cloudfront-private 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +3 -6
- data/lib/cloudfront-private/streaming/base.rb +50 -51
- data/lib/cloudfront-private/version.rb +1 -1
- data/lib/cloudfront-private.rb +5 -1
- metadata +12 -12
data/README.md
CHANGED
|
@@ -16,10 +16,6 @@ Or install it yourself as:
|
|
|
16
16
|
|
|
17
17
|
$ gem install cloudfront-private
|
|
18
18
|
|
|
19
|
-
Finally, boostrap the cloudfront-private
|
|
20
|
-
|
|
21
|
-
$ rails generate cloudfront:install
|
|
22
|
-
|
|
23
19
|
## Getting started
|
|
24
20
|
|
|
25
21
|
Generate initializer cloudfront-private
|
|
@@ -42,7 +38,7 @@ The private pem file should placed in 'certs' directory under Rails root
|
|
|
42
38
|
Access private content in your view
|
|
43
39
|
|
|
44
40
|
<% filename = "bucket-name/filename.mp4/flv %>
|
|
45
|
-
<% file = Cloudfront.get_url(request,filename) %>
|
|
41
|
+
<% file = Cloudfront::Private::Streaming::Base.get_url(request,filename) %>
|
|
46
42
|
<div id='media-file'></div>
|
|
47
43
|
|
|
48
44
|
Write javascript file to stream your private in jwplayer with jquery
|
|
@@ -66,7 +62,8 @@ Write javascript file to stream your private in jwplayer with jquery
|
|
|
66
62
|
}
|
|
67
63
|
|
|
68
64
|
$(document).ready(private_streaming);
|
|
69
|
-
|
|
65
|
+
|
|
66
|
+
Restart your server to get cloudfront configuration
|
|
70
67
|
|
|
71
68
|
## Contributing
|
|
72
69
|
|
|
@@ -14,58 +14,57 @@ module Cloudfront
|
|
|
14
14
|
extend ActiveSupport::Concern
|
|
15
15
|
include Cloudfront::Private::Configuration
|
|
16
16
|
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
return "#{_resource}?Policy=#{encoded_policy}&Signature=#{urlsig}&Key-Pair-Id=#{KEY_PAIR_ID}"
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
def self.create_policy(_resource, _request)
|
|
38
|
-
expires = 1.hour.from_now.to_i
|
|
39
|
-
# Skip IP check for localhost (AWS:SourceIp does not work with localhost)
|
|
40
|
-
if Rails.env.development?
|
|
41
|
-
policy = %{ {"Statement":
|
|
42
|
-
[{
|
|
43
|
-
"Resource": "#{_resource}",
|
|
44
|
-
"Condition": {
|
|
45
|
-
"DateLessThan": { "AWS:EpochTime": #{expires} }
|
|
46
|
-
}
|
|
47
|
-
}]}
|
|
48
|
-
}
|
|
49
|
-
else
|
|
50
|
-
ip = "#{_request.remote_ip}/24"
|
|
51
|
-
policy = %{ {"Statement":
|
|
52
|
-
[{
|
|
53
|
-
"Resource": "#{_resource}",
|
|
54
|
-
"Condition": {
|
|
55
|
-
"DateLessThan": { "AWS:EpochTime": #{expires} },
|
|
56
|
-
"IpAddress": { "AWS:SourceIp": "#{ip}" }
|
|
57
|
-
}
|
|
58
|
-
}]}
|
|
59
|
-
}
|
|
60
|
-
end
|
|
61
|
-
return policy
|
|
62
|
-
end
|
|
63
|
-
|
|
64
|
-
def self.escape_string(_str)
|
|
65
|
-
_str.gsub('+','-').gsub('=','_').gsub('/','~').gsub(/\n/,'')
|
|
66
|
-
end
|
|
67
|
-
|
|
17
|
+
module ClassMethods
|
|
18
|
+
def get_url(_request, _resource)
|
|
19
|
+
url = get_signed_url(_resource, _request)
|
|
20
|
+
# Escape characters for proper embedding in Flash parameters
|
|
21
|
+
return url.gsub("?","%3F").gsub("=","%3D").gsub("&","%26")
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
protected
|
|
25
|
+
def get_signed_url(_resource, _request)
|
|
26
|
+
pk_file = Rails.root.join('certs',pem_file)
|
|
27
|
+
key = OpenSSL::PKey::RSA.new(File.readlines(pk_file).join(""))
|
|
28
|
+
policy = create_policy(_resource, _request)
|
|
29
|
+
sigcrypt = key.sign(OpenSSL::Digest::SHA1.new, policy)
|
|
30
|
+
urlsig = escape_string(Base64.encode64(sigcrypt))
|
|
31
|
+
encoded_policy = escape_string(Base64.encode64(policy))
|
|
32
|
+
return "#{_resource}?Policy=#{encoded_policy}&Signature=#{urlsig}&Key-Pair-Id=#{key_pair_id}"
|
|
33
|
+
end
|
|
68
34
|
|
|
35
|
+
def create_policy(_resource, _request)
|
|
36
|
+
expires = 1.hour.from_now.to_i
|
|
37
|
+
# Skip IP check for localhost (AWS:SourceIp does not work with localhost)
|
|
38
|
+
if Rails.env.development?
