static public void AddOpenAuthorizationPolicy(IContentKey contentKey)
{
// Create ContentKeyAuthorizationPolicy with Open restrictions
// and create authorization policy
List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction
{
Name = "Open",
KeyRestrictionType = (int)ContentKeyRestrictionType.Open,
Requirements = null
}
};
// Configure PlayReady license template.
string newLicenseTemplate = ConfigurePlayReadyLicenseTemplate();
IContentKeyAuthorizationPolicyOption policyOption =
_context.ContentKeyAuthorizationPolicyOptions.Create("",
ContentKeyDeliveryType.PlayReadyLicense,
restrictions, newLicenseTemplate);
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.
ContentKeyAuthorizationPolicies.
CreateAsync("Deliver Common Content Key with no restrictions").
Result;
contentKeyAuthorizationPolicy.Options.Add(policyOption);
// Associate the content key authorization policy with the content key.
contentKey.AuthorizationPolicyId = contentKeyAuthorizationPolicy.Id;
contentKey = contentKey.UpdateAsync().Result;
}
private static string AddFairPlayTokenRestrictedAuthorizationPolicyFairPlay(IContentKey contentKey)
{
string tokenTemplateString = DRMHelper.GenerateTokenRequirementsString(_tokenPrimaryVerificationKey, _tokenAlternativeVerificationKey, _tokenScope, _tokenIssuer, true);
List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction
{
Name = "FairPlay Token Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
Requirements = tokenTemplateString,
}
};
// Configure FairPlay policy option.
string FairPlayConfiguration = ConfigureFairPlayPolicyOptions();
IContentKeyAuthorizationPolicyOption FairPlayPolicy = _context.ContentKeyAuthorizationPolicyOptions.Create("FairPlay token option", ContentKeyDeliveryType.FairPlay, restrictions, FairPlayConfiguration);
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.ContentKeyAuthorizationPolicies.CreateAsync("Deliver CBC Content Key with token restrictions").Result;
contentKeyAuthorizationPolicy.Options.Add(FairPlayPolicy);
// Associate the content key authorization policy with the content key
contentKey.AuthorizationPolicyId = contentKeyAuthorizationPolicy.Id;
contentKey = contentKey.UpdateAsync().Result;
return(tokenTemplateString);
}
/// <summary>
/// This is a helper method to setup a Content Key for delivery from Azure Media Services
/// </summary>
/// <param name="context">The CloudMediaContext instance used to communicate with Azure Media Services</param>
/// <param name="restrictions">One or more restrictions to add to the ContentKeyAuthorizationPolicy associated with the ContentKey</param>
/// <returns>A ContentKey that is configured for delivery to clients</returns>
private static IContentKey SetupContentKey(CloudMediaContext context, List <ContentKeyAuthorizationPolicyRestriction> restrictions)
{
//
// Create the ContentKeyAuthorizationPolicyOption
//
IContentKeyAuthorizationPolicyOption option =
context.ContentKeyAuthorizationPolicyOptions.Create("Option with Token Restriction",
ContentKeyDeliveryType.BaselineHttp,
restrictions,
null);
//
// Create the ContentKeyAuthorizationPolicy and add the option from above
//
IContentKeyAuthorizationPolicy policy = context.ContentKeyAuthorizationPolicies.CreateAsync("Policy to illustrate integration with ACS").Result;
policy.Options.Add(option);
//
// Create the ContentKey and associate the policy from above
//
byte[] keyValue = GetRandomKeyValue();
Guid keyId = Guid.NewGuid();
IContentKey contentKey = context.ContentKeys.Create(keyId, keyValue, "Test Key", ContentKeyType.EnvelopeEncryption);
contentKey.AuthorizationPolicyId = policy.Id;
contentKey.Update();
return(contentKey);
}
private static string AddPlayReadyAndWidevineTokenRestrictedAuthorizationPolicy(IContentKey contentKey)
{
string tokenTemplateString = DRMHelper.GenerateTokenRequirementsString(_tokenPrimaryVerificationKey, _tokenAlternativeVerificationKey, _tokenScope, _tokenIssuer, true);
List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction
{
Name = "Playready and Widevine Token Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
Requirements = tokenTemplateString,
}
};
// Configure PlayReady and Widevine license templates.
