See the CHANGELOG for details of this release.
See Amazon docs for Serving Private Content through CloudFront
This version uses all class methods and a configure method to set options.
This gem has been publised as cloudfront-signer. Use
gem install cloudfront-signer to install this gem.
The signing class must be configured - supplying the path to a signing key, or
supplying the signing key directly as a string along with the
Create the initializer by running:
bundle exec rails generate cloudfront:install
Customize the resulting config/initializers/cloudfront_signer.rb file.
Aws::CF::Signer.configure do |config| config.key_path = '/path/to/keyfile.pem' # or config.key = ENV.fetch('PRIVATE_KEY') config.key_pair_id = 'XXYYZZ' config.default_expires = 3600 end
Call the class
sign_path method with optional policy settings.
Aws::CF::Signer.sign_path 'path/to/my/content', expires: Time.now + 600
sign_path have safe versions that HTML encode the result
allowing signed paths or urls to be placed in HTML markup. The 'non'-safe
Call class method
signed_params to get raw parameters. These values can be
used to set signing cookies (
Serving Private Content through CloudFront: Using Signed Cookies
). See commit message
for additional details.
See Example Custom Policy 1 at above AWS doc link
url = Aws::CF::Signer.sign_url 'http://d604721fxaaqy9.cloudfront.net/training/orientation.avi', expires: 'Sat, 14 Nov 2009 22:20:00 GMT', resource: 'http://d604721fxaaqy9.cloudfront.net/training/*', ip_range: '184.108.40.206/24'
See Example Custom Policy 2 at above AWS doc link
Aws::CF::Signer.sign_url 'http://d84l721fxaaqy9.cloudfront.net/downloads/pictures.tgz', starting: 'Thu, 30 Apr 2009 06:43:10 GMT', expires: 'Fri, 16 Oct 2009 06:31:56 GMT', resource: 'http://*', ip_range: '220.127.116.11/32'
You can also pass in a path to a policy file. This will supersede any other policy options
Aws::CF::Signer.sign_url 'http://d84l721fxaaqy9.cloudfront.net/downloads/pictures.tgz', policy_file: '/path/to/policy/file.txt'
- Fork the project.
- Make your feature addition or bug fix.
- Add tests for it.
- Send me a pull request. Bonus points for topic branches.
Hat tip to Anthony Bouch for contributing to Dylan's effort. Only reading both gem's code I was able to figure out the signing needed for the newly introduced signed cookies.
Dylan blazed a trail here - however, after several attempts, I was unable to contact Dylan in order to suggest that we combine our efforts to produce a single gem - hence the re-write and new gem here. - Anthony Bouch
cloudfront-signer is distributed under the MIT License, portions copyright © 2015 Dylan Vaughn, STL, Anthony Bouch, Leonel Galán