static public void AddOpenAuthorizationPolicy(IContentKey contentKey) { // Create ContentKeyAuthorizationPolicy with Open restrictions // and create authorization policy List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Name = "Open", KeyRestrictionType = (int)ContentKeyRestrictionType.Open, Requirements = null } }; // Configure PlayReady license template. string newLicenseTemplate = ConfigurePlayReadyLicenseTemplate(); IContentKeyAuthorizationPolicyOption policyOption = _context.ContentKeyAuthorizationPolicyOptions.Create("", ContentKeyDeliveryType.PlayReadyLicense, restrictions, newLicenseTemplate); IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context. ContentKeyAuthorizationPolicies. CreateAsync("Deliver Common Content Key with no restrictions"). Result; contentKeyAuthorizationPolicy.Options.Add(policyOption); // Associate the content key authorization policy with the content key. contentKey.AuthorizationPolicyId = contentKeyAuthorizationPolicy.Id; contentKey = contentKey.UpdateAsync().Result; }
private static string AddFairPlayTokenRestrictedAuthorizationPolicyFairPlay(IContentKey contentKey) { string tokenTemplateString = DRMHelper.GenerateTokenRequirementsString(_tokenPrimaryVerificationKey, _tokenAlternativeVerificationKey, _tokenScope, _tokenIssuer, true); List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Name = "FairPlay Token Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, Requirements = tokenTemplateString, } }; // Configure FairPlay policy option. string FairPlayConfiguration = ConfigureFairPlayPolicyOptions(); IContentKeyAuthorizationPolicyOption FairPlayPolicy = _context.ContentKeyAuthorizationPolicyOptions.Create("FairPlay token option", ContentKeyDeliveryType.FairPlay, restrictions, FairPlayConfiguration); IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.ContentKeyAuthorizationPolicies.CreateAsync("Deliver CBC Content Key with token restrictions").Result; contentKeyAuthorizationPolicy.Options.Add(FairPlayPolicy); // Associate the content key authorization policy with the content key contentKey.AuthorizationPolicyId = contentKeyAuthorizationPolicy.Id; contentKey = contentKey.UpdateAsync().Result; return(tokenTemplateString); }
/// <summary> /// This is a helper method to setup a Content Key for delivery from Azure Media Services /// </summary> /// <param name="context">The CloudMediaContext instance used to communicate with Azure Media Services</param> /// <param name="restrictions">One or more restrictions to add to the ContentKeyAuthorizationPolicy associated with the ContentKey</param> /// <returns>A ContentKey that is configured for delivery to clients</returns> private static IContentKey SetupContentKey(CloudMediaContext context, List <ContentKeyAuthorizationPolicyRestriction> restrictions) { // // Create the ContentKeyAuthorizationPolicyOption // IContentKeyAuthorizationPolicyOption option = context.ContentKeyAuthorizationPolicyOptions.Create("Option with Token Restriction", ContentKeyDeliveryType.BaselineHttp, restrictions, null); // // Create the ContentKeyAuthorizationPolicy and add the option from above // IContentKeyAuthorizationPolicy policy = context.ContentKeyAuthorizationPolicies.CreateAsync("Policy to illustrate integration with ACS").Result; policy.Options.Add(option); // // Create the ContentKey and associate the policy from above // byte[] keyValue = GetRandomKeyValue(); Guid keyId = Guid.NewGuid(); IContentKey contentKey = context.ContentKeys.Create(keyId, keyValue, "Test Key", ContentKeyType.EnvelopeEncryption); contentKey.AuthorizationPolicyId = policy.Id; contentKey.Update(); return(contentKey); }
private static string AddPlayReadyAndWidevineTokenRestrictedAuthorizationPolicy(IContentKey contentKey) { string tokenTemplateString = DRMHelper.GenerateTokenRequirementsString(_tokenPrimaryVerificationKey, _tokenAlternativeVerificationKey, _tokenScope, _tokenIssuer, true); List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Name = "Playready and Widevine Token Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, Requirements = tokenTemplateString, } }; // Configure PlayReady and Widevine license templates. string PlayReadyLicenseTemplate = ConfigurePlayReadyLicenseTemplate(); string WidevineLicenseTemplate = ConfigureWidevineLicenseTemplate(); IContentKeyAuthorizationPolicyOption PlayReadyPolicy = _context.ContentKeyAuthorizationPolicyOptions.Create("PlayReady token option", ContentKeyDeliveryType.PlayReadyLicense, restrictions, PlayReadyLicenseTemplate); IContentKeyAuthorizationPolicyOption WidevinePolicy = _context.ContentKeyAuthorizationPolicyOptions.Create("Widevine token option", ContentKeyDeliveryType.Widevine, restrictions, WidevineLicenseTemplate); IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.ContentKeyAuthorizationPolicies.CreateAsync("Deliver Common Content Key with token restrictions").Result; contentKeyAuthorizationPolicy.Options.Add(PlayReadyPolicy); contentKeyAuthorizationPolicy.Options.Add(WidevinePolicy); // Associate the content key authorization policy with the content key contentKey.AuthorizationPolicyId = contentKeyAuthorizationPolicy.Id; contentKey = contentKey.UpdateAsync().Result; return(tokenTemplateString); }
