Add ClaimRootClientAuthToken and ConfirmRootClientAuthToken
Claim* call will create temporarily secret and set that as primary after
Confirm* is called.
Local client needs to be able to claim control of unclaimed device.
Device should be claimed no more than once, so if Claim was called and
client didn't not get response, we will have locked account. Confirm* is
used as that confirmation.
BUG=25766815
Change-Id: Id744f98788abe70a42b32c4a6d796e7ff74c3936
Reviewed-on: https://weave-review.googlesource.com/1947
Reviewed-by: Alex Vakulenko <avakulenko@google.com>
diff --git a/src/privet/auth_manager.h b/src/privet/auth_manager.h
index dfdd6b3..f1b6c8b 100644
--- a/src/privet/auth_manager.h
+++ b/src/privet/auth_manager.h
@@ -5,6 +5,7 @@
#ifndef LIBWEAVE_SRC_PRIVET_AUTH_MANAGER_H_
#define LIBWEAVE_SRC_PRIVET_AUTH_MANAGER_H_
+#include <deque>
#include <string>
#include <vector>
@@ -32,12 +33,16 @@
const std::vector<uint8_t>& GetCertificateFingerprint() const {
return certificate_fingerprint_;
}
- std::vector<uint8_t> GetRootClientAuthToken() const;
base::Time Now() const;
+ std::vector<uint8_t> GetRootClientAuthToken() const;
+
bool IsValidAuthToken(const std::vector<uint8_t>& token) const;
+ std::vector<uint8_t> ClaimRootClientAuthToken();
+ bool ConfirmRootClientAuthToken(const std::vector<uint8_t>& token);
+
private:
base::DefaultClock default_clock_;
base::Clock* clock_{nullptr};
@@ -45,6 +50,8 @@
std::vector<uint8_t> secret_;
std::vector<uint8_t> certificate_fingerprint_;
+ std::deque<std::unique_ptr<AuthManager>> pending_claims_;
+
DISALLOW_COPY_AND_ASSIGN(AuthManager);
};