Hyper-V extension: Add "Ask for VM credentials" and "Wait for logon" Adaptive Cards to Hyper-V Configure command.

HyperVExtension/src/DevSetupAgent/NativeMethods.txt

@@ -6,3 +6,8 @@ CLSCTX
 WIN32_ERROR
 S_OK
 E_FAIL
+LsaEnumerateLogonSessions
+LsaGetLogonSessionData
+Windows.Win32.Security.Authentication.Identity.LsaFreeReturnBuffer
+SECURITY_LOGON_TYPE
+STATUS_SUCCESS

HyperVExtension/src/DevSetupAgent/Requests/ErrorRequest.cs

@@ -1,34 +1,34 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-
-using System.Text.Json.Nodes;
-
-namespace HyperVExtension.DevSetupAgent;
-
-/// <summary>
-/// Class used to handle invalid requests (for example an exception while parsing request JSON).
-/// It creates an error response to send back to the client.
-/// </summary>
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+using System.Text.Json.Nodes;
+
+namespace HyperVExtension.DevSetupAgent;
+
+/// <summary>
+/// Class used to handle invalid requests (for example an exception while parsing request JSON).
+/// It creates an error response to send back to the client.
+/// </summary>
 internal class ErrorRequest : IHostRequest
 {
     public ErrorRequest(IRequestMessage requestMessage)
     {
         Timestamp = DateTime.UtcNow;
         RequestId = requestMessage.RequestId!;
-    }
-
-    public virtual uint Version { get; set; } = 1;
-
-    public virtual bool IsStatusRequest => true;
-
-    public virtual string RequestId { get; }
-
-    public virtual string RequestType => "ErrorNoData";
-
-    public DateTime Timestamp { get; }
-
-    public virtual IHostResponse Execute(ProgressHandler progressHandler, CancellationToken stoppingToken)
-    {
-        return new ErrorResponse(RequestId);
-    }
-}
+    }
+
+    public virtual uint Version { get; set; } = 1;
+
+    public virtual bool IsStatusRequest => true;
+
+    public virtual string RequestId { get; }
+
+    public virtual string RequestType => "ErrorNoData";
+
+    public DateTime Timestamp { get; }
+
+    public virtual IHostResponse Execute(ProgressHandler progressHandler, CancellationToken stoppingToken)
+    {
+        return new ErrorResponse(RequestId);
+    }
+}

HyperVExtension/src/DevSetupAgent/Requests/IsUserLoggedInRequest.cs

@@ -0,0 +1,120 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+using System;
+using System.Diagnostics;
+using System.Security.Principal;
+using System.Text.Json.Nodes;
+using Windows.Win32;
+using Windows.Win32.Foundation;
+using Windows.Win32.Security.Authentication.Identity;
+
+namespace HyperVExtension.DevSetupAgent;
+
+/// <summary>
+/// Class used to handle request for service version (RequestType = GetVersion).
+/// </summary>
+internal sealed class IsUserLoggedInRequest : RequestBase
+{
+    public IsUserLoggedInRequest(IRequestContext requestContext)
+        : base(requestContext)
+    {
+    }
+
+    public override bool IsStatusRequest => true;
+
+    public override IHostResponse Execute(ProgressHandler progressHandler, CancellationToken stoppingToken)
+    {
+        var loggedInUsers = EnumerateLogonSessions();
+        return new IsUserLoggedInResponse(RequestMessage.RequestId!, loggedInUsers);
+    }
+
+    private static List<string> EnumerateLogonSessions()
+    {
+        // We'll take interactive sessions where explorer is running to filter out stale sessions
+        var interactiveSessions = new List<string>();
+
+        var explorers = Process.GetProcessesByName("explorer");
+        if (explorers.Length == 0)
+        {
+            return interactiveSessions;
+        }
+
+        unsafe
+        {
+            var sessions = new List<(uint, string)>(); // (SessionId, UserName)
+            LUID* luidPtr = default;
+            SECURITY_LOGON_SESSION_DATA* sessionData = default;
+            try
+            {
+                uint count;
+                var status = PInvoke.LsaEnumerateLogonSessions(out count, out luidPtr);
+                if (status != NTSTATUS.STATUS_SUCCESS)
+                {
+                    throw new NtStatusException("LsaEnumerateLogonSessions failed.", status);
+                }
+
+                Logging.Logger()?.ReportDebug($"Number of logon sessions: {count}");
+                for (var i = 0; i < count; i++)
+                {
+                    var luid = luidPtr[i];
+                    status = PInvoke.LsaGetLogonSessionData(luid, out sessionData);
+                    if (status != NTSTATUS.STATUS_SUCCESS)
+                    {
+                        throw new NtStatusException("LsaGetLogonSessionData failed.", status);
+                    }
+
+                    if (sessionData->Session > 0)
+                    {
+                        switch (sessionData->LogonType)
+                        {
+                            case (uint)SECURITY_LOGON_TYPE.Interactive:
+                            case (uint)SECURITY_LOGON_TYPE.RemoteInteractive:
+                            case (uint)SECURITY_LOGON_TYPE.CachedRemoteInteractive:
+                                var sid = new SecurityIdentifier((IntPtr)sessionData->Sid.Value);
+                                Logging.Logger()?.ReportDebug(
+                                    $"Logged on user: {sessionData->UserName.Buffer}, " +
+                                    $"Domain: {sessionData->LogonDomain.Buffer}, " +
+                                    $"Session: {sessionData->Session}, " +
+                                    $"Logon type: {sessionData->LogonType}, " +
+                                    $"SID: {sid}, " +
+                                    $"UserFlags: {sessionData->UserFlags}");
+
+                                sessions.Add((sessionData->Session, new string(sessionData->UserName.Buffer)));
+                                break;
+
+                            default:
+                                break;
+                        }
+                    }
+
+                    PInvoke.LsaFreeReturnBuffer(sessionData);
+                    sessionData = default;
+                }
+
+                // We'll take interactive sessions where explorer is running to filter out stale sessions
+                var interactiveSessionsWithExplorer = sessions.Where(s => explorers.Any(e => (uint)e.SessionId == s.Item1));
+                foreach (var session in interactiveSessionsWithExplorer)
+                {
+                    // TODO: We get OS user names like "DWM-2" or "UMFD-2" into this list. We need to filter them out.
+                    Logging.Logger()?.ReportDebug($"Logged on user: {session.Item2}, Session: {session.Item1}");
+                    interactiveSessions.Add(session.Item2);
+                }
+            }
+            finally
+            {
+                if (sessionData != default)
+                {
+                    PInvoke.LsaFreeReturnBuffer(sessionData);
+                }
+
+                if (luidPtr != default)
+                {
+                    PInvoke.LsaFreeReturnBuffer(luidPtr);
+                }
+            }
+        }
+
+        return interactiveSessions;
+    }
+}

