function CannedPolicy(url, expireTime, ipRange) {
this.url = url;
this.expireTime = Math.round(expireTime/ 1000) || undefined;
this.ipRange = ipRange;
}n/a
function _getExpireTime(opts) {
return +opts.expireTime || null;
}n/a
function _getIpRange(opts) {
return opts.ipRange || null;
}n/a
function getSignedCookies(cfUrl, params){
var privateKey = _getPrivateKey(params);
var policy = _createPolicy(
cfUrl, _getExpireTime(params), _getIpRange(params));
var signature = _createPolicySignature(policy, privateKey);
var policyStr = new Buffer(policy.toJSON()).toString('base64');
var cookies = {};
cookies['CloudFront-Policy'] = normalizeBase64(policyStr);
cookies['CloudFront-Signature'] = normalizeBase64(signature);
cookies['CloudFront-Key-Pair-Id'] = params.keypairId;
return cookies;
}...
console.log('Signed Stream Name: ' + signedRTMPUrlObj.rtmpStreamName);
```
### Creating signed cookies
```js
var cf = require('aws-cloudfront-sign')
var options = {keypairId: 'APKAJM2FEVTI7BNPCY4A', privateKeyPath: '/foo/bar'}
var signedCookies = cf.getSignedCookies('http://xxxxxxx.cloudfront.net/*',
options);
// You can now set cookies in your response header. For example:
for(var cookieId in signedCookies) {
res.cookie(cookieId, signedCookies[cookieId]);
}
```
...function getSignedRTMPUrl(domainname, s3key, params) {
if (!domainname || domainname.indexOf('/') > -1) {
throw new Error(
'Supplied domain name doesn\'t look right. ' +
'Example: \'xxxxxxxx.cloudfront.net\'. Omit \'http\' and any paths.'
);
}
if (!s3key || s3key.length === 0 || s3key.charAt(0) === '/') {
throw new Error(
'Supplied s3 key doesn\'t look right. ' +
'Example: \'myfolder/bla.mp4\'. Omit preceding slashes or hostnames.'
);
}
return {
rtmpServerPath: 'rtmp://' + domainname + '/cfx/st',
rtmpStreamName: module.exports.getSignedUrl(s3key, params)
};
}...
console.log('Signed URL: ' + signedUrl);
```
### Creating a signed RTMP URL
```js
var cf = require('aws-cloudfront-sign')
var options = {keypairId: 'APKAJM2FEVTI7BNPCY4A', privateKeyPath: '/foo/bar'}
var signedRTMPUrlObj = cf.getSignedRTMPUrl('xxxxxxx.cloudfront.net', '/
path/to/s3/object', options);
console.log('RTMP Server Path: ' + signedRTMPUrlObj.rtmpServerPath);
console.log('Signed Stream Name: ' + signedRTMPUrlObj.rtmpStreamName);
```
### Creating signed cookies
```js
var cf = require('aws-cloudfront-sign')
...function getSignedUrl(cfUrl, params) {
var privateKey = _getPrivateKey(params);
var policy = _createPolicy(
cfUrl, _getExpireTime(params), _getIpRange(params));
var signature = _createPolicySignature(policy, privateKey);
var policyStr = new Buffer(policy.toJSON()).toString('base64');
// Parse the cloudfront URL so we can add the querystring values required by
// AWS signed URLs. We need to assign an empty string to the `search`
// property so that the object value of `.query` is used when `.format()`
// is called.
var parsedUrl = url.parse(cfUrl, true);
parsedUrl.search = '';
_.extend(parsedUrl.query, {
'Expires': policy.expireTime,
'Policy': normalizeBase64(policyStr),
'Signature': normalizeBase64(signature),
'Key-Pair-Id': params.keypairId
});
// Return a formatted URL string with signature.
return parsedUrl.format();
}...
```
## Examples
### Creating a signed URL
```js
var cf = require('aws-cloudfront-sign')
var options = {keypairId: 'APKAJM2FEVTI7BNPCY4A', privateKeyPath: '/foo/bar'}
var signedUrl = cf.getSignedUrl('http://xxxxxxx.cloudfront.net/path/to/s3/object
', options);
console.log('Signed URL: ' + signedUrl);
```
### Creating a signed RTMP URL
```js
var cf = require('aws-cloudfront-sign')
var options = {keypairId: 'APKAJM2FEVTI7BNPCY4A', privateKeyPath: '/foo/bar'}
...function normalizeBase64(str) {
return str
.replace(/\+/g, '-')
.replace(/=/g, '_')
.replace(/\//g, '~');
}n/a
function normalizeSignature(sig) {
console.log(
'Deprecation Warning: "normalizeSignature" will soon be removed. Please ' +
'use "normalizeBase64"');
return normalizeBase64(sig);
}n/a
function CannedPolicy(url, expireTime, ipRange) {
this.url = url;
this.expireTime = Math.round(expireTime/ 1000) || undefined;
this.ipRange = ipRange;
}n/a
_validate = function () {
// Ensure required params are present
assert(!!this.url, 'Missing param: url');
assert(!!this.expireTime, 'Missing param: expireTime');
// Ensure expireTime value is valid
assert(this.expireTime < 2147483647,
'expireTime must be less than January 19, 2038 03:14:08 GMT ' +
'due to the limits of UNIX time');
assert(this.expireTime > (new Date().getTime() / 1000),
'expireTime must be after the current time');
return true;
}...
/**
* Serialize the CannedPolicy instance.
*
* @return {String} Serialized policy
*/
CannedPolicy.prototype.toJSON = function() {
// Ensure the current instance is valid before building the canned policy.
this._validate();
var policy = {
'Statement': [{
'Resource': this.url,
'Condition': {
'DateLessThan': {
'AWS:EpochTime': this.expireTime
...toJSON = function () {
// Ensure the current instance is valid before building the canned policy.
this._validate();
var policy = {
'Statement': [{
'Resource': this.url,
'Condition': {
'DateLessThan': {
'AWS:EpochTime': this.expireTime
}
}
}]
};
if (this.ipRange) {
policy.Statement[0].Condition.IpAddress = {
'AWS:SourceIp': this.ipRange
};
}
return JSON.stringify(policy);
}n/a