string PlayReadyLicenseTemplate = ConfigurePlayReadyLicenseTemplate();
string WidevineLicenseTemplate = ConfigureWidevineLicenseTemplate();
IContentKeyAuthorizationPolicyOption PlayReadyPolicy = _context.ContentKeyAuthorizationPolicyOptions.Create("PlayReady token option", ContentKeyDeliveryType.PlayReadyLicense, restrictions, PlayReadyLicenseTemplate);
IContentKeyAuthorizationPolicyOption WidevinePolicy = _context.ContentKeyAuthorizationPolicyOptions.Create("Widevine token option", ContentKeyDeliveryType.Widevine, restrictions, WidevineLicenseTemplate);
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.ContentKeyAuthorizationPolicies.CreateAsync("Deliver Common Content Key with token restrictions").Result;
contentKeyAuthorizationPolicy.Options.Add(PlayReadyPolicy);
contentKeyAuthorizationPolicy.Options.Add(WidevinePolicy);
// Associate the content key authorization policy with the content key
contentKey.AuthorizationPolicyId = contentKeyAuthorizationPolicy.Id;
contentKey = contentKey.UpdateAsync().Result;
return(tokenTemplateString);
}
public void GetPlayReadyLicenseDeliveryUrl()
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
contentKey = CreateTestKey(_mediaContext, ContentKeyType.CommonEncryption);
PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate();
responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate());
string licenseTemplate = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.PlayReadyLicense, null, licenseTemplate, ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
Assert.IsNotNull(keyDeliveryServiceUri);
Assert.IsTrue(0 == String.Compare(keyDeliveryServiceUri.AbsolutePath, "/PlayReady/", StringComparison.OrdinalIgnoreCase));
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
public static IContentKeyAuthorizationPolicyOption AddTokenRestrictedAuthorizationPolicyPlayReady(IContentKey contentKey, string Audience, string Issuer, IList <TokenClaim> tokenclaimslist, bool AddContentKeyIdentifierClaim, TokenType tokentype, ExplorerTokenType detailedtokentype, TokenVerificationKey mytokenverificationkey, CloudMediaContext _context, string newLicenseTemplate, string openIdDiscoveryPath = null)
{
string tokenTemplateString = GenerateTokenRequirements(tokentype, Audience, Issuer, tokenclaimslist, AddContentKeyIdentifierClaim, mytokenverificationkey, openIdDiscoveryPath);
string tname = detailedtokentype.ToString();
List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction
{
Name = tname + " Token Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
Requirements = tokenTemplateString,
}
};
IContentKeyAuthorizationPolicyOption policyOption =
_context.ContentKeyAuthorizationPolicyOptions.Create(tname + "Token option",
ContentKeyDeliveryType.PlayReadyLicense,
restrictions, newLicenseTemplate);
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.
ContentKeyAuthorizationPolicies.
CreateAsync("Deliver Common Content Key with no restrictions").
Result;
return(policyOption);
}
static public IContentKeyAuthorizationPolicy AddOpenAuthorizationPolicy(IContentKey contentKey, ContentKeyDeliveryType contentkeydeliverytype, string keydeliveryconfig, CloudMediaContext _context)
{
// Create ContentKeyAuthorizationPolicy with Open restrictions
// and create authorization policy
List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction
{
Name = "Open",
KeyRestrictionType = (int)ContentKeyRestrictionType.Open,
Requirements = null
}
};
IContentKeyAuthorizationPolicyOption policyOption =
_context.ContentKeyAuthorizationPolicyOptions.Create(
"policy",
contentkeydeliverytype,
restrictions,
keydeliveryconfig);
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.
ContentKeyAuthorizationPolicies.
CreateAsync("Open Authorization Policy").Result;
contentKeyAuthorizationPolicy.Options.Add(policyOption);
// Associate the content key authorization policy with the content key.
contentKey.AuthorizationPolicyId = contentKeyAuthorizationPolicy.Id;
contentKey = contentKey.UpdateAsync().Result;
return(contentKeyAuthorizationPolicy);
}
static public void AddOpenAuthorizationPolicy(IContentKey contentKey)
{
// Create ContentKeyAuthorizationPolicy with Open restrictions and create authorization policy
IContentKeyAuthorizationPolicy policy = context.ContentKeyAuthorizationPolicies.CreateAsync("Open Authorization Policy").Result;
List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>();
ContentKeyAuthorizationPolicyRestriction restriction =
new ContentKeyAuthorizationPolicyRestriction
{
Name = "HLS Open Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.Open,
Requirements = null // no requirements needed for HLS
};
restrictions.Add(restriction);
IContentKeyAuthorizationPolicyOption policyOption =
context.ContentKeyAuthorizationPolicyOptions.Create(
"policy",
ContentKeyDeliveryType.BaselineHttp,
restrictions,
"");
policy.Options.Add(policyOption);
// Add ContentKeyAutorizationPolicy to ContentKey
contentKey.AuthorizationPolicyId = policy.Id;
IContentKey updatedKey = contentKey.UpdateAsync().Result;
}
public static void RemoveContentKeyAuthorizationPolicyOption(string id)
{
IContentKeyAuthorizationPolicyOption option = _context.ContentKeyAuthorizationPolicyOptions.Where(p => p.Id == id).FirstOrDefault();
if (option != null)
{
try
{
string oId = option.Id;
