php - Amazon IVS URL 身份验证令牌
问题描述
似乎无法让此 Url 签名与 Amazon IVS 一起使用。我正在使用来自https://github.com/lcobucci/jwt的包。我需要获得 ES384 签名才能保护我的直播流。
这是我的代码
/**
* _signUrl
*
*
*/
private function _signUrl($playbackUrl, $channelArn){
$header = [
"alg" => "ES384",
"typ" => "JWT"
];
$payload = [
"aws:channel-arn" => $channelArn,
// "aws:access-control-allow-origin" => "<your-website>",
"exp" => \Carbon\Carbon::now()->addDays(3)->timestamp
];
$signer = new \Lcobucci\JWT\Signer\Ecdsa\Sha384();
$privateKey = InMemory::plainText("
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDDuRdOUNt1lb0OHoDioTKRVOoRYqvyRnjCBZydC9kG7eb1pb0E3r+Wq
6jUEx9Zs1xWgBwYFK4EEACKhZANiAATsETeLPGzsREFHl/K9WFuLMrLazwH64de0
TOgMK9VqCseILxAJVtIuwN/jmBBFLUwe/MdVXpxPzgp60KTVNOqRla73oVdhYOHA
nevl9sJSns1fN3pMsf2TmXBX/B7/O2g=
-----END EC PRIVATE KEY-----
");
$base64Encoded = (base64_encode(implode($header)).base64_encode(implode($payload)));
$sign = $signer->sign($base64Encoded, $privateKey);
$token = bin2hex($sign);
return "{$playbackUrl}?token={$token}";
}
从 url 获取这个
错误“播放验证令牌格式错误”error_code“invalid_playback_auth_token”
解决方案
您需要使用为 url 设计的 base 64 编码和解码的自定义版本。
if ( ! function_exists('base64url_encode')){
/**
* Encode data to Base64URL
* @param string $data
* @return boolean|string
*/
function base64url_encode($data)
{
// First of all you should encode $data to Base64 string
$b64 = base64_encode($data);
// Make sure you get a valid result, otherwise, return FALSE, as the base64_encode() function do
if ($b64 === false) {
return false;
}
// Convert Base64 to Base64URL by replacing “+” with “-” and “/” with “_”
$url = strtr($b64, '+/', '-_');
// Remove padding character from the end of line and return the Base64URL result
return rtrim($url, '=');
}
}
if ( ! function_exists('base64url_decode')){
/**
* Decode data from Base64URL
* @param string $data
* @param boolean $strict
* @return boolean|string
*/
function base64url_decode($data, $strict = false)
{
// Convert Base64URL to Base64 by replacing “-” with “+” and “_” with “/”
$b64 = strtr($data, '-_', '+/');
// Decode Base64 string and return the original data
return base64_decode($b64, $strict);
}
}
这是一个完整的更新功能
/**
* _signUrl
*
*
*/
private function _signUrl($playbackUrl, $channelArn){
$signer = new \Lcobucci\JWT\Signer\Ecdsa\Sha384();
$privateKey = InMemory::plainText("
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDDuRdOUNt1lb0OHoDioTKRVOoRYqvyRnjCBZydC9kG7eb1pb0E3r+Wq
6jUEx9Zs1xWgBwYFK4EEACKhZANiAATsETeLPGzsREFHl/K9WFuLMrLazwH64de0
TOgMK9VqCseILxAJVtIuwN/jmBBFLUwe/MdVXpxPzgp60KTVNOqRla73oVdhYOHA
nevl9sJSns1fN3pMsf2TmXBX/B7/O2g=
-----END EC PRIVATE KEY-----
");
$token = "";
$token .= (base64url_encode( json_encode( [
"alg" => "ES384",
"typ" => "JWT"
])));
$token .= ".".(base64url_encode( json_encode( [
"aws:channel-arn" => $channelArn,
"exp" => \Carbon\Carbon::now()->addDays(3)->timestamp]
)));
$signPart = $signer->sign($token, $privateKey);
$tokenComplete = $token.".". base64url_encode($signPart);
return "{$playbackUrl}?token={$tokenComplete}";
}
推荐阅读
- google-cloud-platform - 如何查看 GCP HealthCheck 日志
- python - 将s3文件下载到临时文件
- python - 使用 BeautifulSoup 访问 aria 标签和 yelp 评论
- wordpress - 使用 Genesis 框架对自定义帖子类型的评论
- javascript - 将图像 URL 转换为 base 64 字符串
- java - 将 Blob 转换为 String 仅在 Java 中生成 Blob 对象名称
- android - ViewPager 孩子在父母旁边滑动
- asp.net - 带有 Azure Key Vault 的本地 ASP.NET Framework Web 应用
- authentication - 如何使用基本身份验证访问页面(Apify SDK)
- bootstrap-4 - 引导按钮没有格式或文本