coder
diff --git a/‎App/App.xaml.cs
+16-7 b/‎App/App.xaml.cs
+16-7
diff --git a/‎App/Services/CredentialManager.cs
+142-77 b/‎App/Services/CredentialManager.cs
+142-77
@@ -41,6 +41,7 @@ public partial class App : Application
 #endif
 
     private readonly ILogger<App> _logger;
+    private readonly IUriHandler _uriHandler;
 
     public App()
     {
@@ -72,6 +73,8 @@ public App()
             .Bind(builder.Configuration.GetSection(MutagenControllerConfigSection));
         services.AddSingleton<ISyncSessionController, MutagenController>();
         services.AddSingleton<IUserNotifier, UserNotifier>();
+        services.AddSingleton<IRdpConnector, RdpConnector>();
+        services.AddSingleton<IUriHandler, UriHandler>();
 
         // SignInWindow views and view models
         services.AddTransient<SignInViewModel>();
@@ -98,6 +101,7 @@ public App()
 
         _services = services.BuildServiceProvider();
         _logger = (ILogger<App>)_services.GetService(typeof(ILogger<App>))!;
+        _uriHandler = (IUriHandler)_services.GetService(typeof(IUriHandler))!;
 
         InitializeComponent();
     }
@@ -190,7 +194,18 @@ public void OnActivated(object? sender, AppActivationArguments args)
                     _logger.LogWarning("URI activation with null data");
                     return;
                 }
-                HandleURIActivation(protoArgs.Uri);
+
+                try
+                {
+                    // don't need to wait for it to complete.
+                    _ = _uriHandler.HandleUri(protoArgs.Uri);
+                }
+                catch (System.Exception e)
+                {
+                    _logger.LogError(e, "unhandled exception while processing URI coder://{authority}{path}",
+                        protoArgs.Uri.Authority, protoArgs.Uri.AbsolutePath);
+                }
+
                 break;
 
             case ExtendedActivationKind.AppNotification:
@@ -204,12 +219,6 @@ public void OnActivated(object? sender, AppActivationArguments args)
         }
     }
 
-    public void HandleURIActivation(Uri uri)
-    {
-        // don't log the query string as that's where we include some sensitive information like passwords
-        _logger.LogInformation("handling URI activation for {path}", uri.AbsolutePath);
-    }
-
     public void HandleNotification(AppNotificationManager? sender, AppNotificationActivatedEventArgs args)
     {
         // right now, we don't do anything other than log
 
@@ -1,4 +1,5 @@
 using System;
+using System.Net.Sockets;
 using System.Runtime.InteropServices;
 using System.Text;
 using System.Text.Json;
@@ -307,7 +308,7 @@ public WindowsCredentialBackend(string credentialsTargetName)
 
     public Task<RawCredentials?> ReadCredentials(CancellationToken ct = default)
     {
-        var raw = NativeApi.ReadCredentials(_credentialsTargetName);
+        var raw = Wincred.ReadCredentials(_credentialsTargetName);
         if (raw == null) return Task.FromResult<RawCredentials?>(null);
 
         RawCredentials? credentials;
@@ -326,115 +327,179 @@ public WindowsCredentialBackend(string credentialsTargetName)
     public Task WriteCredentials(RawCredentials credentials, CancellationToken ct = default)
     {
         var raw = JsonSerializer.Serialize(credentials, RawCredentialsJsonContext.Default.RawCredentials);
-        NativeApi.WriteCredentials(_credentialsTargetName, raw);
+        Wincred.WriteCredentials(_credentialsTargetName, raw);
         return Task.CompletedTask;
     }
 
     public Task DeleteCredentials(CancellationToken ct = default)
     {
-        NativeApi.DeleteCredentials(_credentialsTargetName);
+        Wincred.DeleteCredentials(_credentialsTargetName);
         return Task.CompletedTask;
     }
 
-    private static class NativeApi
+}
+
+/// <summary>
+/// Wincred provides relatively low level wrapped calls to the Wincred.h native API.
+/// </summary>
+internal static class Wincred
+{
+    private const int CredentialTypeGeneric = 1;
+    private const int CredentialTypeDomainPassword = 2;
+    private const int PersistenceTypeLocalComputer = 2;
+    private const int ErrorNotFound = 1168;
+    private const int CredMaxCredentialBlobSize = 5 * 512;
+    private const string PackageNTLM = "NTLM";
+
+    public static string? ReadCredentials(string targetName)
     {
-        private const int CredentialTypeGeneric = 1;
-        private const int PersistenceTypeLocalComputer = 2;
-        private const int ErrorNotFound = 1168;
-        private const int CredMaxCredentialBlobSize = 5 * 512;
+        if (!CredReadW(targetName, CredentialTypeGeneric, 0, out var credentialPtr))
+        {
+            var error = Marshal.GetLastWin32Error();
+            if (error == ErrorNotFound) return null;
+            throw new InvalidOperationException($"Failed to read credentials (Error {error})");
+        }
 
