private string UnEncodePassword(string pass,
System.Web.Security.MembershipPasswordFormat passwordFormat)
{
switch (passwordFormat)
{
case System.Web.Security.MembershipPasswordFormat.Clear:
return(pass);
case System.Web.Security.MembershipPasswordFormat.Hashed:
throw new ProviderException("Provider 不能解密哈希加密的密码。");
}
byte[] buffer = this.DecryptPassword(Convert.FromBase64String(pass));
if (buffer == null)
{
return(null);
}
return(System.Text.Encoding.Unicode.GetString(buffer, 16, buffer.Length - 16));
}
private void GetPasswordWithFormat(string username, bool updateLastLoginActivityDate, out int status,
out string password,
out string passwordSalt,
out int failedPasswordAttemptCount, out int failedPasswordAnswerAttemptCount, out DateTime lastActivityDate,
out DateTime lastLoginDate)
{
User user = new UserService().GetUser(username);
if (user != null && user.MemberShip != null)
{
if (updateLastLoginActivityDate)
{
user.MemberShip.LastActivityDate = DateTime.UtcNow;
user.MemberShip.LastLoginDate = DateTime.UtcNow;
new UserService().UpdateUser(user);
}
password = user.MemberShip.Password;
passwordSalt = user.MemberShip.PasswordSalt;
failedPasswordAttemptCount = user.MemberShip.PasswordFailuresSinceLastSuccess;
failedPasswordAnswerAttemptCount = user.MemberShip.AnswerFailureCount;
lastLoginDate = user.MemberShip.LastLoginDate;
lastActivityDate = user.MemberShip.LastActivityDate;
status = 0;
}
else
{
password = null;
passwordFormat = System.Web.Security.MembershipPasswordFormat.Clear;
passwordSalt = null;
failedPasswordAttemptCount = 0;
failedPasswordAnswerAttemptCount = 0;
lastLoginDate = DateTime.UtcNow;
lastActivityDate = DateTime.UtcNow;
status = 1;
}
}
private void GetPasswordWithFormat(string username, bool updateLastLoginActivityDate, out int status,
out string password,
out string passwordSalt,
out int failedPasswordAttemptCount, out int failedPasswordAnswerAttemptCount, out DateTime lastActivityDate,
out DateTime lastLoginDate)
{
User user = new UserService().GetUser(username);
if (user != null && user.MemberShip != null)
{
if (updateLastLoginActivityDate)
{
user.MemberShip.LastActivityDate = DateTime.UtcNow;
user.MemberShip.LastLoginDate = DateTime.UtcNow;
new UserService().UpdateUser(user);
}
password = user.MemberShip.Password;
passwordSalt = user.MemberShip.PasswordSalt;
failedPasswordAttemptCount = user.MemberShip.PasswordFailuresSinceLastSuccess;
failedPasswordAnswerAttemptCount = user.MemberShip.AnswerFailureCount;
lastLoginDate = user.MemberShip.LastLoginDate;
lastActivityDate = user.MemberShip.LastActivityDate;
status = 0;
}
else
{
password = null;
passwordFormat = System.Web.Security.MembershipPasswordFormat.Clear;
passwordSalt = null;
failedPasswordAttemptCount = 0;
failedPasswordAnswerAttemptCount = 0;
lastLoginDate = DateTime.UtcNow;
lastActivityDate = DateTime.UtcNow;
status = 1;
}
}
/// <summary>
/// 使用 ASP.NET 应用程序配置文件中指定的属性值初始化成员资格提供程序。
/// 此方法不应从代码直接使用。
/// </summary>
/// <param name="name">要初始化的 ExtendedMembershipProvider 实例的名称。</param>
/// <param name="config">
/// 一个 NameValueCollection,其中包含成员资格提供程序配置选项的值和名称。
/// </param>
public override void Initialize(string name, System.Collections.Specialized.NameValueCollection config)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
if (String.IsNullOrEmpty(name))
{
name = "AHMembershipProvider";
}
if (String.IsNullOrEmpty(config["description"]))
{
config.Remove("description");
config.Add("description", "AHCMS.Framework.Security Membership Provider");
