Example usage for com.amazonaws.services.cloudfront CloudFrontCookieSigner getCookiesForCustomPolicy

List of usage examples for com.amazonaws.services.cloudfront CloudFrontCookieSigner getCookiesForCustomPolicy

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.cloudfront.*
  5. CloudFrontCookieSigner
  6. getCookiesForCustomPolicy

Introduction

In this page you can find the example usage for com.amazonaws.services.cloudfront CloudFrontCookieSigner getCookiesForCustomPolicy.

Prototype

public static CookiesForCustomPolicy getCookiesForCustomPolicy(Protocol protocol, String distributionDomain,
        PrivateKey privateKey, String resourcePath, String keyPairId, Date expiresOn, Date activeFrom,
        String ipRange)

Source Link

Document

Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.

Usage

From source file:org.duracloud.s3task.streaminghls.GetHlsSignedCookiesUrlTaskRunner.java

License:Apache License

public String performTask(String taskParameters) {
    GetSignedCookiesUrlTaskParameters taskParams = GetSignedCookiesUrlTaskParameters
            .deserialize(taskParameters);

    String spaceId = taskParams.getSpaceId();
    String ipAddress = taskParams.getIpAddress();
    int minutesToExpire = taskParams.getMinutesToExpire();
    if (minutesToExpire <= 0) {
        minutesToExpire = DEFAULT_MINUTES_TO_EXPIRE;
    }/*  w ww  .  j a  v  a2 s.  c om*/
    String redirectUrl = taskParams.getRedirectUrl();

    log.info("Performing " + TASK_NAME + " task with parameters: spaceId=" + spaceId + ", minutesToExpire="
            + minutesToExpire + ", ipAddress=" + ipAddress + ", redirectUrl=" + redirectUrl);

    // Will throw if bucket does not exist
    String bucketName = unwrappedS3Provider.getBucketName(spaceId);

    // Ensure that streaming service is on
    checkThatStreamingServiceIsEnabled(spaceId, TASK_NAME);

    // Retrieve the existing distribution for the given space
    DistributionSummary existingDist = getExistingDistribution(bucketName);
    if (null == existingDist) {
        throw new UnsupportedTaskException(TASK_NAME,
                "The " + TASK_NAME + " task can only be used after a space "
                        + "has been configured to enable secure streaming. Use "
                        + StorageTaskConstants.ENABLE_STREAMING_TASK_NAME
                        + " to enable secure streaming on this space.");
    }
    String domainName = existingDist.getDomainName();

    // Define expiration date/time
    Calendar expireCalendar = Calendar.getInstance();
    expireCalendar.add(Calendar.MINUTE, minutesToExpire);

    Map<String, String> signedCookies = new HashMap<>();
    try {
        File cfKeyPathFile = getCfKeyPathFile(this.cfKeyPath);

        // Generate signed cookies
        CloudFrontCookieSigner.CookiesForCustomPolicy cookies = CloudFrontCookieSigner
                .getCookiesForCustomPolicy(SignerUtils.Protocol.https, domainName, cfKeyPathFile, "*", cfKeyId,
                        expireCalendar.getTime(), null, ipAddress);

        signedCookies.put(cookies.getPolicy().getKey(), cookies.getPolicy().getValue());
        signedCookies.put(cookies.getSignature().getKey(), cookies.getSignature().getValue());
        signedCookies.put(cookies.getKeyPairId().getKey(), cookies.getKeyPairId().getValue());
    } catch (InvalidKeySpecException | IOException e) {
        throw new RuntimeException("Error encountered attempting to create signed cookies in task " + TASK_NAME
                + ": " + e.getMessage(), e);
    }

    String token = storeCookies(signedCookies, domainName, redirectUrl);

    GetSignedCookiesUrlTaskResult taskResult = new GetSignedCookiesUrlTaskResult();
    taskResult.setSignedCookiesUrl("https://" + domainName + "/cookies?token=" + token);

    String toReturn = taskResult.serialize();
    log.info("Result of " + TASK_NAME + " task: " + toReturn);
    return toReturn;
}