using Microsoft.Win32.SafeHandles;
using System.Runtime.InteropServices;

namespace FakeNTLMServer.Common
{
    public static class NtlmHelper
    {
        [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
        private static extern bool LogonUser(
            string lpszUsername,
            string lpszDomain,
            string lpszPassword,
            int dwLogonType,
            int dwLogonProvider,
            out SafeAccessTokenHandle phToken);

        private const int LOGON32_LOGON_NETWORK = 3;
        private const int LOGON32_PROVIDER_DEFAULT = 0;

        public static bool ValidateCredentials(string username, string domain, string password, out SafeAccessTokenHandle token)
        {
            var success = LogonUser(
                username,
                domain,
                password,
                LOGON32_LOGON_NETWORK,
                LOGON32_PROVIDER_DEFAULT,
                out token);

            return success && token is not null && !token.IsInvalid;
        }
    }
}