}
base.Initialize(name, config);
this.enablePasswordRetrieval = SecUtility.GetBooleanValue(
config, "enablePasswordRetrieval", false);
this.enablePasswordReset = SecUtility.GetBooleanValue(
config, "enablePasswordReset", true);
this.requiresQuestionAndAnswer = SecUtility.GetBooleanValue(
config, "requiresQuestionAndAnswer", true);
this.requiresUniqueEmail = SecUtility.GetBooleanValue(
config, "requiresUniqueEmail", true);
this.maxInvalidPasswordAttempts = SecUtility.GetIntValue(
config, "maxInvalidPasswordAttempts", 5, false, 0);
this.passwordAttemptWindow = SecUtility.GetIntValue(
config, "passwordAttemptWindow", 10, false, 0);
this.minRequiredPasswordLength = SecUtility.GetIntValue(
config, "minRequiredPasswordLength", 7, false, 128);
this.minRequiredNonAlphanumericCharacters = SecUtility.GetIntValue(
config, "minRequiredNonalphanumericCharacters", 1, true, 128);
this.passwordStrengthRegularExpression =
config["passwordStrengthRegularExpression"];
if (this.passwordStrengthRegularExpression != null)
{
this.passwordStrengthRegularExpression =
this.passwordStrengthRegularExpression.Trim();
if (this.passwordStrengthRegularExpression.Length != 0)
{
try
{
new Regex(this.passwordStrengthRegularExpression);
}
catch (ArgumentException e)
{
throw new ProviderException(e.Message, e);
}
}
}
else
{
this.passwordStrengthRegularExpression = String.Empty;
}
string strTemp = config["passwordFormat"];
if (strTemp == null)
{
strTemp = "Hashed";
}
switch (strTemp)
{
case "Clear":
this.passwordFormat =
System.Web.Security.MembershipPasswordFormat.Clear;
break;
case "Encrypted":
this.passwordFormat =
System.Web.Security.MembershipPasswordFormat.Encrypted;
break;
case "Hashed":
this.passwordFormat =
System.Web.Security.MembershipPasswordFormat.Hashed;
break;
default:
throw new ProviderException("Bad password format.");
}
if (this.passwordFormat == System.Web.Security.MembershipPasswordFormat.Hashed
&& this.enablePasswordRetrieval)
{
throw new ProviderException("Provider cannot retrieve hashed password.");
}
config.Remove("repository");
config.Remove("applicationName");
config.Remove("enablePasswordRetrieval");
config.Remove("enablePasswordReset");
config.Remove("requiresQuestionAndAnswer");
config.Remove("requiresUniqueEmail");
config.Remove("maxInvalidPasswordAttempts");
config.Remove("passwordAttemptWindow");
config.Remove("passwordFormat");
config.Remove("name");
config.Remove("description");
config.Remove("minRequiredPasswordLength");
config.Remove("minRequiredNonalphanumericCharacters");
config.Remove("passwordStrengthRegularExpression");
if (config.Count > 0)
{
string attribUnrecognized = config.GetKey(0);
if (!String.IsNullOrEmpty(attribUnrecognized))
{
throw new ProviderException(
"Provider unrecognized attribute: " + attribUnrecognized);
}
}
}
public IUserMapper <TUser> PasswordFormat(TUser user, System.Web.Security.MembershipPasswordFormat value)
{
Set(user, UserColumnType.PasswordFormat, value); return(this);
}
/// <summary>
/// 加密密码
/// </summary>
/// <param name="pass">密码</param>
/// <param name="passwordFormat">加密方式</param>
/// <param name="salt">加密字符串</param>
/// <returns></returns>
private string EncodePassword(string pass,
System.Web.Security.MembershipPasswordFormat passwordFormat, string salt)
{
if (passwordFormat == System.Web.Security.MembershipPasswordFormat.Clear)
{
return(pass);
}
byte[] bIn = System.Text.Encoding.Unicode.GetBytes(pass);
byte[] bSalt = Convert.FromBase64String(salt);