string oName = option.Name;
if (option.KeyDeliveryType == ContentKeyDeliveryType.FairPlay)
{
dynamic data = JsonConvert.DeserializeObject(option.KeyDeliveryConfiguration);
string contentKeyASkId = "nb:kid:UUID:" + data.ASkId;
string contentKeyFairPlayPfxPasswordId = "nb:kid:UUID:" + data.FairPlayPfxPasswordId;
RemoveContentKey(contentKeyASkId);
RemoveContentKey(contentKeyFairPlayPfxPasswordId);
}
option.Delete();
Console.WriteLine("Deleted ContentKey Authorization Policy Option {0} : {1}", oId, oName);
}
catch (Exception e)
{
Console.WriteLine("Error on deleting ContentKey Authorization Policy Option {0} : {1}", id, e.ToString());
}
}
else
{
Console.WriteLine("Error: ContentKey Authorization Policy Option {0} Not Found", id);
}
return;
}
public static IContentKeyAuthorizationPolicyOption AddTokenRestrictedAuthorizationPolicyAES(IContentKey contentKey, string Audience, string Issuer, IList <TokenClaim> tokenclaimslist, bool AddContentKeyIdentifierClaim, TokenType tokentype, ExplorerTokenType detailedtokentype, TokenVerificationKey mytokenverificationkey, CloudMediaContext _context, string openIdDiscoveryPath = null)
{
string tokenTemplateString = GenerateTokenRequirements(tokentype, Audience, Issuer, tokenclaimslist, AddContentKeyIdentifierClaim, mytokenverificationkey, openIdDiscoveryPath);
string tname = detailedtokentype.ToString();
List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>();
ContentKeyAuthorizationPolicyRestriction restriction =
new ContentKeyAuthorizationPolicyRestriction
{
Name = tname + " Token Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
Requirements = tokenTemplateString
};
restrictions.Add(restriction);
//You could have multiple options
IContentKeyAuthorizationPolicyOption policyOption =
_context.ContentKeyAuthorizationPolicyOptions.Create(
"Token option",
ContentKeyDeliveryType.BaselineHttp,
restrictions,
null // no key delivery data is needed for HLS
);
return(policyOption);
}
public static void ClassInit(TestContext context)
{
//CreateCounters();
_mediaContext = WindowsAzureMediaServicesTestConfiguration.CreateCloudMediaContext();
IContentKeyAuthorizationPolicyOption policyOption = null;
for (int i = 0; i < 10; i++)
{
byte[] expectedKey = null;
IContentKey contentKey = GetKeyDeliveryUrlTests.CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.BaselineHttp, null, null, ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
GetKeyDeliveryUrlTests.CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
Assert.IsNotNull(keyDeliveryServiceUri);
string rawkey = EncryptionUtils.GetKeyIdAsGuid(contentKey.Id).ToString();
_testData.Add(new Tuple <Uri, string, string>(keyDeliveryServiceUri, TokenServiceClient.GetAuthTokenForKey(rawkey), GetKeyDeliveryUrlTests.GetString(expectedKey)));
}
}
public void EnsureEnvelopeKeyDeliveryUrlForCommonKeyFails()
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate();
responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate());
string licenseTemplate = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate);
try
{
contentKey = CreateTestKey(_mediaContext, ContentKeyType.CommonEncryption);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.PlayReadyLicense, null, licenseTemplate, ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
public string[] GetProtectionTypes(IAsset asset)
{
List <string> protectionTypes = new List <string>();
IAssetDeliveryPolicy deliveryPolicy = asset.DeliveryPolicies.Where(p => p.AssetDeliveryPolicyType == AssetDeliveryPolicyType.DynamicEnvelopeEncryption).SingleOrDefault();
if (deliveryPolicy != null)
{
protectionTypes.Add(MediaProtection.AES.ToString());
}
deliveryPolicy = asset.DeliveryPolicies.Where(p => p.AssetDeliveryPolicyType == AssetDeliveryPolicyType.DynamicCommonEncryption).SingleOrDefault();
if (deliveryPolicy != null)
{
IContentKey contentKey = asset.ContentKeys.Where(k => k.ContentKeyType == ContentKeyType.CommonEncryption).SingleOrDefault();
if (contentKey != null)
{
IContentKeyAuthorizationPolicy authPolicy = GetEntityById(MediaEntity.ContentKeyAuthPolicy, contentKey.AuthorizationPolicyId) as IContentKeyAuthorizationPolicy;
if (authPolicy != null)
{
IContentKeyAuthorizationPolicyOption policyOption = authPolicy.Options.Where(o => o.KeyDeliveryType == ContentKeyDeliveryType.PlayReadyLicense).SingleOrDefault();
if (policyOption != null)
{
protectionTypes.Add(MediaProtection.PlayReady.ToString());
}
policyOption = authPolicy.Options.Where(o => o.KeyDeliveryType == ContentKeyDeliveryType.Widevine).SingleOrDefault();
if (policyOption != null)
{
protectionTypes.Add(MediaProtection.Widevine.ToString());
}
}
}
}
return(protectionTypes.ToArray());
}
public void EnsureNoneKeyDeliveryUrlFails()
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.BaselineHttp, null, null, ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.None);
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
public void TestContentKeyAuthorizationPolicyOptionCreateFailedRetryMessageLengthLimitExceeded()
{
var expected = new ContentKeyAuthorizationPolicyOptionData {
Name = "testData"
};
var fakeException = new WebException("test", WebExceptionStatus.MessageLengthLimitExceeded);
var dataContextMock = TestMediaServicesClassFactory.CreateSaveChangesMock(fakeException, 10, expected);