-        public static string? ReadCredentials(string targetName)
+        try
         {
-            if (!CredReadW(targetName, CredentialTypeGeneric, 0, out var credentialPtr))
-            {
-                var error = Marshal.GetLastWin32Error();
-                if (error == ErrorNotFound) return null;
-                throw new InvalidOperationException($"Failed to read credentials (Error {error})");
-            }
+            var cred = Marshal.PtrToStructure<CREDENTIALW>(credentialPtr);
+            return Marshal.PtrToStringUni(cred.CredentialBlob, cred.CredentialBlobSize / sizeof(char));
+        }
+        finally
+        {
+            CredFree(credentialPtr);
+        }
+    }
 
-            try
-            {
-                var cred = Marshal.PtrToStructure<CREDENTIAL>(credentialPtr);
-                return Marshal.PtrToStringUni(cred.CredentialBlob, cred.CredentialBlobSize / sizeof(char));
-            }
-            finally
+    public static void WriteCredentials(string targetName, string secret)
+    {
+        var byteCount = Encoding.Unicode.GetByteCount(secret);
+        if (byteCount > CredMaxCredentialBlobSize)
+            throw new ArgumentOutOfRangeException(nameof(secret),
+                $"The secret is greater than {CredMaxCredentialBlobSize} bytes");
+
+        var credentialBlob = Marshal.StringToHGlobalUni(secret);
+        var cred = new CREDENTIALW
+        {
+            Type = CredentialTypeGeneric,
+            TargetName = targetName,
+            CredentialBlobSize = byteCount,
+            CredentialBlob = credentialBlob,
+            Persist = PersistenceTypeLocalComputer,
+        };
+        try
+        {
+            if (!CredWriteW(ref cred, 0))
             {
-                CredFree(credentialPtr);
+                var error = Marshal.GetLastWin32Error();
+                throw new InvalidOperationException($"Failed to write credentials (Error {error})");
             }
         }
-
-        public static void WriteCredentials(string targetName, string secret)
+        finally
         {
-            var byteCount = Encoding.Unicode.GetByteCount(secret);
-            if (byteCount > CredMaxCredentialBlobSize)
-                throw new ArgumentOutOfRangeException(nameof(secret),
-                    $"The secret is greater than {CredMaxCredentialBlobSize} bytes");
+            Marshal.FreeHGlobal(credentialBlob);
+        }
+    }
 
-            var credentialBlob = Marshal.StringToHGlobalUni(secret);
-            var cred = new CREDENTIAL
-            {
-                Type = CredentialTypeGeneric,
-                TargetName = targetName,
-                CredentialBlobSize = byteCount,
-                CredentialBlob = credentialBlob,
-                Persist = PersistenceTypeLocalComputer,
-            };
-            try
-            {
-                if (!CredWriteW(ref cred, 0))
-                {
-                    var error = Marshal.GetLastWin32Error();
-                    throw new InvalidOperationException($"Failed to write credentials (Error {error})");
-                }
-            }
-            finally
-            {
-                Marshal.FreeHGlobal(credentialBlob);
-            }
+    public static void DeleteCredentials(string targetName)
+    {
+        if (!CredDeleteW(targetName, CredentialTypeGeneric, 0))
+        {
+            var error = Marshal.GetLastWin32Error();
+            if (error == ErrorNotFound) return;
+            throw new InvalidOperationException($"Failed to delete credentials (Error {error})");
         }
+    }
+
+    public static void WriteDomainCredentials(string domainName, string serverName, string username, string password)
+    {
+        var targetName = $"{domainName}/{serverName}";
+        var targetInfo = new CREDENTIAL_TARGET_INFORMATIONW
+        {
+            TargetName = targetName,
+            DnsServerName = serverName,
+            DnsDomainName = domainName,
+            PackageName = PackageNTLM,
+        };
+        var byteCount = Encoding.Unicode.GetByteCount(password);
+        if (byteCount > CredMaxCredentialBlobSize)
+            throw new ArgumentOutOfRangeException(nameof(password),
+                $"The secret is greater than {CredMaxCredentialBlobSize} bytes");
 
