Add session ID validation

BUG: 26292014
Change-Id: I2a71dbf3dbc4b422c8f9bedd806f459d2bc35333
Reviewed-on: https://weave-review.googlesource.com/2380
Reviewed-by: Alex Vakulenko <avakulenko@google.com>
diff --git a/src/privet/auth_manager.h b/src/privet/auth_manager.h
index 0fa90a7..f0a5761 100644
--- a/src/privet/auth_manager.h
+++ b/src/privet/auth_manager.h
@@ -68,19 +68,21 @@
   void SetAuthSecret(const std::vector<uint8_t>& secret,
                      RootClientTokenOwner owner);
 
-  std::vector<uint8_t> CreateSessionId();
+  std::string CreateSessionId() const;
+  bool IsValidSessionId(const std::string& session_id) const;
 
  private:
-  FRIEND_TEST_ALL_PREFIXES(AuthManagerClaimTest, CreateAccessTokenFromAuth);
+  friend class AuthManagerTest;
 
-  // Test helper.
+  // Test helpers. Device does not need to implement delegation.
   std::vector<uint8_t> DelegateToUser(const std::vector<uint8_t>& token,
+                                      base::TimeDelta ttl,
                                       const UserInfo& user_info) const;
 
   Config* config_{nullptr};  // Can be nullptr for tests.
   base::DefaultClock default_clock_;
   base::Clock* clock_{&default_clock_};
-  uint32_t session_counter_{0};
+  mutable uint32_t session_counter_{0};
 
   std::vector<uint8_t> auth_secret_;  // Persistent.
   std::vector<uint8_t> certificate_fingerprint_;