8 files changed, 80 insertions, 51 deletions
diff --git a/remoting/protocol/me2me_host_authenticator_factory.cc b/remoting/protocol/me2me_host_authenticator_factory.cc
index 1b36ee7..24c0ca4 100644
--- a/remoting/protocol/me2me_host_authenticator_factory.cc
+++ b/remoting/protocol/me2me_host_authenticator_factory.cc
@@ -9,6 +9,7 @@
 #include "remoting/base/rsa_key_pair.h"
 #include "remoting/protocol/channel_authenticator.h"
 #include "remoting/protocol/negotiating_host_authenticator.h"
+#include "remoting/protocol/token_validator.h"
 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h"
 
 namespace remoting {
@@ -86,7 +87,7 @@ Me2MeHostAuthenticatorFactory::CreateWithThirdPartyAuth(
     const std::string& host_owner,
     const std::string& local_cert,
     scoped_refptr<RsaKeyPair> key_pair,
-    scoped_ptr<ThirdPartyHostAuthenticator::TokenValidatorFactory>
+    scoped_ptr<TokenValidatorFactory>
         token_validator_factory) {
   scoped_ptr<Me2MeHostAuthenticatorFactory> result(
       new Me2MeHostAuthenticatorFactory());
diff --git a/remoting/protocol/me2me_host_authenticator_factory.h b/remoting/protocol/me2me_host_authenticator_factory.h
index 69d8493..23a6ae4 100644
--- a/remoting/protocol/me2me_host_authenticator_factory.h
+++ b/remoting/protocol/me2me_host_authenticator_factory.h
@@ -14,6 +14,7 @@
 #include "remoting/protocol/authentication_method.h"
 #include "remoting/protocol/authenticator.h"
 #include "remoting/protocol/third_party_host_authenticator.h"
+#include "remoting/protocol/token_validator.h"
 
 namespace remoting {
 
@@ -40,8 +41,7 @@ class Me2MeHostAuthenticatorFactory : public AuthenticatorFactory {
       const std::string& host_owner,
       const std::string& local_cert,
       scoped_refptr<RsaKeyPair> key_pair,
-      scoped_ptr<ThirdPartyHostAuthenticator::TokenValidatorFactory>
-          token_validator_factory);
+      scoped_ptr<TokenValidatorFactory> token_validator_factory);
 
   // Create a factory that dispenses rejecting authenticators (used when the
   // host config/policy is inconsistent)
@@ -67,8 +67,7 @@ class Me2MeHostAuthenticatorFactory : public AuthenticatorFactory {
   SharedSecretHash shared_secret_hash_;
 
   // Used only for third party host authenticators.
-  scoped_ptr<ThirdPartyHostAuthenticator::TokenValidatorFactory>
-      token_validator_factory_;
+  scoped_ptr<TokenValidatorFactory> token_validator_factory_;
 
   // Used only for pairing host authenticators.
   scoped_refptr<PairingRegistry> pairing_registry_;
diff --git a/remoting/protocol/negotiating_host_authenticator.cc b/remoting/protocol/negotiating_host_authenticator.cc
index 5a4cb0a..1239ed5 100644
--- a/remoting/protocol/negotiating_host_authenticator.cc
+++ b/remoting/protocol/negotiating_host_authenticator.cc
@@ -15,6 +15,7 @@
 #include "remoting/protocol/channel_authenticator.h"
 #include "remoting/protocol/pairing_host_authenticator.h"
 #include "remoting/protocol/pairing_registry.h"
+#include "remoting/protocol/token_validator.h"
 #include "remoting/protocol/v2_authenticator.h"
 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h"
 
@@ -52,7 +53,7 @@ scoped_ptr<Authenticator>
 NegotiatingHostAuthenticator::CreateWithThirdPartyAuth(
     const std::string& local_cert,
     scoped_refptr<RsaKeyPair> key_pair,
-    scoped_ptr<ThirdPartyHostAuthenticator::TokenValidator> token_validator) {
+    scoped_ptr<TokenValidator> token_validator) {
   scoped_ptr<NegotiatingHostAuthenticator> result(
       new NegotiatingHostAuthenticator(local_cert, key_pair));
   result->token_validator_ = token_validator.Pass();
diff --git a/remoting/protocol/negotiating_host_authenticator.h b/remoting/protocol/negotiating_host_authenticator.h
index ede3e8e..cb5b160 100644
--- a/remoting/protocol/negotiating_host_authenticator.h
+++ b/remoting/protocol/negotiating_host_authenticator.h
@@ -43,7 +43,7 @@ class NegotiatingHostAuthenticator : public NegotiatingAuthenticatorBase {
   static scoped_ptr<Authenticator> CreateWithThirdPartyAuth(
       const std::string& local_cert,
       scoped_refptr<RsaKeyPair> key_pair,
-      scoped_ptr<ThirdPartyHostAuthenticator::TokenValidator> token_validator);
+      scoped_ptr<TokenValidator> token_validator);
 
