Enum CloudFrontCookieSigner

java.lang.Object
java.lang.Enum<CloudFrontCookieSigner>
com.amazonaws.services.cloudfront.CloudFrontCookieSigner
All Implemented Interfaces:
Serializable, Comparable<CloudFrontCookieSigner>, java.lang.constant.Constable

public enum CloudFrontCookieSigner extends Enum<CloudFrontCookieSigner>
Utility class for generating pre-signed Set-Cookie headers for serving private CloudFront content. All dates must be in UTC. Use Calendar to set the timezone specifically before converting to a Date object, or else use DateUtils to turn a UTC date String into a Date object.
 Protocol protocol = Protocol.https;
 String distributionDomain = "d1b2c3a4g5h6.cloudfront.net";
 File privateKeyFile = new File("/path/to/cfcurlCloud/rsa-private-key.der");
 String resourcePath = "a/b/images.jpeg";
 String keyPairId = "APKAJCEOKRHC3XIVU5NA";
 Date activeFrom = DateUtils.parseISO8601Date("2012-11-14T22:20:00.000Z");
 Date expiresOn = DateUtils.parseISO8601Date("2011-11-14T22:20:00.000Z");
 String ipRange = "192.168.0.1/24";

 CookiesForCannedPolicy cookies = CloudFrontCookieSigner.getCookiesForCannedPolicy(
              protocol, distributionDomain, privateKeyFile,
              s3ObjectKey, keyPairId, activeFrom);

 HttpClient client = new DefaultHttpClient();
 HttpGet httpGet = new HttpGet(SignerUtils.generateResourcePath(protocol, distributionDomain, resourcePath));

 httpGet.addHeader("Cookie", cookies.getExpires().getKey() + "=" + cookies.getExpires().getValue());
 httpGet.addHeader("Cookie", cookies.getSignature().getKey() + "=" + cookies.getSignature().getValue());
 httpGet.addHeader("Cookie", cookies.getKeyPairId().getKey() + "=" + cookies.getKeyPairId().getValue());
 HttpResponse response = client.execute(httpGet);

 CookiesForCustomPolicy cookies2 = CloudFrontCookieSigner.getCookiesForCustomPolicy(
              protocol, distributionDomain, privateKeyFile,
              s3ObjectKey, keyPairId, activeFrom,
              expiresOn, ipRange);
 
See Also:
  • Method Details

    • values

      public static CloudFrontCookieSigner[] values()
      Returns an array containing the constants of this enum type, in the order they are declared.
      Returns:
      an array containing the constants of this enum type, in the order they are declared
    • valueOf

      public static CloudFrontCookieSigner valueOf(String name)
      Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum type has no constant with the specified name
      NullPointerException - if the argument is null
    • getCookiesForCannedPolicy

      public static CloudFrontCookieSigner.CookiesForCannedPolicy getCookiesForCannedPolicy(SignerUtils.Protocol protocol, String distributionDomain, File privateKeyFile, String resourcePath, String keyPairId, Date expiresOn) throws InvalidKeySpecException, IOException
      Returns signed cookies that grants universal access to private content until a given date.
      Parameters:
      protocol - The protocol used to access content using signed cookies.
      distributionDomain - The domain name of the distribution.
      resourcePath - The path for the resource.
      privateKeyFile - The private key file in DER format
      keyPairId - The key pair id corresponding to the private key file given.
      expiresOn - The expiration date till which content can be accessed using the generated cookies.
      Returns:
      The signed cookies.
      Throws:
      InvalidKeySpecException
      IOException
    • getCookiesForCannedPolicy

      public static CloudFrontCookieSigner.CookiesForCannedPolicy getCookiesForCannedPolicy(SignerUtils.Protocol protocol, String distributionDomain, PrivateKey privateKey, String resourcePath, String keyPairId, Date expiresOn)
      Returns signed cookies that grants universal access to private content until a given date.
      Parameters:
      protocol - The protocol used to access content using signed cookies.
      distributionDomain - The domain name of the distribution.
      resourcePath - The path for the resource.
      privateKey - The private key file. RSA private key (.der) are supported.
      keyPairId - The key pair id corresponding to the private key file given.
      expiresOn - The expiration date till which content can be accessed using the generated cookies.
      Returns:
      The signed cookies.
    • getCookiesForCannedPolicy

      public static CloudFrontCookieSigner.CookiesForCannedPolicy getCookiesForCannedPolicy(String resourceUrlOrPath, String keyPairId, File privateKeyFile, Date expiresOn) throws InvalidKeySpecException, IOException
      Generate signed cookies that allows access to a specific distribution and resource path by applying a access restrictions from a "canned" (simplified) policy document.
      Parameters:
      resourceUrlOrPath - The URL or path that uniquely identifies a resource within a distribution. For standard distributions the resource URL will be "http://" + distributionName + "/" + path (may also include URL parameters. For distributions with the HTTPS required protocol, the resource URL must start with "https://". RTMP resources do not take the form of a URL, and instead the resource path is nothing but the stream's name.
      keyPairId - Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.
      privateKeyFile - The RSA private key data that corresponding to the certificate keypair identified by keyPairId.
      expiresOn - The expiration date till which content can be accessed using the generated cookies.
      Returns:
      The signed cookies.
      Throws:
      InvalidKeySpecException
      IOException
    • getCookiesForCannedPolicy

