search

IdentityServer / IdentityServer3.AspNetIdentity

ASP.NET Identity support for Thinktecture IdentityServer3
Apache License 2.0
64 stars 51 forks source link

How to Import Existing Membership Data into IdentityServer3.AspNetIdentity Tables #58

Closed farzad99 closed 8 years ago

farzad99 commented 8 years ago

I have a script that moves membership table users to identity tables. The part that imports user's password into the AspNetUsers.PasswordHash column is as follows:

INSERT INTO AspNetUsers ( ... [PasswordHash], ... SELECT ... (aspnet_Membership.Password+'|'+CAST(aspnet_Membership.PasswordFormat as varchar)+'|'+aspnet_Membership.PasswordSalt), ...

To give you an example for one user I did:

insert into [IdentityServer3.AspNetIdentity].[dbo].[AspNetUsers](Id, PasswordHash, SecurityStamp, UserName, EmailConfirmed, PhoneNumberConfirmed, TwoFactorEnabled, LockoutEnabled, AccessFailedCount) values ('824B3B74-909A-4CD5-A7B3-C1243142C398', 'JKPDfgg/63IBjIf0EC4Pm5WRe90=' + '|' + CAST(1 as varchar) + '|'+ 'eembO/PkE9C4gXBqSX20Yg==' , NEWID(), 'oo7', 0, 0, 0, 0, 0);

When I use a regular MVC project that uses local accounts security I'm able to authenticate users from the Identity tables that have the imported data. But when I do the same in the AspNetIdentity sample that's part of the IdentityServer3 samples it doesn't work and throws an exception. I looked at the log file and it says: ... System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. at System.Convert.FromBase64_ComputeResultLength(Char* inputPtr, Int32 inputLength) at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength) at System.Convert.FromBase64String(String s) at Microsoft.AspNet.Identity.Crypto.VerifyHashedPassword(String hashedPassword, String password) ...

Does anybody know what I need to do with existing membership passwords so they can be used in the AspNetIdentity sample?

farzad99 commented 8 years ago

Correction for the tsql script in the previous post:

insert into [IdentityServer3.AspNetIdentity].[dbo].[AspNetUsers]
'( Id, PasswordHash, SecurityStamp, UserName, EmailConfirmed, PhoneNumberConfirmed, TwoFactorEnabled, LockoutEnabled, AccessFailedCount) values ('824B3B74-909A-4CD5-A7B3-C1243142C398', 'JKPDfgg/63IBjIf0EC4Pm5WRe90=' + '|' + CAST(1 as varchar) + '|'+ 'eembO/PkE9C4gXBqSX20Yg==' , NEWID(), 'oo7', 0, 0, 0, 0, 0);

farzad99 commented 8 years ago

I realized that some custom code has to be added to the Identity system to verify imported passwords from membership differently.