public void GetPlayReadyLicenseDeliveryUrl() { IContentKey contentKey = null; IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null; IContentKeyAuthorizationPolicyOption policyOption = null; try { contentKey = CreateTestKey(_mediaContext, ContentKeyType.CommonEncryption); PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate(); responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate()); string licenseTemplate = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate); policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.PlayReadyLicense, null, licenseTemplate, ContentKeyRestrictionType.Open); List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption> { policyOption }; contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey); Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense); Assert.IsNotNull(keyDeliveryServiceUri); Assert.IsTrue(0 == String.Compare(keyDeliveryServiceUri.AbsolutePath, "/PlayReady/", StringComparison.OrdinalIgnoreCase)); } finally { CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption); } }
public static IContentKeyAuthorizationPolicyOption AddTokenRestrictedAuthorizationPolicyPlayReady(IContentKey contentKey, string Audience, string Issuer, IList <TokenClaim> tokenclaimslist, bool AddContentKeyIdentifierClaim, TokenType tokentype, ExplorerTokenType detailedtokentype, TokenVerificationKey mytokenverificationkey, CloudMediaContext _context, string newLicenseTemplate, string openIdDiscoveryPath = null) { string tokenTemplateString = GenerateTokenRequirements(tokentype, Audience, Issuer, tokenclaimslist, AddContentKeyIdentifierClaim, mytokenverificationkey, openIdDiscoveryPath); string tname = detailedtokentype.ToString(); List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Name = tname + " Token Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, Requirements = tokenTemplateString, } }; IContentKeyAuthorizationPolicyOption policyOption = _context.ContentKeyAuthorizationPolicyOptions.Create(tname + "Token option", ContentKeyDeliveryType.PlayReadyLicense, restrictions, newLicenseTemplate); IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context. ContentKeyAuthorizationPolicies. CreateAsync("Deliver Common Content Key with no restrictions"). Result; return(policyOption); }
static public IContentKeyAuthorizationPolicy AddOpenAuthorizationPolicy(IContentKey contentKey, ContentKeyDeliveryType contentkeydeliverytype, string keydeliveryconfig, CloudMediaContext _context) { // Create ContentKeyAuthorizationPolicy with Open restrictions // and create authorization policy List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Name = "Open", KeyRestrictionType = (int)ContentKeyRestrictionType.Open, Requirements = null } }; IContentKeyAuthorizationPolicyOption policyOption = _context.ContentKeyAuthorizationPolicyOptions.Create( "policy", contentkeydeliverytype, restrictions, keydeliveryconfig); IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context. ContentKeyAuthorizationPolicies. CreateAsync("Open Authorization Policy").Result; contentKeyAuthorizationPolicy.Options.Add(policyOption); // Associate the content key authorization policy with the content key. contentKey.AuthorizationPolicyId = contentKeyAuthorizationPolicy.Id; contentKey = contentKey.UpdateAsync().Result; return(contentKeyAuthorizationPolicy); }
static public void AddOpenAuthorizationPolicy(IContentKey contentKey) { // Create ContentKeyAuthorizationPolicy with Open restrictions and create authorization policy IContentKeyAuthorizationPolicy policy = context.ContentKeyAuthorizationPolicies.CreateAsync("Open Authorization Policy").Result; List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>(); ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction { Name = "HLS Open Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.Open, Requirements = null // no requirements needed for HLS }; restrictions.Add(restriction); IContentKeyAuthorizationPolicyOption policyOption = context.ContentKeyAuthorizationPolicyOptions.Create( "policy", ContentKeyDeliveryType.BaselineHttp, restrictions, ""); policy.Options.Add(policyOption); // Add ContentKeyAutorizationPolicy to ContentKey contentKey.AuthorizationPolicyId = policy.Id; IContentKey updatedKey = contentKey.UpdateAsync().Result; }
public static void RemoveContentKeyAuthorizationPolicyOption(string id) { IContentKeyAuthorizationPolicyOption option = _context.ContentKeyAuthorizationPolicyOptions.Where(p => p.Id == id).FirstOrDefault(); if (option != null) { try { string oId = option.Id; string oName = option.Name; if (option.KeyDeliveryType == ContentKeyDeliveryType.FairPlay) { dynamic data = JsonConvert.DeserializeObject(option.KeyDeliveryConfiguration); string contentKeyASkId = "nb:kid:UUID:" + data.ASkId; string contentKeyFairPlayPfxPasswordId = "nb:kid:UUID:" + data.FairPlayPfxPasswordId; RemoveContentKey(contentKeyASkId); RemoveContentKey(contentKeyFairPlayPfxPasswordId); } option.Delete(); Console.WriteLine("Deleted ContentKey Authorization Policy Option {0} : {1}", oId, oName); } catch (Exception e) { Console.WriteLine("Error on deleting ContentKey Authorization Policy Option {0} : {1}", id, e.ToString()); } } else { Console.WriteLine("Error: ContentKey Authorization Policy Option {0} Not Found", id); } return; }