   // Overriden from Authenticator.
   virtual void ProcessMessage(const buzz::XmlElement* message,
@@ -69,7 +69,7 @@ class NegotiatingHostAuthenticator : public NegotiatingAuthenticatorBase {
   std::string shared_secret_hash_;
 
   // Used only for third party host authenticators.
-  scoped_ptr<ThirdPartyHostAuthenticator::TokenValidator> token_validator_;
+  scoped_ptr<TokenValidator> token_validator_;
 
   // Used only for pairing authenticators.
   scoped_refptr<PairingRegistry> pairing_registry_;
diff --git a/remoting/protocol/third_party_authenticator_unittest.cc b/remoting/protocol/third_party_authenticator_unittest.cc
index 46644d3..a4b49ae 100644
--- a/remoting/protocol/third_party_authenticator_unittest.cc
+++ b/remoting/protocol/third_party_authenticator_unittest.cc
@@ -12,6 +12,7 @@
 #include "remoting/protocol/third_party_authenticator_base.h"
 #include "remoting/protocol/third_party_client_authenticator.h"
 #include "remoting/protocol/third_party_host_authenticator.h"
+#include "remoting/protocol/token_validator.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h"
@@ -61,8 +62,7 @@ class ThirdPartyAuthenticatorTest : public AuthenticatorTestBase {
     TokenFetchedCallback on_token_fetched_;
   };
 
-  class FakeTokenValidator
-      : public ThirdPartyHostAuthenticator::TokenValidator {
+  class FakeTokenValidator : public TokenValidator {
    public:
     FakeTokenValidator()
      : token_url_(kTokenUrl),
@@ -104,8 +104,7 @@ class ThirdPartyAuthenticatorTest : public AuthenticatorTestBase {
 
  protected:
   void InitAuthenticators() {
-    scoped_ptr<ThirdPartyHostAuthenticator::TokenValidator>
-        token_validator(new FakeTokenValidator());
+    scoped_ptr<TokenValidator> token_validator(new FakeTokenValidator());
     token_validator_ = static_cast<FakeTokenValidator*>(token_validator.get());
     host_.reset(new ThirdPartyHostAuthenticator(
         host_cert_, key_pair_, token_validator.Pass()));
diff --git a/remoting/protocol/third_party_host_authenticator.cc b/remoting/protocol/third_party_host_authenticator.cc
index 4f0a63b..09c7a8f 100644
--- a/remoting/protocol/third_party_host_authenticator.cc
+++ b/remoting/protocol/third_party_host_authenticator.cc
@@ -10,6 +10,7 @@
 #include "base/logging.h"
 #include "remoting/base/constants.h"
 #include "remoting/base/rsa_key_pair.h"
+#include "remoting/protocol/token_validator.h"
 #include "remoting/protocol/v2_authenticator.h"
 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h"
 
diff --git a/remoting/protocol/third_party_host_authenticator.h b/remoting/protocol/third_party_host_authenticator.h
index 8bd470e..1438f68 100644
--- a/remoting/protocol/third_party_host_authenticator.h
+++ b/remoting/protocol/third_party_host_authenticator.h
@@ -10,7 +10,6 @@
 #include "base/callback.h"
 #include "base/memory/scoped_ptr.h"
 #include "remoting/protocol/third_party_authenticator_base.h"
-#include "url/gurl.h"
 
 namespace remoting {
 
@@ -18,6 +17,8 @@ class RsaKeyPair;
 