      public static CloudFrontCookieSigner.CookiesForCannedPolicy getCookiesForCannedPolicy(String resourceUrlOrPath, String keyPairId, PrivateKey privateKey, Date expiresOn)
      Generate signed cookies that allows access to a specific distribution and resource path by applying a access restrictions from a "canned" (simplified) policy document.
      Parameters:
      resourceUrlOrPath - The URL or path that uniquely identifies a resource within a distribution. For standard distributions the resource URL will be "http://" + distributionName + "/" + path (may also include URL parameters. For distributions with the HTTPS required protocol, the resource URL must start with "https://".
      keyPairId - Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.
      privateKey - The RSA private key data that corresponding to the certificate keypair identified by keyPairId.
      expiresOn - The expiration date till which content can be accessed using the generated cookies.
      Returns:
      The signed cookies.
    • getCookiesForCustomPolicy

      public static CloudFrontCookieSigner.CookiesForCustomPolicy getCookiesForCustomPolicy(SignerUtils.Protocol protocol, String distributionDomain, File privateKeyFile, String resourcePath, String keyPairId, Date expiresOn, Date activeFrom, String ipRange) throws InvalidKeySpecException, IOException
      Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.
      Parameters:
      protocol - The protocol used to access content using signed cookies.
      distributionDomain - The domain name of the distribution.
      privateKeyFile - Your private key file. RSA private key (.der) are supported.
      resourcePath - The path for the resource.
      keyPairId - The key pair id corresponding to the private key file given.
      expiresOn - The expiration date till which content can be accessed using the generated cookies.
      activeFrom - The date from which content can be accessed using the generated cookies.
      ipRange - The allowed IP address range of the client making the GET request, in CIDR form (e.g. 192.168.0.1/24).
      Returns:
      The signed cookies.
      Throws:
      InvalidKeySpecException
      IOException
    • getCookiesForCustomPolicy

      public static CloudFrontCookieSigner.CookiesForCustomPolicy getCookiesForCustomPolicy(SignerUtils.Protocol protocol, String distributionDomain, PrivateKey privateKey, String resourcePath, String keyPairId, Date expiresOn, Date activeFrom, String ipRange)
      Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.
      Parameters:
      protocol - The protocol used to access content using signed cookies.
      distributionDomain - The domain name of the distribution.
      privateKey - Your private key file. RSA private key (.der) are supported.
      resourcePath - The path for the resource.
      keyPairId - The key pair id corresponding to the private key file given.
      expiresOn - The expiration date till which content can be accessed using the generated cookies.
      activeFrom - The date from which content can be accessed using the generated cookies.
      ipRange - The allowed IP address range of the client making the GET request, in CIDR form (e.g. 192.168.0.1/24).
      Returns:
      The signed cookies.
    • getCookiesForCustomPolicy

      public static CloudFrontCookieSigner.CookiesForCustomPolicy getCookiesForCustomPolicy(String resourceUrlOrPath, PrivateKey privateKey, String keyPairId, Date expiresOn, Date activeFrom, String ipRange)
      Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.
      Parameters:
      resourceUrlOrPath - The URL or path for resource within a distribution.
      privateKey - Your private key file. RSA private key (.der) are supported.
      keyPairId - The key pair id corresponding to the private key file given.
      expiresOn - The expiration date till which content can be accessed using the generated cookies.
      activeFrom - The date from which content can be accessed using the generated cookies.
      ipRange - The allowed IP address range of the client making the GET request, in CIDR form (e.g. 192.168.0.1/24).
      Returns:
      The signed cookies.
    • getCookiesForCustomPolicy

      public static CloudFrontCookieSigner.CookiesForCustomPolicy getCookiesForCustomPolicy(SignerUtils.Protocol protocol, String distributionDomain, PrivateKey privateKey, String resourcePath, String keyPairId, Date expiresOn, String ipRange)
      Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.
      Parameters:
      protocol - The protocol used to access content using signed cookies.
      distributionDomain - The domain name of the distribution.
      privateKey - Your private key file. RSA private key (.der) are supported.
      resourcePath - The path for the resource.
      keyPairId - The key pair id corresponding to the private key file given.
      expiresOn - The expiration date till which content can be accessed using the generated cookies.
      ipRange - The allowed IP address range of the client making the GET request, in CIDR form (e.g. 192.168.0.1/24).
      Returns:
      The signed cookies.