| 1 |
efrain |
1 |
<?php
|
|
|
2 |
namespace Aws\CloudFront;
|
|
|
3 |
|
|
|
4 |
class CookieSigner
|
|
|
5 |
{
|
|
|
6 |
/** @var Signer */
|
|
|
7 |
private $signer;
|
|
|
8 |
|
|
|
9 |
private static $schemes = [
|
|
|
10 |
'http' => true,
|
|
|
11 |
'https' => true,
|
|
|
12 |
];
|
|
|
13 |
|
|
|
14 |
/**
|
|
|
15 |
* @param $keyPairId string ID of the key pair
|
|
|
16 |
* @param $privateKey string Path to the private key used for signing
|
|
|
17 |
*
|
|
|
18 |
* @throws \RuntimeException if the openssl extension is missing
|
|
|
19 |
* @throws \InvalidArgumentException if the private key cannot be found.
|
|
|
20 |
*/
|
|
|
21 |
public function __construct($keyPairId, $privateKey)
|
|
|
22 |
{
|
|
|
23 |
$this->signer = new Signer($keyPairId, $privateKey);
|
|
|
24 |
}
|
|
|
25 |
|
|
|
26 |
/**
|
|
|
27 |
* Create a signed Amazon CloudFront Cookie.
|
|
|
28 |
*
|
|
|
29 |
* @param string $url URL to sign (can include query string
|
|
|
30 |
* and wildcards). Not required
|
|
|
31 |
* when passing a custom $policy.
|
|
|
32 |
* @param string|integer|null $expires UTC Unix timestamp used when signing
|
|
|
33 |
* with a canned policy. Not required
|
|
|
34 |
* when passing a custom $policy.
|
|
|
35 |
* @param string $policy JSON policy. Use this option when
|
|
|
36 |
* creating a signed cookie for a custom
|
|
|
37 |
* policy.
|
|
|
38 |
*
|
|
|
39 |
* @return array The authenticated cookie parameters
|
|
|
40 |
* @throws \InvalidArgumentException if the URL provided is invalid
|
|
|
41 |
* @link http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-cookies.html
|
|
|
42 |
*/
|
|
|
43 |
public function getSignedCookie($url = null, $expires = null, $policy = null)
|
|
|
44 |
{
|
|
|
45 |
if ($url) {
|
|
|
46 |
$this->validateUrl($url);
|
|
|
47 |
}
|
|
|
48 |
|
|
|
49 |
$cookieParameters = [];
|
|
|
50 |
$signature = $this->signer->getSignature($url, $expires, $policy);
|
|
|
51 |
foreach ($signature as $key => $value) {
|
|
|
52 |
$cookieParameters["CloudFront-$key"] = $value;
|
|
|
53 |
}
|
|
|
54 |
|
|
|
55 |
return $cookieParameters;
|
|
|
56 |
}
|
|
|
57 |
|
|
|
58 |
private function validateUrl($url)
|
|
|
59 |
{
|
|
|
60 |
$scheme = str_replace('*', '', explode('://', $url)[0]);
|
|
|
61 |
if (empty(self::$schemes[strtolower($scheme)])) {
|
|
|
62 |
throw new \InvalidArgumentException('Invalid or missing URI scheme');
|
|
|
63 |
}
|
|
|
64 |
}
|
|
|
65 |
}
|