static public void AddOpenAuthorizationPolicy(IContentKey contentKey)
{
// Create ContentKeyAuthorizationPolicy with Open restrictions and create authorization policy
IContentKeyAuthorizationPolicy policy = context.ContentKeyAuthorizationPolicies.CreateAsync("Open Authorization Policy").Result;
List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>();
ContentKeyAuthorizationPolicyRestriction restriction =
new ContentKeyAuthorizationPolicyRestriction
{
Name = "HLS Open Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.Open,
Requirements = null // no requirements needed for HLS
};
restrictions.Add(restriction);
IContentKeyAuthorizationPolicyOption policyOption =
context.ContentKeyAuthorizationPolicyOptions.Create(
"policy",
ContentKeyDeliveryType.BaselineHttp,
restrictions,
"");
policy.Options.Add(policyOption);
// Add ContentKeyAutorizationPolicy to ContentKey
contentKey.AuthorizationPolicyId = policy.Id;
IContentKey updatedKey = contentKey.UpdateAsync().Result;
}
static public IContentKey CreateEnvelopeTypeContentKey(IAsset asset)
{
// Create envelope encryption content key
Guid keyId = Guid.NewGuid();
byte[] contentKey = GetRandomBuffer(16);
IContentKey key = context.ContentKeys.Create(
keyId,
contentKey,
"ContentKey",
ContentKeyType.EnvelopeEncryption);
// Associate the key with the asset.
asset.ContentKeys.Add(key);
return(key);
}
public void ProcessPolicyAndEncryption(IAsset asset)
{
IContentKey key = CreateEnvelopeTypeContentKey(asset);
if (useAESRestriction)
{
// AES restriction
AddTokenRestrictedAuthorizationPolicy(key);
}
else
{
// No restriction
AddOpenAuthorizationPolicy(key);
}
// Set asset delivery policy
CreateAssetDeliveryPolicy(asset, key);
}
public static string AddTokenRestrictedAuthorizationPolicy(IContentKey contentKey)
{
string tokenTemplateString = GenerateTokenRequirements();
IContentKeyAuthorizationPolicy policy = context.
ContentKeyAuthorizationPolicies.
CreateAsync("HLS token restricted authorization policy").Result;
List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>();
ContentKeyAuthorizationPolicyRestriction restriction =
new ContentKeyAuthorizationPolicyRestriction
{
Name = "Token Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
Requirements = tokenTemplateString
};
restrictions.Add(restriction);
//You could have multiple options
IContentKeyAuthorizationPolicyOption policyOption =
context.ContentKeyAuthorizationPolicyOptions.Create(
"Token option for HLS",
ContentKeyDeliveryType.BaselineHttp,
restrictions,
null // no key delivery data is needed for HLS
);
policy.Options.Add(policyOption);
// Add ContentKeyAutorizationPolicy to ContentKey
contentKey.AuthorizationPolicyId = policy.Id;
IContentKey updatedKey = contentKey.UpdateAsync().Result;
return(tokenTemplateString);
}
static public void CreateAssetDeliveryPolicy(IAsset asset, IContentKey key)
{
Uri keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16));
// The following policy configuration specifies: key url that will have KID=<Guid> appended to the envelope and
// the Initialization Vector (IV) to use for the envelope encryption.
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString() }
};
IAssetDeliveryPolicy assetDeliveryPolicy =
context.AssetDeliveryPolicies.Create(
"AssetDeliveryPolicy",
AssetDeliveryPolicyType.DynamicEnvelopeEncryption,
AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Dash,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
}
