public Task<Credentials> GetUserCredentialsAsync(string authority, bool invalidateStoredCredentials, CancellationToken cancellationToken = default(CancellationToken)) { _coreShell.AssertIsOnMainThread(); var showDialog = invalidateStoredCredentials; var credentials = new Credentials(); var passwordStorage = IntPtr.Zero; try { var userNameBuilder = new StringBuilder(CREDUI_MAX_USERNAME_LENGTH + 1); var save = false; var flags = CREDUI_FLAGS_EXCLUDE_CERTIFICATES | CREDUI_FLAGS_PERSIST | CREDUI_FLAGS_EXPECT_CONFIRMATION | CREDUI_FLAGS_GENERIC_CREDENTIALS; if(showDialog) { flags |= CREDUI_FLAGS_ALWAYS_SHOW_UI; } var credui = new CREDUI_INFO { cbSize = Marshal.SizeOf(typeof(CREDUI_INFO)), hwndParent = _coreShell.AppConstants.ApplicationWindowHandle }; // For password, use native memory so it can be securely freed. passwordStorage = SecurityUtilities.CreatePasswordBuffer(); var err = CredUIPromptForCredentials(ref credui, authority, IntPtr.Zero, 0, userNameBuilder, userNameBuilder.Capacity, passwordStorage, CREDUI_MAX_PASSWORD_LENGTH, ref save, flags); if (err != 0) { throw new OperationCanceledException(); } credentials.UserName = userNameBuilder.ToString(); credentials.Password = SecurityUtilities.SecureStringFromNativeBuffer(passwordStorage); credentials.Password.MakeReadOnly(); } finally { if (passwordStorage != IntPtr.Zero) { Marshal.ZeroFreeGlobalAllocUnicode(passwordStorage); } } return Task.FromResult(credentials); }