public static IContentKeyAuthorizationPolicyOption AddTokenRestrictedAuthorizationPolicyAES(IContentKey contentKey, string Audience, string Issuer, IList <TokenClaim> tokenclaimslist, bool AddContentKeyIdentifierClaim, TokenType tokentype, ExplorerTokenType detailedtokentype, TokenVerificationKey mytokenverificationkey, CloudMediaContext _context, string openIdDiscoveryPath = null) { string tokenTemplateString = GenerateTokenRequirements(tokentype, Audience, Issuer, tokenclaimslist, AddContentKeyIdentifierClaim, mytokenverificationkey, openIdDiscoveryPath); string tname = detailedtokentype.ToString(); List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>(); ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction { Name = tname + " Token Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, Requirements = tokenTemplateString }; restrictions.Add(restriction); //You could have multiple options IContentKeyAuthorizationPolicyOption policyOption = _context.ContentKeyAuthorizationPolicyOptions.Create( "Token option", ContentKeyDeliveryType.BaselineHttp, restrictions, null // no key delivery data is needed for HLS ); return(policyOption); }
public static void ClassInit(TestContext context) { //CreateCounters(); _mediaContext = WindowsAzureMediaServicesTestConfiguration.CreateCloudMediaContext(); IContentKeyAuthorizationPolicyOption policyOption = null; for (int i = 0; i < 10; i++) { byte[] expectedKey = null; IContentKey contentKey = GetKeyDeliveryUrlTests.CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey); policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.BaselineHttp, null, null, ContentKeyRestrictionType.Open); List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption> { policyOption }; GetKeyDeliveryUrlTests.CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey); Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp); Assert.IsNotNull(keyDeliveryServiceUri); string rawkey = EncryptionUtils.GetKeyIdAsGuid(contentKey.Id).ToString(); _testData.Add(new Tuple <Uri, string, string>(keyDeliveryServiceUri, TokenServiceClient.GetAuthTokenForKey(rawkey), GetKeyDeliveryUrlTests.GetString(expectedKey))); } }
public void EnsureEnvelopeKeyDeliveryUrlForCommonKeyFails() { IContentKey contentKey = null; IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null; IContentKeyAuthorizationPolicyOption policyOption = null; PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate(); responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate()); string licenseTemplate = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate); try { contentKey = CreateTestKey(_mediaContext, ContentKeyType.CommonEncryption); policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.PlayReadyLicense, null, licenseTemplate, ContentKeyRestrictionType.Open); List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption> { policyOption }; contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey); Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp); } finally { CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption); } }
public string[] GetProtectionTypes(IAsset asset) { List <string> protectionTypes = new List <string>(); IAssetDeliveryPolicy deliveryPolicy = asset.DeliveryPolicies.Where(p => p.AssetDeliveryPolicyType == AssetDeliveryPolicyType.DynamicEnvelopeEncryption).SingleOrDefault(); if (deliveryPolicy != null) { protectionTypes.Add(MediaProtection.AES.ToString()); } deliveryPolicy = asset.DeliveryPolicies.Where(p => p.AssetDeliveryPolicyType == AssetDeliveryPolicyType.DynamicCommonEncryption).SingleOrDefault(); if (deliveryPolicy != null) { IContentKey contentKey = asset.ContentKeys.Where(k => k.ContentKeyType == ContentKeyType.CommonEncryption).SingleOrDefault(); if (contentKey != null) { IContentKeyAuthorizationPolicy authPolicy = GetEntityById(MediaEntity.ContentKeyAuthPolicy, contentKey.AuthorizationPolicyId) as IContentKeyAuthorizationPolicy; if (authPolicy != null) { IContentKeyAuthorizationPolicyOption policyOption = authPolicy.Options.Where(o => o.KeyDeliveryType == ContentKeyDeliveryType.PlayReadyLicense).SingleOrDefault(); if (policyOption != null) { protectionTypes.Add(MediaProtection.PlayReady.ToString()); } policyOption = authPolicy.Options.Where(o => o.KeyDeliveryType == ContentKeyDeliveryType.Widevine).SingleOrDefault(); if (policyOption != null) { protectionTypes.Add(MediaProtection.Widevine.ToString()); } } } } return(protectionTypes.ToArray()); }