byte[] bRet = null;
if (passwordFormat == System.Web.Security.MembershipPasswordFormat.Hashed)
{
System.Security.Cryptography.HashAlgorithm hashAlgorithm = this.GetHashAlgorithm();
if (hashAlgorithm is System.Security.Cryptography.KeyedHashAlgorithm)
{
System.Security.Cryptography.KeyedHashAlgorithm keyedHashAlgorithm =
(System.Security.Cryptography.KeyedHashAlgorithm)hashAlgorithm;
if (keyedHashAlgorithm.Key.Length == bSalt.Length)
{
keyedHashAlgorithm.Key = bSalt;
}
else
{
if (keyedHashAlgorithm.Key.Length < bSalt.Length)
{
byte[] bKey = new byte[keyedHashAlgorithm.Key.Length];
Buffer.BlockCopy(bSalt, 0, bKey, 0, bKey.Length);
keyedHashAlgorithm.Key = bKey;
}
else
{
byte[] bKey = new byte[keyedHashAlgorithm.Key.Length];
int num;
for (int i = 0; i < bKey.Length; i += num)
{
num = Math.Min(bSalt.Length, bKey.Length - i);
Buffer.BlockCopy(bSalt, 0, bKey, i, num);
}
keyedHashAlgorithm.Key = bKey;
}
}
bRet = keyedHashAlgorithm.ComputeHash(bIn);
}
else
{
byte[] bAll = new byte[bSalt.Length + bIn.Length];
Buffer.BlockCopy(bSalt, 0, bAll, 0, bSalt.Length);
Buffer.BlockCopy(bIn, 0, bAll, bSalt.Length, bIn.Length);
bRet = hashAlgorithm.ComputeHash(bAll);
}
}
else //System.Web.Security.MembershipPasswordFormat.Encrypted
{
byte[] bAll = new byte[bSalt.Length + bIn.Length];
Buffer.BlockCopy(bSalt, 0, bAll, 0, bSalt.Length);
Buffer.BlockCopy(bIn, 0, bAll, bSalt.Length, bIn.Length);
bRet = this.EncryptPassword(bAll);
}
return(Convert.ToBase64String(bRet));
}
/// <summary>
/// 使用 ASP.NET 应用程序配置文件中指定的属性值初始化成员资格提供程序。
/// 此方法不应从代码直接使用。
/// </summary>
/// <param name="name">要初始化的 ExtendedMembershipProvider 实例的名称。</param>
/// <param name="config">
/// 一个 NameValueCollection,其中包含成员资格提供程序配置选项的值和名称。
/// </param>
public override void Initialize(string name, System.Collections.Specialized.NameValueCollection config)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
if (String.IsNullOrEmpty(name))
{
name = "AHMembershipProvider";
}
if (String.IsNullOrEmpty(config["description"]))
{
config.Remove("description");
config.Add("description", "AHCMS.Framework.Security Membership Provider");
}
base.Initialize(name, config);
this.enablePasswordRetrieval = SecUtility.GetBooleanValue(
config, "enablePasswordRetrieval", false);
this.enablePasswordReset = SecUtility.GetBooleanValue(
config, "enablePasswordReset", true);
this.requiresQuestionAndAnswer = SecUtility.GetBooleanValue(
config, "requiresQuestionAndAnswer", true);
this.requiresUniqueEmail = SecUtility.GetBooleanValue(
config, "requiresUniqueEmail", true);
this.maxInvalidPasswordAttempts = SecUtility.GetIntValue(
config, "maxInvalidPasswordAttempts", 5, false, 0);
this.passwordAttemptWindow = SecUtility.GetIntValue(
config, "passwordAttemptWindow", 10, false, 0);
this.minRequiredPasswordLength = SecUtility.GetIntValue(
config, "minRequiredPasswordLength", 7, false, 128);
this.minRequiredNonAlphanumericCharacters = SecUtility.GetIntValue(
config, "minRequiredNonalphanumericCharacters", 1, true, 128);
this.passwordStrengthRegularExpression =
config["passwordStrengthRegularExpression"];
if (this.passwordStrengthRegularExpression != null)
{
this.passwordStrengthRegularExpression =
this.passwordStrengthRegularExpression.Trim();
if (this.passwordStrengthRegularExpression.Length != 0)
{
try
{
new Regex(this.passwordStrengthRegularExpression);
}
catch (ArgumentException e)
{
throw new ProviderException(e.Message, e);
}
}
}
else
{
this.passwordStrengthRegularExpression = String.Empty;
