Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
Buat tanda tangan URL menggunakan Java
Selain contoh kode berikut, Anda dapat menggunakan kelas CloudFrontUrlSigner utilitas di AWS SDK untuk Java (versi 1) untuk membuat CloudFront ditandatangani URLs.
Untuk contoh selengkapnya, lihat Membuat cookie yang ditandatangani URLs dan menggunakan AWS SDK di Perpustakaan Kode Contoh Kode AWS SDK.
Catatan
-
Membuat URL yang ditandatangani hanyalah salah satu bagian dari proses penyajian konten pribadi CloudFront. Untuk informasi selengkapnya tentang seluruh proses, lihat Gunakan ditandatangani URLs.
-
Dalam
Signature.getInstancepanggilan, perhatikan yangSHA1withRSAdapat diganti denganSHA256withRSA.
contoh Kebijakan Java dan metode enkripsi tanda tangan
package org.example; import java.time.Instant; import java.time.temporal.ChronoUnit; import software.amazon.awssdk.services.cloudfront.CloudFrontUtilities; import software.amazon.awssdk.services.cloudfront.model.CannedSignerRequest; import software.amazon.awssdk.services.cloudfront.url.SignedUrl; public class Main { public static void main(String[] args) throws Exception { CloudFrontUtilities cloudFrontUtilities = CloudFrontUtilities.create(); Instant expirationDate = Instant.now().plus(7, ChronoUnit.DAYS); String resourceUrl = "https://a1b2c3d4e5f6g7.cloudfront.net"; String keyPairId = "K1UA3WV15I7JSD"; CannedSignerRequest cannedRequest = CannedSignerRequest.builder() .resourceUrl(resourceUrl) .privateKey(new java.io.File("/path/to/private_key.pem").toPath()) .keyPairId(keyPairId) .expirationDate(expirationDate) .build(); SignedUrl signedUrl = cloudFrontUtilities.getSignedUrlWithCannedPolicy(cannedRequest); String url = signedUrl.url(); System.out.println(url); } }
contoh Contoh Penandatanganan Kebijakan Kalengan dengan SHA256 di Java
package org.example; import java.io.File; import java.nio.file.Files; import java.security.KeyFactory; import java.security.PrivateKey; import java.security.Signature; import java.security.spec.PKCS8EncodedKeySpec; import java.time.Instant; import java.time.temporal.ChronoUnit; import java.util.Base64; public class Main { public static void main(String[] args) throws Exception { String resourceUrl = "https://a1b2c3d4e5f6g7.cloudfront.net/myfile.html"; String keyPairId = "K1UA3WV15I7JSD"; Instant expiration = Instant.now().plus(7, ChronoUnit.DAYS); PrivateKey privateKey = loadPrivateKey("/path/to/private_key.der"); System.out.println(createSignedUrl(resourceUrl, keyPairId, privateKey, expiration, "SHA1")); System.out.println(createSignedUrl(resourceUrl, keyPairId, privateKey, expiration, "SHA256")); } static String createSignedUrl(String resourceUrl, String keyPairId, PrivateKey privateKey, Instant expiration, String hashAlgorithm) throws Exception { long epochSeconds = expiration.getEpochSecond(); String policy = "{\"Statement\":[{\"Resource\":\"" + resourceUrl + "\",\"Condition\":{\"DateLessThan\":{\"AWS:EpochTime\":" + epochSeconds + "}}}]}"; String jcaAlgorithm = hashAlgorithm.equals("SHA256") ? "SHA256withRSA" : "SHA1withRSA"; Signature sig = Signature.getInstance(jcaAlgorithm); sig.initSign(privateKey); sig.update(policy.getBytes("UTF-8")); String signature = base64UrlEncode(sig.sign()); String url = resourceUrl + (resourceUrl.contains("?") ? "&" : "?") + "Expires=" + epochSeconds + "&Signature=" + signature + "&Key-Pair-Id=" + keyPairId; if (hashAlgorithm.equals("SHA256")) { url += "&Hash-Algorithm=SHA256"; } return url; } static String base64UrlEncode(byte[] bytes) { return Base64.getEncoder().encodeToString(bytes) .replace('+', '-') .replace('=', '_') .replace('/', '~'); } static PrivateKey loadPrivateKey(String path) throws Exception { byte[] keyBytes = Files.readAllBytes(new File(path).toPath()); return KeyFactory.getInstance("RSA") .generatePrivate(new PKCS8EncodedKeySpec(keyBytes)); } }
Lihat juga:
