Example usage for com.amazonaws.services.cloudfront.model ViewerProtocolPolicy RedirectToHttps

List of usage examples for com.amazonaws.services.cloudfront.model ViewerProtocolPolicy RedirectToHttps

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.cloudfront.model.*
  5. ViewerProtocolPolicy
  6. RedirectToHttps

Introduction

In this page you can find the example usage for com.amazonaws.services.cloudfront.model ViewerProtocolPolicy RedirectToHttps.

Prototype

ViewerProtocolPolicy RedirectToHttps

To view the source code for com.amazonaws.services.cloudfront.model ViewerProtocolPolicy RedirectToHttps.

Click Source Link

Usage

From source file:org.duracloud.s3task.streaminghls.EnableHlsTaskRunner.java

License:Apache License

public String performTask(String taskParameters) {
    EnableStreamingTaskParameters taskParams = EnableStreamingTaskParameters.deserialize(taskParameters);

    String spaceId = taskParams.getSpaceId();
    boolean secure = taskParams.isSecure();
    List<String> allowedOrigins = taskParams.getAllowedOrigins();

    log.info("Performing " + TASK_NAME + " task on space " + spaceId + ". Secure streaming set to " + secure);

    // Will throw if bucket does not exist
    String bucketName = unwrappedS3Provider.getBucketName(spaceId);

    String domainName = null;/*w  w  w .  ja  v  a  2s  . c om*/
    String distId = null;
    String oaIdentityId = getOriginAccessId();
    EnableStreamingTaskResult taskResult = new EnableStreamingTaskResult();

    DistributionSummary existingDist = getExistingDistribution(bucketName);

    if (existingDist != null) { // There is an existing distribution
        // Ensure that this is not an attempt to change the security type
        // of this existing distribution
        boolean existingSecure = !existingDist.getDefaultCacheBehavior().getTrustedSigners().getItems()
                .isEmpty();
        if ((secure && !existingSecure) || (!secure && existingSecure)) {
            throw new UnsupportedTaskException(TASK_NAME,
                    "The space " + spaceId + " is already configured to stream as "
                            + (secure ? "OPEN" : "SECURE") + " and cannot be updated to stream as "
                            + (secure ? "SECURE" : "OPEN") + ". To do this, you must first execute the "
                            + StorageTaskConstants.DELETE_HLS_TASK_NAME + " task.");
        }

        distId = existingDist.getId();
        if (!existingDist.isEnabled()) { // Distribution is disabled, enable it
            setDistributionState(distId, true);
        }
        domainName = existingDist.getDomainName();
    } else { // No existing distribution, need to create one
        // Create S3 Origin
        S3OriginConfig s3OriginConfig = new S3OriginConfig()
                .withOriginAccessIdentity(S3_ORIGIN_OAI_PREFIX + oaIdentityId);
        Origin s3Origin = new Origin().withDomainName(bucketName + S3_ORIGIN_SUFFIX)
                .withS3OriginConfig(s3OriginConfig).withId("S3-" + bucketName);

        // Only include trusted signers on secure distributions
        TrustedSigners signers = new TrustedSigners();
        if (secure) {
            signers.setItems(Collections.singletonList(cfAccountId));
            signers.setEnabled(true);
            signers.setQuantity(1);
        } else {
            signers.setEnabled(false);
            signers.setQuantity(0);
        }

        DefaultCacheBehavior defaultCacheBehavior = new DefaultCacheBehavior();
        defaultCacheBehavior.setTrustedSigners(signers);
        defaultCacheBehavior.setViewerProtocolPolicy(ViewerProtocolPolicy.RedirectToHttps);

        // Forwarding headers to support CORS, see:
        // https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html#header-caching-web-cors
        defaultCacheBehavior.setAllowedMethods(
                new AllowedMethods().withItems(Method.GET, Method.HEAD, Method.OPTIONS).withQuantity(3));
        defaultCacheBehavior.setForwardedValues(new ForwardedValues().withQueryString(false)
                .withCookies(new CookiePreference().withForward(ItemSelection.None))
                .withHeaders(new Headers()
                        .withItems("Origin", "Access-Control-Request-Headers", "Access-Control-Request-Method")
                        .withQuantity(3)));

        // Setting other cache behaviors required by the client
        defaultCacheBehavior.setMinTTL(0l);
        defaultCacheBehavior.setTargetOriginId(s3Origin.getId());

        // Create origins list
        Origins origins;
        CacheBehaviors cacheBehaviors = new CacheBehaviors();

        if (secure) {
            // Create Origin to allow signed cookies to be set through a CloudFront call
            CustomOriginConfig cookiesOriginConfig = new CustomOriginConfig()
                    .withOriginProtocolPolicy(OriginProtocolPolicy.HttpsOnly).withHTTPPort(80)
                    .withHTTPSPort(443);
            String getCookiesPath = "/durastore/aux";
            String cookiesOriginId = "Custom origin - " + dcHost + getCookiesPath;
            Origin cookiesOrigin = new Origin().withDomainName(dcHost).withOriginPath(getCookiesPath)
                    .withId(cookiesOriginId).withCustomOriginConfig(cookiesOriginConfig);

            origins = new Origins().withItems(s3Origin, cookiesOrigin).withQuantity(2);

            // Create behavior for cookies origin
            CookiePreference cookiePreference = new CookiePreference().withForward(ItemSelection.All);
            CacheBehavior cookiesCacheBehavior = new CacheBehavior().withPathPattern("/cookies")
                    .withTargetOriginId(cookiesOriginId)
                    .withViewerProtocolPolicy(ViewerProtocolPolicy.RedirectToHttps)
                    .withAllowedMethods(new AllowedMethods().withItems(Method.GET, Method.HEAD).withQuantity(2))
                    .withForwardedValues(
                            new ForwardedValues().withQueryString(true).withCookies(cookiePreference))
                    .withTrustedSigners(new TrustedSigners().withEnabled(false).withQuantity(0)).withMinTTL(0l);
            cacheBehaviors = cacheBehaviors.withItems(cookiesCacheBehavior).withQuantity(1);
        } else {
            origins = new Origins().withItems(s3Origin).withQuantity(1);
        }

        // Build distribution
        DistributionConfig distributionConfig = new DistributionConfig()
                .withCallerReference("" + System.currentTimeMillis()).withOrigins(origins).withEnabled(true)
                .withComment("HLS streaming for space: " + spaceId)
                .withDefaultCacheBehavior(defaultCacheBehavior);

        if (secure) {
            distributionConfig.setCacheBehaviors(cacheBehaviors);
        }

        Distribution dist = cfClient.createDistribution(new CreateDistributionRequest(distributionConfig))
                .getDistribution();
        domainName = dist.getDomainName();
    }

    // Set bucket policy to accept origin access identity
    setBucketAccessPolicy(bucketName, oaIdentityId);

    // Set CORS policy on bucket
    setCorsPolicy(bucketName, allowedOrigins, dcHost);

    // Update bucket tags to include streaming host
    Map<String, String> spaceProps = s3Provider.getSpaceProperties(spaceId);
    spaceProps.put(HLS_STREAMING_HOST_PROP, domainName);
    spaceProps.put(HLS_STREAMING_TYPE_PROP, secure ? STREAMING_TYPE.SECURE.name() : STREAMING_TYPE.OPEN.name());
    unwrappedS3Provider.setNewSpaceProperties(spaceId, spaceProps);

    taskResult.setResult(TASK_NAME + " task completed successfully");

    // Return results
    taskResult.setStreamingHost(domainName);
    String toReturn = taskResult.serialize();
    log.info("Result of " + TASK_NAME + " task: " + toReturn);
    return toReturn;
}