Knowledgebase: AISO CDN
How can I use URL Signing For HTTP Pull CDN resources?
Posted by Support on 08 June 2012 10:33 AM

Enabling this option provides an entry field to enter a secret key to securely sign any direct URI (Uniform Resource Indicator) link to all files/resources under this URL.

The secret key is similar to a password and can contain a minimum of 6 to a maximum of 32 characters. Symbols and spaces are allowed.

For generating the hash key, kindly refer to below for example script in PHP:

  /**
     * Create hash link CDN resource
     *
     * @param string $cdnResourceUrl
     * The CDN resource URL, eg cdn.yourdomain.com
     * @param string $filePath
     * File path of the CDN resource
     * @param string $secretKey
     * The secret key that is obtained from CDN resource property
     * @param int $expiryTimestamp [optional]
     * UNIX timestamp format, specify how long the hash link is accessible to the public
     * By default will be accessible forever.
     *
     * @return string URL with generated hash link
     * URL with designated format to access the resource
     *
     * Example:
     * Generate hash link for resource  www.example.com/images/photo.png for next 3 days, assume today is Sun, 01 Apr 2012.
     *
     * <?php
     * $hashLink = generateHashLink('www.example.com', '/images/photo.png', 'l33tf0olol', 1333497600);
     *
     * print $hashLink;
     * ?>
     * http://www.example.com/images/photo.png?secure=kaGd_cu6Iy4LDgfX3jy5Rw==,1333497600
     * .
     */
    function generateHashLink($cdnResourceUrl, $filePath, $secretKey, $expiryTimestamp = NULL){

        // NOTE [yasir 20110331] + and ?  are some of represented chars of based64 encoding (8 bits)
        // + is 62 and / is 63 . and These char should be replaced by other predefined chars.
        $searchChars = array('+','/');
        $replaceChars = array('-', '_');

        if($filePath[0] != '/'){
            $filePath = "/{$filePath}";
        }

        if($pos =  strpos($filePath, '?')){
            $filePath = substr($filePath, 0, $pos);
        }

        $hashStr = $filePath.$secretKey;

        if($expiryTimestamp){
            $hashStr = $expiryTimestamp.$hashStr;
            $expiryTimestamp = ",{$expiryTimestamp}";
        }

        return  "http://{$cdnResourceUrl}{$filePath}?secure=".
                str_replace($searchChars, $replaceChars, base64_encode(md5($hashStr, TRUE))).
                $expiryTimestamp;
    }

(76 vote(s))
Helpful
Not helpful

Comments (0)