Initial remoting::protocol::Authenticator interface.

remoting/protocol/authenticator.h

Index: remoting/protocol/authenticator.h
diff --git a/remoting/protocol/authenticator.h b/remoting/protocol/authenticator.h
new file mode 100644
index 0000000000000000000000000000000000000000..4140e5ac595e98f11aad66406072a6fcc16b97f7
--- /dev/null
+++ b/remoting/protocol/authenticator.h
@@ -0,0 +1,92 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef REMOTING_PROTOCOL_AUTHENTICATOR_H_
+#define REMOTING_PROTOCOL_AUTHENTICATOR_H_
+
+#include <string>
+
+namespace buzz {
+class XmlElement;
+}  // namespace buzz
+
+namespace remoting {
+namespace protocol {
+
+// Authenticator is an abstract interface for authentication protocol
+// implementations. Different implementations of this interface may be
+// used on each side of the connection depending of type of the auth
+// protocol. Client and host will repeatedly call their Authenticators
+// and deliver the messages they generate, until successful
+// authentication is reported.
+//
+// Authenticator may exchange multiple messages before session is
+// authenticated. Each message sent/received by an Authenticator is
+// delivered either in a session description inside session-initiate
+// and session-accept messages or in a session-info
+// message. Session-info messages are used only if authenticators need
+// to exchange more than one message.
+class Authenticator {
+ public:
+  // Allowed state transitions:
+  // When ProcessMessage() is called:
+  //    WAITING_MESSAGE -> MESSAGE_READY
+  //    WAITING_MESSAGE -> ACCEPTED
+  //    WAITING_MESSAGE -> REJECTED
+  // When GetNextMessage() is called:
+  //    MESSAGE_READY -> WAITING_MESSAGE
+  //    MESSAGE_READY -> ACCEPTED
+  //    MESSAGE_READY -> REJECTED
+  enum State {
+    // Waiting for the next message from the peer.
+    WAITING_MESSAGE,
+
+    // Next message is ready to be sent to the peer.
+    MESSAGE_READY,
+
+    // Session is authenticated successufully.
+    ACCEPTED,
+
+    // Session is rejected.
+    REJECTED,
+  };
+
+  Authenticator() {}
+  virtual ~Authenticator() {}
+
+  // Returns current state of the authenticator.
+  virtual State state() const = 0;
+
+  // Called in response to incoming message received from the peer.
+  // Should only be called when in WAITING_MESSAGE state.
+  virtual void ProcessMessage(talk_base::XmlElement* message) = 0;
+
+  // Must be called when in MESSAGE_READY state. Returns next
+  // authentication message that needs to be sent to the peer.
+  virtual talk_base::XmlElement* GetNextMessage() = 0;
+
+  // Creates new authenticator for a channel. Caller must take
+  // ownership of the result. Can be called only in the ACCEPTED
+  // state.
+  virtual ChannelAuthenticator* CreateChannelAuthenticator() const = 0;
+};
+
+// Factory for Authenticator instances.
+class AuthenticatorFactory {
+  // Called when session-initiate stanza is received to create
+  // authenticator for the new session. |first_message| specifies
+  // authentication part of the session-initiate stanza so that
+  // appropriate type of Authenticator can be chosen for the session
+  // (useful when multiple authenticators is supported). Returns NULL
+  // if the |first_message| is invalid and the session should be
+  // rejected. ProcessMessage() should be called with |first_message|
+  // for the result of this method.
+  virtual Authenticator* CreateAuthenticator(
+      const talk_base::XmlElement* first_message) = 0;
+};
+
+}  // namespace protocol
+}  // namespace remoting
+
+#endif  // REMOTING_PROTOCOL_AUTHENTICATOR_H_