11 files changed, 153 insertions, 50 deletions

diff --git a/remoting/protocol/fake_session.cc b/remoting/protocol/fake_session.cc
index bba1d98..ac344e0 100644
--- a/remoting/protocol/fake_session.cc
+++ b/remoting/protocol/fake_session.cc
@@ -181,6 +181,22 @@ void FakeSession::set_config(const SessionConfig* config) {
   config_.reset(config);
 }
 
+const std::string& FakeSession::initiator_token() {
+  return initiator_token_;
+}
+
+void FakeSession::set_initiator_token(const std::string& initiator_token) {
+  initiator_token_ = initiator_token;
+}
+
+const std::string& FakeSession::receiver_token() {
+  return receiver_token_;
+}
+
+void FakeSession::set_receiver_token(const std::string& receiver_token) {
+  receiver_token_ = receiver_token;
+}
+
 void FakeSession::Close(Task* closed_task) {
   closed_ = true;
   closed_task->Run();
diff --git a/remoting/protocol/fake_session.h b/remoting/protocol/fake_session.h
index 357ef69..62818e4 100644
--- a/remoting/protocol/fake_session.h
+++ b/remoting/protocol/fake_session.h
@@ -118,6 +118,11 @@ class FakeSession : public Session {
   virtual const SessionConfig* config();
   virtual void set_config(const SessionConfig* config);
 
+  virtual const std::string& initiator_token();
+  virtual void set_initiator_token(const std::string& initiator_token);
+  virtual const std::string& receiver_token();
+  virtual void set_receiver_token(const std::string& receiver_token);
+
   virtual void Close(Task* closed_task);
 
  public:
@@ -130,6 +135,10 @@ class FakeSession : public Session {
   FakeSocket video_channel_;
   FakeUdpSocket video_rtp_channel_;
   FakeUdpSocket video_rtcp_channel_;
+
+  std::string initiator_token_;
+  std::string receiver_token_;
+
   std::string jid_;
   bool closed_;
 };
diff --git a/remoting/protocol/jingle_connection_to_host.cc b/remoting/protocol/jingle_connection_to_host.cc
index 5b34c5d..a11a8fb 100644
--- a/remoting/protocol/jingle_connection_to_host.cc
+++ b/remoting/protocol/jingle_connection_to_host.cc
@@ -8,6 +8,7 @@
 #include "base/message_loop.h"
 #include "remoting/base/constants.h"
 #include "remoting/jingle_glue/jingle_thread.h"
+#include "remoting/proto/auth.pb.h"
 #include "remoting/protocol/jingle_session_manager.h"
 #include "remoting/protocol/video_reader.h"
 #include "remoting/protocol/video_stub.h"
@@ -87,9 +88,18 @@ void JingleConnectionToHost::InitSession() {
   // TODO(sergeyu): Set resolution in the |candidate_config| to the desired
   // resolution.
 
+  ClientAuthToken auth_token_proto;
+  auth_token_proto.set_host_full_jid(host_jid_);
+  auth_token_proto.set_client_full_jid(jingle_client_->GetFullJid());
+  // TODO(ajwong): Use real token.
+  auth_token_proto.set_client_oauth_token("");
+
+  // TODO(ajwong): We should encrypt this based on the host's public key.
+  std::string client_token = auth_token_proto.SerializeAsString();
+
   // Initialize |session_|.
   session_ = session_manager_->Connect(
-      host_jid_, candidate_config,
+      host_jid_, client_token, candidate_config,
       NewCallback(this, &JingleConnectionToHost::OnSessionStateChange));
 }
 
diff --git a/remoting/protocol/jingle_session.cc b/remoting/protocol/jingle_session.cc
index 9988f30..f4acf8e 100644
--- a/remoting/protocol/jingle_session.cc
+++ b/remoting/protocol/jingle_session.cc
@@ -138,6 +138,22 @@ void JingleSession::set_config(const SessionConfig* config) {
   config_.reset(config);
 }
 
