private static void SetPrincipalAndWriteSessionToken(SecurityToken securityToken, SPSessionTokenWriteType sessionCookie)
{
SPFederationAuthenticationModule fam = SPFederationAuthenticationModule.Current;
if (fam == null)
{
throw new Exception("Could not find an instance of the SPFederationAuthenticationModule");
}
MethodInfo setPrincipalAndWriteSessionToken =
typeof(SPFederationAuthenticationModule).GetMethod("SetPrincipalAndWriteSessionToken",
BindingFlags.Instance |
BindingFlags.InvokeMethod |
BindingFlags.NonPublic) ??
typeof(SPFederationAuthenticationModule).GetMethod("SetPrincipalAndWriteSessionToken",
new[]
{
typeof(SecurityToken),
typeof(SPSessionTokenWriteType)
});
if (setPrincipalAndWriteSessionToken == null)
{
throw new Exception(
"Could not find the SPFederationAuthenticationModule.SetPrincipalAndWriteSessionToken method");
}
setPrincipalAndWriteSessionToken.Invoke(fam, new object[] { securityToken, sessionCookie });
//fam.SetPrincipalAndWriteSessionToken(securityToken, sessionCookie);
}
protected override void OnLoad(EventArgs e)
{
//base.OnLoad(e);
try
{
string tk = Request.QueryString[WeChatTokenQueryStringName];
if (Request.IsAuthenticated)
{
if (!string.IsNullOrEmpty(tk))
{
string[] usernamePassword = GetUserNamePasswordFromTK(tk).Split(':');
//if (!SPContext.Current.Web.CurrentUser.LoginName.EndsWith(string.Concat("|", usernamePassword[0])))
{
SecurityToken stk = SPSecurityContext.SecurityTokenForFormsAuthentication(AppliesTo, Utils.BaseMembershipProvider().Name, Utils.BaseRoleProvider().Name, usernamePassword[0], usernamePassword[1], false);
if (stk == null)
{
throw new Exception("生成的SecurityToken为null,可能是动态密码过期,请尝试刷新微信公众号命令,获取新的网站链接");
}
SPFederationAuthenticationModule spFedAuthModule = this.Context.ApplicationInstance.Modules["FederatedAuthentication"] as SPFederationAuthenticationModule;
SPSecurity.RunWithElevatedPrivileges(() => spFedAuthModule.SetPrincipalAndWriteSessionToken(stk, SPSessionTokenWriteType.WriteSessionCookie));
}
}
}
else
{
if (string.IsNullOrEmpty(tk))
{
throw new Exception("WeChatTokenQueryStringName 参数为空");
}
else
{
string[] usernamePassword = GetUserNamePasswordFromTK(tk).Split(':');
SecurityToken stk = SPSecurityContext.SecurityTokenForFormsAuthentication(AppliesTo, Utils.BaseMembershipProvider().Name, Utils.BaseRoleProvider().Name, usernamePassword[0], usernamePassword[1], false);
if (stk == null)
{
throw new Exception("生成的SecurityToken为null,可能是动态密码过期,请尝试刷新微信公众号命令,获取新的网站链接");
}
SPFederationAuthenticationModule spFedAuthModule = this.Context.ApplicationInstance.Modules["FederatedAuthentication"] as SPFederationAuthenticationModule;
SPSecurity.RunWithElevatedPrivileges(() => spFedAuthModule.SetPrincipalAndWriteSessionToken(stk, SPSessionTokenWriteType.WriteSessionCookie));
}
}
}
catch (Exception ex)
{
MyFBADiagnosticsService.Local.WriteTrace(0, MyFBADiagnosticsService.FBADiagnosticsCategory.Weixin, Microsoft.SharePoint.Administration.TraceSeverity.Unexpected, ex.Message);
MyFBADiagnosticsService.Local.WriteTrace(0, MyFBADiagnosticsService.FBADiagnosticsCategory.Weixin, Microsoft.SharePoint.Administration.TraceSeverity.Unexpected, ex.StackTrace);
SPUtility.TransferToErrorPage(ex.Message);
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Request.RequestContext.HttpContext.User != null &&
Request.RequestContext.HttpContext.User.Identity != null &&
!Request.RequestContext.HttpContext.User.Identity.IsAuthenticated)
{
