Free cookie consent management tool by TermsFeed Policy Generator

source: branches/HeuristicLab.Services.Authentication Prototype/Service/Provider/HeuristicLabMembershipProvider.cs @ 4019

Last change on this file since 4019 was 4019, checked in by jwolfing, 14 years ago

added comments of the other methods (#1079)

File size: 25.6 KB
Line 
1using System;
2using System.Collections.Specialized;
3using System.Configuration;
4using System.Configuration.Provider;
5using System.IO;
6using System.Linq;
7using System.Security.Cryptography;
8using System.Text;
9using System.Web.Configuration;
10using System.Web.Security;
11using Persistence;
12
13
14namespace Service.Provider {
15  class HeuristicLabMembershipProvider : MembershipProvider {
16
17    #region variables
18
19    private string pApplicationName;
20    private bool pEnablePasswordReset;
21    private bool pEnablePasswordRetrieval;
22    private bool pRequiresQuestionAndAnswer;
23    private bool pRequiresUniqueEmail;
24    private int pMaxInvalidPasswordAttempts = 3;
25    private int pPasswordAttemptWindow;
26    private int pMinRequiredPasswordLength = 5;
27    private MembershipPasswordFormat pPasswordFormat = MembershipPasswordFormat.Clear;
28
29    #endregion
30
31    #region properties
32
33    public override string ApplicationName {
34      get { return pApplicationName; }
35      set { pApplicationName = value; }
36    }
37
38    public override bool EnablePasswordReset {
39      get { return false; }
40    }
41
42    public override bool EnablePasswordRetrieval {
43      get { return false; }
44    }
45
46    public override int MaxInvalidPasswordAttempts {
47      get { return pMaxInvalidPasswordAttempts; }
48    }
49
50    public override int MinRequiredNonAlphanumericCharacters {
51      get { return 0; }
52    }
53
54    public override int MinRequiredPasswordLength {
55      get { return pMinRequiredPasswordLength; }
56    }
57
58    public override int PasswordAttemptWindow {
59      get { return pPasswordAttemptWindow; }
60    }
61
62    public override MembershipPasswordFormat PasswordFormat {
63      get { return pPasswordFormat; }
64    }
65
66    public override string PasswordStrengthRegularExpression {
67      get { return string.Empty; }
68    }
69
70    public override bool RequiresQuestionAndAnswer {
71      get { return false; }
72    }
73
74    public override bool RequiresUniqueEmail {
75      get { return pRequiresUniqueEmail; }
76    }
77
78    #endregion
79
80    /// <summary>
81    /// this is the methode to initialize all important and needed
82    /// variables and settings
83    /// The most settings will be read from the web.config
84    /// </summary>
85    /// <param name="name"></param>
86    /// <param name="config"></param>
87    /// <returns></returns>
88
89    public override void Initialize(string name, NameValueCollection config) {
90      //
91      // Initialize values from web.config.
92      //
93
94      if (config == null)
95        throw new ArgumentNullException("config");
96
97      if (string.IsNullOrEmpty(name) || name.Length == 0)
98        name = "HeuristicLabMembershipProvider";
99
100      if (String.IsNullOrEmpty(config["description"])) {
101        config.Remove("description");
102        config.Add("description", "Heuristic Lab Membership provider");
103      }
104
105      // Initialize the abstract base class.
