private void CreateContentKeyPolicy(string policyName) { ContentKeyPolicyOption[] options = new ContentKeyPolicyOption[] { new ContentKeyPolicyOption(new ContentKeyPolicyClearKeyConfiguration(), new ContentKeyPolicyOpenRestriction()) }; ContentKeyPolicy policy = MediaClient.ContentKeyPolicies.CreateOrUpdate(ResourceGroup, AccountName, policyName, options); }
public ContentKeyPolicy CreateContentKeyPolicy(string policyName, ContentKeyPolicyConfiguration[] policyConfigurations) { ContentKeyPolicy contentKeyPolicy = _media.ContentKeyPolicies.Get(MediaAccount.ResourceGroupName, MediaAccount.Name, policyName); if (contentKeyPolicy == null) { string settingKey = Constant.AppSettingKey.DirectoryClientId; string clientId = AppSetting.GetValue(settingKey); settingKey = Constant.AppSettingKey.DirectoryTenantId; string tenantId = AppSetting.GetValue(settingKey); settingKey = Constant.AppSettingKey.DirectoryAuthorityUrl; string authorityUrl = AppSetting.GetValue(settingKey); authorityUrl = string.Format(authorityUrl, tenantId); settingKey = Constant.AppSettingKey.DirectoryPolicyIdSignUpIn; string signUpInPolicyId = AppSetting.GetValue(settingKey); settingKey = Constant.AppSettingKey.DirectoryDiscoveryPath; string discoveryPath = AppSetting.GetValue(settingKey); discoveryPath = string.Concat(discoveryPath, "?p=", signUpInPolicyId); ContentKeyPolicyTokenRestriction policyRestriction = new ContentKeyPolicyTokenRestriction() { OpenIdConnectDiscoveryDocument = string.Concat(authorityUrl, discoveryPath), RestrictionTokenType = ContentKeyPolicyRestrictionTokenType.Jwt, Issuer = authorityUrl, Audience = clientId }; List <ContentKeyPolicyOption> policyOptions = new List <ContentKeyPolicyOption>(); foreach (ContentKeyPolicyConfiguration policyConfiguration in policyConfigurations) { ContentKeyPolicyOption policyOption = new ContentKeyPolicyOption(policyConfiguration, policyRestriction); policyOptions.Add(policyOption); } contentKeyPolicy = _media.ContentKeyPolicies.CreateOrUpdate(MediaAccount.ResourceGroupName, MediaAccount.Name, policyName, policyOptions); } return(contentKeyPolicy); }
public static async Task <IActionResult> Run( [HttpTrigger(AuthorizationLevel.Function, "post", Route = null)] HttpRequest req, ILogger log) { log.LogInformation($"AMS v3 Function - CreateContentKeyPolicy was triggered!"); string requestBody = new StreamReader(req.Body).ReadToEnd(); dynamic data = JsonConvert.DeserializeObject(requestBody); if (data.contentKeyPolicyName == null) { return(new BadRequestObjectResult("Please pass contentKeyPolicyName in the input object")); } string contentKeyPolicyName = data.contentKeyPolicyName; string contentKeyPolicyDescription = null; if (data.contentKeyPolicyDescription == null) { contentKeyPolicyDescription = data.contentKeyPolicyDescription; } string mode = data.mode; if (mode != "simple" && mode != "advanced") { return(new BadRequestObjectResult("Please pass valid mode in the input object")); } // // Simple Mode // if (mode == "simple") { if (data.policyOptionName == null) { return(new BadRequestObjectResult("Please pass policyOptionName in the input object")); } if (data.openRestriction == null) { return(new BadRequestObjectResult("Please pass openRestriction in the input object")); } if (data.openRestriction == false) { if (data.audience == null && data.issuer == null && data.tokenType == null && data.tokenKeyType == null && data.tokenKey == null) { return(new BadRequestObjectResult("Please pass required parameters for Token Restriction in the input object")); } } } // // Advanced Mode // if (mode == "advanced") { if (data.contentKeyPolicyOptions == null) { return(new BadRequestObjectResult("Please pass contentKeyPolicyOptions in the input object")); } } MediaServicesConfigWrapper amsconfig = new MediaServicesConfigWrapper(); ContentKeyPolicy policy = null; JsonConverter[] jsonReaders = { new MediaServicesHelperJsonReader(), new MediaServicesHelperTimeSpanJsonConverter() }; try { IAzureMediaServicesClient client = MediaServicesHelper.CreateMediaServicesClientAsync(amsconfig); policy = client.ContentKeyPolicies.Get(amsconfig.ResourceGroup, amsconfig.AccountName, contentKeyPolicyName); if (policy == null) { List <ContentKeyPolicyOption> options = new List <ContentKeyPolicyOption>(); if (mode == "simple") { ContentKeyPolicyOption option = new ContentKeyPolicyOption(); option.Name = data.policyOptionName; // Restrictions if ((bool)data.openRestriction) { option.Restriction = new ContentKeyPolicyOpenRestriction(); } else { ContentKeyPolicyTokenRestriction restriction = new ContentKeyPolicyTokenRestriction(); restriction.Audience = data.audience; restriction.Issuer = data.issuer; string tokenType = data.tokenType; switch (tokenType) { case "Jwt": restriction.RestrictionTokenType = ContentKeyPolicyRestrictionTokenType.Jwt; break; case "Swt": restriction.RestrictionTokenType = ContentKeyPolicyRestrictionTokenType.Swt; break; default: return(new BadRequestObjectResult("Please pass valid tokenType in the input object")); } string tokenKeyType = data.tokenKeyType; switch (tokenKeyType) { case "Symmetric": restriction.PrimaryVerificationKey = new ContentKeyPolicySymmetricTokenKey(Convert.FromBase64String(data.tokenKey.ToString())); break; case "X509": restriction.PrimaryVerificationKey = new ContentKeyPolicyX509CertificateTokenKey(Convert.FromBase64String(data.tokenKey.ToString())); break; case "RSA": restriction.PrimaryVerificationKey = new ContentKeyPolicyRsaTokenKey(); break; default: return(new BadRequestObjectResult("Please pass valid tokenKeyType in the input object")); } if (data.tokenClaims != null) { restriction.RequiredClaims = new List <ContentKeyPolicyTokenClaim>(); String[] tokenClaims = data.tokenClaims.ToString().Split(';'); foreach (string tokenClaim in tokenClaims) { String[] tokenClaimKVP = tokenClaim.Split('='); if (tokenClaimKVP.Length == 2) { restriction.RequiredClaims.Add(new ContentKeyPolicyTokenClaim(tokenClaimKVP[0], tokenClaimKVP[1] == "null" ? null : tokenClaimKVP[1])); } else if (tokenClaimKVP.Length == 1) { restriction.RequiredClaims.Add(new ContentKeyPolicyTokenClaim(tokenClaimKVP[0])); } else { return(new BadRequestObjectResult("Please pass valid tokenClaims in the input object")); } } } if (data.openIdConnectDiscoveryDocument != null) { restriction.OpenIdConnectDiscoveryDocument = data.openIdConnectDiscoveryDocument; } option.Restriction = restriction; } // Configuration string configurationType = data.configurationType; switch (configurationType) { case "ClearKey": option.Configuration = new ContentKeyPolicyClearKeyConfiguration(); break; case "FairPlay": ContentKeyPolicyFairPlayConfiguration configFairPlay = new ContentKeyPolicyFairPlayConfiguration(); configFairPlay.Ask = Convert.FromBase64String(data.fairPlayAsk); configFairPlay.FairPlayPfx = data.fairPlayPfx; configFairPlay.FairPlayPfxPassword = data.fairPlayPfxPassword; switch (data.faiPlayRentalAndLeaseKeyType) { case "Undefined": configFairPlay.RentalAndLeaseKeyType = ContentKeyPolicyFairPlayRentalAndLeaseKeyType.Undefined; break; case "PersistentLimited": configFairPlay.RentalAndLeaseKeyType = ContentKeyPolicyFairPlayRentalAndLeaseKeyType.PersistentLimited; break; case "PersistentUnlimited": configFairPlay.RentalAndLeaseKeyType = ContentKeyPolicyFairPlayRentalAndLeaseKeyType.PersistentUnlimited; break; default: return(new BadRequestObjectResult("Please pass valid faiPlayRentalAndLeaseKeyType in the input object")); } configFairPlay.RentalDuration = data.faiPlayRentalDuration; break; case "PlayReady": ContentKeyPolicyPlayReadyConfiguration configPlayReady = new ContentKeyPolicyPlayReadyConfiguration(); configPlayReady.Licenses = JsonConvert.DeserializeObject <List <ContentKeyPolicyPlayReadyLicense> >(data.playReadyTemplates.ToString(), jsonReaders); if (data.playReadyResponseCustomData != null) { configPlayReady.ResponseCustomData = data.playReadyResponseCustomData; } option.Configuration = configPlayReady; break; case "Widevine": ContentKeyPolicyWidevineConfiguration configWideVine = JsonConvert.DeserializeObject <ContentKeyPolicyWidevineConfiguration>(data.widevineTemplate.ToString(), jsonReaders); option.Configuration = configWideVine; break; default: return(new BadRequestObjectResult("Please pass valid configurationType in the input object")); } options.Add(option); } else if (mode == "advanced") { options = JsonConvert.DeserializeObject <List <ContentKeyPolicyOption> >(data.contentKeyPolicyOptions.ToString(), jsonReaders); } foreach (ContentKeyPolicyOption o in options) { o.Validate(); } policy = client.ContentKeyPolicies.CreateOrUpdate(amsconfig.ResourceGroup, amsconfig.AccountName, contentKeyPolicyName, options, contentKeyPolicyDescription); } } catch (ApiErrorException e) { log.LogError($"ERROR: AMS API call failed with error code: {e.Body.Error.Code} and message: {e.Body.Error.Message}"); return(new BadRequestObjectResult("AMS API call error: " + e.Message + "\nError Code: " + e.Body.Error.Code + "\nMessage: " + e.Body.Error.Message)); } catch (Exception e) { log.LogError($"ERROR: Exception with message: {e.Message}"); return(new BadRequestObjectResult("Error: " + e.Message)); } return((ActionResult) new OkObjectResult(new { policyId = policy.PolicyId })); }
public void ContentKeyPolicyComboTest() { using (MockContext context = this.StartMockContextAndInitializeClients(this.GetType())) { try { CreateMediaServicesAccount(); // List ContentKeyPolicies, which should be empty var contentKeyPolicies = MediaClient.ContentKeyPolicies.List(ResourceGroup, AccountName); Assert.Empty(contentKeyPolicies); string policyName = TestUtilities.GenerateName("ContentKeyPolicy"); string policyDescription = "Test policy"; // Try to get the policy, which should not exist Assert.Equal(System.Net.HttpStatusCode.NotFound, Assert.Throws <ErrorResponseException>(() => MediaClient.ContentKeyPolicies.Get(ResourceGroup, AccountName, policyName)).Response.StatusCode); // Create the policy ContentKeyPolicyOption[] options = new ContentKeyPolicyOption[] { new ContentKeyPolicyOption(new ContentKeyPolicyClearKeyConfiguration(), new ContentKeyPolicyOpenRestriction()) }; ContentKeyPolicy createdPolicy = MediaClient.ContentKeyPolicies.CreateOrUpdate(ResourceGroup, AccountName, policyName, options, policyDescription); ValidateContentKeyPolicy(createdPolicy, policyName, policyDescription, options); // List ContentKeyPolicies and validate the created policy shows up contentKeyPolicies = MediaClient.ContentKeyPolicies.List(ResourceGroup, AccountName); Assert.Single(contentKeyPolicies); ValidateContentKeyPolicy(createdPolicy, policyName, policyDescription, options); // Get the newly created policy ContentKeyPolicy contentKeyPolicy = MediaClient.ContentKeyPolicies.Get(ResourceGroup, AccountName, policyName); Assert.NotNull(contentKeyPolicy); ValidateContentKeyPolicy(createdPolicy, policyName, policyDescription, options); // Update the policy var primaryVerificationKey = new ContentKeyPolicySymmetricTokenKey(new byte[32]); ContentKeyPolicyOption[] options2 = new ContentKeyPolicyOption[] { new ContentKeyPolicyOption(new ContentKeyPolicyClearKeyConfiguration(), new ContentKeyPolicyTokenRestriction( "issuer", "audience", primaryVerificationKey, ContentKeyPolicyRestrictionTokenType.Jwt, requiredClaims: new ContentKeyPolicyTokenClaim[] { ContentKeyPolicyTokenClaim.ContentKeyIdentifierClaim })) }; ContentKeyPolicy updatedByPutPolicy = MediaClient.ContentKeyPolicies.CreateOrUpdate(ResourceGroup, AccountName, policyName, options2, policyDescription); ValidateContentKeyPolicy(updatedByPutPolicy, policyName, policyDescription, options2); // List ContentKeyPolicies and validate the updated policy shows up as expected contentKeyPolicies = MediaClient.ContentKeyPolicies.List(ResourceGroup, AccountName); Assert.Single(contentKeyPolicies); ValidateContentKeyPolicy(contentKeyPolicies.First(), policyName, policyDescription, options2); // Get the newly updated policy contentKeyPolicy = MediaClient.ContentKeyPolicies.Get(ResourceGroup, AccountName, policyName); Assert.NotNull(contentKeyPolicy); ValidateContentKeyPolicy(contentKeyPolicy, policyName, policyDescription, options2); // Delete the policy MediaClient.ContentKeyPolicies.Delete(ResourceGroup, AccountName, policyName); // List ContentKeyPolicies, which should be empty again contentKeyPolicies = MediaClient.ContentKeyPolicies.List(ResourceGroup, AccountName); Assert.Empty(contentKeyPolicies); // Try to get the policy, which should not exist Assert.Equal(System.Net.HttpStatusCode.NotFound, Assert.Throws <ErrorResponseException>(() => MediaClient.ContentKeyPolicies.Get(ResourceGroup, AccountName, policyName)).Response.StatusCode); } finally { DeleteMediaServicesAccount(); } } }