public void EnsureNoneKeyDeliveryUrlFails() { IContentKey contentKey = null; IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null; IContentKeyAuthorizationPolicyOption policyOption = null; try { contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption); policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.BaselineHttp, null, null, ContentKeyRestrictionType.Open); List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption> { policyOption }; contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey); Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.None); } finally { CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption); } }
public void TestContentKeyAuthorizationPolicyOptionCreateFailedRetryMessageLengthLimitExceeded() { var expected = new ContentKeyAuthorizationPolicyOptionData { Name = "testData" }; var fakeException = new WebException("test", WebExceptionStatus.MessageLengthLimitExceeded); var dataContextMock = TestMediaServicesClassFactory.CreateSaveChangesMock(fakeException, 10, expected); dataContextMock.Setup((ctxt) => ctxt.AddObject("ContentKeyAuthorizationPolicyOptions", It.IsAny <object>())); _mediaContext.MediaServicesClassFactory = new TestMediaServicesClassFactory(dataContextMock.Object); try { IContentKeyAuthorizationPolicyOption actual = _mediaContext.ContentKeyAuthorizationPolicyOptions.Create("Empty", ContentKeyDeliveryType.None, null, null); } catch (WebException x) { dataContextMock.Verify((ctxt) => ctxt.SaveChangesAsync(It.IsAny <object>()), Times.Exactly(1)); Assert.AreEqual(fakeException, x); throw; } Assert.Fail("Expected exception"); }
private void FetchKeyWithSWTToken(string audience, string issuer) { IContentKey contentKey = null; IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null; IContentKeyAuthorizationPolicyOption policyOption = null; try { byte[] expectedKey = null; contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey); var contentKeyId = Guid.Parse(contentKey.Id.Replace("nb:kid:UUID:", String.Empty)); TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.SWT); tokenRestrictionTemplate.PrimaryVerificationKey = new SymmetricVerificationKey(); // the default constructor automatically generates a random key tokenRestrictionTemplate.Audience = audience; tokenRestrictionTemplate.Issuer = issuer; tokenRestrictionTemplate.TokenType = TokenType.SWT; tokenRestrictionTemplate.RequiredClaims.Add(new TokenClaim(TokenClaim.ContentKeyIdentifierClaimType, contentKeyId.ToString())); string optionName = "GetHlsKeyDeliveryUrlAndFetchKeyWithSWTAuthentication"; string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate); ContentKeyRestrictionType restrictionType = ContentKeyRestrictionType.TokenRestricted; var _testOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, optionName, ContentKeyDeliveryType.BaselineHttp, requirements, null, restrictionType); List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption> { _testOption }; contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey); Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp); Assert.IsNotNull(keyDeliveryServiceUri); Assert.IsTrue(keyDeliveryServiceUri.Host.StartsWith(_mediaContext.Credentials.ClientId)); KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed); string swtTokenString = TokenRestrictionTemplateSerializer.GenerateTestToken(tokenRestrictionTemplate, tokenRestrictionTemplate.PrimaryVerificationKey, contentKeyId, DateTime.Now.AddDays(2)); byte[] key = keyClient.AcquireHlsKeyWithBearerHeader(keyDeliveryServiceUri, swtTokenString); string expectedString = GetString(expectedKey); string fetchedString = GetString(key); Assert.AreEqual(expectedString, fetchedString); } finally { CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption); } }
private void FetchKeyWithJWTAuth(string audience, string issuer) { IContentKey contentKey = null; IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null; IContentKeyAuthorizationPolicyOption policyOption = null; try { byte[] expectedKey = null; contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey); var templatex509Certificate2 = new X509Certificate2("amscer.pfx", "AMSGIT"); SigningCredentials cred = new X509SigningCredentials(templatex509Certificate2); TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.JWT); tokenRestrictionTemplate.PrimaryVerificationKey = new X509CertTokenVerificationKey(templatex509Certificate2); tokenRestrictionTemplate.Audience = audience; tokenRestrictionTemplate.Issuer = issuer; string optionName = "GetHlsKeyDeliveryUrlAndFetchKeyWithJWTAuthentication"; string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate); policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, optionName, ContentKeyDeliveryType.BaselineHttp, requirements, null, ContentKeyRestrictionType.TokenRestricted); JwtSecurityToken token = new JwtSecurityToken(issuer: tokenRestrictionTemplate.Issuer, audience: tokenRestrictionTemplate.Audience, notBefore: DateTime.Now.AddMinutes(-5), expires: DateTime.Now.AddMinutes(5), signingCredentials: cred); JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler(); string jwtTokenString = handler.WriteToken(token); List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption> { policyOption }; contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey); Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp); Assert.IsNotNull(keyDeliveryServiceUri); // Enable once all accounts are enabled for per customer Key Delivery Urls //Assert.IsTrue(keyDeliveryServiceUri.Host.StartsWith(_mediaContext.Credentials.ClientId)); KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed); byte[] key = keyClient.AcquireHlsKeyWithBearerHeader(keyDeliveryServiceUri, jwtTokenString); string expectedString = GetString(expectedKey); string fetchedString = GetString(key); Assert.AreEqual(expectedString, fetchedString); } finally { CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption); } }