106      base.Initialize(name, config);
107
108      pApplicationName = GetConfigValue(config["applicationName"], System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath);
109      pMaxInvalidPasswordAttempts = Convert.ToInt32(GetConfigValue(config["maxInvalidPasswordAttempts"], "5"));
110      pPasswordAttemptWindow = Convert.ToInt32(GetConfigValue(config["passwordAttemptWindow"], "10"));
111      pMinRequiredPasswordLength = Convert.ToInt32(GetConfigValue(config["minRequiredPasswordLength"], "7"));
112      pEnablePasswordReset = Convert.ToBoolean(GetConfigValue(config["enablePasswordReset"], "true"));
113      pEnablePasswordRetrieval = Convert.ToBoolean(GetConfigValue(config["enablePasswordRetrieval"], "true"));
114      pRequiresQuestionAndAnswer = Convert.ToBoolean(GetConfigValue(config["requiresQuestionAndAnswer"], "false"));
115      pRequiresUniqueEmail = Convert.ToBoolean(GetConfigValue(config["requiresUniqueEmail"], "true"));
116
117      string tempFormat = config["passwordFormat"];
118      if (tempFormat == null) {
119        tempFormat = "Clear";
120      }
121
122      switch (tempFormat) {
123        case "Hashed":
124          pPasswordFormat = MembershipPasswordFormat.Hashed;
125          break;
126        case "Encrypted":
127          pPasswordFormat = MembershipPasswordFormat.Encrypted;
128          break;
129        case "Clear":
130          pPasswordFormat = MembershipPasswordFormat.Clear;
131          break;
132        default:
133          throw new ProviderException("Password format not supported.");
134      }
135    }
136
137
138    /// <summary>
139    /// this mehtode change the password of an existent user
140    /// the methode look for db connection and connect to
141    /// such db if it possible
142    /// Also neccessary requirements of password complexity is used
143    /// by this methode
144    /// </summary>
145    /// <param name="username"></param>
146    /// <param name="oldPassword"></param>
147    /// <param name="newPassword"></param>
148    /// <returns>
149    /// return true if password is changed, or false if it is not able
150    /// to set the password
151    /// </returns>
152    public override bool ChangePassword(string username, string oldPassword, string newPassword) {
153      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
154        // check database connection
155        if (db == null) {
156          return false;
157        }
158
159        if (newPassword.Length < MinRequiredPasswordLength) {
160          return false;
161        }
162
163        try {
164          // try to get user
165          HeuristicLabUser u = db.HeuristicLabUsers.Single(x => x.UserName == username);
166
167          if (u.Password == EncodePassword(oldPassword) && newPassword.Length > 0) {
168            u.Password = EncodePassword(newPassword);
169            db.SubmitChanges();
170            return true;
171          }
172          return false;
173
174
175        }
176        catch (Exception) {
177          return false;
178        }
179      }
180    }
181
182    /// <summary>
183    /// change the password questionandanswer for specified user
184    ///
185    /// </summary>
186    /// <param name="username"></param>
187    /// <param name="password"></param>
188    /// <param name="newPasswordQuestion"></param>
189    /// <param name="newPasswordAnswer"></param>
190    /// <returns>
191    /// return true if changes are submitted
192    /// false if are no user found
193    /// </returns>
194    public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) {
195      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
196
197        if (db.HeuristicLabUsers.Count(x => x.UserName == username) > 0 && newPasswordQuestion.Length > 0 && newPasswordAnswer.Length > 0) {
198          HeuristicLabUser u = db.HeuristicLabUsers.Single(x => x.UserName == username);
199          u.PasswordAnswer = newPasswordAnswer;
200          u.PasswordQuestion = newPasswordQuestion;
201
202          db.SubmitChanges();
203
204          return true;
205        }
206        return false;
207      }
208    }
209
210    /// <summary>
211    /// create a new user with username, password
212    /// email, passwordquestion, passwordAnswer,
213    /// Approvedstate, whether is providerUserKey and certain creation MembershipCreateStatus status
214    /// </summary>
215    /// <param name="username"></param>
216    /// <param name="password"></param>
217    /// <param name="email"></param>
218    /// <param name="passwordQuestion"></param>
219    /// <param name="passwordAnswer"></param>
220    /// <param name="providerUserKey"></param>
221    /// <param name="isApproved"></param>
222    /// <param name="status"></param>
223    /// <returns>
224    /// return a created user if there is no error occoured
225    /// return null if there is an error occoured
