Enum CloudFrontCookieSigner
- All Implemented Interfaces:
Serializable
,Comparable<CloudFrontCookieSigner>
,java.lang.constant.Constable
Utility class for generating pre-signed Set-Cookie headers for serving private CloudFront
content. All dates must be in UTC. Use
Calendar
to set the timezone
specifically before converting to a Date
object, or else use
DateUtils
to turn a UTC date String into a Date object.
Protocol protocol = Protocol.https; String distributionDomain = "d1b2c3a4g5h6.cloudfront.net"; File privateKeyFile = new File("/path/to/cfcurlCloud/rsa-private-key.der"); String resourcePath = "a/b/images.jpeg"; String keyPairId = "APKAJCEOKRHC3XIVU5NA"; Date activeFrom = DateUtils.parseISO8601Date("2012-11-14T22:20:00.000Z"); Date expiresOn = DateUtils.parseISO8601Date("2011-11-14T22:20:00.000Z"); String ipRange = "192.168.0.1/24"; CookiesForCannedPolicy cookies = CloudFrontCookieSigner.getCookiesForCannedPolicy( protocol, distributionDomain, privateKeyFile, s3ObjectKey, keyPairId, activeFrom); HttpClient client = new DefaultHttpClient(); HttpGet httpGet = new HttpGet(SignerUtils.generateResourcePath(protocol, distributionDomain, resourcePath)); httpGet.addHeader("Cookie", cookies.getExpires().getKey() + "=" + cookies.getExpires().getValue()); httpGet.addHeader("Cookie", cookies.getSignature().getKey() + "=" + cookies.getSignature().getValue()); httpGet.addHeader("Cookie", cookies.getKeyPairId().getKey() + "=" + cookies.getKeyPairId().getValue()); HttpResponse response = client.execute(httpGet); CookiesForCustomPolicy cookies2 = CloudFrontCookieSigner.getCookiesForCustomPolicy( protocol, distributionDomain, privateKeyFile, s3ObjectKey, keyPairId, activeFrom, expiresOn, ipRange);
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
Contains the cookies used to access restricted content from CloudFront using a canned policystatic class
Contains the cookies used to access restricted content from CloudFront using a custom policy.static class
Contains common cookies used by Amazon CloudFront.Nested classes/interfaces inherited from class java.lang.Enum
Enum.EnumDesc<E extends Enum<E>>
-
Method Summary
Modifier and TypeMethodDescriptiongetCookiesForCannedPolicy
(SignerUtils.Protocol protocol, String distributionDomain, File privateKeyFile, String resourcePath, String keyPairId, Date expiresOn) Returns signed cookies that grants universal access to private content until a given date.getCookiesForCannedPolicy
(SignerUtils.Protocol protocol, String distributionDomain, PrivateKey privateKey, String resourcePath, String keyPairId, Date expiresOn) Returns signed cookies that grants universal access to private content until a given date.getCookiesForCannedPolicy
(String resourceUrlOrPath, String keyPairId, File privateKeyFile, Date expiresOn) Generate signed cookies that allows access to a specific distribution and resource path by applying a access restrictions from a "canned" (simplified) policy document.getCookiesForCannedPolicy
(String resourceUrlOrPath, String keyPairId, PrivateKey privateKey, Date expiresOn) Generate signed cookies that allows access to a specific distribution and resource path by applying a access restrictions from a "canned" (simplified) policy document.getCookiesForCustomPolicy
(SignerUtils.Protocol protocol, String distributionDomain, File privateKeyFile, String resourcePath, String keyPairId, Date expiresOn, Date activeFrom, String ipRange) Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.getCookiesForCustomPolicy
(SignerUtils.Protocol protocol, String distributionDomain, PrivateKey privateKey, String resourcePath, String keyPairId, Date expiresOn, String ipRange) Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.getCookiesForCustomPolicy
(SignerUtils.Protocol protocol, String distributionDomain, PrivateKey privateKey, String resourcePath, String keyPairId, Date expiresOn, Date activeFrom, String ipRange) Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.getCookiesForCustomPolicy
(String resourceUrlOrPath, PrivateKey privateKey, String keyPairId, Date expiresOn, Date activeFrom, String ipRange) Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.static CloudFrontCookieSigner
Returns the enum constant of this type with the specified name.static CloudFrontCookieSigner[]
values()
Returns an array containing the constants of this enum type, in the order they are declared.
-
Method Details
-
values
Returns an array containing the constants of this enum type, in the order they are declared.- Returns:
- an array containing the constants of this enum type, in the order they are declared
-
valueOf
Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)- Parameters:
name
- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
IllegalArgumentException
- if this enum type has no constant with the specified nameNullPointerException
- if the argument is null
-
getCookiesForCannedPolicy
public static CloudFrontCookieSigner.CookiesForCannedPolicy getCookiesForCannedPolicy(SignerUtils.Protocol protocol, String distributionDomain, File privateKeyFile, String resourcePath, String keyPairId, Date expiresOn) throws InvalidKeySpecException, IOException Returns signed cookies that grants universal access to private content until a given date.- Parameters:
protocol
- The protocol used to access content using signed cookies.distributionDomain
- The domain name of the distribution.privateKeyFile
- The private key file in DER formatresourcePath
- The path for the resource.keyPairId
- The key pair id corresponding to the private key file given.expiresOn
- The expiration date till which content can be accessed using the generated cookies.- Returns:
- The signed cookies.