dataContextMock.Setup((ctxt) => ctxt.AddObject("ContentKeyAuthorizationPolicyOptions", It.IsAny <object>()));
_mediaContext.MediaServicesClassFactory = new TestMediaServicesClassFactory(dataContextMock.Object);
try
{
IContentKeyAuthorizationPolicyOption actual = _mediaContext.ContentKeyAuthorizationPolicyOptions.Create("Empty", ContentKeyDeliveryType.None, null, null);
}
catch (WebException x)
{
dataContextMock.Verify((ctxt) => ctxt.SaveChangesAsync(It.IsAny <object>()), Times.Exactly(1));
Assert.AreEqual(fakeException, x);
throw;
}
Assert.Fail("Expected exception");
}
private void FetchKeyWithSWTToken(string audience, string issuer)
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
byte[] expectedKey = null;
contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey);
var contentKeyId = Guid.Parse(contentKey.Id.Replace("nb:kid:UUID:", String.Empty));
TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.SWT);
tokenRestrictionTemplate.PrimaryVerificationKey = new SymmetricVerificationKey();
// the default constructor automatically generates a random key
tokenRestrictionTemplate.Audience = audience;
tokenRestrictionTemplate.Issuer = issuer;
tokenRestrictionTemplate.TokenType = TokenType.SWT;
tokenRestrictionTemplate.RequiredClaims.Add(new TokenClaim(TokenClaim.ContentKeyIdentifierClaimType,
contentKeyId.ToString()));
string optionName = "GetHlsKeyDeliveryUrlAndFetchKeyWithSWTAuthentication";
string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate);
ContentKeyRestrictionType restrictionType = ContentKeyRestrictionType.TokenRestricted;
var _testOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, optionName,
ContentKeyDeliveryType.BaselineHttp, requirements, null, restrictionType);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
_testOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
Assert.IsNotNull(keyDeliveryServiceUri);
Assert.IsTrue(keyDeliveryServiceUri.Host.StartsWith(_mediaContext.Credentials.ClientId));
KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed);
string swtTokenString = TokenRestrictionTemplateSerializer.GenerateTestToken(tokenRestrictionTemplate,
tokenRestrictionTemplate.PrimaryVerificationKey, contentKeyId, DateTime.Now.AddDays(2));
byte[] key = keyClient.AcquireHlsKeyWithBearerHeader(keyDeliveryServiceUri, swtTokenString);
string expectedString = GetString(expectedKey);
string fetchedString = GetString(key);
Assert.AreEqual(expectedString, fetchedString);
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
private void FetchKeyWithJWTAuth(string audience, string issuer)
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
byte[] expectedKey = null;
contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey);
var templatex509Certificate2 = new X509Certificate2("amscer.pfx", "AMSGIT");
SigningCredentials cred = new X509SigningCredentials(templatex509Certificate2);
TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.JWT);
tokenRestrictionTemplate.PrimaryVerificationKey = new X509CertTokenVerificationKey(templatex509Certificate2);
tokenRestrictionTemplate.Audience = audience;
tokenRestrictionTemplate.Issuer = issuer;
string optionName = "GetHlsKeyDeliveryUrlAndFetchKeyWithJWTAuthentication";
string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, optionName,
ContentKeyDeliveryType.BaselineHttp, requirements, null, ContentKeyRestrictionType.TokenRestricted);
JwtSecurityToken token = new JwtSecurityToken(issuer: tokenRestrictionTemplate.Issuer,
audience: tokenRestrictionTemplate.Audience, notBefore: DateTime.Now.AddMinutes(-5),
expires: DateTime.Now.AddMinutes(5), signingCredentials: cred);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
string jwtTokenString = handler.WriteToken(token);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
Assert.IsNotNull(keyDeliveryServiceUri);
// Enable once all accounts are enabled for per customer Key Delivery Urls
//Assert.IsTrue(keyDeliveryServiceUri.Host.StartsWith(_mediaContext.Credentials.ClientId));
KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed);
byte[] key = keyClient.AcquireHlsKeyWithBearerHeader(keyDeliveryServiceUri, jwtTokenString);
string expectedString = GetString(expectedKey);
string fetchedString = GetString(key);
Assert.AreEqual(expectedString, fetchedString);
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
static public IContentKeyAuthorizationPolicy CreateAuthorizationPolicyCommonType(string policyName)
{
List <ContentKeyAuthorizationPolicyRestriction> restrictions;
string PlayReadyOptionName;
string WidevineOptionName;
if (_isTokenRestricted)
{
string tokenTemplateString = GenerateTokenRequirements();
restrictions = new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction
{
Name = "Token Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
Requirements = tokenTemplateString,
}
};
PlayReadyOptionName = "TokenRestricted PlayReady Option 1";
WidevineOptionName = "TokenRestricted Widevine Option 1";
}
else
{
restrictions = new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction
{
Name = "Open",
KeyRestrictionType = (int)ContentKeyRestrictionType.Open,
Requirements = null
}
};
PlayReadyOptionName = "Open PlayReady Option 1";
WidevineOptionName = "Open Widevine Option 1";
}
// Configure PlayReady and Widevine license templates.