226    /// </returns>
227    public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) {
228      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
229        // check database connection
230        if (db == null) {
231          status = MembershipCreateStatus.ProviderError;
232          return null;
233        }
234        try {
235          // check for duplicate entries
236          if (db.HeuristicLabUsers.Count(x => x.UserName == username) > 0) {
237            status = MembershipCreateStatus.DuplicateUserName;
238            return null;
239          }
240          if (db.HeuristicLabUsers.Count(x => x.Email == email) > 0) {
241            status = MembershipCreateStatus.DuplicateEmail;
242            return null;
243          }
244          if (password.Length < MinRequiredPasswordLength) {
245            status = MembershipCreateStatus.InvalidPassword;
246            return null;
247          }
248
249          // create new user
250          HeuristicLabUser u = new HeuristicLabUser(username, email, passwordQuestion, "");
251          password = EncodePassword(password);
252          u.Password = password;
253          u.PasswordAnswer = passwordAnswer;
254          u.PasswordQuestion = passwordQuestion;
255          // save user into database
256          db.HeuristicLabUsers.InsertOnSubmit(u);
257          db.SubmitChanges();
258
259          // success
260          status = MembershipCreateStatus.Success;
261          return u.getMembershipUser(this.Name);
262        }
263        catch (Exception) {
264          // error
265          status = MembershipCreateStatus.ProviderError;
266          return null;
267        }
268      }
269    }
270
271
272    /// <summary>
273    /// delete a specified user from the membership data
274    /// </summary>
275    /// <param name="username"></param>
276    /// <param name="deleteAllRelatedData"></param>
277    /// <returns>
278    /// return a true if was possible to delete the user
279    /// return false if the db connection not exist or a exception occour
280    /// </returns>
281    public override bool DeleteUser(string username, bool deleteAllRelatedData) {
282      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
283        // check database connection
284        if (db == null) {
285          return false;
286        }
287        try {
288          // try to get user
289          HeuristicLabUser u =
290            db.HeuristicLabUsers.Single<HeuristicLabUser>(x => x.UserName == username);
291
292          // optionally delete related data
293          if (deleteAllRelatedData) {
294            db.HeuristicLabUserRole.DeleteAllOnSubmit<HeuristicLabUserRole>(u.HeuristicLabUserRoles);
295          }
296
297          // delete user
298          db.HeuristicLabUsers.DeleteOnSubmit(u);
299          db.SubmitChanges();
300          return true;
301        }
302        catch (Exception) {
303          return false;
304        }
305      }
306    }
307
308
309    /// <summary>
310    /// Returns a paged collection of users that match a given e-mail address
311    /// TODO: Return a sorted result set
312    /// </summary>
313    /// <param name="emailToMatch"></param>
314    /// <param name="pageIndex"></param>
315    /// <param name="pageSize"></param>
316    /// <param name="totalRecords"></param>
317    /// <returns></returns>
318    public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords) {
319      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
320        IQueryable<HeuristicLabUser> users = (from u in db.HeuristicLabUsers where u.Email == emailToMatch select u);
321        return PagedCollection(users, pageIndex, pageSize, out totalRecords);
322      }
323    }
324
325    /// <summary>
326    /// Returns a paged collection of users that match a given username
327    /// TODO: Return a sorted result set
328    /// </summary>
329    /// <param name="usernameToMatch"></param>
330    /// <param name="pageIndex"></param>
331    /// <param name="pageSize"></param>
332    /// <param name="totalRecords"></param>
333    /// <returns></returns>
334    public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) {
335      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
336        IQueryable<HeuristicLabUser> users = (from u in db.HeuristicLabUsers where u.UserName == usernameToMatch select u);
337        return PagedCollection(users, pageIndex, pageSize, out totalRecords);
338      }
339
340    }
341
342    /// <summary>
343    /// Returns a paged collection of all users
344    /// TODO: Return a sorted result set
345    /// </summary>
346    /// <param name="pageIndex"></param>
347    /// <param name="pageSize"></param>
348    /// <param name="totalRecords"></param>
349    /// <returns></returns>
350    public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) {
