Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/linux/25.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Amazon web services 使用amazon cloudfront进行数据流传输_Amazon Web Services_Amazon Cloudfront - Fatal编程技术网
Fatal编程技术网

Amazon web services 使用amazon cloudfront进行数据流传输

amazon-web-services

Amazon web services 使用amazon cloudfront进行数据流传输,amazon-web-services,amazon-cloudfront,Amazon Web Services,Amazon Cloudfront,到目前为止,我已经遵循了这些步骤 为web/http设置cloudfront发行版并启用它 然后我生成了CloudFront密钥对,保存了文件并上传到我的服务器 我有我的AmazonSDKAll设置来生成getSignedUrl,并有以下代码 <?php use Aws\CloudFront\CloudFrontClient; $client = CloudFrontClient::factory(array( 'private_key' => dirname(__F

到目前为止,我已经遵循了这些步骤

为web/http设置cloudfront发行版并启用它

然后我生成了CloudFront密钥对,保存了文件并上传到我的服务器

我有我的AmazonSDKAll设置来生成getSignedUrl,并有以下代码

<?php
use Aws\CloudFront\CloudFrontClient;

$client = CloudFrontClient::factory(array(
    'private_key'    => dirname(__FILE__) . '/cloudfront/pk- my key here -.pem',
    'key_pair_id' => 'AWS Key'
));

$distributionUrl = '- my url here -.cloudfront.net';

$url = $client->getSignedUrl(array(
    'url'     => 'https://' . $distributionUrl . '/video.mp4',
    'expires' => time() + 3600
));

?>

<video width="320" height="240" controls>
  <source src="<?php echo $url; ?>" type="video/mp4">
  Your browser does not support the video tag.
</video>



CloudFront的文档提供了一个关于如何使用CloudFront服务可流式私有内容的示例

使用PHP创建URL签名

任何运行PHP的web服务器都可以使用PHP演示代码创建
私有CloudFront RTMP的策略声明和签名
分配。此示例创建一个具有签名的功能正常的网页
使用CloudFront流媒体播放视频流的URL链接。得到
示例,下载



