dereklawless/MembershipProviderExtensions.cs

## MembershipProviderExtensions.cs
/// <summary>
/// Extensions for membership providers.
/// </summary>
public static class MembershipProviderExtensions
{
	/// <summary>
	/// Switches the specified ASP.NET membership user to a clear password format, updating the associated fields.
	/// </summary>
	/// <param name="user">The membership user.</param>
	/// <exception cref="System.ArgumentNullException" />
	public static void SwitchToClearPasswordFormat(this MembershipUser user)
	{
		if (user == null)
		{
			throw new ArgumentNullException("user");
		}

		if (Membership.Providers[user.ProviderName] is SqlMembershipProvider)
		{
			using (var connection = new SqlConnection(ConfigurationManager.ConnectionStrings["AcmeCorpPortalMembership"].ConnectionString))
			{
				// Get the user's (possibly encrypted or hashed) security credentials.
				var selectQuery = "SELECT Password, PasswordFormat, PasswordAnswer FROM aspnet_Membership WHERE UserId = @userId";
				var cmd = new SqlCommand(selectQuery, connection);
				cmd.Parameters.Add(new SqlParameter { ParameterName = "userId", Value = user.ProviderUserKey });

				string password = null;
				int passwordFormat = 0;
				string passwordAnswer = null;

				connection.Open();
				var reader = cmd.ExecuteReader();
				while (reader.HasRows && reader.Read())
				{
					password = (string)reader["Password"];
					passwordFormat = (int)reader["PasswordFormat"];
					passwordAnswer = (string)reader["PasswordAnswer"];
				}
				reader.Close();
				connection.Close();

				if (passwordFormat == (int)MembershipPasswordFormat.Encrypted)
				{
					var provider = new AcmeCorpMembershipProvider();

					var updateQuery = "UPDATE aspnet_Membership SET Password = @password, PasswordFormat = 0, PasswordAnswer = @passwordAnswer WHERE UserId = @userId";
					var cmd1 = new SqlCommand(updateQuery, connection);
					cmd1.Parameters.Add(new SqlParameter { ParameterName = "password", Value = provider.DecryptPassword(password) });
					cmd1.Parameters.Add(new SqlParameter { ParameterName = "passwordAnswer", Value = provider.DecryptPassword(passwordAnswer) });
					cmd1.Parameters.Add(new SqlParameter { ParameterName = "userId", Value = user.ProviderUserKey });

					connection.Open();
					cmd1.ExecuteNonQuery();
					connection.Close();
				}
			}
		}
	}
}

/// <summary>
/// An ACME corp-specific version of SqlMembershipProvider.
/// </summary>
public class AcmeCorpMembershipProvider : SqlMembershipProvider
{
	/// <summary>
	/// Decrypts the specified password string.
	/// </summary>
	/// <param name="encryptedPassword">The encryptedPassword.</param>
	/// <returns>The decrypted password string.</returns>
	public string DecryptPassword(string encryptedPassword)
	{
		var encodedPassword = Convert.FromBase64String(encryptedPassword);
		var bytes = base.DecryptPassword(encodedPassword);
		return Encoding.Unicode.GetString(bytes, 0x10, bytes.Length - 0x10);
	}
}
	/// <summary>
	/// Extensions for membership providers.
	/// </summary>
	public static class MembershipProviderExtensions
	{
	/// <summary>
	/// Switches the specified ASP.NET membership user to a clear password format, updating the associated fields.
	/// </summary>
	/// <param name="user">The membership user.</param>
	/// <exception cref="System.ArgumentNullException" />
	public static void SwitchToClearPasswordFormat(this MembershipUser user)
	{
	if (user == null)
	{
	throw new ArgumentNullException("user");
	}

	if (Membership.Providers[user.ProviderName] is SqlMembershipProvider)
	{
	using (var connection = new SqlConnection(ConfigurationManager.ConnectionStrings["AcmeCorpPortalMembership"].ConnectionString))
	{
	// Get the user's (possibly encrypted or hashed) security credentials.
	var selectQuery = "SELECT Password, PasswordFormat, PasswordAnswer FROM aspnet_Membership WHERE UserId = @userId";
	var cmd = new SqlCommand(selectQuery, connection);
	cmd.Parameters.Add(new SqlParameter { ParameterName = "userId", Value = user.ProviderUserKey });

	string password = null;
	int passwordFormat = 0;
	string passwordAnswer = null;

	connection.Open();
	var reader = cmd.ExecuteReader();
	while (reader.HasRows && reader.Read())
	{
	password = (string)reader["Password"];
	passwordFormat = (int)reader["PasswordFormat"];
	passwordAnswer = (string)reader["PasswordAnswer"];
	}
	reader.Close();
	connection.Close();

	if (passwordFormat == (int)MembershipPasswordFormat.Encrypted)
	{
	var provider = new AcmeCorpMembershipProvider();

	var updateQuery = "UPDATE aspnet_Membership SET Password = @password, PasswordFormat = 0, PasswordAnswer = @passwordAnswer WHERE UserId = @userId";
	var cmd1 = new SqlCommand(updateQuery, connection);
	cmd1.Parameters.Add(new SqlParameter { ParameterName = "password", Value = provider.DecryptPassword(password) });
	cmd1.Parameters.Add(new SqlParameter { ParameterName = "passwordAnswer", Value = provider.DecryptPassword(passwordAnswer) });
	cmd1.Parameters.Add(new SqlParameter { ParameterName = "userId", Value = user.ProviderUserKey });

	connection.Open();
	cmd1.ExecuteNonQuery();
	connection.Close();
	}
	}
	}
	}
	}

	/// <summary>
	/// An ACME corp-specific version of SqlMembershipProvider.
	/// </summary>
	public class AcmeCorpMembershipProvider : SqlMembershipProvider
	{
	/// <summary>
	/// Decrypts the specified password string.
	/// </summary>
	/// <param name="encryptedPassword">The encryptedPassword.</param>
	/// <returns>The decrypted password string.</returns>
	public string DecryptPassword(string encryptedPassword)
	{
	var encodedPassword = Convert.FromBase64String(encryptedPassword);
	var bytes = base.DecryptPassword(encodedPassword);
	return Encoding.Unicode.GetString(bytes, 0x10, bytes.Length - 0x10);
	}
	}