351      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
352        // orderby u.UserName
353        // skipped ordering for now as the default comparator seems to be wrong
354        IQueryable<HeuristicLabUser> users = (from u in db.HeuristicLabUsers select u);
355        return PagedCollection(users, pageIndex, pageSize, out totalRecords);
356      }
357
358    }
359
360    /// <summary>
361    /// Helper method that takes an IQueriable object and returns a paged part of it
362    /// </summary>
363    /// <param name="querySource"></param>
364    /// <param name="pageIndex"></param>
365    /// <param name="pageSize"></param>
366    /// <param name="totalRecords"></param>
367    /// <returns></returns>
368    private MembershipUserCollection PagedCollection(IQueryable<HeuristicLabUser> querySource, int pageIndex, int pageSize, out int totalRecords) {
369      totalRecords = querySource.Count();
370      MembershipUserCollection userCollection = new MembershipUserCollection();
371      int skip = (pageIndex == 0) ? 0 : (pageIndex * pageSize);
372      foreach (HeuristicLabUser u in querySource.Skip(skip).Take(pageSize)) {
373        userCollection.Add(u.getMembershipUser(this.Name));
374      }
375      return userCollection;
376    }
377
378    /// <summary>
379    /// not jet implemented returns 0 as default
380    /// </summary>
381    /// <returns></returns>
382    public override int GetNumberOfUsersOnline() {
383      return 0;
384    }
385
386
387    /// <summary>
388    /// return the right password of the user
389    /// the user has do give the right answer to a question
390    /// to get his password information
391    /// </summary>
392    /// <param name="username"></param>
393    /// <param name="answer"></param>
394    /// <returns>
395    /// return a string type of the right password
396    /// </returns>
397    public override string GetPassword(string username, string answer) {
398      if (PasswordFormat == MembershipPasswordFormat.Hashed)
399        throw new NotSupportedException("Passwort is hashed");
400      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
401        HeuristicLabUser u =
402          db.HeuristicLabUsers.Single<HeuristicLabUser>(x => x.UserName == username);
403        if (EnablePasswordRetrieval && RequiresQuestionAndAnswer) {
404          if (u.PasswordAnswer.Equals(answer)) {
405            return u.Password;
406          } else {
407            throw new MembershipPasswordException();
408          }
409        } else throw new NotSupportedException("PasswortRetrival or RequiresQuestionAndAnswer not set");
410      }
411    }
412
413    /// <summary>
414    /// get a user of the type of the Membershipuser
415    /// </summary>
416    /// <param name="username"></param>
417    /// <param name="userisOnline"></param>
418    /// <returns>
419    /// returns the searched membershipuser
420    /// </returns>
421    public override MembershipUser GetUser(string username, bool userIsOnline) {
422      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
423        HeuristicLabUser u =
424            db.HeuristicLabUsers.Single<HeuristicLabUser>(x => x.UserName == username);
425        if (u != null)
426          return u.getMembershipUser(this.Name);
427        else
428          return null;
429      }
430    }
431
432
433    /// <summary>
434    /// search a user over the providerUserKey and return
435    /// the right membershipuser
436    /// </summary>
437    /// <param name="providerUserKey"></param>
438    /// <param name="userIsOnline"></param>
439    /// <returns>
440    /// return the right membershipuser
441    /// </returns>
442    public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) {
443      long ID = providerUserKey is long ? (long)providerUserKey : -1;
444      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
445        HeuristicLabUser u =
446            db.HeuristicLabUsers.Single<HeuristicLabUser>(x => x.ID == ID);
447        if (u != null)
448          return u.getMembershipUser(this.Name);
449        else
450          return null;
451      }
452    }
453
454    /// <summary>
455    /// search over the email the right username
456    /// </summary>
457    /// <param name="email"></param>
458    /// <returns>
459    /// return a string with the username
460    /// </returns>
461    public override string GetUserNameByEmail(string email) {
462      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
463
464        if (db.HeuristicLabUsers.Count(x => x.Email == email) > 0) {
465
466          HeuristicLabUser u =
467            db.HeuristicLabUsers.Single<HeuristicLabUser>(x => x.Email == email);
468
469          return u.UserName;
470        }
471        return null;
472      }
473    }
474
475    /// <summary>
476    /// after the question user have to give the right answer
477    /// then here will the password reseted