static public IContentKeyAuthorizationPolicy CreateAuthorizationPolicyCommonType(string policyName) { List <ContentKeyAuthorizationPolicyRestriction> restrictions; string PlayReadyOptionName; string WidevineOptionName; if (_isTokenRestricted) { string tokenTemplateString = GenerateTokenRequirements(); restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Name = "Token Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, Requirements = tokenTemplateString, } }; PlayReadyOptionName = "TokenRestricted PlayReady Option 1"; WidevineOptionName = "TokenRestricted Widevine Option 1"; } else { restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Name = "Open", KeyRestrictionType = (int)ContentKeyRestrictionType.Open, Requirements = null } }; PlayReadyOptionName = "Open PlayReady Option 1"; WidevineOptionName = "Open Widevine Option 1"; } // Configure PlayReady and Widevine license templates. string PlayReadyLicenseTemplate = ConfigurePlayReadyPolicyOptions(); string WidevineLicenseTemplate = ConfigureWidevinePolicyOptions(); IContentKeyAuthorizationPolicyOption PlayReadyPolicy = _context.ContentKeyAuthorizationPolicyOptions.Create(PlayReadyOptionName, ContentKeyDeliveryType.PlayReadyLicense, restrictions, PlayReadyLicenseTemplate); IContentKeyAuthorizationPolicyOption WidevinePolicy = _context.ContentKeyAuthorizationPolicyOptions.Create(WidevineOptionName, ContentKeyDeliveryType.Widevine, restrictions, WidevineLicenseTemplate); IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.ContentKeyAuthorizationPolicies.CreateAsync(policyName).Result; contentKeyAuthorizationPolicy.Options.Add(PlayReadyPolicy); contentKeyAuthorizationPolicy.Options.Add(WidevinePolicy); return(contentKeyAuthorizationPolicy); }
private void listViewAutOptions_SelectedIndexChanged(object sender, EventArgs e) { bool NoVerifKey = false; if (listViewAutOptions.SelectedIndices.Count > 0) { var it = listViewAutOptions.SelectedItems[0]; string stringoptionid = it.SubItems[2].Text; SelectedOption = mycontext.ContentKeyAuthorizationPolicyOptions.Where(p => p.Id == stringoptionid).FirstOrDefault(); KeyFromSelectedOption = ContentKeyDisplayed[listViewAutOptions.SelectedItems[0].Index]; string tokenTemplateString = SelectedOption.Restrictions.FirstOrDefault().Requirements; if (!string.IsNullOrEmpty(tokenTemplateString)) { TokenRestrictionTemplate tokenTemplate = TokenRestrictionTemplateSerializer.Deserialize(tokenTemplateString); textBoxAudience.Text = tokenTemplate.Audience.ToString(); textBoxIssuer.Text = tokenTemplate.Issuer.ToString(); checkBoxAddContentKeyIdentifierClaim.Checked = false; groupBoxStartDate.Enabled = (tokenTemplate.TokenType == TokenType.JWT); if (tokenTemplate.PrimaryVerificationKey != null) { panelJWTX509Cert.Enabled = !(tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey)); } else { NoVerifKey = true; // Case for OpenId for example. No way to create a test token.... } TokenClaimsList.Clear(); foreach (var claim in tokenTemplate.RequiredClaims) { if (claim.ClaimType == TokenClaim.ContentKeyIdentifierClaimType) { checkBoxAddContentKeyIdentifierClaim.Checked = true; } else { TokenClaimsList.Add(new MyTokenClaim() { Type = claim.ClaimType, Value = claim.ClaimValue }); } } } UpdateButtonOk(NoVerifKey); } }
public void TestContentKeyAuthorizationPolicyOptionCreateRetry() { var expected = new ContentKeyAuthorizationPolicyOptionData { Name = "testData" }; var fakeException = new WebException("test", WebExceptionStatus.ConnectionClosed); var dataContextMock = TestMediaServicesClassFactory.CreateSaveChangesMock(fakeException, 2, expected); dataContextMock.Setup((ctxt) => ctxt.AddObject("ContentKeyAuthorizationPolicyOptions", It.IsAny <object>())); _mediaContext.MediaServicesClassFactory = new TestMediaServicesClassFactory(dataContextMock.Object); IContentKeyAuthorizationPolicyOption actual = _mediaContext.ContentKeyAuthorizationPolicyOptions.Create("Empty", ContentKeyDeliveryType.None, null, null); Assert.AreEqual(expected.Name, actual.Name); dataContextMock.Verify((ctxt) => ctxt.SaveChangesAsync(It.IsAny <object>()), Times.Exactly(2)); }