请参阅以供参考




/**
*创建一个签名的URL
*
*此方法接受一系列配置选项:
*-url:(字符串)正在签名的资源的url(可以包括查询字符串和通配符)。例如:
*                        rtmp://s5c39gqb8ow64r.cloudfront.net/videos/mp3_name.mp3
*                        http://d111111abcdef8.cloudfront.net/images/horizon.jpg?size=large&license=yes
*-policy:(字符串)JSON策略。为自定义策略创建签名URL时使用此选项。
*-expires:(int)使用固定策略签名时使用的UTC Unix时间戳。通过一个测试时不需要
*自定义“策略”选项。
*
*@param array$options签名时使用的配置选项数组
*
*@return string带有身份验证参数的文件URL。
*@如果客户端上未配置密钥对id和私钥,则引发InvalidArgumentException
*/
公共函数getSignedUrl(数组$options)
{
如果(!$this->getConfig('key_pair_id')| |!$this->getConfig('private_key')){
抛出新的InvalidArgumentException(
'需要Amazon CloudFront密钥对ID(密钥对ID)和RSA私钥(私钥)'
);
}
//初始化配置数据并确保指定了url
$options=Collection::fromConfig($options,null,array('url'));
//确定政策的方案
$urlSections=explode(“:/”,$options['url']);
//请确保URL包含方案和方案后的部分
如果(计数($urlSections)<2){
抛出新的InvalidArgumentException('Invalid URL:'。$options['URL']);
}
//通过从方案中删除通配符来获取实际方案
$scheme=str_replace('*','$urlSections[0]);
$policy=$options['policy']?:$this->createCannedPolicy($scheme,$options['url'],$options['expires']);
//从策略中删除空白
$policy=str_replace(“”,,$policy);
$url=url::factory($scheme.'://'。$URLSecents[1]);
如果($options['policy'])){
//自定义策略要求在URL中指定编码策略
$url->getQuery()->set('Policy',strtr(base64_encode($Policy),'+=/','-';
}否则{
//固定策略要求在URL中设置Expires参数
$url->getQuery()->set('Expires',$options['Expires']);
}
//使用CloudFront私钥对策略进行签名
$signedPolicy=$this->rsaSha1Sign($policy,$this->getConfig('private_key'));
//删除空白,对策略进行base64编码,并替换特殊字符
$signedPolicy=strtr(base64_编码($signedPolicy),“+=/”,“-”;
$url->getQuery()
->useUrlEncoding(错误)
->set('Signature',$signedPolicy)
->set('Key-Pair-Id',$this->getConfig('Key-Pair-Id');
如果($scheme!=“rtmp”){
//HTTP和HTTPS签名URL包括完整URL
返回(字符串)$url;
}否则{
//创建Flash player URL时使用相对URL
$url->setScheme(null)->setHost(null);
//为flash播放器编码查询字符串变量
$url=str_replace(数组(“?”、“=”、“&”)、数组(“%3F”、“%3D”、“%26”)、(字符串)$url);
返回substr($url,1);
}
}
/**
*使用OpenSSL RSA SHA1对策略字符串进行签名
*
*@param string$要签名的策略
*@param string$privateKeyFilename包含OpenSSL私钥的文件
*
*@返回字符串
*/
受保护的函数rsaSha1Sign($policy,$privateKeyFilename)
{
$signature='';
openssl_-sign($policy,$signature,file_-get_-contents($privateKeyFilename));
返回$签名;
}
/**
*为特定URL和过期日期创建固定策略
*
*@param string$scheme已解析无通配符的scheme
*正在签名的@param string$url
*@param int$过期签名过期的时间
*
*@返回字符串
*@如果未设置过期,则引发InvalidArgumentException
*/
受保护的函数createCannedPolicy($scheme、$url、$expires)
{
如果(!$expires){
抛出新的InvalidArgumentException(“使用固定策略时需要expires选项”);
}
//生成固定策略
如果($scheme='http'| |$scheme=='https'){
$resource=$url;
}elseif($scheme=='rtmp'){
$parts=parse_url($url);
$pathParts=pathinfo($parts['path']);
//添加指向文件的路径,去除文件扩展名,并添加查询字符串(如果存在)
$resource=ltrim($pathParts['dirname']./'.$pathParts['filename'],'/'))
(isset($parts['query'])?“?{$parts['query']}”):;
}否则{
抛出新的InvalidArgumentException(“无效的URI方案:{$scheme}。必须是http或rtmp中的一个”);
}
回程冲刺(
{“语句”:[{“资源”:“%s”,“条件”:{“DateLessThan”:{“AWS:EpochTime”:%d}}]},
$resource,
美元到期
);
}

能否通过浏览器打开生成的签名URL?

/**
 * Create a signed URL
 *
 * This method accepts an array of configuration options:
 * - url:       (string)  URL of the resource being signed (can include query string and wildcards). For example:
 *                        rtmp://s5c39gqb8ow64r.cloudfront.net/videos/mp3_name.mp3
 *                        http://d111111abcdef8.cloudfront.net/images/horizon.jpg?size=large&license=yes
 * - policy:    (string)  JSON policy. Use this option when creating a signed URL for a custom policy.
 * - expires:   (int)     UTC Unix timestamp used when signing with a canned policy. Not required when passing a
 *                        custom 'policy' option.
 *
 * @param array $options Array of configuration options used when signing
 *
 * @return string                   The file URL with authentication parameters.
 * @throws InvalidArgumentException if key_pair_id and private_key have not been configured on the client
 */
public function getSignedUrl(array $options)
{
    if (!$this->getConfig('key_pair_id') || !$this->getConfig('private_key')) {
        throw new InvalidArgumentException(
            'An Amazon CloudFront keypair ID (key_pair_id) and an RSA private key (private_key) is required'
        );
    }

