credentials: Move user impersonation to peer::get_identity()

To retrieve user credentials, EapHost provides us the interactive user's
token we can use to impersonate.

By doing the impersonation early in peer::get_identity(), we don't need
to pass the token down the lower methods. This is rather a
simplification than a performance optimization.

Signed-off-by: Simon Rozman <simon@rozman.si>

lib/TTLS/include/Credentials.h

@@ -112,13 +112,12 @@ namespace eap
         ///
         /// 1. Cached credentials
         /// 2. Configured credentials (if \p cfg is derived from `config_method_with_cred`)
-        /// 3. Stored credentials
+        /// 3. Stored credentials (must be called in the connecting user context)
         ///
-        /// \param[in] dwFlags                A combination of [EAP flags](https://msdn.microsoft.com/en-us/library/windows/desktop/bb891975.aspx) that describe the EAP authentication session behavior
-        /// \param[in] hTokenImpersonateUser  Impersonation token for a logged-on user to collect user-related information
-        /// \param[in] cred_cached            Cached credentials (optional, can be \c NULL, must be `credentials_tls_tunnel*` type)
-        /// \param[in] cfg                    Method configuration (unused, as must be as config_method_tls_tunnel is not derived from `config_method_with_cred`)
-        /// \param[in] pszTargetName          The name in Windows Credential Manager to retrieve credentials from (optional, can be \c NULL)
+        /// \param[in] dwFlags        A combination of [EAP flags](https://msdn.microsoft.com/en-us/library/windows/desktop/bb891975.aspx) that describe the EAP authentication session behavior
+        /// \param[in] cred_cached    Cached credentials (optional, can be \c NULL, must be `credentials_tls_tunnel*` type)
+        /// \param[in] cfg            Method configuration (unused, as must be as config_method_tls_tunnel is not derived from `config_method_with_cred`)
+        /// \param[in] pszTargetName  The name in Windows Credential Manager to retrieve credentials from (optional, can be \c NULL)
         ///
         /// \returns
         /// - \c source_t::cache   Credentials were obtained from EapHost cache
@@ -127,7 +126,6 @@ namespace eap
         ///
         virtual source_t combine(
             _In_             DWORD         dwFlags,
-            _In_opt_         HANDLE        hTokenImpersonateUser,
             _In_opt_   const credentials   *cred_cached,
             _In_       const config_method &cfg,
             _In_opt_z_       LPCTSTR       pszTargetName);

lib/TTLS/include/Module.h

@@ -64,8 +64,7 @@ namespace eap
             _In_                       const config_connection       &cfg,
             _In_count_(dwUserDataSize) const BYTE                    *pUserData,
             _In_                             DWORD                   dwUserDataSize,
-            _Inout_                          credentials_connection& cred_out,
-            _In_                             HANDLE                  hTokenImpersonateUser);
+            _Inout_                          credentials_connection& cred_out);
     };