See the ChangeLog for details of this release.
A fork and re-write of Dylan Vaughn's signing gem.
See Amazon docs for Using a Signed URL to Serve Private Content
This version uses all class methods and a configure method to set options.
The original gem was published as
gem install aws_cf_signer to install that version.
This gem has been publised as
gem install cloudfront-signer to install this gem.
Alternatively, place a copy of cloudfront-signer.rb (and the cloundfront-signer sub directory) in your lib directory.
In either case the signing class must be configured - supplying the path to a signing key, or supplying the signing key directly as a string along with the
key_pair_id. Create the initializer by running:
bundle exec rails g cloudfront:install
and customizing the resulting
AWS::CF::Signer.configure do |config| config.key_path = '/path/to/keyfile.pem' # config.key = ENV.fetch('PRIVATE_KEY') # key_path not required if key supplied directly config.key_pair_id = "XXYYZZ" config.default_expires = 3600 # 1hr as seconds end
Call the class
sign_path method with optional policy settings.
AWS::CF::Signer.sign_url 'http://mydomain/path/to/my/content', :expires => Time.now + 600
Streaming paths can be signed with the
AWS::CF::Signer.sign_path 'path/to/my/content', :expires => Time.now + 600
See Example Custom Policy 1 at above AWS doc link
url = AWS::CF::Signer.sign_url('http://d604721fxaaqy9.cloudfront.net/training/orientation.avi', :expires => 'Sat, 14 Nov 2009 22:20:00 GMT', :resource => 'http://d604721fxaaqy9.cloudfront.net/training/*', :ip_range => '220.127.116.11/24' )
See Example Custom Policy 2 at above AWS doc link
url = AWS::CF::Signer.sign_url('http://d84l721fxaaqy9.cloudfront.net/downloads/pictures.tgz', :starting => 'Thu, 30 Apr 2009 06:43:10 GMT', :expires => 'Fri, 16 Oct 2009 06:31:56 GMT', :resource => 'http://*', :ip_range => '18.104.22.168/32' )
You can also pass in a path to a policy file. This will supersede any other policy options
url = AWS::CF::Signer.sign_url('http://d84l721fxaaqy9.cloudfront.net/downloads/pictures.tgz', :policy_file => '/path/to/policy/file.txt')
- Fork the project.
- Make your feature addition or bug fix.
- Add tests for it.
- Send me a pull request. Bonus points for topic branches.
Parts of signing code taken from a question on Stack Overflow asked by Ben Wiseley, and answered by Blaz Lipuscek and Manual M:
Note: Dylan blazed a trail here - however, after several attempts, I was unable to contact Dylan in order to suggest that we combine our efforts to produce a single gem - hence the re-write and new gem here.
cloudfront-signer is distributed under the MIT License, portions copyright © 2011 Dylan Vaughn, STL, Anthony Bouch