478    /// </summary>
479    /// <param name="username"></param>
480    /// <param name="answer"></param>
481    /// <returns>
482    /// return new password
483    /// </returns>
484    public override string ResetPassword(string username, string answer) {
485      throw new NotSupportedException("Restet password not avaliable");
486    }
487
488
489    /// <summary>
490    /// Lock a specified user over the username
491    /// </summary>
492    /// <param name="username"></param>
493    /// <returns>
494    /// return true if was possible and
495    /// flase if there was a exception
496    /// </returns>
497    public bool LockUser(string userName) {
498      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
499        // check database connection
500        if (db == null) {
501          return false;
502        }
503        try {
504          // try to get user
505          HeuristicLabUser u =
506            db.HeuristicLabUsers.Single<HeuristicLabUser>(x => x.UserName == userName);
507
508          // unlock user
509          u.Locked = true;
510          db.SubmitChanges();
511          return true;
512        }
513        catch (Exception) {
514          return false;
515        }
516      }
517    }
518
519
520    /// <summary>
521    /// unlock specified user over the username
522    /// </summary>
523    /// <param name="username"></param>
524    /// <returns>
525    /// return true if was possible and
526    /// false if not
527    /// </returns>
528    public override bool UnlockUser(string userName) {
529      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
530        // check database connection
531        if (db == null) {
532          return false;
533        }
534        try {
535          // try to get user
536          HeuristicLabUser u =
537            db.HeuristicLabUsers.Single<HeuristicLabUser>(x => x.UserName == userName);
538
539          // unlock user
540          u.Locked = false;
541          db.SubmitChanges();
542          return true;
543        }
544        catch (Exception) {
545          return false;
546        }
547      }
548    }
549
550
551    /// <summary>
552    /// Update existend user
553    /// </summary>
554    /// <param name="user"></param>
555    /// <returns>
556    /// </returns>
557    public override void UpdateUser(MembershipUser user) {
558      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
559        if (user != null && user.ProviderUserKey != null && db.HeuristicLabUsers.Count(x => x.ID == (long)user.ProviderUserKey) > 0) {
560          HeuristicLabUser u = db.HeuristicLabUsers.Single(x => x.ID == (long)user.ProviderUserKey);
561          u.UserName = user.UserName;
562          u.Comment = user.Comment;
563          u.Email = user.Email;
564          u.Locked = user.IsLockedOut;
565          db.SubmitChanges();
566
567        }
568      }
569    }
570    /// <summary>
571    /// Validates a user
572    /// </summary>
573    /// <param name="username"></param>
574    /// <param name="password"></param>
575    /// <returns></returns>
576    public override bool ValidateUser(string username, string password) {
577      bool isValid = false;
578      using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) {
579        if (db == null) {
580          return false;
581        }
582        if (db.HeuristicLabUsers.Count(x => x.UserName == username && x.Locked == false) > 0) {
583          HeuristicLabUser u = db.HeuristicLabUsers.Single(x => x.UserName == username && x.Locked == false);
584          isValid = CheckPassword(password, u.Password) && u.FailedLogins <= MaxInvalidPasswordAttempts;
585          if (!isValid) {
586            u.FailedLogins++;
587            if (u.FailedLogins > MaxInvalidPasswordAttempts) {
588              u.Locked = true;
589            }
590          } else {
591            u.FailedLogins = 0;
592          }
593
594          db.SubmitChanges();
595        }
596      }
597      return isValid;
598    }
599
600    /// <summary>
601    /// compaiers to passwords
602    /// </summary>
603    /// <param name="password"></param>
604    /// <param name="dbpassword"></param>
605    /// <returns></returns>
606    private bool CheckPassword(string password, string dbpassword) {
607      string pass1 = password;
608      string pass2 = dbpassword;
609
610      switch (PasswordFormat) {
611        case MembershipPasswordFormat.Encrypted:
612          pass2 = DecodePassword(dbpassword);
613          break;
614        case MembershipPasswordFormat.Hashed:
615          pass1 = EncodePassword(password);
616          break;
617        default:
618          break;
619      }
620
621      if (pass1 == pass2) {
622        return true;
623      }
624
625      return false;
626    }
627
628
629    /// <summary>
630    /// Encodes a password.
631    /// Public because needed for unit testing.