    // Initialize the configuration data and ensure that the url was specified
    $options = Collection::fromConfig($options, null, array('url'));
    // Determine the scheme of the policy
    $urlSections = explode('://', $options['url']);
    // Ensure that the URL contained a scheme and parts after the scheme
    if (count($urlSections) < 2) {
        throw new InvalidArgumentException('Invalid URL: ' . $options['url']);
    }

    // Get the real scheme by removing wildcards from the scheme
    $scheme = str_replace('*', '', $urlSections[0]);
    $policy = $options['policy'] ?: $this->createCannedPolicy($scheme, $options['url'], $options['expires']);
    // Strip whitespace from the policy
    $policy = str_replace(' ', '', $policy);

    $url = Url::factory($scheme . '://' . $urlSections[1]);
    if ($options['policy']) {
        // Custom policies require that the encoded policy be specified in the URL
        $url->getQuery()->set('Policy', strtr(base64_encode($policy), '+=/', '-_~'));
    } else {
        // Canned policies require that the Expires parameter be set in the URL
        $url->getQuery()->set('Expires', $options['expires']);
    }

    // Sign the policy using the CloudFront private key
    $signedPolicy = $this->rsaSha1Sign($policy, $this->getConfig('private_key'));
    // Remove whitespace, base64 encode the policy, and replace special characters
    $signedPolicy = strtr(base64_encode($signedPolicy), '+=/', '-_~');

    $url->getQuery()
        ->useUrlEncoding(false)
        ->set('Signature', $signedPolicy)
        ->set('Key-Pair-Id', $this->getConfig('key_pair_id'));

    if ($scheme != 'rtmp') {
        // HTTP and HTTPS signed URLs include the full URL
        return (string) $url;
    } else {
        // Use a relative URL when creating Flash player URLs
        $url->setScheme(null)->setHost(null);
        // Encode query string variables for flash players
        $url = str_replace(array('?', '=', '&'), array('%3F', '%3D', '%26'), (string) $url);

        return substr($url, 1);
    }
}

/**
 * Sign a policy string using OpenSSL RSA SHA1
 *
 * @param string $policy             Policy to sign
 * @param string $privateKeyFilename File containing the OpenSSL private key
 *
 * @return string
 */
protected function rsaSha1Sign($policy, $privateKeyFilename)
{
    $signature = '';
    openssl_sign($policy, $signature, file_get_contents($privateKeyFilename));

    return $signature;
}

/**
 * Create a canned policy for a particular URL and expiration
 *
 * @param string $scheme  Parsed scheme without wildcards
 * @param string $url     URL that is being signed
 * @param int    $expires Time in which the signature expires
 *
 * @return string
 * @throws InvalidArgumentException if the expiration is not set
 */
protected function createCannedPolicy($scheme, $url, $expires)
{
    if (!$expires) {
        throw new InvalidArgumentException('An expires option is required when using a canned policy');
    }

    // Generate a canned policy
    if ($scheme == 'http' || $scheme == 'https') {
        $resource = $url;
    } elseif ($scheme == 'rtmp') {
        $parts = parse_url($url);
        $pathParts = pathinfo($parts['path']);
        // Add path leading to file, strip file extension, and add a query string if present
        $resource = ltrim($pathParts['dirname'] . '/' . $pathParts['filename'], '/')
            . (isset($parts['query']) ? "?{$parts['query']}" : '');
    } else {
        throw new InvalidArgumentException("Invalid URI scheme: {$scheme}. Must be one of http or rtmp.");
    }

    return sprintf(
        '{"Statement":[{"Resource":"%s","Condition":{"DateLessThan":{"AWS:EpochTime":%d}}}]}',
        $resource,
        $expires
    );
}