+const std::string& JingleSession::initiator_token() {
+  return initiator_token_;
+}
+
+void JingleSession::set_initiator_token(const std::string& initiator_token) {
+  initiator_token_ = initiator_token;
+}
+
+const std::string& JingleSession::receiver_token() {
+  return receiver_token_;
+}
+
+void JingleSession::set_receiver_token(const std::string& receiver_token) {
+  receiver_token_ = receiver_token;
+}
+
 void JingleSession::Close(Task* closed_task) {
   if (MessageLoop::current() != jingle_session_manager_->message_loop()) {
     jingle_session_manager_->message_loop()->PostTask(
diff --git a/remoting/protocol/jingle_session.h b/remoting/protocol/jingle_session.h
index 32654fc..cd5a602 100644
--- a/remoting/protocol/jingle_session.h
+++ b/remoting/protocol/jingle_session.h
@@ -51,11 +51,17 @@ class JingleSession : public protocol::Session,
   virtual const std::string& jid();
   virtual MessageLoop* message_loop();
 
-  virtual const CandidateSessionConfig* candidate_config();
   virtual const SessionConfig* config();
-
   virtual void set_config(const SessionConfig* config);
 
+  virtual const std::string& initiator_token();
+  virtual void set_initiator_token(const std::string& initiator_token);
+  virtual const std::string& receiver_token();
+  virtual void set_receiver_token(const std::string& receiver_token);
+
+  // These fields are only set on the receiving side.
+  virtual const CandidateSessionConfig* candidate_config();
+
   virtual void Close(Task* closed_task);
 
  protected:
@@ -95,9 +101,14 @@ class JingleSession : public protocol::Session,
   // The corresponding libjingle session.
   cricket::Session* cricket_session_;
 
-  scoped_ptr<const CandidateSessionConfig> candidate_config_;
   scoped_ptr<const SessionConfig> config_;
 
+  std::string initiator_token_;
+  std::string receiver_token_;
+
+  // These data members are only set on the receiving side.
+  scoped_ptr<const CandidateSessionConfig> candidate_config_;
+
   cricket::PseudoTcpChannel* control_channel_;
   scoped_ptr<StreamSocketAdapter> control_channel_adapter_;
   cricket::PseudoTcpChannel* event_channel_;
diff --git a/remoting/protocol/jingle_session_manager.cc b/remoting/protocol/jingle_session_manager.cc
index 293a06f..46367c9 100644
--- a/remoting/protocol/jingle_session_manager.cc
+++ b/remoting/protocol/jingle_session_manager.cc
@@ -8,12 +8,11 @@
 #include "base/string_number_conversions.h"
 #include "remoting/base/constants.h"
 #include "remoting/jingle_glue/jingle_thread.h"
+#include "remoting/proto/auth.pb.h"
 #include "third_party/libjingle/source/talk/p2p/base/constants.h"
 #include "third_party/libjingle/source/talk/p2p/base/transport.h"
 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h"
 
-using cricket::ContentDescription;
-using cricket::SessionDescription;
 using buzz::QName;
 using buzz::XmlElement;
 
@@ -150,8 +149,10 @@ bool ParseChannelConfig(const XmlElement* element, bool codec_required,
 }  // namespace
 
 ContentDescription::ContentDescription(
-    const CandidateSessionConfig* candidate_config)
-    : candidate_config_(candidate_config) {
+    const CandidateSessionConfig* candidate_config,
+    const std::string& auth_token)
+    : candidate_config_(candidate_config),
+      auth_token_(auth_token) {
 }
 
 ContentDescription::~ContentDescription() { }
@@ -218,23 +219,25 @@ void JingleSessionManager::set_allow_local_ips(bool allow_local_ips) {
 }
 
 scoped_refptr<protocol::Session> JingleSessionManager::Connect(
-    const std::string& jid,
+    const std::string& host_jid,
+    const std::string& receiver_token,
     CandidateSessionConfig* candidate_config,
     protocol::Session::StateChangeCallback* state_change_callback) {
   // Can be called from any thread.
-  scoped_refptr<JingleSession> jingle_session(
-      new JingleSession(this));
+  scoped_refptr<JingleSession> jingle_session(new JingleSession(this));
   jingle_session->set_candidate_config(candidate_config);
+  jingle_session->set_receiver_token(receiver_token);
   message_loop()->PostTask(
       FROM_HERE, NewRunnableMethod(this, &JingleSessionManager::DoConnect,
-                                   jingle_session, jid,
+                                   jingle_session, host_jid, receiver_token,
                                    state_change_callback));
   return jingle_session;
 }
 
