Clear Credentials stored in Universal Windows App

2
votes

I'm using Windows.Web.Http.HttpClient in Universal Windows platform (UWP). The URL needs domain credentials (NTLM) so windows opens a self defined popup for username and password. App needs a functionality to logout but I couldn;'t find a working code which can clear credentials stored by UWP.

I have tried to clear credentials from Windows.Security.Credentials.PasswordVault using following code but it didn't work:

        var cred = new Windows.Security.Credentials.PasswordVault(); 
        var pwds = cred.RetrieveAll();
        foreach(var pwd in pwds)
        {
            pwd.RetrievePassword();                 
            cred.Remove(pwd);
        }

I'm also clearing cookies as below:

        var filter = new HttpBaseProtocolFilter();            
        var cookieManager = filter.CookieManager;
        HttpCookieCollection cookies = cookieManager.GetCookies(uri);            
        foreach (HttpCookie u in cookies)
        {
            cookieManager.DeleteCookie(u);
        }

Any suggestions please?

2
c#win-universal-appuwpwindows-10-universalwindows-10-mobile
May be clear cookies after?Alexej Sommer
@AlexejSommer I'm already clearing cookies too as edited in question.Vishnu

2 Answers

3
votes

This isn't available in Windows 10, but will be in the Anniversary Update:

var filter = new HttpBaseProtocolFilter();
filter.ClearAuthenticationCache();

You can see more on the MSDN page and if you have an Insider Preview build / SDK later than 14295 you should be able to test it.

1
votes

Please look at:

https://docs.microsoft.com/en-us/windows/uwp/security/credential-locker#deleting-user-credentials

There function for deleting the credentials is described.

It seems that the method public IReadOnlyList<PasswordCredential> RetrieveAll() that you are using returns a read-only collection. Therefor its values can't be deleted.

Try to access the credentials e.g. with public PasswordCredential Retrieve(String resource, String userName). The return type which is not read-only, should enable you to use the delete methods.

If you want to delete all credentials for a specific resource name, this workaround works even in older Windows 10 versions:

private void RemoveAllCredentials(PasswordVault passwordVault)
    {
        //Get all credentials.
        List<PasswordCredential> passwordCredentials = new List<PasswordCredential>();
        var credentials = passwordVault.RetrieveAll();
        foreach (PasswordCredential credential in credentials)
        {
            if (credential.Resource.Equals("ResourceName"))
            {
                passwordCredentials.Add(
                    passwordVault.Retrieve(credential.Resource, credential.UserName));
            }
        }
        foreach (PasswordCredential entry in passwordCredentials)
        {
            passwordVault.Remove(entry);
        }
    }