1. How are miners kept honest in regard to what shares they complete? Ie. if a pool hands out shares to a worker, and the worker reports those shares as done, how does the pool know they were really done? It would clearly be impractical to verify all the work, and if the pool tried to verify part of the work, as soon as the client knew which part would be checked it could just do that subset of the work. What stops a dishonest client from claiming to have done a share when it hasn't?
Shares are simply proof-of-work results with a lower difficulty than the network difficulty. To find a block, you might need to find a hash value lower than 1,000 (using arbitrary numbers as example). To find a share, a pool may ask for hash values lower than 10,000,000, so finding a share would be 10,000 times easier than finding a block.
After submitting the work, the pool only has to apply the hash function once to verify correctness and credit the share.
2. What stops a dishonest worker from hashing on a pool, taking it's share of payouts all the time it doesn't hit a block, but then when it does hit a block, simply announcing that block to the network and claimining it all for itself?
The block header that is being used in the input of the hash-function depends on the transactions, in particular the coinbase transaction that awards the block reward. The pool will distribute work that has a coinbase transaction sending the block reward to an address controlled by the pool. If a miner wants to mine for himself, he has to insert his own address instead. But doing so means that the block the miner just found is no longer valid.
