oven-exporter/helper/policy.go

package helper

import (
	"crypto/hmac"
	"crypto/sha1"
	"encoding/base64"
	"encoding/json"
	"net/url"
)

type Policy struct {
	URLExpire    int64  `json:"url_expire"`
	URLActivate  int64  `json:"url_activate,omitempty"`
	StreamExpire int64  `json:"stream_expire,omitempty"`
	AllowIP      string `json:"allow_ip,omitempty"`
}

func (p Policy) Encode() (string, error) {
	str, err := json.Marshal(p)
	if err != nil {
		return "", err
	}
	return base64.RawStdEncoding.EncodeToString(str), nil
}

func SignEncodedPolicy(u *url.URL, secretKey string) string {
	hasher := hmac.New(sha1.New, []byte(secretKey))
	hasher.Write([]byte(u.String()))
	return base64.RawURLEncoding.EncodeToString(hasher.Sum(nil))

}

func (p Policy) SignWithQuery(u *url.URL, secretKey, encodeQuery string) (string, error) {
	encode, err := p.Encode()
	if err != nil {
		return "", nil
	}
	query := u.Query()
	query.Add(encodeQuery, encode)
	u.RawQuery = query.Encode()
	return SignEncodedPolicy(u, secretKey), nil
}
func (p Policy) Sign(u *url.URL, secretKey string) (string, error) {
	return p.SignWithQuery(u, secretKey, "policy")
}

func (p Policy) SignURLWithQuery(u *url.URL, secretKey, encodeQuery, signatureQuery string) error {
	encode, err := p.Encode()
	if err != nil {
		return err
	}
	query := u.Query()
	query.Add(encodeQuery, encode)
	u.RawQuery = query.Encode()

	signature := SignEncodedPolicy(u, secretKey)
	query.Add(signatureQuery, signature)
	u.RawQuery = query.Encode()
	return nil
}
func (p Policy) SignURL(u *url.URL, secretKey string) error {
	return p.SignURLWithQuery(u, secretKey, "policy", "signature")
}
feat: add policy with signing for Access Control 2023-03-12 15:53:33 +01:00			`package helper`

			`import (`
			`"crypto/hmac"`
			`"crypto/sha1"`
			`"encoding/base64"`
			`"encoding/json"`
			`"net/url"`
			`)`

			`type Policy struct {`
fix(helper): use int64 for date -> easier use with golang time.Unix 2023-03-12 20:59:51 +01:00			URLExpire int64 `json:"url_expire"`
			URLActivate int64 `json:"url_activate,omitempty"`
			StreamExpire int64 `json:"stream_expire,omitempty"`
feat: add policy with signing for Access Control 2023-03-12 15:53:33 +01:00			AllowIP string `json:"allow_ip,omitempty"`
			`}`

			`func (p Policy) Encode() (string, error) {`
			`str, err := json.Marshal(p)`
			`if err != nil {`
			`return "", err`
			`}`
			`return base64.RawStdEncoding.EncodeToString(str), nil`
			`}`

			`func SignEncodedPolicy(u *url.URL, secretKey string) string {`
			`hasher := hmac.New(sha1.New, []byte(secretKey))`
			`hasher.Write([]byte(u.String()))`
			`return base64.RawURLEncoding.EncodeToString(hasher.Sum(nil))`

			`}`

			`func (p Policy) SignWithQuery(u *url.URL, secretKey, encodeQuery string) (string, error) {`
			`encode, err := p.Encode()`
			`if err != nil {`
			`return "", nil`
			`}`
			`query := u.Query()`
			`query.Add(encodeQuery, encode)`
			`u.RawQuery = query.Encode()`
			`return SignEncodedPolicy(u, secretKey), nil`
			`}`
			`func (p Policy) Sign(u *url.URL, secretKey string) (string, error) {`
			`return p.SignWithQuery(u, secretKey, "policy")`
			`}`

			`func (p Policy) SignURLWithQuery(u *url.URL, secretKey, encodeQuery, signatureQuery string) error {`
			`encode, err := p.Encode()`
			`if err != nil {`
			`return err`
			`}`
			`query := u.Query()`
			`query.Add(encodeQuery, encode)`
			`u.RawQuery = query.Encode()`

			`signature := SignEncodedPolicy(u, secretKey)`
			`query.Add(signatureQuery, signature)`
			`u.RawQuery = query.Encode()`
			`return nil`
			`}`
			`func (p Policy) SignURL(u *url.URL, secretKey string) error {`
			`return p.SignURLWithQuery(u, secretKey, "policy", "signature")`
			`}`