public static string AddTokenRestrictedAuthorizationPolicy(IContentKey contentKey) { string tokenTemplateString = GenerateTokenRequirements(); List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Name = "Token Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, Requirements = tokenTemplateString, } }; // Configure PlayReady and Widevine license templates. string PlayReadyLicenseTemplate = ConfigurePlayReadyLicenseTemplate(); string WidevineLicenseTemplate = ConfigureWidevineLicenseTemplate(); IContentKeyAuthorizationPolicyOption PlayReadyPolicy = _context.ContentKeyAuthorizationPolicyOptions.Create("Token option", ContentKeyDeliveryType.PlayReadyLicense, restrictions, PlayReadyLicenseTemplate); IContentKeyAuthorizationPolicyOption WidevinePolicy = _context.ContentKeyAuthorizationPolicyOptions.Create("Token option", ContentKeyDeliveryType.Widevine, restrictions, WidevineLicenseTemplate); IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context. ContentKeyAuthorizationPolicies. CreateAsync("Deliver Common Content Key with token restrictions"). Result; contentKeyAuthorizationPolicy.Options.Add(PlayReadyPolicy); contentKeyAuthorizationPolicy.Options.Add(WidevinePolicy); // Associate the content key authorization policy with the content key contentKey.AuthorizationPolicyId = contentKeyAuthorizationPolicy.Id; contentKey = contentKey.UpdateAsync().Result; return(tokenTemplateString); }
static public IContentKeyAuthorizationPolicy CreateAuthorizationPolicyCommonCBCType(string policyName) { List <ContentKeyAuthorizationPolicyRestriction> restrictions; string FairPlayOptionName; if (_isTokenRestricted) { string tokenTemplateString = GenerateTokenRequirements(); restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Name = "Token Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, Requirements = tokenTemplateString, } }; FairPlayOptionName = "TokenRestricted FairPlay Option 1"; } else { restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Name = "Open", KeyRestrictionType = (int)ContentKeyRestrictionType.Open, Requirements = null } }; FairPlayOptionName = "Open FairPlay Option 1"; } // Configure FairPlay policy option. string FairPlayConfiguration = ConfigureFairPlayPolicyOptions(); IContentKeyAuthorizationPolicyOption FairPlayPolicy = _context.ContentKeyAuthorizationPolicyOptions.Create(FairPlayOptionName, ContentKeyDeliveryType.FairPlay, restrictions, FairPlayConfiguration); IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = _context.ContentKeyAuthorizationPolicies.CreateAsync(policyName).Result; contentKeyAuthorizationPolicy.Options.Add(FairPlayPolicy); return(contentKeyAuthorizationPolicy); }
public void ContentKeyAuthorizationPolicyOptionTestEnumQuery() { var policyOptions = _mediaContext.ContentKeyAuthorizationPolicyOptions; PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate(); responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate()); string optionName = "integrationtest-crud-746"; string requirements = null; string configuration = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate); ContentKeyRestrictionType restrictionType = ContentKeyRestrictionType.Open; IContentKeyAuthorizationPolicyOption option = CreateOption(_mediaContext, optionName, ContentKeyDeliveryType.PlayReadyLicense, requirements, configuration, restrictionType); var ok = policyOptions.Where(o => o.KeyDeliveryType == ContentKeyDeliveryType.PlayReadyLicense).AsEnumerable().Any(); Assert.IsTrue(ok, "Can not find option by DeliveryType"); }
public static IContentKeyAuthorizationPolicyOption CreateOption(CloudMediaContext dataContext, string optionName, ContentKeyDeliveryType deliveryType, string requirements, string configuration, ContentKeyRestrictionType restrictionType) { var restrictions = new List <ContentKeyAuthorizationPolicyRestriction> { new ContentKeyAuthorizationPolicyRestriction { Requirements = requirements, Name = "somename" } }; restrictions[0].SetKeyRestrictionTypeValue(restrictionType); IContentKeyAuthorizationPolicyOption option = dataContext.ContentKeyAuthorizationPolicyOptions.Create( optionName, deliveryType, restrictions, configuration); return(option); }
public void GetWidevineKeyDeliveryUrlAndFetchLicense() { IContentKey contentKey = null; IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null; IContentKeyAuthorizationPolicyOption policyOption = null; try { byte[] expectedKey = null; contentKey = CreateTestKey(_mediaContext, ContentKeyType.CommonEncryption, out expectedKey); policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.Widevine, null, "{}", ContentKeyRestrictionType.Open); List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption> { policyOption }; contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey); Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine); Assert.IsNotNull(keyDeliveryServiceUri); KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed); string rawkey = EncryptionUtils.GetKeyIdAsGuid(contentKey.Id).ToString(); string payload = "CAEShAEKTAgAEkgAAAACAAAQWPXbhtb/q43f3SfuC2VP3q0jeAECW3emQkWn2wXCYVOnvlWPDNqh8VVIB4GmsNA8eVVFigXkQWIGN0GlgMKjpUESLAoqChQIARIQJMPCzl2bViyMQEtyK/gtmRABGhAyNWY3ODMzMTcyMmJjM2EyGAEgv5iQkAUaIC3ON1zVgeV0rP7w2VmVLGorqClcMQO4BdbHPyk3GsnY"; byte[] license = keyClient.AcquireWidevineLicenseWithBearerHeader( keyDeliveryServiceUri, TokenServiceClient.GetAuthTokenForKey(rawkey), Convert.FromBase64String(payload)); string expectedString = Convert.ToBase64String(license); Assert.AreEqual("CAIS", expectedString.Substring(0, 4)); } finally { CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption); } }
