I'm currently trying to understand how custom credential providers are made.
I have a sample to help me. This sample especially implements ICredentialProvider and ICredentialProviderFilter for WinLogon. My job is to implement the CPUS_CREDUI usage scenario.
However, there is a lot of things i don't get in the initial implementation so i can't even expect to do my own implementation.
All the documentation i found only explains what each part actually do. Which is the only part 'clear enough' in my mind.
The problem is that i can't connect those parts together.
The different functions seemed to be called by Windows itself. How can i know what's the caller, which parameters are used, this kind of things ? If i knew, i might have a better understanding of the whole process.
For example :
There is a recurrent parameter of type CREDENTIAL_PROVIDER_USAGE_SCENARIO which seems to change the way the CP is initialized further in the code. It seems to be first defined in the CredentialProvider constructor but since i don't know what the caller of the constructor is... I'm guessing it's called by WinLogon but if so, what actually define the parameters ?
The logs of the sample always show this parameter value as 'CPUS_LOGON'. If this is a consequence of the CP constructor being called by WinLogon (If my previous hypothesis is true), how does CPUS_CREDUI can be called since it's post Logon ?
That's the main questions i have so far. Thank you if someone can unlight me.
I'm also open for every additional informations you would have for me.
Have a look at Microsoft's docs
One of the first calls to your credential provider will be SetUsageScenario
HRESULT SetUsageScenario(
CREDENTIAL_PROVIDER_USAGE_SCENARIO cpus,
DWORD dwFlags
);
The first parameter is scenario.
If your provider is not designed for the provided scenario you can just return E_INVALIDARG.