string PlayReadyLicenseTemplate = ConfigurePlayReadyPolicyOptions();
string WidevineLicenseTemplate = ConfigureWidevinePolicyOptions();
IContentKeyAuthorizationPolicyOption PlayReadyPolicy =
_context.ContentKeyAuthorizationPolicyOptions.Create(PlayReadyOptionName, ContentKeyDeliveryType.PlayReadyLicense, restrictions, PlayReadyLicenseTemplate);
IContentKeyAuthorizationPolicyOption WidevinePolicy =
_context.ContentKeyAuthorizationPolicyOptions.Create(WidevineOptionName, ContentKeyDeliveryType.Widevine, restrictions, WidevineLicenseTemplate);
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.ContentKeyAuthorizationPolicies.CreateAsync(policyName).Result;
contentKeyAuthorizationPolicy.Options.Add(PlayReadyPolicy);
contentKeyAuthorizationPolicy.Options.Add(WidevinePolicy);
return(contentKeyAuthorizationPolicy);
}
private void listViewAutOptions_SelectedIndexChanged(object sender, EventArgs e)
{
bool NoVerifKey = false;
if (listViewAutOptions.SelectedIndices.Count > 0)
{
var it = listViewAutOptions.SelectedItems[0];
string stringoptionid = it.SubItems[2].Text;
SelectedOption = mycontext.ContentKeyAuthorizationPolicyOptions.Where(p => p.Id == stringoptionid).FirstOrDefault();
KeyFromSelectedOption = ContentKeyDisplayed[listViewAutOptions.SelectedItems[0].Index];
string tokenTemplateString = SelectedOption.Restrictions.FirstOrDefault().Requirements;
if (!string.IsNullOrEmpty(tokenTemplateString))
{
TokenRestrictionTemplate tokenTemplate = TokenRestrictionTemplateSerializer.Deserialize(tokenTemplateString);
textBoxAudience.Text = tokenTemplate.Audience.ToString();
textBoxIssuer.Text = tokenTemplate.Issuer.ToString();
checkBoxAddContentKeyIdentifierClaim.Checked = false;
groupBoxStartDate.Enabled = (tokenTemplate.TokenType == TokenType.JWT);
if (tokenTemplate.PrimaryVerificationKey != null)
{
panelJWTX509Cert.Enabled = !(tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey));
}
else
{
NoVerifKey = true; // Case for OpenId for example. No way to create a test token....
}
TokenClaimsList.Clear();
foreach (var claim in tokenTemplate.RequiredClaims)
{
if (claim.ClaimType == TokenClaim.ContentKeyIdentifierClaimType)
{
checkBoxAddContentKeyIdentifierClaim.Checked = true;
}
else
{
TokenClaimsList.Add(new MyTokenClaim()
{
Type = claim.ClaimType,
Value = claim.ClaimValue
});
}
}
}
UpdateButtonOk(NoVerifKey);
}
}
public void TestContentKeyAuthorizationPolicyOptionCreateRetry()
{
var expected = new ContentKeyAuthorizationPolicyOptionData {
Name = "testData"
};
var fakeException = new WebException("test", WebExceptionStatus.ConnectionClosed);
var dataContextMock = TestMediaServicesClassFactory.CreateSaveChangesMock(fakeException, 2, expected);
dataContextMock.Setup((ctxt) => ctxt.AddObject("ContentKeyAuthorizationPolicyOptions", It.IsAny <object>()));
_mediaContext.MediaServicesClassFactory = new TestMediaServicesClassFactory(dataContextMock.Object);
IContentKeyAuthorizationPolicyOption actual = _mediaContext.ContentKeyAuthorizationPolicyOptions.Create("Empty", ContentKeyDeliveryType.None, null, null);
Assert.AreEqual(expected.Name, actual.Name);
dataContextMock.Verify((ctxt) => ctxt.SaveChangesAsync(It.IsAny <object>()), Times.Exactly(2));
}
public static string AddTokenRestrictedAuthorizationPolicy(IContentKey contentKey)
{
string tokenTemplateString = GenerateTokenRequirements();
List <ContentKeyAuthorizationPolicyRestriction> restrictions =
new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction
{
Name = "Token Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
Requirements = tokenTemplateString,
}
};
// Configure PlayReady and Widevine license templates.
string PlayReadyLicenseTemplate = ConfigurePlayReadyLicenseTemplate();
string WidevineLicenseTemplate = ConfigureWidevineLicenseTemplate();
IContentKeyAuthorizationPolicyOption PlayReadyPolicy =
_context.ContentKeyAuthorizationPolicyOptions.Create("Token option",
ContentKeyDeliveryType.PlayReadyLicense,
restrictions, PlayReadyLicenseTemplate);
IContentKeyAuthorizationPolicyOption WidevinePolicy =
_context.ContentKeyAuthorizationPolicyOptions.Create("Token option",
ContentKeyDeliveryType.Widevine,
restrictions, WidevineLicenseTemplate);
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.