public static IContentKey AddAuthorizationPolicyToContentKey(CloudMediaContext objCloudMediaContext, IContentKey objIContentKey, string keyId) { // Create ContentKeyAuthorizationPolicy with restrictions and create authorization policy IContentKeyAuthorizationPolicy policy = objCloudMediaContext.ContentKeyAuthorizationPolicies.CreateAsync(keyId).Result; List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>(); //ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction // { // Name = "Open Authorization Policy", // KeyRestrictionType = (int)ContentKeyRestrictionType.Open, // Requirements = null // no requirements // }; //ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction //{ // Name = "Authorization Policy with SWT Token Restriction", // KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, // Requirements = ContentKeyAuthorizationHelper.CreateRestrictionRequirements() //}; ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction { Name = "JWTContentKeyAuthorizationPolicyRestriction", KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, Requirements = ContentKeyAuthorizationHelper.CreateRestrictionRequirementsForJWT() }; restrictions.Add(restriction); IContentKeyAuthorizationPolicyOption policyOption = objCloudMediaContext.ContentKeyAuthorizationPolicyOptions.Create( keyId, ContentKeyDeliveryType.BaselineHttp, restrictions, ""); policy.Options.Add(policyOption); // Add ContentKeyAutorizationPolicy to ContentKey objIContentKey.AuthorizationPolicyId = policy.Id; IContentKey IContentKeyUpdated = objIContentKey.UpdateAsync().Result; return(IContentKeyUpdated); }
private static IContentKeyAuthorizationPolicy GetTokenRestrictedAuthorizationPolicy(TraceWriter log, AuthorizationPolicyRequst request) { MediaServicesCredentials amsCredentials = new MediaServicesCredentials(); AzureAdTokenCredentials tokenCredentials = new AzureAdTokenCredentials(amsCredentials.AmsAadTenantDomain, new AzureAdClientSymmetricKey(amsCredentials.AmsClientId, amsCredentials.AmsClientSecret), AzureEnvironments.AzureCloudEnvironment); AzureAdTokenProvider tokenProvider = new AzureAdTokenProvider(tokenCredentials); CloudMediaContext context = new CloudMediaContext(amsCredentials.AmsRestApiEndpoint, tokenProvider); byte[] secret = request.tokenSecret; TokenClaim[] tokenClaims = request.tokenClaims; TokenType tokenType = request.TokenTypeEnum; string audience = request.audience; string issuer = request.issuer; List <IContentKeyAuthorizationPolicyOption> authPolicyOptions = new List <IContentKeyAuthorizationPolicyOption>(request.config.Length); List <ContentKeyDeliveryType> delTypes = new List <ContentKeyDeliveryType>(request.config.Length); log.Info($"Prepared for auth policy loop on {request.config.Length} entries with: {(secret ?? new byte[0]).Length} long key; {(tokenClaims ?? new TokenClaim[0]).Length} claims; {tokenType.ToString()} {audience} {issuer}"); // return foreach (AuthorizationPolicyRequestTokenConfig d in request.config) { ContentKeyDeliveryType ckdType = d.ContentKeyDeliveryType; delTypes.Add(ckdType); log.Info($"Making auth policy option! {d.ContentKeyDeliveryType.ToString()} {d.keyDeliveryConfiguration}"); IContentKeyAuthorizationPolicyOption option = GetTokenRestrictedAuthorizationPolicyOption(context, secret, ckdType, tokenType, audience, issuer, tokenClaims, d.keyDeliveryConfiguration); authPolicyOptions.Add(option); } log.Info($"Making policy container"); IContentKeyAuthorizationPolicy policy = context.ContentKeyAuthorizationPolicies.CreateAsync(string.Join(", ", delTypes.Select(x => x.ToString())) + " Authentication Policy").Result; foreach (IContentKeyAuthorizationPolicyOption a in authPolicyOptions) { log.Info($"Adding policy " + a.Name); policy.Options.Add(a); } return(policy); }
public void SetupTest() { _mediaContext = WindowsAzureMediaServicesTestConfiguration.CreateCloudMediaContext(); PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate(); responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate()); TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.JWT); tokenRestrictionTemplate.PrimaryVerificationKey = new SymmetricVerificationKey(); // the default constructor automatically generates a random key tokenRestrictionTemplate.Audience = "http://sampleIssuerUrl"; tokenRestrictionTemplate.Issuer = "http://sampleAudience"; string optionName = "integrationtest-crud-749"; string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate); string configuration = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate); ContentKeyRestrictionType restrictionType = ContentKeyRestrictionType.TokenRestricted; _testOption = CreateOption(_mediaContext, optionName, ContentKeyDeliveryType.PlayReadyLicense, requirements, configuration, restrictionType); }