var userName = Request.QueryString["user"] ?? "jackey";
var token = SPSecurityContext.SecurityTokenForFormsAuthentication(new Uri(SPContext.Current.Web.Url),
"FBAMember", "FBARole", userName, FBAMember.Md5Hash(userName), SPFormsAuthenticationOption.None);
SPFederationAuthenticationModule fam = SPFederationAuthenticationModule.Current;
fam.SetPrincipalAndWriteSessionToken(token);
RedirectToSuccessUrl();
}
else
{
RedirectToSuccessUrl();
}
}
protected void AuthenticateEventHandler(object sender, AuthenticateEventArgs formAuthenticateEventArgs)
{
if (sender == null)
{
throw new ArgumentNullException("sender");
}
if (formAuthenticateEventArgs == null)
{
throw new ArgumentNullException("formAuthenticateEventArgs");
}
bool flag = false;
Login login = sender as Login;
SecurityToken securityToken = null;
if (login == null)
{
throw new ArgumentException(null, "sender");
}
using (SPMonitoredScope sPMonitoredScope = new SPMonitoredScope("ZimbraSignInPage.AuthenticateEventHandler: Retrieve security token and establish session."))
{
securityToken = this.GetSecurityToken(login);
if (securityToken != null)
{
try
{
this.EstablishSessionWithToken(securityToken, this.GetSessionTokenWriteType(login));
this.ExecuteRegisteredAsyncTasks();
flag = true;
}
catch
{
flag = false;
}
try
{
SPFederationAuthenticationModule federationAuthenticationModule = FederatedAuthentication.WSFederationAuthenticationModule as SPFederationAuthenticationModule;
federationAuthenticationModule.SetPrincipalAndWriteSessionToken(securityToken, this.GetSessionTokenWriteType(login));
}
catch (Exception ex)
{
ProviderLogging.LogError(ex);
}
}
else
{
flag = false;
}
}
formAuthenticateEventArgs.Authenticated = flag;
if (flag)
{
EnsureVisitor(securityToken as GenericXmlSecurityToken);
/*
* try
* {
* Guid id = SPContext.Current.Site.ID;
* SPSecurity.RunWithElevatedPrivileges(delegate()
* {
* using (SPWeb elevatedWeb = new SPSite(id).OpenWeb())
* {
* elevatedWeb.AllowUnsafeUpdates = true;
*
* GenericXmlSecurityToken xmlToken = securityToken as GenericXmlSecurityToken;
* XmlDocument xmlDoc = new XmlDocument();
* xmlDoc.LoadXml(xmlToken.TokenXml.OuterXml);
* XmlNamespaceManager nsmgr = new XmlNamespaceManager(xmlDoc.NameTable);
* nsmgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:1.0:assertion");
* //string userid = xmlDoc.SelectSingleNode("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='userid']/saml:AttributeValue", nsmgr).InnerText;
* //string userlogonname = xmlDoc.SelectSingleNode("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='userlogonname']/saml:AttributeValue", nsmgr).InnerText;
* //string emailaddress = xmlDoc.SelectSingleNode("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='emailaddress']/saml:AttributeValue", nsmgr).InnerText;
* string name = xmlDoc.SelectNodes("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='name']/saml:AttributeValue", nsmgr)[1].InnerText;
* string userlogonname = xmlDoc.SelectNodes("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='userlogonname']/saml:AttributeValue", nsmgr)[1].InnerText;
* string userid = xmlDoc.SelectNodes("//saml:Assertion/saml:AttributeStatement/saml:Attribute[@AttributeName='userid']/saml:AttributeValue", nsmgr)[1].InnerText;
* SPUser spUser = elevatedWeb.EnsureUser(name);
* elevatedWeb.Update();
* elevatedWeb.AllowUnsafeUpdates = false;
* }
* });
*
* }
* catch (Exception ex)
* {
* ProviderLogging.LogError(ex);
* }
*/
this.RedirectToSuccessUrl();
}
}