ContentKeyAuthorizationPolicies.
CreateAsync("Deliver Common Content Key with token restrictions").
Result;
contentKeyAuthorizationPolicy.Options.Add(PlayReadyPolicy);
contentKeyAuthorizationPolicy.Options.Add(WidevinePolicy);
// Associate the content key authorization policy with the content key
contentKey.AuthorizationPolicyId = contentKeyAuthorizationPolicy.Id;
contentKey = contentKey.UpdateAsync().Result;
return(tokenTemplateString);
}
static public IContentKeyAuthorizationPolicy CreateAuthorizationPolicyCommonCBCType(string policyName)
{
List <ContentKeyAuthorizationPolicyRestriction> restrictions;
string FairPlayOptionName;
if (_isTokenRestricted)
{
string tokenTemplateString = GenerateTokenRequirements();
restrictions = new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction
{
Name = "Token Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
Requirements = tokenTemplateString,
}
};
FairPlayOptionName = "TokenRestricted FairPlay Option 1";
}
else
{
restrictions = new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction
{
Name = "Open",
KeyRestrictionType = (int)ContentKeyRestrictionType.Open,
Requirements = null
}
};
FairPlayOptionName = "Open FairPlay Option 1";
}
// Configure FairPlay policy option.
string FairPlayConfiguration = ConfigureFairPlayPolicyOptions();
IContentKeyAuthorizationPolicyOption FairPlayPolicy =
_context.ContentKeyAuthorizationPolicyOptions.Create(FairPlayOptionName, ContentKeyDeliveryType.FairPlay, restrictions, FairPlayConfiguration);
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.ContentKeyAuthorizationPolicies.CreateAsync(policyName).Result;
contentKeyAuthorizationPolicy.Options.Add(FairPlayPolicy);
return(contentKeyAuthorizationPolicy);
}
public void ContentKeyAuthorizationPolicyOptionTestEnumQuery()
{
var policyOptions = _mediaContext.ContentKeyAuthorizationPolicyOptions;
PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate();
responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate());
string optionName = "integrationtest-crud-746";
string requirements = null;
string configuration = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate);
ContentKeyRestrictionType restrictionType = ContentKeyRestrictionType.Open;
IContentKeyAuthorizationPolicyOption option = CreateOption(_mediaContext, optionName, ContentKeyDeliveryType.PlayReadyLicense, requirements, configuration, restrictionType);
var ok = policyOptions.Where(o => o.KeyDeliveryType == ContentKeyDeliveryType.PlayReadyLicense).AsEnumerable().Any();
Assert.IsTrue(ok, "Can not find option by DeliveryType");
}
public static IContentKeyAuthorizationPolicyOption CreateOption(CloudMediaContext dataContext, string optionName, ContentKeyDeliveryType deliveryType, string requirements, string configuration, ContentKeyRestrictionType restrictionType)
{
var restrictions = new List <ContentKeyAuthorizationPolicyRestriction>
{
new ContentKeyAuthorizationPolicyRestriction {
Requirements = requirements, Name = "somename"
}
};
restrictions[0].SetKeyRestrictionTypeValue(restrictionType);
IContentKeyAuthorizationPolicyOption option = dataContext.ContentKeyAuthorizationPolicyOptions.Create(
optionName,
deliveryType,
restrictions,
configuration);
return(option);
}
public void GetWidevineKeyDeliveryUrlAndFetchLicense()
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
byte[] expectedKey = null;
contentKey = CreateTestKey(_mediaContext, ContentKeyType.CommonEncryption, out expectedKey);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.Widevine, null, "{}", ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine);
Assert.IsNotNull(keyDeliveryServiceUri);
KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed);
string rawkey = EncryptionUtils.GetKeyIdAsGuid(contentKey.Id).ToString();
string payload = "CAEShAEKTAgAEkgAAAACAAAQWPXbhtb/q43f3SfuC2VP3q0jeAECW3emQkWn2wXCYVOnvlWPDNqh8VVIB4GmsNA8eVVFigXkQWIGN0GlgMKjpUESLAoqChQIARIQJMPCzl2bViyMQEtyK/gtmRABGhAyNWY3ODMzMTcyMmJjM2EyGAEgv5iQkAUaIC3ON1zVgeV0rP7w2VmVLGorqClcMQO4BdbHPyk3GsnY";
byte[] license = keyClient.AcquireWidevineLicenseWithBearerHeader(
keyDeliveryServiceUri,
TokenServiceClient.GetAuthTokenForKey(rawkey),
Convert.FromBase64String(payload));
string expectedString = Convert.ToBase64String(license);
Assert.AreEqual("CAIS", expectedString.Substring(0, 4));
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
public static IContentKey AddAuthorizationPolicyToContentKey(CloudMediaContext objCloudMediaContext, IContentKey objIContentKey, string keyId)
{
// Create ContentKeyAuthorizationPolicy with restrictions and create authorization policy
IContentKeyAuthorizationPolicy policy = objCloudMediaContext.ContentKeyAuthorizationPolicies.CreateAsync(keyId).Result;
List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>();
//ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction
// {
// Name = "Open Authorization Policy",
// KeyRestrictionType = (int)ContentKeyRestrictionType.Open,
// Requirements = null // no requirements
// };
//ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction
//{
// Name = "Authorization Policy with SWT Token Restriction",
// KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
// Requirements = ContentKeyAuthorizationHelper.CreateRestrictionRequirements()
//};
ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction
{
Name = "JWTContentKeyAuthorizationPolicyRestriction",
KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
Requirements = ContentKeyAuthorizationHelper.CreateRestrictionRequirementsForJWT()
};
restrictions.Add(restriction);
IContentKeyAuthorizationPolicyOption policyOption = objCloudMediaContext.ContentKeyAuthorizationPolicyOptions.Create(
keyId,
ContentKeyDeliveryType.BaselineHttp,
restrictions,
"");
policy.Options.Add(policyOption);
// Add ContentKeyAutorizationPolicy to ContentKey
objIContentKey.AuthorizationPolicyId = policy.Id;
IContentKey IContentKeyUpdated = objIContentKey.UpdateAsync().Result;
return(IContentKeyUpdated);
}
private static IContentKeyAuthorizationPolicy GetTokenRestrictedAuthorizationPolicy(TraceWriter log, AuthorizationPolicyRequst request)
{
MediaServicesCredentials amsCredentials = new MediaServicesCredentials();
AzureAdTokenCredentials tokenCredentials = new AzureAdTokenCredentials(amsCredentials.AmsAadTenantDomain,
new AzureAdClientSymmetricKey(amsCredentials.AmsClientId, amsCredentials.AmsClientSecret),
AzureEnvironments.AzureCloudEnvironment);
AzureAdTokenProvider tokenProvider = new AzureAdTokenProvider(tokenCredentials);
CloudMediaContext context = new CloudMediaContext(amsCredentials.AmsRestApiEndpoint, tokenProvider);
byte[] secret = request.tokenSecret;
TokenClaim[] tokenClaims = request.tokenClaims;
TokenType tokenType = request.TokenTypeEnum;
string audience = request.audience;
string issuer = request.issuer;
List <IContentKeyAuthorizationPolicyOption> authPolicyOptions = new List <IContentKeyAuthorizationPolicyOption>(request.config.Length);
List <ContentKeyDeliveryType> delTypes = new List <ContentKeyDeliveryType>(request.config.Length);
log.Info($"Prepared for auth policy loop on {request.config.Length} entries with: {(secret ?? new byte[0]).Length} long key; {(tokenClaims ?? new TokenClaim[0]).Length} claims; {tokenType.ToString()} {audience} {issuer}");
// return
foreach (AuthorizationPolicyRequestTokenConfig d in request.config)
{
ContentKeyDeliveryType ckdType = d.ContentKeyDeliveryType;
delTypes.Add(ckdType);
log.Info($"Making auth policy option! {d.ContentKeyDeliveryType.ToString()} {d.keyDeliveryConfiguration}");
IContentKeyAuthorizationPolicyOption option = GetTokenRestrictedAuthorizationPolicyOption(context, secret, ckdType, tokenType, audience, issuer, tokenClaims, d.keyDeliveryConfiguration);
authPolicyOptions.Add(option);
}
log.Info($"Making policy container");
IContentKeyAuthorizationPolicy policy = context.ContentKeyAuthorizationPolicies.CreateAsync(string.Join(", ", delTypes.Select(x => x.ToString())) + " Authentication Policy").Result;
foreach (IContentKeyAuthorizationPolicyOption a in authPolicyOptions)
{
log.Info($"Adding policy " + a.Name);
policy.Options.Add(a);
}
return(policy);
}
public void SetupTest()
{
_mediaContext = WindowsAzureMediaServicesTestConfiguration.CreateCloudMediaContext();
PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate();
responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate());
TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.JWT);
tokenRestrictionTemplate.PrimaryVerificationKey = new SymmetricVerificationKey(); // the default constructor automatically generates a random key
tokenRestrictionTemplate.Audience = "http://sampleIssuerUrl";
tokenRestrictionTemplate.Issuer = "http://sampleAudience";
string optionName = "integrationtest-crud-749";
string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate);
string configuration = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate);
ContentKeyRestrictionType restrictionType = ContentKeyRestrictionType.TokenRestricted;
_testOption = CreateOption(_mediaContext, optionName, ContentKeyDeliveryType.PlayReadyLicense, requirements, configuration, restrictionType);
}
public void GetHlsKeyDeliveryUrlAndFetchKey()
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
byte[] expectedKey = null;
contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.BaselineHttp, null, null, ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
Assert.IsNotNull(keyDeliveryServiceUri);
// Enable once all accounts are enabled for per customer Key Delivery Urls
//Assert.IsTrue(keyDeliveryServiceUri.Host.StartsWith(_mediaContext.Credentials.ClientId));
KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed);
string rawkey = EncryptionUtils.GetKeyIdAsGuid(contentKey.Id).ToString();
byte[] key = keyClient.AcquireHlsKey(keyDeliveryServiceUri, TokenServiceClient.GetAuthTokenForKey(rawkey));
string expectedString = GetString(expectedKey);
string fetchedString = GetString(key);
Assert.AreEqual(expectedString, fetchedString);
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
public static string AddTokenRestrictedAuthorizationPolicy(IContentKey contentKey)
{
string tokenTemplateString = GenerateTokenRequirements();
IContentKeyAuthorizationPolicy policy = _context.
