Check if PasswordVault/credential manager has app data at load

4.2k views Asked by At

Hey I'm using PasswordVault for storing user credentials in my windows 8 app.

What I want the app to do on loading is check to see if the PasswordVault/credential manager already has a stored value for my app. if it don't don't I want it to stay on the page so the user can login, but if the credentials are already there then I would like it to go straight to page 2.

I tried using the following code:

private Windows.Security.Credentials.PasswordCredential GetCredentialFromLocker()
{
    Windows.Security.Credentials.PasswordCredential credential = null;

    var vault = new Windows.Security.Credentials.PasswordVault();
   
    var credentialList = vault.FindAllByResource("MYapp");
    if (credentialList.Count > 0)
        if (credentialList.Count == 1)
            credential = credentialList[0];
        else
            // User selecor
   
    return credential;
}

and then on page load I have

private void Page_Loaded(object sender, RoutedEventArgs e)
{
    var loginCredential = GetCredentialFromLocker();

    if (loginCredential != null)
        this.Frame.Navigate(typeof(page2)); 
    else
    {
        loginBigButton.Visibility = Windows.UI.Xaml.Visibility.Visible;
        signUpButton.Visibility = Windows.UI.Xaml.Visibility.Visible;
        signUpTextBlock.Visibility = Windows.UI.Xaml.Visibility.Visible;
    }
}

The problem is that if there is no credential stored with the Resource (MYapp) the code:

var credentialList = vault.FindAllByResource("MYapp");

yields:

WinRT information: Cannot find credential in Vault

Additional information: Element not found.

2

There are 2 answers

5
T W On BEST ANSWER

Method FindAllByResource throws exception when there are no credentials for specified resource, so you need to wrap it with try catch block.

Alternatively you can use 'RetrieveAll' which doesn't throw exception if there are no credentials stored and iterate over each returned PasswordCredential and check it's Resource property.

1
Enrique A. Pinelo Novelo On

I'll try to answer this question the best as I can:

Firstable as Tadeusz said FindAllByResource throws an exception when there are no credentials for specified resource, in order to dont crash you app, you would need to wrap you logic within a try-catch block.

the reason to do this is for you to be able to create your resource in case you dont have one. so the way I see it, you logic should look like this:

private Windows.Security.Credentials.PasswordCredential GetCredentialFromLocker()
{
    Windows.Security.Credentials.PasswordCredential credential = null;

    var vault = new Windows.Security.Credentials.PasswordVault();

    try
    {
       var credential = vault.FindAllByResource("MYapp").FirstOrDefault();

       return credential;
    }
    catch(Exception ex)
    {
       Debug.WriteLine($"Error retrieving Token: {ex.Message}");
    }
    return null;
}

now all you have to do is to store a new token in your passwordvault

you have to login first and then you store the token, so next time you try to retrieve your credentials it wont throw an exception since its already store. by example it should be something like this:

await client.LoginAsync(provider);

then you store your token like this:

PasswordVault.Add(new PasswordCredential("MYapp", 
                  client.CurrentUser.UserId, 
                  client.CurrentUser.MobileServiceAuthenticationToken));

I hope this answer helps in order, sorry for the late answer but, I found myself trying to solve this problem right now and I thought i should give a more detail or complete answer to this question.

Also you should consider token expiration checks and refreshing handling.