632    /// </summary>
633    /// <param name="password"></param>
634    /// <returns></returns>
635    public string EncodePassword(string password) {
636      string encodedPassword = password;
637
638      switch (PasswordFormat) {
639        case MembershipPasswordFormat.Clear:
640          break;
641        case MembershipPasswordFormat.Encrypted:
642          encodedPassword =
643            Convert.ToBase64String(EncryptPassword(Encoding.Unicode.GetBytes(password)));
644          break;
645        case MembershipPasswordFormat.Hashed:
646          SHA512 sha512 = SHA512.Create();
647          ASCIIEncoding encoder = new ASCIIEncoding();
648          byte[] combined = encoder.GetBytes(password);
649          sha512.ComputeHash(combined);
650          encodedPassword = Convert.ToBase64String(sha512.Hash);
651          break;
652        default:
653          throw new ProviderException("Unsupported password format.");
654      }
655
656      return encodedPassword;
657    }
658
659    private readonly byte[] _rgbKey = new byte[]
660                           {
661                             182, 140, 37, 101, 52, 157, 80, 17, 65, 35, 130, 208, 101, 68, 161, 45, 197, 102, 112, 190,
662                             187, 177, 37, 76, 63, 38, 190, 117, 247, 122, 94, 17
663                           };
664    private readonly byte[] _rgbIv = new byte[] { 60, 121, 178, 142, 50, 160, 226, 84, 41, 66, 158, 180, 26, 232, 42, 113 };
665
666    /// <summary>
667    /// encrypt passwort
668    /// </summary>
669    /// <param name="password"></param>
670    /// <returns>
671    /// return encrypted password
672    /// </returns>
673    protected override byte[] EncryptPassword(byte[] password) {
674      SymmetricAlgorithm sa = Aes.Create();
675      MemoryStream msEncrypt = new MemoryStream();
676      CryptoStream csEncrypt = new CryptoStream(msEncrypt, sa.CreateEncryptor(_rgbKey, _rgbIv), CryptoStreamMode.Write);
677      csEncrypt.Write(password, 0, password.Length);
678      csEncrypt.Close();
679      byte[] encryptedTextBytes = msEncrypt.ToArray();
680      msEncrypt.Close();
681      return encryptedTextBytes;
682    }
683    /// <summary>
684    /// decrypt passwort
685    /// </summary>
686    /// <param name="password"></param>
687    /// <returns>
688    /// return decrypted password
689    /// </returns>
690    protected override byte[] DecryptPassword(byte[] encodedPassword) {
691      SymmetricAlgorithm sa = Aes.Create();
692      MemoryStream msDecrypt = new MemoryStream(encodedPassword);
693      CryptoStream csDecrypt = new CryptoStream(msDecrypt, sa.CreateDecryptor(_rgbKey, _rgbIv), CryptoStreamMode.Read);
694      byte[] decryptedTextBytes = new Byte[encodedPassword.Length];
695      csDecrypt.Read(decryptedTextBytes, 0, encodedPassword.Length);
696      csDecrypt.Close();
697      msDecrypt.Close();
698      return decryptedTextBytes;
699    }
700
701    /// <summary>
702    /// Decodes a encoded Password
703    /// </summary>
704    /// <param name="encodedPassword"></param>
705    /// <returns></returns>
706    private string DecodePassword(string encodedPassword) {
707      string password = encodedPassword;
708
709      switch (PasswordFormat) {
710        case MembershipPasswordFormat.Clear:
711          break;
712        case MembershipPasswordFormat.Encrypted:
713          password =
714            Encoding.Unicode.GetString(DecryptPassword(Convert.FromBase64String(password))).TrimEnd('\0');
715
716
717          break;
718        case MembershipPasswordFormat.Hashed:
719          throw new ProviderException("Cannot unencode a hashed password.");
720        default:
721          throw new ProviderException("Unsupported password format.");
722      }
723
724      return password;
725    }
726
727    /// <summary>
728    /// returns the configuration string, if the value is null or empty the default value is returned
729    /// </summary>
730    /// <param name="configValue"></param>
731    /// <param name="defaultValue"></param>
732    /// <returns></returns>
733    private string GetConfigValue(string configValue, string defaultValue) {
734      if (String.IsNullOrEmpty(configValue))
735        return defaultValue;
736
737      return configValue;
738    }
739  }
740}
Note: See TracBrowser for help on using the repository browser.