-
Notifications
You must be signed in to change notification settings - Fork 5.8k
/
Copy pathSignPrivateDistribution.php
82 lines (72 loc) · 2.69 KB
/
SignPrivateDistribution.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
<?php
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// snippet-start:[cloudfront.php.private_distribution.complete]
// snippet-start:[cloudfront.php.private_distribution.import]
require 'vendor/autoload.php';
use Aws\CloudFront\CloudFrontClient;
use Aws\Exception\AwsException;
// snippet-end:[cloudfront.php.private_distribution.import]
/* ////////////////////////////////////////////////////////////////////////////
* Purpose: Gets a signed URL that viewers need to
* access restricted content in a specially configured Amazon CloudFront
* distribution.
*
* Prerequisites: A CloudFront distribution that is specially configured for
* restricted access, and a CloudFront key pair. For more information, see
* "Serving Private Content with Signed URLs and Signed Cookies" in the
* Amazon CloudFront Developer Guide.
*
* Inputs:
* - $cloudFrontClient: An initialized CloudFront client.
* - $resourceKey: A CloudFront URL to the restricted content.
* - $expires: The expiration date and time for access requests, in
* UTC Unix timestamp format.
* - $privateKey: The path to the CloudFront private key file, in .pem format.
* - $keyPairId: The corresponding CloudFront key pair ID.
*
* Returns: The signed URL; otherwise, the error message.
* ///////////////////////////////////////////////////////////////////////// */
// snippet-start:[cloudfront.php.private_distribution.main]
function signPrivateDistribution(
$cloudFrontClient,
$resourceKey,
$expires,
$privateKey,
$keyPairId
) {
try {
$result = $cloudFrontClient->getSignedUrl([
'url' => $resourceKey,
'expires' => $expires,
'private_key' => $privateKey,
'key_pair_id' => $keyPairId
]);
return $result;
} catch (AwsException $e) {
return 'Error: ' . $e->getAwsErrorMessage();
}
}
function signAPrivateDistribution()
{
$resourceKey = 'https://d13l49jEXAMPLE.cloudfront.net/my-file.txt';
$expires = time() + 300; // 5 minutes (5 * 60 seconds) from now.
$privateKey = dirname(__DIR__) . '/cloudfront/my-private-key.pem';
$keyPairId = 'AAPKAJIKZATYYYEXAMPLE';
$cloudFrontClient = new CloudFrontClient([
'profile' => 'default',
'version' => '2018-06-18',
'region' => 'us-east-1'
]);
echo signPrivateDistribution(
$cloudFrontClient,
$resourceKey,
$expires,
$privateKey,
$keyPairId
);
}
// Uncomment the following line to run this code in an AWS account.
// signAPrivateDistribution();
// snippet-end:[cloudfront.php.private_distribution.main]
// snippet-end:[cloudfront.php.private_distribution.complete]