自定义IUserPasswordStore <client>实现</client>中的FormatException

时间:2015-04-02 19:22:55

标签: c# .net entity-framework asp.net-identity identity

我正在编写IUserPasswordStore<Client>的自定义实现,但在登录过程中我得到了FormatException。 看似方法 GetPasswordHashAsync 或调用此方法的人调用Microsoft.AspNet.Identity.Crypto.VerifyHashedPassword(String hashedPassword, String password)会导致带有消息的FormatException

  

Base-64字符数组或字符串的长度无效。

以下是我IUserPasswordStore<Client>

的实现
public partial class ClientRepository : IUserStore<Client>, IUserPasswordStore<Client>, IUserLockoutStore<Client, string>
{
    public Task CreateAsync(Client user)
    {
        return Task.Factory.StartNew(() => Create(user));
    }

    public Task UpdateAsync(Client user)
    {
        return Task.Factory.StartNew(() => Update(user));
    }

    public Task DeleteAsync(Client user)
    {
        return Task.Factory.StartNew(() => Delete(user));
    }

    public Task<Client> FindByIdAsync(string userId)
    {
        return Task.FromResult(Find(userId));
    }

    public Task<Client> FindByNameAsync(string userName)
    {
        return Task.FromResult(FetchOne(new ClientByUsername(userName)));
    }

    public Task SetPasswordHashAsync(Client user, string passwordHash)
    {
        return Task.Factory.StartNew(() => user.Password = passwordHash);
    }

    public Task<string> GetPasswordHashAsync(Client user)
    {
        return Task.FromResult(user.Password);
    }

    public Task<bool> HasPasswordAsync(Client user)
    {
        return Task.Factory.StartNew(() => !string.IsNullOrEmpty(user.Password));
    }

    public Task<DateTimeOffset> GetLockoutEndDateAsync(Client user)
    {
        return Task.FromResult<DateTimeOffset>(user.LockoutTo ?? DateTime.Now);
    }

    public Task SetLockoutEndDateAsync(Client user, DateTimeOffset lockoutEnd)
    {
        return Task.Factory.StartNew(() => user.LockoutTo = lockoutEnd.DateTime);
    }

    public Task<int> IncrementAccessFailedCountAsync(Client user)
    {
        return Task.FromResult(++user.LoginAttempts);
    }

    public Task ResetAccessFailedCountAsync(Client user)
    {
        return Task.Factory.StartNew(() => user.LoginAttempts = 0);
    }

    public Task<int> GetAccessFailedCountAsync(Client user)
    {
        return Task.Factory.StartNew(() => user.LoginAttempts);
    }

    public Task<bool> GetLockoutEnabledAsync(Client user)
    {
        return Task.FromResult(false);
    }

    public Task SetLockoutEnabledAsync(Client user, bool enabled)
    {
        return Task.FromResult(0);
    }



    public void Dispose()
    {
        database = null;
        Manager = null;
        context = null;
    }
}

我的问题:哪里叫做Microsoft.AspNet.Identity.Crypto.VerifyHashedPassword(String hashedPassword,String password),我应该在 GetPasswordHashAsync 中返回什么? 首先,我在纯文本中使用密码......

编辑:我想,也许我应该提供某种哈希服务,所以我添加了IPasswordHasher的虚拟实现,以便我使用纯文本

public class CustomPasswordHasher : IPasswordHasher
{
    public string HashPassword(string password)
    {
        return password; //return password as is
    }

    public PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword)
    {
        if (hashedPassword.Equals(providedPassword))
        {
            return PasswordVerificationResult.Success;
        }
        return PasswordVerificationResult.Failed;
    }
}

// and use it

public class ApplicationUserManager : UserManager<Client>
{
    public ApplicationUserManager(IUserStore<Client> store, IPasswordHasher hasher)
        : base(store)
    {
        // ...
        PasswordHasher = hasher;
    }
}

但是CustomPasswordHasher中的断点没有被击中,所以我错过了一些东西......

1 个答案:

答案 0 :(得分:0)

已修复。我正确使用CustomPasswordHasher,但我在Unity组合root中遇到了错误。洛尔