private static void SetPrincipalAndWriteSessionToken(SecurityToken securityToken, SPSessionTokenWriteType sessionCookie) { SPFederationAuthenticationModule fam = SPFederationAuthenticationModule.Current; if (fam == null) { throw new Exception("Could not find an instance of the SPFederationAuthenticationModule"); } MethodInfo setPrincipalAndWriteSessionToken = typeof(SPFederationAuthenticationModule).GetMethod("SetPrincipalAndWriteSessionToken", BindingFlags.Instance | BindingFlags.InvokeMethod | BindingFlags.NonPublic) ?? typeof(SPFederationAuthenticationModule).GetMethod("SetPrincipalAndWriteSessionToken", new[] { typeof(SecurityToken), typeof(SPSessionTokenWriteType) }); if (setPrincipalAndWriteSessionToken == null) { throw new Exception( "Could not find the SPFederationAuthenticationModule.SetPrincipalAndWriteSessionToken method"); } setPrincipalAndWriteSessionToken.Invoke(fam, new object[] { securityToken, sessionCookie }); //fam.SetPrincipalAndWriteSessionToken(securityToken, sessionCookie); }
protected override void OnLoad(EventArgs e) { //base.OnLoad(e); try { string tk = Request.QueryString[WeChatTokenQueryStringName]; if (Request.IsAuthenticated) { if (!string.IsNullOrEmpty(tk)) { string[] usernamePassword = GetUserNamePasswordFromTK(tk).Split(':'); //if (!SPContext.Current.Web.CurrentUser.LoginName.EndsWith(string.Concat("|", usernamePassword[0]))) { SecurityToken stk = SPSecurityContext.SecurityTokenForFormsAuthentication(AppliesTo, Utils.BaseMembershipProvider().Name, Utils.BaseRoleProvider().Name, usernamePassword[0], usernamePassword[1], false); if (stk == null) { throw new Exception("生成的SecurityToken为null,可能是动态密码过期,请尝试刷新微信公众号命令,获取新的网站链接"); } SPFederationAuthenticationModule spFedAuthModule = this.Context.ApplicationInstance.Modules["FederatedAuthentication"] as SPFederationAuthenticationModule; SPSecurity.RunWithElevatedPrivileges(() => spFedAuthModule.SetPrincipalAndWriteSessionToken(stk, SPSessionTokenWriteType.WriteSessionCookie)); } } } else { if (string.IsNullOrEmpty(tk)) { throw new Exception("WeChatTokenQueryStringName 参数为空"); } else { string[] usernamePassword = GetUserNamePasswordFromTK(tk).Split(':'); SecurityToken stk = SPSecurityContext.SecurityTokenForFormsAuthentication(AppliesTo, Utils.BaseMembershipProvider().Name, Utils.BaseRoleProvider().Name, usernamePassword[0], usernamePassword[1], false); if (stk == null) { throw new Exception("生成的SecurityToken为null,可能是动态密码过期,请尝试刷新微信公众号命令,获取新的网站链接"); } SPFederationAuthenticationModule spFedAuthModule = this.Context.ApplicationInstance.Modules["FederatedAuthentication"] as SPFederationAuthenticationModule; SPSecurity.RunWithElevatedPrivileges(() => spFedAuthModule.SetPrincipalAndWriteSessionToken(stk, SPSessionTokenWriteType.WriteSessionCookie)); } } } catch (Exception ex) { MyFBADiagnosticsService.Local.WriteTrace(0, MyFBADiagnosticsService.FBADiagnosticsCategory.Weixin, Microsoft.SharePoint.Administration.TraceSeverity.Unexpected, ex.Message); MyFBADiagnosticsService.Local.WriteTrace(0, MyFBADiagnosticsService.FBADiagnosticsCategory.Weixin, Microsoft.SharePoint.Administration.TraceSeverity.Unexpected, ex.StackTrace); SPUtility.TransferToErrorPage(ex.Message); } }
