public static void ConstructorsAndProperties()
{
// Retrieve the Windows account token for the current user.
SafeAccessTokenHandle token = WindowsIdentity.GetCurrent().AccessToken;
bool gotRef = false;
try
{
token.DangerousAddRef(ref gotRef);
IntPtr logonToken = token.DangerousGetHandle();
// Construct a WindowsIdentity object using the input account token.
WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken);
Assert.NotNull(windowsIdentity);
CheckDispose(windowsIdentity);
string authenticationType = "WindowsAuthentication";
WindowsIdentity windowsIdentity2 = new WindowsIdentity(logonToken, authenticationType);
Assert.NotNull(windowsIdentity2);
Assert.True(windowsIdentity2.IsAuthenticated);
Assert.Equal(authenticationType, windowsIdentity2.AuthenticationType);
CheckDispose(windowsIdentity2);
}
finally
{
if (gotRef)
{
token.DangerousRelease();
}
}
}
private static void TestUsingAccessToken(Action <IntPtr> ctorOrPropertyTest)
{
// Retrieve the Windows account token for the current user.
SafeAccessTokenHandle token = WindowsIdentity.GetCurrent().AccessToken;
bool gotRef = false;
try
{
token.DangerousAddRef(ref gotRef);
IntPtr logonToken = token.DangerousGetHandle();
ctorOrPropertyTest(logonToken);
}
finally
{
if (gotRef)
{
token.DangerousRelease();
}
}
}
public static void CloneAndProperties(bool cloneViaSerialization)
{
SafeAccessTokenHandle token = WindowsIdentity.GetCurrent().AccessToken;
bool gotRef = false;
try
{
token.DangerousAddRef(ref gotRef);
IntPtr logonToken = token.DangerousGetHandle();
WindowsIdentity winId = new WindowsIdentity(logonToken);
WindowsIdentity cloneWinId = cloneViaSerialization ?
BinaryFormatterHelpers.Clone(winId) :
winId.Clone() as WindowsIdentity;
Assert.NotNull(cloneWinId);
Assert.Equal(winId.IsSystem, cloneWinId.IsSystem);
Assert.Equal(winId.IsGuest, cloneWinId.IsGuest);
Assert.Equal(winId.ImpersonationLevel, cloneWinId.ImpersonationLevel);
Assert.Equal(winId.Name, cloneWinId.Name);
Assert.Equal(winId.Owner, cloneWinId.Owner);
IdentityReferenceCollection irc1 = winId.Groups;
IdentityReferenceCollection irc2 = cloneWinId.Groups;
Assert.Equal(irc1.Count, irc2.Count);
CheckDispose(winId);
CheckDispose(cloneWinId);
}
finally
{
if (gotRef)
{
token.DangerousRelease();
}
}
}
private void CreateUser()
{
string testAccountPassword;
using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
{
byte[] randomBytes = new byte[33];
rng.GetBytes(randomBytes);
// Add special chars to ensure it satisfies password requirements.
testAccountPassword = Convert.ToBase64String(randomBytes) + "_-As@!%*(1)4#2";
USER_INFO_1 userInfo = new USER_INFO_1
{
usri1_name = _userName,
usri1_password = testAccountPassword,
usri1_priv = 1
};
// Create user and remove/create if already exists
uint result = NetUserAdd(null, 1, ref userInfo, out uint param_err);
// error codes https://docs.microsoft.com/en-us/windows/desktop/netmgmt/network-management-error-codes
// 0 == NERR_Success
if (result == 2224) // NERR_UserExists
{
result = NetUserDel(null, userInfo.usri1_name);
if (result != 0)
{
throw new Win32Exception((int)result);
}
result = NetUserAdd(null, 1, ref userInfo, out param_err);
if (result != 0)
{
throw new Win32Exception((int)result);
}
}
else if (result != 0)
{
throw new Win32Exception((int)result);
}
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
if (!LogonUser(_userName, ".", testAccountPassword, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, out _accountTokenHandle))
{
_accountTokenHandle = null;
throw new Exception($"Failed to get SafeAccessTokenHandle for test account {_userName}", new Win32Exception());
}
bool gotRef = false;
try
{
_accountTokenHandle.DangerousAddRef(ref gotRef);
IntPtr logonToken = _accountTokenHandle.DangerousGetHandle();
AccountName = new WindowsIdentity(logonToken).Name;
}
finally
{
if (gotRef)
{
_accountTokenHandle.DangerousRelease();
}
}
}
}