director, software developer, qualified tas / ict teacher.

Published: 3 years ago

Windows 8.1 C# PasswordVault Wrapper

The vast majority of my Teacher Collection apps allow users to communicate with the web service in some way. This includes allowing teachers to do things like save their lesson plans to the cloud, backup classes and students, and manipulate their data from the web.

Before I can let someone in to play about with sensitive data, there has to be a level of authentication going on. While how that’s handled is another blog post, keeping the credentials safe on your device, and then getting the credentials to the API has been made thousands of times easier thanks to the Windows 8 PasswordVault.

The PasswordVault gives you access to the Windows 8 Credentials manager to well… manage credentials. In previous versions of windows, there wasn’t a simple way of managing in app credentials, in addition to dealing with securing the password, so this is a huge help.

I wanted to try and make it just a little bit easier to manage a set of credentials across apps, and hide the use of resource string, every time I need to get the value from the store.

Here’s what I’ve come up with, feedback is always appreciated!

  public static class VaultManager
    {
        private const string VaultKeyResource = "My App Or Something...";
        private static readonly PasswordVault Vault = new PasswordVault();

        public static string Username
        {
            get
            {
                try
                {
                    var credentials = Vault.FindAllByResource(VaultKeyResource).FirstOrDefault();
                    return credentials.UserName;
                }
                catch (Exception)
                {
                    return null;
                }
            }
        }

        public static string Password
        {
            get
            {
                try
                {
                    return Vault.Retrieve(VaultKeyResource, Username).Password;
                }
                catch (Exception)
                {
                    return null;
                }
            }
        }

        public static bool Save(string userName, string password)
        {
            try
            {
                if (HasCredentials)
                    Delete();

                Vault.Add(new PasswordCredential(VaultKeyResource, userName, password));
                return true;
            }
            catch (Exception)
            {
                return false;
            }
        }

        public static bool Delete()
        {
            try
            {
                Vault.Remove(Vault.Retrieve(VaultKeyResource, Username));
                return true;
            }
            catch (Exception)
            {
                return false;
            }
        }

        public static bool HasCredentials
        {
            get
            {
                try
                {
                    return Vault.FindAllByResource(VaultKeyResource).FirstOrDefault() != null;
                }
                catch (Exception)
                {
                    return false;
                }
            }
        }
    }

2 Comments.
  1. Justin says:

    Does this take into account multiple users on a machine? How does it tell between current user and other user?

    • Lucas says:

      I’m not 100% sure on how the Windows Vault Manager differentiates between credentials and users, but at a pure assumption i’d imagine it would be per user.

Have a Comment?

Some HTML is OK