-        public static void DeleteCredentials(string targetName)
+        var credentialBlob = Marshal.StringToHGlobalUni(password);
+        var cred = new CREDENTIALW
         {
-            if (!CredDeleteW(targetName, CredentialTypeGeneric, 0))
+            Type = CredentialTypeDomainPassword,
+            TargetName = targetName,
+            CredentialBlobSize = byteCount,
+            CredentialBlob = credentialBlob,
+            Persist = PersistenceTypeLocalComputer,
+            UserName = username,
+        };
+        try
+        {
+            if (!CredWriteDomainCredentialsW(ref targetInfo, ref cred, 0))
             {
                 var error = Marshal.GetLastWin32Error();
-                if (error == ErrorNotFound) return;
-                throw new InvalidOperationException($"Failed to delete credentials (Error {error})");
+                throw new InvalidOperationException($"Failed to write credentials (Error {error})");
             }
         }
+        finally
+        {
+            Marshal.FreeHGlobal(credentialBlob);
+        }
+    }
 
-        [DllImport("Advapi32.dll", CharSet = CharSet.Unicode, SetLastError = true)]
-        private static extern bool CredReadW(string target, int type, int reservedFlag, out IntPtr credentialPtr);
+    [DllImport("Advapi32.dll", CharSet = CharSet.Unicode, SetLastError = true)]
+    private static extern bool CredReadW(string target, int type, int reservedFlag, out IntPtr credentialPtr);
 
-        [DllImport("Advapi32.dll", CharSet = CharSet.Unicode, SetLastError = true)]
-        private static extern bool CredWriteW([In] ref CREDENTIAL userCredential, [In] uint flags);
+    [DllImport("Advapi32.dll", CharSet = CharSet.Unicode, SetLastError = true)]
+    private static extern bool CredWriteW([In] ref CREDENTIALW userCredential, [In] uint flags);
 
-        [DllImport("Advapi32.dll", SetLastError = true)]
-        private static extern void CredFree([In] IntPtr cred);
+    [DllImport("Advapi32.dll", SetLastError = true)]
+    private static extern void CredFree([In] IntPtr cred);
 
-        [DllImport("Advapi32.dll", CharSet = CharSet.Unicode, SetLastError = true)]
-        private static extern bool CredDeleteW(string target, int type, int flags);
+    [DllImport("Advapi32.dll", CharSet = CharSet.Unicode, SetLastError = true)]
+    private static extern bool CredDeleteW(string target, int type, int flags);
 
-        [StructLayout(LayoutKind.Sequential)]
-        private struct CREDENTIAL
-        {
-            public int Flags;
-            public int Type;
+    [DllImport("Advapi32.dll", CharSet = CharSet.Unicode, SetLastError = true)]
+    private static extern bool CredWriteDomainCredentialsW([In] ref CREDENTIAL_TARGET_INFORMATIONW target, [In] ref CREDENTIALW userCredential, [In] uint flags);
 
-            [MarshalAs(UnmanagedType.LPWStr)] public string TargetName;
+    [StructLayout(LayoutKind.Sequential)]
+    private struct CREDENTIALW
+    {
+        public int Flags;
+        public int Type;
 
-            [MarshalAs(UnmanagedType.LPWStr)] public string Comment;
+        [MarshalAs(UnmanagedType.LPWStr)] public string TargetName;
 
-            public long LastWritten;
-            public int CredentialBlobSize;
-            public IntPtr CredentialBlob;
-            public int Persist;
-            public int AttributeCount;
-            public IntPtr Attributes;
+        [MarshalAs(UnmanagedType.LPWStr)] public string Comment;
 
-            [MarshalAs(UnmanagedType.LPWStr)] public string TargetAlias;
+        public long LastWritten;
+        public int CredentialBlobSize;
+        public IntPtr CredentialBlob;
+        public int Persist;
+        public int AttributeCount;
+        public IntPtr Attributes;
 
-            [MarshalAs(UnmanagedType.LPWStr)] public string UserName;
-        }
+        [MarshalAs(UnmanagedType.LPWStr)] public string TargetAlias;
+
+        [MarshalAs(UnmanagedType.LPWStr)] public string UserName;
+    }
+
+    [StructLayout(LayoutKind.Sequential)]
+    private struct CREDENTIAL_TARGET_INFORMATIONW
+    {
+        [MarshalAs(UnmanagedType.LPWStr)] public string TargetName;
+        [MarshalAs(UnmanagedType.LPWStr)] public string NetbiosServerName;
+        [MarshalAs(UnmanagedType.LPWStr)] public string DnsServerName;
+        [MarshalAs(UnmanagedType.LPWStr)] public string NetbiosDomainName;
+        [MarshalAs(UnmanagedType.LPWStr)] public string DnsDomainName;
+        [MarshalAs(UnmanagedType.LPWStr)] public string DnsTreeName;
+        [MarshalAs(UnmanagedType.LPWStr)] public string PackageName;
+
+        public uint Flags;
+        public uint CredTypeCount;
+        public IntPtr CredTypes;
     }
 }