 void JingleSessionManager::DoConnect(
     scoped_refptr<JingleSession> jingle_session,
-    const std::string& jid,
+    const std::string& host_jid,
+    const std::string& receiver_token,
     protocol::Session::StateChangeCallback* state_change_callback) {
   DCHECK_EQ(message_loop(), MessageLoop::current());
   cricket::Session* cricket_session = cricket_session_manager_->CreateSession(
@@ -246,8 +249,9 @@ void JingleSessionManager::DoConnect(
   sessions_.push_back(jingle_session);
 
   cricket_session->Initiate(
-      jid,
-      CreateSessionDescription(jingle_session->candidate_config()->Clone()));
+      host_jid,
+      CreateSessionDescription(jingle_session->candidate_config()->Clone(),
+                               receiver_token));
 }
 
 JingleThread* JingleSessionManager::jingle_thread() {
@@ -309,9 +313,8 @@ void JingleSessionManager::AcceptConnection(
       static_cast<const ContentDescription*>(content->description);
   jingle_session->set_candidate_config(content_description->config()->Clone());
 
-  IncomingSessionResponse response = protocol::SessionManager::DECLINE;
-
   // Always reject connection if there is no callback.
+  IncomingSessionResponse response = protocol::SessionManager::DECLINE;
   if (incoming_session_callback_.get())
     incoming_session_callback_->Run(jingle_session, &response);
 
@@ -321,7 +324,9 @@ void JingleSessionManager::AcceptConnection(
       DCHECK(jingle_session->config());
       CandidateSessionConfig* candidate_config =
           CandidateSessionConfig::CreateFrom(jingle_session->config());
-      cricket_session->Accept(CreateSessionDescription(candidate_config));
+      cricket_session->Accept(
+          CreateSessionDescription(candidate_config,
+                                   jingle_session->initiator_token()));
       break;
     }
 
@@ -404,7 +409,10 @@ bool JingleSessionManager::ParseContent(
 
     *config->mutable_initial_resolution() = resolution;
 
-    *content = new ContentDescription(config.release());
+    std::string auth_token;
+    // TODO(ajwong): Parse this out.
+
+    *content = new ContentDescription(config.release(), auth_token);
     return true;
   }
   LOG(ERROR) << "Invalid description: " << element->Str();
@@ -463,12 +471,13 @@ bool JingleSessionManager::WriteContent(
   return true;
 }
 
-SessionDescription* JingleSessionManager::CreateSessionDescription(
-    const CandidateSessionConfig* config) {
-  SessionDescription* desc = new SessionDescription();
+cricket::SessionDescription* JingleSessionManager::CreateSessionDescription(
+    const CandidateSessionConfig* config,
+    const std::string& auth_token) {
+  cricket::SessionDescription* desc = new cricket::SessionDescription();
   desc->AddContent(JingleSession::kChromotingContentName,
                    kChromotingXmlNamespace,
-                   new ContentDescription(config));
+                   new ContentDescription(config, auth_token));
   return desc;
 }
 
diff --git a/remoting/protocol/jingle_session_manager.h b/remoting/protocol/jingle_session_manager.h
index f6ad45ab..7bb0424 100644
--- a/remoting/protocol/jingle_session_manager.h
+++ b/remoting/protocol/jingle_session_manager.h
@@ -28,21 +28,29 @@ class JingleThread;
 
 namespace protocol {
 
-// ContentDescription used for chromoting sessions. It simply wraps
-// CandidateSessionConfig. CandidateSessionConfig doesn't inherit
-// from ContentDescription to avoid dependency on libjingle in
-// Chromotocol Session interface.
+// ContentDescription used for chromoting sessions. It contains the information
+// from the content description stanza in the session intialization handshake.
+//
+// This class also provides a type abstraction so that the Chromotocol Session
+// interface does not need to depend on libjingle.
 class ContentDescription : public cricket::ContentDescription {
  public:
-  explicit ContentDescription(const CandidateSessionConfig* config);
+  explicit ContentDescription(const CandidateSessionConfig* config,
+                              const std::string& auth_token);
   ~ContentDescription();
 
   const CandidateSessionConfig* config() const {
     return candidate_config_.get();
   }
 
