96e67e989f05d6202888..b796f605da7b7b0d29a9851188b71a79f69c1feb 100644
--- a/src/_secureaccesstokenauthorizer/__init__.py
+++ b/src/_secureaccesstokenauthorizer/__init__.py
@@ -12,12 +12,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-__version__ = "0.0"
-
-from ._storage_server import (
-    SecureAccessTokenAuthorizerStorageServer,
-)
+__all__ = [
+    "__version__",
+]
 
-from ._plugin import (
-    SecureAccessTokenAuthorizer,
-)
+__version__ = "0.0"
diff --git a/src/_secureaccesstokenauthorizer/_plugin.py b/src/_secureaccesstokenauthorizer/_plugin.py
index 57a8286a33c7fd27032fa804966a44ef7db71809..ccede2047b78a7cd3a30ad19bbfbf27c265eb630 100644
--- a/src/_secureaccesstokenauthorizer/_plugin.py
+++ b/src/_secureaccesstokenauthorizer/_plugin.py
@@ -25,7 +25,7 @@ from allmydata.interfaces import (
     IFoolscapStoragePlugin,
 )
 
-from . import (
+from .api import (
     SecureAccessTokenAuthorizerStorageServer,
 )
 
@@ -40,7 +40,7 @@ class SecureAccessTokenAuthorizer(object):
     def get_storage_server(self, configuration, get_anonymous_storage_server):
         return SecureAccessTokenAuthorizerStorageServer(
             get_anonymous_storage_server(),
-            **configuration,
+            **configuration
         )
 
     def get_storage_client(self, configuration, announcement):
diff --git a/src/_secureaccesstokenauthorizer/_storage_server.py b/src/_secureaccesstokenauthorizer/_storage_server.py
index aa5032f5e2a3e541248fe98f8a14a92ca55dc17f..075a0fbf216b9f25c55b8d20015bf63892fdc903 100644
--- a/src/_secureaccesstokenauthorizer/_storage_server.py
+++ b/src/_secureaccesstokenauthorizer/_storage_server.py
@@ -17,6 +17,25 @@ A Tahoe-LAFS RIStorageServer-alike which authorizes writes and lease
 updates using a per-call token.
 """
 
+from zope.interface import (
+    implementer,
+)
+
+from twisted.python.components import (
+    proxyForInterface,
+)
+
+from foolscap.constraint import (
+    ByteStringConstraint,
+)
+from foolscap.api import (
+    ListOf,
+)
+from foolscap.remoteinterface import (
+    RemoteMethodSchema,
+    RemoteInterface,
+)
+
 from allmydata.interfaces import (
     RIStorageServer,
 )
@@ -43,7 +62,7 @@ def add_tokens(schema):
 
 
 def add_arguments(schema, **kwargs):
-    new_kwargs = dict(**zip(schema.argumentNames, schema.argConstraints))
+    new_kwargs = schema.argConstraints.copy()
     new_kwargs.update(kwargs)
     modified_schema = RemoteMethodSchema(**new_kwargs)
     return modified_schema
diff --git a/src/_secureaccesstokenauthorizer/api.py b/src/_secureaccesstokenauthorizer/api.py
new file mode 100644
index 0000000000000000000000000000000000000000..6ccb378e6e3031f2e8b14b5b2f79f155e996e875
--- /dev/null
+++ b/src/_secureaccesstokenauthorizer/api.py
@@ -0,0 +1,26 @@
+# Copyright 2019 PrivateStorage.io, LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+__all__ = [
+    "SecureAccessTokenAuthorizerStorageServer",
+    "SecureAccessTokenAuthorizer",
+]
+
+from ._storage_server import (
+    SecureAccessTokenAuthorizerStorageServer,
+)
+
+from ._plugin import (
+    SecureAccessTokenAuthorizer,
+)
diff --git a/src/_secureaccesstokenauthorizer/tests/__init__.py b/src/_secureaccesstokenauthorizer/tests/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..ddc6757790860f85c70d9c06d97bbf25baae8784
--- /dev/null
+++ b/src/_secureaccesstokenauthorizer/tests/__init__.py
@@ -0,0 +1,17 @@
+# Copyright 2019 PrivateStorage.io, LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+The automated unit test suite.
+"""
diff --git a/src/_secureaccesstokenauthorizer/tests/test_plugin.py b/src/_secureaccesstokenauthorizer/tests/test_plugin.py
new file mode 100644
index 0000000000000000000000000000000000000000..21b5e415c06c338dd88bf130298c929fa97d0c46
--- /dev/null
+++ b/src/_secureaccesstokenauthorizer/tests/test_plugin.py
@@ -0,0 +1,48 @@
+# Copyright 2019 PrivateStorage.io, LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+Tests for the Tahoe-LAFS plugin.
+"""
+
+from testtools import (
+    TestCase,
+)
+from testtools.matchers import (
+    Contains,
+)
+
+from allmydata.interfaces import (
+    IFoolscapStoragePlugin,
+)
+
+from twisted.plugin import (
+    getPlugins,
+)
+from twisted.plugins.secureaccesstokenauthorizer import (
+    storage_server,
+)
+
+class PluginTests(TestCase):
+    """
+    Tests for ``twisted.plugins.secureaccesstokenauthorizer.storage_server``.
+    """
+    def test_discoverable(self):
+        """
+        The plugin can be discovered.
+        """
+        self.assertThat(
+            getPlugins(IFoolscapStoragePlugin),
+            Contains(storage_server),
+        )
diff --git a/src/twisted/plugins/secureaccesstokenauthorizer.py b/src/twisted/plugins/secureaccesstokenauthorizer.py
index de01bbecc90c88492a69152d72c14030115eb926..908d022a1c29f8dab0bbe9cdf891bedab631325e 100644
--- a/src/twisted/plugins/secureaccesstokenauthorizer.py
+++ b/src/twisted/plugins/secureaccesstokenauthorizer.py
@@ -16,7 +16,7 @@
 A drop-in to supply plugins to the Twisted plugin system.
 """
 
-from _secureaccesstokenauthorizer import (
+from _secureaccesstokenauthorizer.api import (
     SecureAccessTokenAuthorizer,
 )