/// <summary>
/// Generate signed cookies that allows access to a specific distribution and
/// resource path by applying a access restrictions from a "canned" (simplified)
/// policy document.
/// </summary>
/// <param name="resourceUrlOrPath">
/// The URL or path that uniquely identifies a resource within a
/// distribution. For standard distributions the resource URL will
/// be <tt>"http://" + distributionName + "/" + path</tt>
/// (may also include URL parameters. For distributions with the
/// HTTPS required protocol, the resource URL must start with
/// <tt>"https://"</tt>. RTMP resources do not take the form of a
/// URL, and instead the resource path is nothing but the stream's
/// name.
/// </param>
/// <param name="keyPairId">Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.</param>
/// <param name="privateKey">The RSA private key data that corresponding to the certificate keypair identified by keyPairId.</param>
/// <param name="expiresOn">The expiration date till which content can be accessed using the generated cookies.</param>
/// <returns>The signed cookies.</returns>
public static CookiesForCannedPolicy GetCookiesForCannedPolicy(string resourceUrlOrPath,
string keyPairId,
TextReader privateKey,
DateTime expiresOn)
{
var cookies = new CookiesForCannedPolicy();
int epochSeconds = AWSSDKUtils.ConvertToUnixEpochSeconds(expiresOn.ToUniversalTime());
cookies.Expires = new KeyValuePair <string, string>(
ExpiresKey, epochSeconds.ToString(CultureInfo.InvariantCulture));
RSAParameters rsaParameters = AmazonCloudFrontUrlSigner.ConvertPEMToRSAParameters(privateKey);
string cannedPolicy = "{\"Statement\":[{\"Resource\":\"" + resourceUrlOrPath
+ "\",\"Condition\":{\"DateLessThan\":{\"AWS:EpochTime\":" + epochSeconds
+ "}}}]}";
byte[] signatureBytes = AmazonCloudFrontUrlSigner.SignWithSha1RSA(
UTF8Encoding.UTF8.GetBytes(cannedPolicy), rsaParameters);
string urlSafeSignature = AmazonCloudFrontUrlSigner.MakeBytesUrlSafe(signatureBytes);
cookies.Signature = new KeyValuePair <string, string>(SignatureKey, urlSafeSignature);
cookies.KeyPairId = new KeyValuePair <string, string>(KeyPairIdKey, keyPairId);
return(cookies);
}
/// <summary>
/// Generate signed cookies that allows access to a specific distribution and
/// resource path by applying a access restrictions from a "canned" (simplified)
/// policy document.
/// </summary>
/// <param name="resourceUrlOrPath">
/// The URL or path that uniquely identifies a resource within a
/// distribution. For standard distributions the resource URL will
/// be <tt>"http://" + distributionName + "/" + path</tt>
/// (may also include URL parameters. For distributions with the
/// HTTPS required protocol, the resource URL must start with
/// <tt>"https://"</tt>. RTMP resources do not take the form of a
/// URL, and instead the resource path is nothing but the stream's
/// name.
/// </param>
/// <param name="keyPairId">Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.</param>
/// <param name="privateKey">The RSA private key data that corresponding to the certificate keypair identified by keyPairId.</param>
/// <param name="expiresOn">The expiration date till which content can be accessed using the generated cookies.</param>
/// <returns>The signed cookies.</returns>
public static CookiesForCannedPolicy GetCookiesForCannedPolicy(string resourceUrlOrPath,
string keyPairId,
TextReader privateKey,
DateTime expiresOn)
{
var cookies = new CookiesForCannedPolicy();
string epochSeconds = AWSSDKUtils.ConvertToUnixEpochSecondsString(expiresOn.ToUniversalTime());
cookies.Expires = new KeyValuePair<string, string>(
ExpiresKey, epochSeconds);
RSAParameters rsaParameters = AmazonCloudFrontUrlSigner.ConvertPEMToRSAParameters(privateKey);
string cannedPolicy = "{\"Statement\":[{\"Resource\":\"" + resourceUrlOrPath
+ "\",\"Condition\":{\"DateLessThan\":{\"AWS:EpochTime\":" + epochSeconds
+ "}}}]}";
byte[] signatureBytes = AmazonCloudFrontUrlSigner.SignWithSha1RSA(
UTF8Encoding.UTF8.GetBytes(cannedPolicy), rsaParameters);
string urlSafeSignature = AmazonCloudFrontUrlSigner.MakeBytesUrlSafe(signatureBytes);
cookies.Signature = new KeyValuePair<string, string>(SignatureKey, urlSafeSignature);
cookies.KeyPairId = new KeyValuePair<string, string>(KeyPairIdKey, keyPairId);
return cookies;
}