public void GetHlsKeyDeliveryUrlAndFetchKey() { IContentKey contentKey = null; IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null; IContentKeyAuthorizationPolicyOption policyOption = null; try { byte[] expectedKey = null; contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey); policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.BaselineHttp, null, null, ContentKeyRestrictionType.Open); List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption> { policyOption }; contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey); Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp); Assert.IsNotNull(keyDeliveryServiceUri); // Enable once all accounts are enabled for per customer Key Delivery Urls //Assert.IsTrue(keyDeliveryServiceUri.Host.StartsWith(_mediaContext.Credentials.ClientId)); KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed); string rawkey = EncryptionUtils.GetKeyIdAsGuid(contentKey.Id).ToString(); byte[] key = keyClient.AcquireHlsKey(keyDeliveryServiceUri, TokenServiceClient.GetAuthTokenForKey(rawkey)); string expectedString = GetString(expectedKey); string fetchedString = GetString(key); Assert.AreEqual(expectedString, fetchedString); } finally { CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption); } }
public static string AddTokenRestrictedAuthorizationPolicy(IContentKey contentKey) { string tokenTemplateString = GenerateTokenRequirements(); IContentKeyAuthorizationPolicy policy = _context. ContentKeyAuthorizationPolicies. CreateAsync("HLS token restricted authorization policy").Result; List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>(); ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction { Name = "Token Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, Requirements = tokenTemplateString }; restrictions.Add(restriction); //You could have multiple options IContentKeyAuthorizationPolicyOption policyOption = _context.ContentKeyAuthorizationPolicyOptions.Create( "Token option for HLS", ContentKeyDeliveryType.BaselineHttp, restrictions, null // no key delivery data is needed for HLS ); policy.Options.Add(policyOption); // Add ContentKeyAutorizationPolicy to ContentKey contentKey.AuthorizationPolicyId = policy.Id; IContentKey updatedKey = contentKey.UpdateAsync().Result; Console.WriteLine("Adding Key to Asset: Key ID is " + updatedKey.Id); return(tokenTemplateString); }
private void listViewAutOptions_SelectedIndexChanged(object sender, EventArgs e) { if (listViewAutOptions.SelectedIndices.Count > 0) { var it = listViewAutOptions.SelectedItems[0]; string stringoptionid = it.SubItems[2].Text; SelectedOption = mycontext.ContentKeyAuthorizationPolicyOptions.Where(p => p.Id == stringoptionid).FirstOrDefault(); KeyFromSelectedOption = ContentKeyDisplayed[listViewAutOptions.SelectedItems[0].Index]; string tokenTemplateString = SelectedOption.Restrictions.FirstOrDefault().Requirements; if (!string.IsNullOrEmpty(tokenTemplateString)) { TokenRestrictionTemplate tokenTemplate = TokenRestrictionTemplateSerializer.Deserialize(tokenTemplateString); textBoxAudience.Text = tokenTemplate.Audience.ToString(); textBoxIssuer.Text = tokenTemplate.Issuer.ToString(); checkBoxAddContentKeyIdentifierClaim.Checked = false; groupBoxStartDate.Enabled = (tokenTemplate.TokenType == TokenType.JWT); panelJWTX509Cert.Enabled = !(tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey)); TokenClaimsList.Clear(); foreach (var claim in tokenTemplate.RequiredClaims) { if (claim.ClaimType == TokenClaim.ContentKeyIdentifierClaimType) { checkBoxAddContentKeyIdentifierClaim.Checked = true; } else { TokenClaimsList.Add(new MyTokenClaim() { Type = claim.ClaimType, Value = claim.ClaimValue }); } } } UpdateButtonOk(); } }
private void CleanupKeyAndPolicy(IContentKey contentKey, IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy, IContentKeyAuthorizationPolicyOption policyOption) { if (contentKey != null) { contentKey.Delete(); } if (contentKeyAuthorizationPolicy != null) { contentKeyAuthorizationPolicy.Delete(); } /* if (policyOption != null) { policyOption.Delete(); } */ }
public void SetupTest() { _mediaContext = WindowsAzureMediaServicesTestConfiguration.CreateCloudMediaContext(); PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate(); responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate()); TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.JWT); tokenRestrictionTemplate.PrimaryVerificationKey = new SymmetricVerificationKey(); // the default constructor automatically generates a random key tokenRestrictionTemplate.Audience = "http://sampleIssuerUrl"; tokenRestrictionTemplate.Issuer = "http://sampleAudience"; string optionName = "integrationtest-crud-749"; string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate); string configuration = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate); ContentKeyRestrictionType restrictionType = ContentKeyRestrictionType.TokenRestricted; _testOption = CreateOption(_mediaContext, optionName, ContentKeyDeliveryType.PlayReadyLicense, requirements, configuration, restrictionType); }