使用amazon cloudfront进行数据流式传输

Question

到目前为止，我已经遵循了这些步骤。

为web/http及其启用的云端分布设置。

然后我生成我的CloudFront密钥对保存了文件并上传到我的服务器。

我有我的亚马逊SDK所有设置生成getSignedUrl并具有以下代码。

<?php 
use Aws\CloudFront\CloudFrontClient; 

$client = CloudFrontClient::factory(array(
    'private_key' => dirname(__FILE__) . '/cloudfront/pk- my key here -.pem', 
    'key_pair_id' => 'AWS Key' 
)); 

$distributionUrl = '- my url here -.cloudfront.net'; 

$url = $client->getSignedUrl(array(
    'url'  => 'https://' . $distributionUrl . '/video.mp4', 
    'expires' => time() + 3600 
)); 

?> 

<video width="320" height="240" controls> 
    <source src="<?php echo $url; ?>" type="video/mp4"> 
    Your browser does not support the video tag. 
</video> 

好了，所以它是生成URL，但它在视频播放器不会玩，如果我在Chrome浏览控制台它显示了这个错误。

更新我知道有能力从cloudfront直接流，只要我的文件设置为公开我不能让getSignedUrl工作在所有令人沮丧。

有人可以帮助这一直试图让工作几个小时？

感谢

Answer 1

从CloudFront的文档中发现here给出了如何使用CloudFront的服务流化私密内容的例子。

创建一个URL签名使用PHP

运行PHP可以使用PHP演示代码来创建私有CloudFront的RTMP 分布 政策声明和签名的任何Web服务器。该示例使用CloudFront流创建具有签名 URL链接的功能性网页，播放视频流。要获得 样品，请下载Signature Code for Video Streaming in PHP。

---

见this question以供参考。

---

/** 
* Create a signed URL 
* 
* This method accepts an array of configuration options: 
* - url:  (string) URL of the resource being signed (can include query string and wildcards). For example: 
*      rtmp://s5c39gqb8ow64r.cloudfront.net/videos/mp3_name.mp3 
*      http://d111111abcdef8.cloudfront.net/images/horizon.jpg?size=large&license=yes 
* - policy: (string) JSON policy. Use this option when creating a signed URL for a custom policy. 
* - expires: (int)  UTC Unix timestamp used when signing with a canned policy. Not required when passing a 
*      custom 'policy' option. 
* 
* @param array $options Array of configuration options used when signing 
* 
* @return string     The file URL with authentication parameters. 
* @throws InvalidArgumentException if key_pair_id and private_key have not been configured on the client 
*/ 
public function getSignedUrl(array $options) 
{ 
    if (!$this->getConfig('key_pair_id') || !$this->getConfig('private_key')) { 
     throw new InvalidArgumentException(
      'An Amazon CloudFront keypair ID (key_pair_id) and an RSA private key (private_key) is required' 
     ); 
    } 

    // Initialize the configuration data and ensure that the url was specified 
    $options = Collection::fromConfig($options, null, array('url')); 
    // Determine the scheme of the policy 
    $urlSections = explode('://', $options['url']); 
    // Ensure that the URL contained a scheme and parts after the scheme 
    if (count($urlSections) < 2) { 
     throw new InvalidArgumentException('Invalid URL: ' . $options['url']); 
    } 

    // Get the real scheme by removing wildcards from the scheme 
    $scheme = str_replace('*', '', $urlSections[0]); 
    $policy = $options['policy'] ?: $this->createCannedPolicy($scheme, $options['url'], $options['expires']); 
    // Strip whitespace from the policy 
    $policy = str_replace(' ', '', $policy); 

    $url = Url::factory($scheme . '://' . $urlSections[1]); 
    if ($options['policy']) { 
     // Custom policies require that the encoded policy be specified in the URL 
     $url->getQuery()->set('Policy', strtr(base64_encode($policy), '+=/', '-_~')); 
    } else { 
     // Canned policies require that the Expires parameter be set in the URL 
     $url->getQuery()->set('Expires', $options['expires']); 
    } 

    // Sign the policy using the CloudFront private key 
    $signedPolicy = $this->rsaSha1Sign($policy, $this->getConfig('private_key')); 
    // Remove whitespace, base64 encode the policy, and replace special characters 
    $signedPolicy = strtr(base64_encode($signedPolicy), '+=/', '-_~'); 

    $url->getQuery() 
     ->useUrlEncoding(false) 
     ->set('Signature', $signedPolicy) 
     ->set('Key-Pair-Id', $this->getConfig('key_pair_id')); 

    if ($scheme != 'rtmp') { 
     // HTTP and HTTPS signed URLs include the full URL 
     return (string) $url; 
    } else { 
     // Use a relative URL when creating Flash player URLs 
     $url->setScheme(null)->setHost(null); 
     // Encode query string variables for flash players 
     $url = str_replace(array('?', '=', '&'), array('%3F', '%3D', '%26'), (string) $url); 

     return substr($url, 1); 
    } 
} 

/** 
* Sign a policy string using OpenSSL RSA SHA1 
* 
* @param string $policy    Policy to sign 
* @param string $privateKeyFilename File containing the OpenSSL private key 
* 
* @return string 
*/ 
protected function rsaSha1Sign($policy, $privateKeyFilename) 
{ 
    $signature = ''; 
    openssl_sign($policy, $signature, file_get_contents($privateKeyFilename)); 

    return $signature; 
} 

/** 
* Create a canned policy for a particular URL and expiration 
* 
* @param string $scheme Parsed scheme without wildcards 
* @param string $url  URL that is being signed 
* @param int $expires Time in which the signature expires 
* 
* @return string 
* @throws InvalidArgumentException if the expiration is not set 
*/ 
protected function createCannedPolicy($scheme, $url, $expires) 
{ 
    if (!$expires) { 
     throw new InvalidArgumentException('An expires option is required when using a canned policy'); 
    } 

    // Generate a canned policy 
    if ($scheme == 'http' || $scheme == 'https') { 
     $resource = $url; 
    } elseif ($scheme == 'rtmp') { 
     $parts = parse_url($url); 
     $pathParts = pathinfo($parts['path']); 
     // Add path leading to file, strip file extension, and add a query string if present 
     $resource = ltrim($pathParts['dirname'] . '/' . $pathParts['filename'], '/') 
      . (isset($parts['query']) ? "?{$parts['query']}" : ''); 
    } else { 
     throw new InvalidArgumentException("Invalid URI scheme: {$scheme}. Must be one of http or rtmp."); 
    } 

    return sprintf(
     '{"Statement":[{"Resource":"%s","Condition":{"DateLessThan":{"AWS:EpochTime":%d}}}]}', 
     $resource, 
     $expires 
    ); 
}