|
|
39
|
+
policy = %{ {"Statement":
|
|
40
|
+
[{
|
|
41
|
+
"Resource": "#{_resource}",
|
|
42
|
+
"Condition": {
|
|
43
|
+
"DateLessThan": { "AWS:EpochTime": #{expires} }
|
|
44
|
+
}
|
|
45
|
+
}]}
|
|
46
|
+
}
|
|
47
|
+
else
|
|
48
|
+
ip = "#{_request.remote_ip}/24"
|
|
49
|
+
policy = %{ {"Statement":
|
|
50
|
+
[{
|
|
51
|
+
"Resource": "#{_resource}",
|
|
52
|
+
"Condition": {
|
|
53
|
+
"DateLessThan": { "AWS:EpochTime": #{expires} },
|
|
54
|
+
"IpAddress": { "AWS:SourceIp": "#{ip}" }
|
|
55
|
+
}
|
|
56
|
+
}]}
|
|
57
|
+
}
|
|
58
|
+
end
|
|
59
|
+
return policy
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
def escape_string(_str)
|
|
63
|
+
_str.gsub('+','-').gsub('=','_').gsub('/','~').gsub(/\n/,'')
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
end
|
|
67
|
+
|
|
69
68
|
end
|
|
70
69
|
end
|
|
71
70
|
end
|
data/lib/cloudfront-private.rb
CHANGED
|
@@ -10,7 +10,11 @@ module Cloudfront
|
|
|
10
10
|
|
|
11
11
|
def configure(&block)
|
|
12
12
|
Cloudfront::Private::Base.configure(&block)
|
|
13
|
-
end
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def get_url(_resource,_request)
|
|
16
|
+
Cloudfront::Private::Base.get_url(_resource,_request)
|
|
17
|
+
end
|
|
14
18
|
end
|
|
15
19
|
|
|
16
20
|
autoload :Base, 'cloudfront-private/base'
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cloudfront-private
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.2
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,11 +9,11 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-10-
|
|
12
|
+
date: 2012-10-30 00:00:00.000000000Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &71917990 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ! '>='
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: 3.0.0
|
|
22
22
|
type: :development
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *71917990
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: rspec
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &71917780 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,10 +32,10 @@ dependencies:
|
|
|
32
32
|
version: '0'
|
|
33
33
|
type: :development
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *71917780
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: cucumber
|
|
38
|
-
requirement: &
|
|
38
|
+
requirement: &71917550 !ruby/object:Gem::Requirement
|
|
39
39
|
none: false
|
|
40
40
|
requirements:
|
|
41
41
|
- - ! '>='
|
|
@@ -43,10 +43,10 @@ dependencies:
|
|
|
43
43
|
version: '0'
|
|
44
44
|
type: :development
|
|
45
45
|
prerelease: false
|
|
46
|
-
version_requirements: *
|
|
46
|
+
version_requirements: *71917550
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: aruba
|
|
49
|
-
requirement: &
|
|
49
|
+
requirement: &71917340 !ruby/object:Gem::Requirement
|
|
50
50
|
none: false
|
|
51
51
|
requirements:
|
|
52
52
|
- - ! '>='
|
|
@@ -54,10 +54,10 @@ dependencies:
|
|
|
54
54
|
version: '0'
|
|
55
55
|
type: :development
|
|
56
56
|
prerelease: false
|
|
57
|
-
version_requirements: *
|
|
57
|
+
version_requirements: *71917340
|
|
58
58
|
- !ruby/object:Gem::Dependency
|
|
59
59
|
name: thor
|
|
60
|
-
requirement: &
|
|
60
|
+
requirement: &71917130 !ruby/object:Gem::Requirement
|
|
61
61
|
none: false
|
|
62
62
|
requirements:
|
|
63
63
|
- - ! '>='
|
|
@@ -65,7 +65,7 @@ dependencies:
|
|
|
65
65
|
version: '0'
|
|
66
66
|
type: :development
|
|
67
67
|
prerelease: false
|
|
68
|
-
version_requirements: *
|
|
68
|
+
version_requirements: *71917130
|
|
69
69
|
description: ! 'Cloudfront private streaming from Ruby on Rails '
|
|
70
70
|
email:
|
|
71
71
|
executables: []
|