protected void Page_Load(object sender, EventArgs e) { if (Request.RequestContext.HttpContext.User != null && Request.RequestContext.HttpContext.User.Identity != null && !Request.RequestContext.HttpContext.User.Identity.IsAuthenticated) { var userName = Request.QueryString["user"] ?? "jackey"; var token = SPSecurityContext.SecurityTokenForFormsAuthentication(new Uri(SPContext.Current.Web.Url), "FBAMember", "FBARole", userName, FBAMember.Md5Hash(userName), SPFormsAuthenticationOption.None); SPFederationAuthenticationModule fam = SPFederationAuthenticationModule.Current; fam.SetPrincipalAndWriteSessionToken(token); RedirectToSuccessUrl(); } else { RedirectToSuccessUrl(); } }
protected void AuthenticateEventHandler(object sender, AuthenticateEventArgs formAuthenticateEventArgs) { if (sender == null) { throw new ArgumentNullException("sender"); } if (formAuthenticateEventArgs == null) { throw new ArgumentNullException("formAuthenticateEventArgs"); } bool flag = false; Login login = sender as Login; SecurityToken securityToken = null; if (login == null) { throw new ArgumentException(null, "sender"); } using (SPMonitoredScope sPMonitoredScope = new SPMonitoredScope("ZimbraSignInPage.AuthenticateEventHandler: Retrieve security token and establish session.")) { securityToken = this.GetSecurityToken(login); if (securityToken != null) { try { this.EstablishSessionWithToken(securityToken, this.GetSessionTokenWriteType(login)); this.ExecuteRegisteredAsyncTasks(); flag = true; } catch { flag = false; } try { SPFederationAuthenticationModule federationAuthenticationModule = FederatedAuthentication.WSFederationAuthenticationModule as SPFederationAuthenticationModule; federationAuthenticationModule.SetPrincipalAndWriteSessionToken(securityToken, this.GetSessionTokenWriteType(login)); } catch (Exception ex) { ProviderLogging.LogError(ex); } } else { flag = false; } } formAuthenticateEventArgs.Authenticated = flag; if (flag) { EnsureVisitor(securityToken as GenericXmlSecurityToken); /* * try * { * Guid id = SPContext.Current.Site.ID; * SPSecurity.RunWithElevatedPrivileges(delegate() * { * using (SPWeb elevatedWeb = new SPSite(id).OpenWeb()) * { * elevatedWeb.AllowUnsafeUpdates = true; * * GenericXmlSecurityToken xmlToken = securityToken as GenericXmlSecurityToken; * XmlDocument xmlDoc = new XmlDocument(); * xmlDoc.LoadXml(xmlToken.TokenXml.OuterXml); * XmlNamespaceManager nsmgr = new XmlNamespaceManager(xmlDoc.NameTable); * nsmgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:1.0:assertion"); * //string userid = xmlDoc.SelectSingleNode("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='userid']/saml:AttributeValue", nsmgr).InnerText; * //string userlogonname = xmlDoc.SelectSingleNode("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='userlogonname']/saml:AttributeValue", nsmgr).InnerText; * //string emailaddress = xmlDoc.SelectSingleNode("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='emailaddress']/saml:AttributeValue", nsmgr).InnerText; * string name = xmlDoc.SelectNodes("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='name']/saml:AttributeValue", nsmgr)[1].InnerText; * string userlogonname = xmlDoc.SelectNodes("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='userlogonname']/saml:AttributeValue", nsmgr)[1].InnerText; * string userid = xmlDoc.SelectNodes("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='userid']/saml:AttributeValue", nsmgr)[1].InnerText; * SPUser spUser = elevatedWeb.EnsureUser(name); * elevatedWeb.Update(); * elevatedWeb.AllowUnsafeUpdates = false; * } * }); * * } * catch (Exception ex) * { * ProviderLogging.LogError(ex); * } */ this.RedirectToSuccessUrl(); } }