- Throws:
InvalidKeySpecException
IOException
-
getCookiesForCannedPolicy
public static CloudFrontCookieSigner.CookiesForCannedPolicy getCookiesForCannedPolicy(SignerUtils.Protocol protocol, String distributionDomain, PrivateKey privateKey, String resourcePath, String keyPairId, Date expiresOn) Returns signed cookies that grants universal access to private content until a given date.- Parameters:
protocol
- The protocol used to access content using signed cookies.distributionDomain
- The domain name of the distribution.privateKey
- The private key file. RSA private key (.der) are supported.resourcePath
- The path for the resource.keyPairId
- The key pair id corresponding to the private key file given.expiresOn
- The expiration date till which content can be accessed using the generated cookies.- Returns:
- The signed cookies.
-
getCookiesForCannedPolicy
public static CloudFrontCookieSigner.CookiesForCannedPolicy getCookiesForCannedPolicy(String resourceUrlOrPath, String keyPairId, File privateKeyFile, Date expiresOn) throws InvalidKeySpecException, IOException Generate signed cookies that allows access to a specific distribution and resource path by applying a access restrictions from a "canned" (simplified) policy document.- Parameters:
resourceUrlOrPath
- The URL or path that uniquely identifies a resource within a distribution. For standard distributions the resource URL will be "http://" + distributionName + "/" + path (may also include URL parameters. For distributions with the HTTPS required protocol, the resource URL must start with "https://". RTMP resources do not take the form of a URL, and instead the resource path is nothing but the stream's name.keyPairId
- Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.privateKeyFile
- The RSA private key data that corresponding to the certificate keypair identified by keyPairId.expiresOn
- The expiration date till which content can be accessed using the generated cookies.- Returns:
- The signed cookies.
- Throws:
InvalidKeySpecException
IOException
-
getCookiesForCannedPolicy
public static CloudFrontCookieSigner.CookiesForCannedPolicy getCookiesForCannedPolicy(String resourceUrlOrPath, String keyPairId, PrivateKey privateKey, Date expiresOn) Generate signed cookies that allows access to a specific distribution and resource path by applying a access restrictions from a "canned" (simplified) policy document.- Parameters:
resourceUrlOrPath
- The URL or path that uniquely identifies a resource within a distribution. For standard distributions the resource URL will be "http://" + distributionName + "/" + path (may also include URL parameters. For distributions with the HTTPS required protocol, the resource URL must start with "https://".keyPairId
- Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.privateKey
- The RSA private key data that corresponding to the certificate keypair identified by keyPairId.expiresOn
- The expiration date till which content can be accessed using the generated cookies.- Returns:
- The signed cookies.
-
getCookiesForCustomPolicy
public static CloudFrontCookieSigner.CookiesForCustomPolicy getCookiesForCustomPolicy(SignerUtils.Protocol protocol, String distributionDomain, File privateKeyFile, String resourcePath, String keyPairId, Date expiresOn, Date activeFrom, String ipRange) throws InvalidKeySpecException, IOException Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.- Parameters:
protocol
- The protocol used to access content using signed cookies.distributionDomain
- The domain name of the distribution.privateKeyFile
- Your private key file. RSA private key (.der) are supported.resourcePath
- The path for the resource.keyPairId
- The key pair id corresponding to the private key file given.expiresOn
- The expiration date till which content can be accessed using the generated cookies.activeFrom
- The date from which content can be accessed using the generated cookies.ipRange
- The allowed IP address range of the client making the GET request, in CIDR form (e.g. 192.168.0.1/24).- Returns:
- The signed cookies.
- Throws:
InvalidKeySpecException
IOException
-
getCookiesForCustomPolicy
public static CloudFrontCookieSigner.CookiesForCustomPolicy getCookiesForCustomPolicy(SignerUtils.Protocol protocol, String distributionDomain, PrivateKey privateKey, String resourcePath, String keyPairId, Date expiresOn, Date activeFrom, String ipRange) Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.- Parameters:
protocol
- The protocol used to access content using signed cookies.distributionDomain
- The domain name of the distribution.privateKey
- Your private key file. RSA private key (.der) are supported.resourcePath
- The path for the resource.keyPairId
- The key pair id corresponding to the private key file given.expiresOn
- The expiration date till which content can be accessed using the generated cookies.activeFrom
- The date from which content can be accessed using the generated cookies.ipRange
- The allowed IP address range of the client making the GET request, in CIDR form (e.g. 192.168.0.1/24).- Returns:
- The signed cookies.
-
getCookiesForCustomPolicy
public static CloudFrontCookieSigner.CookiesForCustomPolicy getCookiesForCustomPolicy(String resourceUrlOrPath, PrivateKey privateKey, String keyPairId, Date expiresOn, Date activeFrom, String ipRange) Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.- Parameters:
resourceUrlOrPath
- The URL or path for resource within a distribution.privateKey
- Your private key file. RSA private key (.der) are supported.keyPairId
- The key pair id corresponding to the private key file given.expiresOn
- The expiration date till which content can be accessed using the generated cookies.activeFrom
- The date from which content can be accessed using the generated cookies.ipRange
- The allowed IP address range of the client making the GET request, in CIDR form (e.g. 192.168.0.1/24).- Returns:
- The signed cookies.
-
getCookiesForCustomPolicy
public static CloudFrontCookieSigner.CookiesForCustomPolicy getCookiesForCustomPolicy(SignerUtils.Protocol protocol, String distributionDomain, PrivateKey privateKey, String resourcePath, String keyPairId, Date expiresOn, String ipRange) Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.- Parameters:
protocol
- The protocol used to access content using signed cookies.distributionDomain
- The domain name of the distribution.privateKey
- Your private key file. RSA private key (.der) are supported.resourcePath
- The path for the resource.keyPairId
- The key pair id corresponding to the private key file given.expiresOn
- The expiration date till which content can be accessed using the generated cookies.ipRange
- The allowed IP address range of the client making the GET request, in CIDR form (e.g. 192.168.0.1/24).- Returns:
- The signed cookies.
-