aws-cloudfront-sign
Version:
Utility module for signing AWS CloudFront URLs
45 lines • 1.45 kB
JavaScript
import { readFileSync } from 'fs';
import { createSign } from 'crypto';
import CannedPolicy from './canned-policy';
export function normalizeBase64(str) {
return str
.replace(/\+/g, '-')
.replace(/=/g, '_')
.replace(/\//g, '~');
}
export function createPolicy(cfUrl, expireTime, ipRange) {
const defaultExpireTime = Math.round(Date.now() + 1800000);
expireTime = expireTime || defaultExpireTime;
return new CannedPolicy(cfUrl, expireTime, ipRange);
}
export function createPolicySignature(policy, privateKey) {
const sign = createSign('RSA-SHA1');
sign.update(policy.toJSON());
return sign.sign(privateKey, 'base64');
}
export function getExpireTime(opts) {
return +opts.expireTime || null;
}
export function getIpRange(opts) {
return opts.ipRange || null;
}
export function getPrivateKey(params) {
let privateKeyString = params.privateKeyString;
let pem;
if (params.privateKeyPath) {
pem = readFileSync(params.privateKeyPath);
privateKeyString = pem.toString('ascii');
}
const newLinePattern = /\r|\n/;
const lineBreakExists = newLinePattern.test(privateKeyString);
if (!lineBreakExists) {
throw new Error('Invalid private key string, must include line breaks');
}
return privateKeyString;
}
export function assert(assertion, msg) {
if (!assertion) {
throw new Error(msg);
}
}
//# sourceMappingURL=utils.js.map