List of usage examples for com.amazonaws.services.cloudfront.model StreamingDistributionSummary getTrustedSigners
public TrustedSigners getTrustedSigners()
A complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLs for private content.
From source file:org.duracloud.s3task.streaming.EnableStreamingTaskRunner.java
License:Apache License
public String performTask(String taskParameters) { EnableStreamingTaskParameters taskParams = EnableStreamingTaskParameters.deserialize(taskParameters); String spaceId = taskParams.getSpaceId(); boolean secure = taskParams.isSecure(); log.info("Performing " + TASK_NAME + " task on space " + spaceId + ". Secure streaming set to " + secure); // Will throw if bucket does not exist String bucketName = unwrappedS3Provider.getBucketName(spaceId); String domainName = null;//from w w w . ja v a 2 s .com String distId = null; String oaIdentityId = getOriginAccessId(); EnableStreamingTaskResult taskResult = new EnableStreamingTaskResult(); StreamingDistributionSummary existingDist = getExistingDistribution(bucketName); if (existingDist != null) { // There is an existing distribution // Ensure that this is not an attempt to change the security type // of this existing distribution boolean existingSecure = !existingDist.getTrustedSigners().getItems().isEmpty(); if ((secure && !existingSecure) || (!secure && existingSecure)) { throw new UnsupportedTaskException(TASK_NAME, "The space " + spaceId + " is already configured to stream as " + (secure ? "OPEN" : "SECURE") + " and cannot be updated to stream as " + (secure ? "SECURE" : "OPEN") + ". To do this, you must first execute the " + StorageTaskConstants.DELETE_STREAMING_TASK_NAME + " task."); } distId = existingDist.getId(); if (!existingDist.isEnabled()) { // Distribution is disabled, enable it setDistributionState(distId, true); } domainName = existingDist.getDomainName(); } else { // No existing distribution, need to create one S3Origin origin = new S3Origin(bucketName + S3_ORIGIN_SUFFIX, S3_ORIGIN_OAI_PREFIX + oaIdentityId); // Only include trusted signers on secure distributions TrustedSigners signers = new TrustedSigners(); if (secure) { signers.setItems(Collections.singletonList(cfAccountId)); signers.setEnabled(true); signers.setQuantity(1); } else { signers.setEnabled(false); signers.setQuantity(0); } StreamingDistribution dist = cfClient .createStreamingDistribution(new CreateStreamingDistributionRequest( new StreamingDistributionConfig().withCallerReference("" + System.currentTimeMillis()) .withS3Origin(origin).withEnabled(true) .withComment("Streaming space: " + spaceId).withTrustedSigners(signers))) .getStreamingDistribution(); domainName = dist.getDomainName(); } // Set bucket policy to accept origin access identity setBucketAccessPolicy(bucketName, oaIdentityId); // Update bucket tags to include streaming host Map<String, String> spaceProps = s3Provider.getSpaceProperties(spaceId); spaceProps.put(STREAMING_HOST_PROP, domainName); spaceProps.put(STREAMING_TYPE_PROP, secure ? STREAMING_TYPE.SECURE.name() : STREAMING_TYPE.OPEN.name()); unwrappedS3Provider.setNewSpaceProperties(spaceId, spaceProps); taskResult.setResult("Enable Streaming Task completed successfully"); // Return results taskResult.setStreamingHost(domainName); String toReturn = taskResult.serialize(); log.info("Result of " + TASK_NAME + " task: " + toReturn); return toReturn; }
From source file:org.duracloud.s3task.streaming.GetSignedUrlTaskRunner.java
License:Apache License