ContentKeyAuthorizationPolicies.
CreateAsync("HLS token restricted authorization policy").Result;
List <ContentKeyAuthorizationPolicyRestriction> restrictions =
new List <ContentKeyAuthorizationPolicyRestriction>();
ContentKeyAuthorizationPolicyRestriction restriction =
new ContentKeyAuthorizationPolicyRestriction
{
Name = "Token Authorization Policy",
KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted,
Requirements = tokenTemplateString
};
restrictions.Add(restriction);
//You could have multiple options
IContentKeyAuthorizationPolicyOption policyOption =
_context.ContentKeyAuthorizationPolicyOptions.Create(
"Token option for HLS",
ContentKeyDeliveryType.BaselineHttp,
restrictions,
null // no key delivery data is needed for HLS
);
policy.Options.Add(policyOption);
// Add ContentKeyAutorizationPolicy to ContentKey
contentKey.AuthorizationPolicyId = policy.Id;
IContentKey updatedKey = contentKey.UpdateAsync().Result;
Console.WriteLine("Adding Key to Asset: Key ID is " + updatedKey.Id);
return(tokenTemplateString);
}
private void listViewAutOptions_SelectedIndexChanged(object sender, EventArgs e)
{
if (listViewAutOptions.SelectedIndices.Count > 0)
{
var it = listViewAutOptions.SelectedItems[0];
string stringoptionid = it.SubItems[2].Text;
SelectedOption = mycontext.ContentKeyAuthorizationPolicyOptions.Where(p => p.Id == stringoptionid).FirstOrDefault();
KeyFromSelectedOption = ContentKeyDisplayed[listViewAutOptions.SelectedItems[0].Index];
string tokenTemplateString = SelectedOption.Restrictions.FirstOrDefault().Requirements;
if (!string.IsNullOrEmpty(tokenTemplateString))
{
TokenRestrictionTemplate tokenTemplate = TokenRestrictionTemplateSerializer.Deserialize(tokenTemplateString);
textBoxAudience.Text = tokenTemplate.Audience.ToString();
textBoxIssuer.Text = tokenTemplate.Issuer.ToString();
checkBoxAddContentKeyIdentifierClaim.Checked = false;
groupBoxStartDate.Enabled = (tokenTemplate.TokenType == TokenType.JWT);
panelJWTX509Cert.Enabled = !(tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey));
TokenClaimsList.Clear();
foreach (var claim in tokenTemplate.RequiredClaims)
{
if (claim.ClaimType == TokenClaim.ContentKeyIdentifierClaimType)
{
checkBoxAddContentKeyIdentifierClaim.Checked = true;
}
else
{
TokenClaimsList.Add(new MyTokenClaim()
{
Type = claim.ClaimType,
Value = claim.ClaimValue
});
}
}
}
UpdateButtonOk();
}
}
private void CleanupKeyAndPolicy(IContentKey contentKey, IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy, IContentKeyAuthorizationPolicyOption policyOption)
{
if (contentKey != null)
{
contentKey.Delete();
}
if (contentKeyAuthorizationPolicy != null)
{
contentKeyAuthorizationPolicy.Delete();
}
/*
if (policyOption != null)
{
policyOption.Delete();
}
*/
}
public void SetupTest()
{
_mediaContext = WindowsAzureMediaServicesTestConfiguration.CreateCloudMediaContext();
PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate();
responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate());
TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.JWT);
tokenRestrictionTemplate.PrimaryVerificationKey = new SymmetricVerificationKey(); // the default constructor automatically generates a random key
tokenRestrictionTemplate.Audience = "http://sampleIssuerUrl";
tokenRestrictionTemplate.Issuer = "http://sampleAudience";
string optionName = "integrationtest-crud-749";
string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate);
string configuration = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate);
ContentKeyRestrictionType restrictionType = ContentKeyRestrictionType.TokenRestricted;
_testOption = CreateOption(_mediaContext, optionName, ContentKeyDeliveryType.PlayReadyLicense, requirements, configuration, restrictionType);
}