 namespace protocol {
 
+class TokenValidator;
+
 // Implements the host side of the third party authentication mechanism.
 // The host authenticator sends the |token_url| and |scope| obtained from the
 // |TokenValidator| to the client, and expects a |token| in response.
@@ -27,44 +28,6 @@ namespace protocol {
 // |V2Authenticator|, which is used to establish the encrypted connection.
 class ThirdPartyHostAuthenticator : public ThirdPartyAuthenticatorBase {
  public:
-  class TokenValidator {
-   public:
-    // Callback passed to |ValidateThirdPartyToken|, and called once the host
-    // authentication finishes. |shared_secret| should be used by the host to
-    // create a V2Authenticator. In case of failure, the callback is called with
-    // an empty |shared_secret|.
-    typedef base::Callback<void(
-                const std::string& shared_secret)> TokenValidatedCallback;
-
-    virtual ~TokenValidator() {}
-
-    // Validates |token| with the server and exchanges it for a |shared_secret|.
-    // |token_validated_callback| is called when the host authentication ends,
-    // in the same thread |ValidateThirdPartyToken| was originally called.
-    // The request is canceled if this object is destroyed.
-    virtual void ValidateThirdPartyToken(
-        const std::string& token,
-        const TokenValidatedCallback& token_validated_callback) = 0;
-
-    // URL sent to the client, to be used by its |TokenFetcher| to get a token.
-    virtual const GURL& token_url() const = 0;
-
-    // Space-separated list of connection attributes the host must send to the
-    // client, and require the token received in response to match.
-    virtual const std::string& token_scope() const = 0;
-  };
-
-  class TokenValidatorFactory {
-   public:
-    virtual ~TokenValidatorFactory() {}
-
-    // Creates a TokenValidator. |local_jid| and |remote_jid| are used to create
-    // a token scope that is restricted to the current connection's JIDs.
-    virtual scoped_ptr<TokenValidator> CreateTokenValidator(
-        const std::string& local_jid,
-        const std::string& remote_jid) = 0;
-  };
-
   // Creates a third-party host authenticator. |local_cert| and |key_pair| are
   // used by the underlying V2Authenticator to create the SSL channels.
   // |token_validator| contains the token parameters to be sent to the client
diff --git a/remoting/protocol/token_validator.h b/remoting/protocol/token_validator.h
new file mode 100644
index 0000000..70540c7
--- /dev/null
+++ b/remoting/protocol/token_validator.h
@@ -0,0 +1,65 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef REMOTING_PROTOCOL_TOKEN_VALIDATOR_H_
+#define REMOTING_PROTOCOL_TOKEN_VALIDATOR_H_
+
+#include <string>
+
+#include "base/callback.h"
+#include "base/memory/scoped_ptr.h"
+#include "url/gurl.h"
+
+namespace remoting {
+
+class RsaKeyPair;
+
+namespace protocol {
+
+// The |TokenValidator| encapsulates the parameters to be sent to the client
+// to obtain a token, and the method to validate that token and obtain the
+// shared secret for the connection.
+class TokenValidator {
+ public:
+  // Callback passed to |ValidateThirdPartyToken|, and called once the host
+  // authentication finishes. |shared_secret| should be used by the host to
+  // create a V2Authenticator. In case of failure, the callback is called with
+  // an empty |shared_secret|.
+  typedef base::Callback<void(
+      const std::string& shared_secret)> TokenValidatedCallback;
+
+  virtual ~TokenValidator() {}
+
+  // Validates |token| with the server and exchanges it for a |shared_secret|.
+  // |token_validated_callback| is called when the host authentication ends,
+  // in the same thread |ValidateThirdPartyToken| was originally called.
+  // The request is canceled if this object is destroyed.
+  virtual void ValidateThirdPartyToken(
+      const std::string& token,
+      const TokenValidatedCallback& token_validated_callback) = 0;
+
+  // URL sent to the client, to be used by its |TokenFetcher| to get a token.
+  virtual const GURL& token_url() const = 0;
+
+  // Space-separated list of connection attributes the host must send to the
+  // client, and require the token received in response to match.
+  virtual const std::string& token_scope() const = 0;
+};
+
+// Factory for |TokenValidator|.
+class TokenValidatorFactory {
+ public:
+  virtual ~TokenValidatorFactory() {}
+
+  // Creates a TokenValidator. |local_jid| and |remote_jid| are used to create
+  // a token scope that is restricted to the current connection's JIDs.
+  virtual scoped_ptr<TokenValidator> CreateTokenValidator(
+      const std::string& local_jid,
+      const std::string& remote_jid) = 0;
+};
+
+}  // namespace protocol
+}  // namespace remoting
+
+#endif  // REMOTING_PROTOCOL_TOKEN_VALIDATOR_H_