public String performTask(String taskParameters) { GetSignedUrlTaskParameters taskParams = GetSignedUrlTaskParameters.deserialize(taskParameters); String spaceId = taskParams.getSpaceId(); String contentId = taskParams.getContentId(); String resourcePrefix = taskParams.getResourcePrefix(); String ipAddress = taskParams.getIpAddress(); int minutesToExpire = taskParams.getMinutesToExpire(); if (minutesToExpire <= 0) { minutesToExpire = DEFAULT_MINUTES_TO_EXPIRE; }/*w ww .j av a 2 s . co m*/ log.info("Performing " + TASK_NAME + " task with parameters: spaceId=" + spaceId + ", contentId=" + contentId + ", resourcePrefix=" + resourcePrefix + ", minutesToExpire=" + minutesToExpire + ", ipAddress=" + ipAddress); // Will throw if bucket does not exist String bucketName = unwrappedS3Provider.getBucketName(spaceId); GetSignedUrlTaskResult taskResult = new GetSignedUrlTaskResult(); // Ensure that streaming service is on checkThatStreamingServiceIsEnabled(spaceId, TASK_NAME); // Retrieve the existing distribution for the given space StreamingDistributionSummary existingDist = getExistingDistribution(bucketName); if (null == existingDist) { throw new UnsupportedTaskException(TASK_NAME, "The " + TASK_NAME + " task can only be used after a space " + "has been configured to enable secure streaming. Use " + StorageTaskConstants.ENABLE_STREAMING_TASK_NAME + " to enable secure streaming on this space."); } String domainName = existingDist.getDomainName(); // Verify that this is a secure distribution if (existingDist.getTrustedSigners().getItems().isEmpty()) { throw new UnsupportedTaskException(TASK_NAME, "The " + TASK_NAME + " task cannot be used to request a " + "stream from an open distribution. Use " + StorageTaskConstants.GET_URL_TASK_NAME + " instead."); } // Make sure resourcePrefix is a valid string if (null == resourcePrefix) { resourcePrefix = ""; } // Define expiration date/time Calendar expireCalendar = Calendar.getInstance(); expireCalendar.add(Calendar.MINUTE, minutesToExpire); try { File cfKeyPathFile = getCfKeyPathFile(this.cfKeyPath); String signedUrl = CloudFrontUrlSigner.getSignedURLWithCustomPolicy(SignerUtils.Protocol.rtmp, domainName, cfKeyPathFile, contentId, cfKeyId, expireCalendar.getTime(), null, ipAddress); taskResult.setSignedUrl("rtmp://" + domainName + "/cfx/st/" + resourcePrefix + signedUrl); } catch (InvalidKeySpecException | IOException e) { throw new RuntimeException( "Error encountered attempting to sign URL for" + " task " + TASK_NAME + ": " + e.getMessage(), e); } String toReturn = taskResult.serialize(); log.info("Result of " + TASK_NAME + " task: " + toReturn); return toReturn; }
From source file:org.duracloud.s3task.streaming.GetUrlTaskRunner.java
License:Apache License
public String performTask(String taskParameters) { GetUrlTaskParameters taskParams = GetUrlTaskParameters.deserialize(taskParameters); String spaceId = taskParams.getSpaceId(); String contentId = taskParams.getContentId(); String resourcePrefix = taskParams.getResourcePrefix(); log.info("Performing " + TASK_NAME + " task with parameters: spaceId=" + spaceId + ", contentId=" + contentId + ", resourcePrefix=" + resourcePrefix); // Will throw if bucket does not exist String bucketName = unwrappedS3Provider.getBucketName(spaceId); GetUrlTaskResult taskResult = new GetUrlTaskResult(); // Ensure that streaming service is on checkThatStreamingServiceIsEnabled(spaceId, TASK_NAME); // Retrieve the existing distribution for the given space StreamingDistributionSummary existingDist = getExistingDistribution(bucketName); if (null == existingDist) { throw new UnsupportedTaskException(TASK_NAME, "The " + TASK_NAME + " task can only be used after a space has " + "been configured to enable open streaming. Use " + StorageTaskConstants.ENABLE_STREAMING_TASK_NAME + " to enable open streaming on this space."); }//from ww w .ja v a 2 s . c o m String domainName = existingDist.getDomainName(); // Verify that this is an open distribution if (!existingDist.getTrustedSigners().getItems().isEmpty()) { throw new UnsupportedTaskException(TASK_NAME, "The " + TASK_NAME + " task cannot be used to request a stream " + "from a secure distribution. Use " + StorageTaskConstants.GET_SIGNED_URL_TASK_NAME + " instead."); } // Create the resource Id, which may or may not require a prefix // (such as "mp4:" for an mp4 file) depending on the intended player String resourceId = contentId; if (null != resourcePrefix && !resourcePrefix.equals("")) { resourceId = resourcePrefix + contentId; } taskResult.setStreamUrl("rtmp://" + domainName + "/cfx/st/" + resourceId); String toReturn = taskResult.serialize(); log.info("Result of " + TASK_NAME + " task: " + toReturn); return toReturn; }