MakeBytesUrlSafe() static private method

Converts the given data to be safe for use in signed URLs for a private distribution by using specialized Base64 encoding.
static private MakeBytesUrlSafe ( byte bytes ) : string
bytes byte
return string
AmazonCloudFrontUrlSigner Class Documentation
Esempio n. 1
0
        /// <summary>
        /// Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.
        /// </summary>
        /// <param name="resourceUrlOrPath">
        /// The URL or path for resource within a distribution.
        /// </param>
        /// <param name="privateKey">Your private key file. RSA private key (.pem) are supported.</param>
        /// <param name="keyPairId">The key pair id corresponding to the private key file given.</param>
        /// <param name="expiresOn">The expiration date till which content can be accessed using the generated cookies.</param>
        /// <param name="activeFrom">The date from which content can be accessed using the generated cookies.</param>
        /// <param name="ipRange">The allowed IP address range of the client making the GET request, in CIDR form (e.g. 192.168.0.1/24).</param>
        /// <returns>The signed cookies.</returns>
        public static CookiesForCustomPolicy GetCookiesForCustomPolicy(string resourceUrlOrPath,
                                                                       TextReader privateKey,
                                                                       string keyPairId,
                                                                       DateTime expiresOn,
                                                                       DateTime activeFrom,
                                                                       string ipRange)
        {
            var cookies = new CookiesForCustomPolicy();
            var policy  = AmazonCloudFrontUrlSigner.BuildPolicyForSignedUrl(resourceUrlOrPath, expiresOn,
                                                                            ipRange, activeFrom);

            var base64EncodedPolicy = AmazonCloudFrontUrlSigner.MakeStringUrlSafe(policy);

            cookies.Policy = new KeyValuePair <string, string>(PolicyKey, base64EncodedPolicy);

            RSAParameters rsaParameters = AmazonCloudFrontUrlSigner.ConvertPEMToRSAParameters(privateKey);

            byte[] signatureBytes = AmazonCloudFrontUrlSigner.SignWithSha1RSA(
                UTF8Encoding.UTF8.GetBytes(policy), rsaParameters);
            string urlSafeSignature = AmazonCloudFrontUrlSigner.MakeBytesUrlSafe(signatureBytes);

            cookies.Signature = new KeyValuePair <string, string>(SignatureKey, urlSafeSignature);

            cookies.KeyPairId = new KeyValuePair <string, string>(KeyPairIdKey, keyPairId);

            return(cookies);
        }
Esempio n. 2
0
        /// <summary>
        /// Generate signed cookies that allows access to a specific distribution and
        /// resource path by applying a access restrictions from a "canned" (simplified)
        /// policy document.
        /// </summary>
        /// <param name="resourceUrlOrPath">
        /// The URL or path that uniquely identifies a resource within a
        /// distribution. For standard distributions the resource URL will
        /// be <tt>"http://" + distributionName + "/" + path</tt>
        /// (may also include URL parameters. For distributions with the
        /// HTTPS required protocol, the resource URL must start with
        /// <tt>"https://"</tt>. RTMP resources do not take the form of a
        /// URL, and instead the resource path is nothing but the stream's
        /// name.
        /// </param>
        /// <param name="keyPairId">Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.</param>
        /// <param name="privateKey">The RSA private key data that corresponding to the certificate keypair identified by keyPairId.</param>
        /// <param name="expiresOn">The expiration date till which content can be accessed using the generated cookies.</param>
        /// <returns>The signed cookies.</returns>
        public static CookiesForCannedPolicy GetCookiesForCannedPolicy(string resourceUrlOrPath,
                                                                       string keyPairId,
                                                                       TextReader privateKey,
                                                                       DateTime expiresOn)
        {
            var cookies = new CookiesForCannedPolicy();

            int epochSeconds = AWSSDKUtils.ConvertToUnixEpochSeconds(expiresOn.ToUniversalTime());

            cookies.Expires = new KeyValuePair <string, string>(
                ExpiresKey, epochSeconds.ToString(CultureInfo.InvariantCulture));

            RSAParameters rsaParameters = AmazonCloudFrontUrlSigner.ConvertPEMToRSAParameters(privateKey);
            string        cannedPolicy  = "{\"Statement\":[{\"Resource\":\"" + resourceUrlOrPath
                                          + "\",\"Condition\":{\"DateLessThan\":{\"AWS:EpochTime\":" + epochSeconds
                                          + "}}}]}";

            byte[] signatureBytes = AmazonCloudFrontUrlSigner.SignWithSha1RSA(
                UTF8Encoding.UTF8.GetBytes(cannedPolicy), rsaParameters);
            string urlSafeSignature = AmazonCloudFrontUrlSigner.MakeBytesUrlSafe(signatureBytes);

            cookies.Signature = new KeyValuePair <string, string>(SignatureKey, urlSafeSignature);

            cookies.KeyPairId = new KeyValuePair <string, string>(KeyPairIdKey, keyPairId);

            return(cookies);
        }