commit d5f7aabc2a7e414c63dc5a20a294c71a54111910
author Vitaly Buka <vitalybuka@google.com> Wed Jan 27 18:25:14 2016 -0800
committer Vitaly Buka <vitalybuka@google.com> Thu Jan 28 18:52:12 2016 +0000
tree c5ff24d4768972a6a098f5e5917b977ba06dc18c
parent d7c6deb0576805c0e043686e220a7a27e17b50d4

Add session ID validation

BUG: 26292014
Change-Id: I2a71dbf3dbc4b422c8f9bedd806f459d2bc35333
Reviewed-on: https://weave-review.googlesource.com/2380
Reviewed-by: Alex Vakulenko <avakulenko@google.com>

src/privet/auth_manager.h

diff --git a/src/privet/auth_manager.h b/src/privet/auth_manager.h
index 0fa90a7..f0a5761 100644
--- a/src/privet/auth_manager.h
+++ b/src/privet/auth_manager.h
@@ -68,19 +68,21 @@
   void SetAuthSecret(const std::vector<uint8_t>& secret,
                      RootClientTokenOwner owner);
 
-  std::vector<uint8_t> CreateSessionId();
+  std::string CreateSessionId() const;
+  bool IsValidSessionId(const std::string& session_id) const;
 
  private:
-  FRIEND_TEST_ALL_PREFIXES(AuthManagerClaimTest, CreateAccessTokenFromAuth);
+  friend class AuthManagerTest;
 
-  // Test helper.
+  // Test helpers. Device does not need to implement delegation.
   std::vector<uint8_t> DelegateToUser(const std::vector<uint8_t>& token,
+                                      base::TimeDelta ttl,
                                       const UserInfo& user_info) const;
 
   Config* config_{nullptr};  // Can be nullptr for tests.
   base::DefaultClock default_clock_;
   base::Clock* clock_{&default_clock_};
-  uint32_t session_counter_{0};
+  mutable uint32_t session_counter_{0};
 
   std::vector<uint8_t> auth_secret_;  // Persistent.
   std::vector<uint8_t> certificate_fingerprint_;