+  const std::string& auth_token() const { return auth_token_; }
+
  private:
   scoped_ptr<const CandidateSessionConfig> candidate_config_;
+
+  // This may contain the initiating, or the accepting token depending on
+  // context.
+  std::string auth_token_;
 };
 
 // This class implements SessionClient for Chromoting sessions. It acts as a
@@ -61,15 +69,30 @@ class JingleSessionManager
                     cricket::SessionManager* cricket_session_manager,
                     IncomingSessionCallback* incoming_session_callback);
 
-  // ChromotocolServer interface.
+  // SessionManager interface.
   virtual scoped_refptr<protocol::Session> Connect(
       const std::string& jid,
+      const std::string& client_token,
       CandidateSessionConfig* candidate_config,
       protocol::Session::StateChangeCallback* state_change_callback);
   virtual void Close(Task* closed_task);
 
   void set_allow_local_ips(bool allow_local_ips);
 
+  // cricket::SessionClient interface.
+  virtual void OnSessionCreate(cricket::Session* cricket_session,
+                               bool received_initiate);
+  virtual void OnSessionDestroy(cricket::Session* cricket_session);
+
+  virtual bool ParseContent(cricket::SignalingProtocol protocol,
+                            const buzz::XmlElement* elem,
+                            const cricket::ContentDescription** content,
+                            cricket::ParseError* error);
+  virtual bool WriteContent(cricket::SignalingProtocol protocol,
+                            const cricket::ContentDescription* content,
+                            buzz::XmlElement** elem,
+                            cricket::WriteError* error);
+
  protected:
   virtual ~JingleSessionManager();
 
@@ -88,28 +111,16 @@ class JingleSessionManager
 
   void DoConnect(
       scoped_refptr<JingleSession> jingle_session,
-      const std::string& jid,
+      const std::string& host_jid,
+      const std::string& client_token,
       protocol::Session::StateChangeCallback* state_change_callback);
 
   // Creates outgoing session description for an incoming session.
   cricket::SessionDescription* CreateSessionDescription(
-      const CandidateSessionConfig* candidate_config);
-
-  // cricket::SessionClient interface.
-  virtual void OnSessionCreate(cricket::Session* cricket_session,
-                               bool received_initiate);
-  virtual void OnSessionDestroy(cricket::Session* cricket_session);
-
-  virtual bool ParseContent(cricket::SignalingProtocol protocol,
-                            const buzz::XmlElement* elem,
-                            const cricket::ContentDescription** content,
-                            cricket::ParseError* error);
-  virtual bool WriteContent(cricket::SignalingProtocol protocol,
-                            const cricket::ContentDescription* content,
-                            buzz::XmlElement** elem,
-                            cricket::WriteError* error);
+      const CandidateSessionConfig* candidate_config,
+      const std::string& auth_token);
 
-  std::string local_jid_;
+  std::string local_jid_;  // Full jid for the local side of the session.
   JingleThread* jingle_thread_;
   cricket::SessionManager* cricket_session_manager_;
   scoped_ptr<IncomingSessionCallback> incoming_session_callback_;
diff --git a/remoting/protocol/jingle_session_unittest.cc b/remoting/protocol/jingle_session_unittest.cc
index 20463ed..6b5a99d 100644
--- a/remoting/protocol/jingle_session_unittest.cc
+++ b/remoting/protocol/jingle_session_unittest.cc
@@ -44,6 +44,7 @@ const int kMessageSize = 1024;
 const int kMessages = 100;
 const int kTestDataSize = kMessages * kMessageSize;
 const int kUdpWriteDelayMs = 10;
+const char kTestToken[] = "a_dummy_token";
 }  // namespace
 