}
string strTemp = config["passwordFormat"];
if (strTemp == null)
{
strTemp = "Hashed";
}
switch (strTemp)
{
case "Clear":
this.passwordFormat =
System.Web.Security.MembershipPasswordFormat.Clear;
break;
case "Encrypted":
this.passwordFormat =
System.Web.Security.MembershipPasswordFormat.Encrypted;
break;
case "Hashed":
this.passwordFormat =
System.Web.Security.MembershipPasswordFormat.Hashed;
break;
default:
throw new ProviderException("Bad password format.");
}
if (this.passwordFormat == System.Web.Security.MembershipPasswordFormat.Hashed &&
this.enablePasswordRetrieval)
{
throw new ProviderException("Provider cannot retrieve hashed password.");
}
config.Remove("repository");
config.Remove("applicationName");
config.Remove("enablePasswordRetrieval");
config.Remove("enablePasswordReset");
config.Remove("requiresQuestionAndAnswer");
config.Remove("requiresUniqueEmail");
config.Remove("maxInvalidPasswordAttempts");
config.Remove("passwordAttemptWindow");
config.Remove("passwordFormat");
config.Remove("name");
config.Remove("description");
config.Remove("minRequiredPasswordLength");
config.Remove("minRequiredNonalphanumericCharacters");
config.Remove("passwordStrengthRegularExpression");
if (config.Count > 0)
{
string attribUnrecognized = config.GetKey(0);
if (!String.IsNullOrEmpty(attribUnrecognized))
{
throw new ProviderException(
"Provider unrecognized attribute: " + attribUnrecognized);
}
}
}
public override void Initialize(string name, System.Collections.Specialized.NameValueCollection config)
{
if (config == null)
throw new ArgumentNullException("config");
if (name == null || name.Length == 0)
name = "EucalyptoMembershipProvider";
base.Initialize(name, config);
this.mProviderName = name;
this.mApplicationName = ExtractConfigValue(config, "applicationName", ConnectionParameters.DEFAULT_APP); //System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath
this.mEnablePasswordReset = bool.Parse(ExtractConfigValue(config, "enablePasswordReset", "true"));
this.mEnablePasswordRetrieval = false; //bool.Parse(GetConfigValue(config["enablePasswordRetrieval"], "false"));
this.mMaxInvalidPasswordAttempts = int.Parse(ExtractConfigValue(config, "maxInvalidPasswordAttempts", "5"));
this.mMinRequiredNonAlphanumericCharacters = int.Parse(ExtractConfigValue(config, "minRequiredNonAlphanumericCharacters", "1"));
this.mMinRequiredPasswordLength = int.Parse(ExtractConfigValue(config, "minRequiredPasswordLength", "7"));
this.mPasswordAttemptWindow = int.Parse(ExtractConfigValue(config, "passwordAttemptWindow", "10"));
this.mPasswordFormat = MembershipPasswordFormat.Hashed; //Enum.Parse(typeof(MembershipPasswordFormat), GetConfigValue(config["passwordFormat"], "Hashed"));
this.mPasswordStrengthRegularExpression = ExtractConfigValue(config, "passwordStrengthRegularExpression", "");
this.mRequiresQuestionAndAnswer = bool.Parse(ExtractConfigValue(config, "requiresQuestionAndAnswer", "false"));
this.mRequiresUniqueEmail = bool.Parse(ExtractConfigValue(config, "requiresUniqueEmail", "true"));
string connName = ExtractConfigValue(config, "connectionStringName", null);
mConfiguration = ConfigurationHelper.Create(connName);
// Throw an exception if unrecognized attributes remain
if (config.Count > 0)
{
string attr = config.GetKey(0);
if (!String.IsNullOrEmpty(attr))
throw new System.Configuration.Provider.ProviderException("Unrecognized attribute: " +
attr);
}
}
/// <summary>
/// Initializes the provider.