HyperVExtension/src/DevSetupAgent/Requests/NtStatusException.cs

@@ -0,0 +1,31 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+using System.Runtime.Serialization;
+
+namespace HyperVExtension.DevSetupAgent;
+
+internal sealed class NtStatusException : Exception
+{
+    public NtStatusException()
+    {
+    }
+
+    public NtStatusException(string? message)
+        : base(message)
+    {
+    }
+
+    public NtStatusException(string? message, Exception? innerException)
+        : base(message, innerException)
+    {
+    }
+
+    public NtStatusException(string? message, int ntStatus)
+        : base(message)
+    {
+        // NTStatus is not an HRESULT, but we will uonly use it to pass error back to the caller
+        // for diagnostic. Conversion to HRESULT can be done in more that one way and can be not 1 to 1 mapping anyway
+        HResult = ntStatus;
+    }
+}

HyperVExtension/src/DevSetupAgent/Requests/RequestFactory.cs

@@ -20,7 +20,8 @@ public class RequestFactory : IRequestFactory
         // TODO: Define request type constants in one place
         { "GetVersion", (requestContext) => new GetVersionRequest(requestContext) },
         { "Configure", (requestContext) => new ConfigureRequest(requestContext) },
-        { "Ack", (requestContext) => new AckRequest(requestContext) },
+        { "Ack", (requestContext) => new AckRequest(requestContext) },
+        { "IsUserLoggedIn", (requestContext) => new IsUserLoggedInRequest(requestContext) },
     };
 
     public RequestFactory()

HyperVExtension/src/DevSetupAgent/Responses/IsUserLoggedInResponse.cs

@@ -0,0 +1,32 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+using System.Text.Json;
+
+namespace HyperVExtension.DevSetupAgent;
+
+internal sealed class IsUserLoggedInResponse : ResponseBase
+{
+    public IsUserLoggedInResponse(string requestId, List<string> loggedInUsers)
+        : base(requestId)
+    {
+        RequestType = "IsUserLoggedIn";
+
+        // Return empty list for now. Reserved for the future use to deal with multiple logged in users.
+        LoggedInUsers = new List<string>();
+        IsUserLoggedIn = loggedInUsers.Count > 0;
+        GenerateJsonData();
+    }
+
+    public List<string> LoggedInUsers { get; }
+
+    public bool IsUserLoggedIn { get; }
+
+    protected override void GenerateJsonData()
+    {
+        base.GenerateJsonData();
+
+        JsonData![nameof(IsUserLoggedIn)] = IsUserLoggedIn;
+        JsonData![nameof(LoggedInUsers)] = JsonSerializer.Serialize(LoggedInUsers);
+    }
+}

HyperVExtension/src/DevSetupEngine/DevSetupEngine.csproj

@@ -1,6 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk">
-	<Import Project="$(SolutionDir)ToolingVersions.props" />
-	<!-- Debug builds produce a console app; otherwise a Windows app -->
+  <Import Project="$(SolutionDir)ToolingVersions.props" />
+  <!-- Debug builds produce a console app; otherwise a Windows app -->
   <PropertyGroup Condition="'$(Configuration)' == 'Debug'">
     <OutputType>Exe</OutputType>
   </PropertyGroup>