 class MockSessionManagerCallback {
@@ -166,6 +167,7 @@ class JingleSessionTest : public testing::Test {
 
     client_session_ = client_server_->Connect(
         SessionManagerPair::kHostJid,
+        kTestToken,
         CandidateSessionConfig::CreateDefault(),
         NewCallback(&client_connection_callback_,
                     &MockSessionCallback::OnStateChange));
@@ -537,6 +539,7 @@ TEST_F(JingleSessionTest, RejectConnection) {
 
   client_session_ = client_server_->Connect(
       SessionManagerPair::kHostJid,
+      kTestToken,
       CandidateSessionConfig::CreateDefault(),
       NewCallback(&client_connection_callback_,
                   &MockSessionCallback::OnStateChange));
diff --git a/remoting/protocol/protocol_test_client.cc b/remoting/protocol/protocol_test_client.cc
index aa40195..6486331 100644
--- a/remoting/protocol/protocol_test_client.cc
+++ b/remoting/protocol/protocol_test_client.cc
@@ -33,6 +33,7 @@ namespace protocol {
 
 namespace {
 const int kBufferSize = 4096;
+const char kDummyAuthToken[] = "";
 }  // namespace
 
 class ProtocolTestClient;
@@ -285,7 +286,7 @@ void ProtocolTestClient::OnStateChange(
       ProtocolTestConnection* connection =
           new ProtocolTestConnection(this, client_->message_loop());
       connection->Init(session_manager_->Connect(
-          host_jid_, CandidateSessionConfig::CreateDefault(),
+          host_jid_, kDummyAuthToken, CandidateSessionConfig::CreateDefault(),
           NewCallback(connection,
                       &ProtocolTestConnection::OnStateChange)));
       connections_.push_back(make_scoped_refptr(connection));
diff --git a/remoting/protocol/session.h b/remoting/protocol/session.h
index cbd857b..286dbe7 100644
--- a/remoting/protocol/session.h
+++ b/remoting/protocol/session.h
@@ -76,6 +76,12 @@ class Session : public base::RefCountedThreadSafe<Session> {
   // given to the connection.
   virtual void set_config(const SessionConfig* config) = 0;
 
+  // The raw auth tokens from the session-initiate, or session-accept stanzas.
+  virtual const std::string& initiator_token() = 0;
+  virtual void set_initiator_token(const std::string& initiator_token) = 0;
+  virtual const std::string& receiver_token() = 0;
+  virtual void set_receiver_token(const std::string& receiver_token) = 0;
+
   // Closes connection. Callbacks are guaranteed not to be called after
   // |closed_task| is executed.
   virtual void Close(Task* closed_task) = 0;
diff --git a/remoting/protocol/session_manager.h b/remoting/protocol/session_manager.h
index f953e43..9fd2fd3 100644
--- a/remoting/protocol/session_manager.h
+++ b/remoting/protocol/session_manager.h
@@ -76,10 +76,21 @@ class SessionManager : public base::RefCountedThreadSafe<SessionManager> {
   typedef Callback2<Session*, IncomingSessionResponse*>::Type
       IncomingSessionCallback;
 
-  // Initializes session to the host |jid|.  Ownership of the
-  // |config| is passed to the new session.
+  // Tries to create a session to the host |jid|.
+  //
+  // |host_jid| is the full jid of the host to connect to.
+  // |host_public_key| is used to encrypt the client authentication token.
+  // |client_oauth_token| is a short-lived OAuth token identify the client.
+  // |config| contains the session configurations that the client supports.
+  // |state_change_callback| is called when the connection state changes.
+  //
+  // This function may be called from any thread. The |state_change_callback|
+  // is invoked on the network thread.
+  //
+  // Ownership of the |config| is passed to the new session.
   virtual scoped_refptr<Session> Connect(
-      const std::string& jid,
+      const std::string& host_jid,
+      const std::string& client_token,
       CandidateSessionConfig* config,
       Session::StateChangeCallback* state_change_callback) = 0;