/// </summary>
/// <param name="config">A collection of the name/value pairs representing the provider-specific
/// attributes specified in the configuration for this provider.</param>
/// <param name="name">The friendly name of the provider.</param>
/// <exception cref="ArgumentNullException">The name of the provider is null.</exception>
/// <exception cref="InvalidOperationException">An attempt is made to call <see cref="Initialize(System.String,System.Collections.Specialized.NameValueCollection)"></see> on a provider after the provider has already been initialized.</exception>
/// <exception cref="ArgumentException">The name of the provider has a length of zero.</exception>
public override void Initialize(string name, System.Collections.Specialized.NameValueCollection config)
{
// Initialize values from Web.config.
if (null == config)
{
throw (new ArgumentNullException("config"));
}
if (string.IsNullOrEmpty(name))
{
name = "NHibernateMembershipProvider";
}
if (string.IsNullOrEmpty(config["description"]))
{
config.Remove("description");
config.Add("description", "NHibernate Membership Provider");
}
// Call the base class implementation.
base.Initialize(name, config);
// Load configuration data.
string appName = GetConfigValue(config["applicationName"], HostingEnvironment.ApplicationVirtualPath);
Application = ApplicationManager.FetchApplication(appName, config["description"]);
requiresQuestionAndAnswer = Convert.ToBoolean(GetConfigValue(config["requiresQuestionAndAnswer"], "False"));
requiresUniqueEmail = Convert.ToBoolean(GetConfigValue(config["requiresUniqueEmail"], "True"));
enablePasswordRetrieval = Convert.ToBoolean(GetConfigValue(config["enablePasswordRetrieval"], "True"));
enablePasswordReset = Convert.ToBoolean(GetConfigValue(config["enablePasswordReset"], "True"));
maxInvalidPasswordAttempts = Convert.ToInt32(GetConfigValue(config["maxInvalidPasswordAttempts"], "5"));
passwordAttemptWindow = Convert.ToInt32(GetConfigValue(config["passwordAttemptWindow"], "10"));
minRequiredPasswordLength = Convert.ToInt32(GetConfigValue(config["minRequiredPasswordLength"], "7"));
minRequiredNonAlphanumericCharacters = Convert.ToInt32(GetConfigValue(config["minRequiredAlphaNumericCharacters"], "1"));
passwordStrengthRegularExpression = Convert.ToString(GetConfigValue(config["passwordStrengthRegularExpression"], string.Empty));
// Initialize the password format.
switch (GetConfigValue(config["passwordFormat"], "Hashed"))
{
case "Hashed":
passwordFormat = SystemWeb.MembershipPasswordFormat.Hashed;
break;
case "Encrypted":
passwordFormat = SystemWeb.MembershipPasswordFormat.Encrypted;
break;
case "Clear":
passwordFormat = SystemWeb.MembershipPasswordFormat.Clear;
break;
default:
throw new ProviderException("password format not supported");
}
Configuration.Configuration cfg = WebConfigurationManager.OpenWebConfiguration(HostingEnvironment.ApplicationVirtualPath);
machineKey = (MachineKeySection)cfg.GetSection("system.web/machineKey");
if ("Auto".Equals(machineKey.Decryption))
{
// Create our own key if one has not been specified.
machineKey.DecryptionKey = CreateKey(24);
machineKey.ValidationKey = CreateKey(64);
}
}
