似乎无法将此 Url 签名与 Amazon IVS 一起使用。我正在使用来自 https://github.com/lcobucci/jwt 的软件包。我需要获得 ES384 签名才能保护我的直播。
这是我的代码
/**
* _signUrl
*
*
*/
private function _signUrl($playbackUrl, $channelArn){
$header = [
"alg" => "ES384",
"typ" => "JWT"
];
$payload = [
"aws:channel-arn" => $channelArn,
// "aws:access-control-allow-origin" => "<your-website>",
"exp" => \Carbon\Carbon::now()->addDays(3)->timestamp
];
$signer = new \Lcobucci\JWT\Signer\Ecdsa\Sha384();
$privateKey = InMemory::plainText("
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDDuRdOUNt1lb0OHoDioTKRVOoRYqvyRnjCBZydC9kG7eb1pb0E3r+Wq
6jUEx9Zs1xWgBwYFK4EEACKhZANiAATsETeLPGzsREFHl/K9WFuLMrLazwH64de0
TOgMK9VqCseILxAJVtIuwN/jmBBFLUwe/MdVXpxPzgp60KTVNOqRla73oVdhYOHA
nevl9sJSns1fN3pMsf2TmXBX/B7/O2g=
-----END EC PRIVATE KEY-----
");
$base64Encoded = (base64_encode(implode($header)).base64_encode(implode($payload)));
$sign = $signer->sign($base64Encoded, $privateKey);
$token = bin2hex($sign);
return "{$playbackUrl}?token={$token}";
}
从 url 获取这个
错误“格式错误的播放身份验证令牌” error_code "invalid_playback_auth_token"
答案 0 :(得分:0)
您需要使用专为 url 设计的 base 64 编码和解码的自定义版本。
if ( ! function_exists('base64url_encode')){
/**
* Encode data to Base64URL
* @param string $data
* @return boolean|string
*/
function base64url_encode($data)
{
// First of all you should encode $data to Base64 string
$b64 = base64_encode($data);
// Make sure you get a valid result, otherwise, return FALSE, as the base64_encode() function do
if ($b64 === false) {
return false;
}
// Convert Base64 to Base64URL by replacing “+” with “-” and “/” with “_”
$url = strtr($b64, '+/', '-_');
// Remove padding character from the end of line and return the Base64URL result
return rtrim($url, '=');
}
}
if ( ! function_exists('base64url_decode')){
/**
* Decode data from Base64URL
* @param string $data
* @param boolean $strict
* @return boolean|string
*/
function base64url_decode($data, $strict = false)
{
// Convert Base64URL to Base64 by replacing “-” with “+” and “_” with “/”
$b64 = strtr($data, '-_', '+/');
// Decode Base64 string and return the original data
return base64_decode($b64, $strict);
}
}
这是一个完整的更新功能
/**
* _signUrl
*
*
*/
private function _signUrl($playbackUrl, $channelArn){
$signer = new \Lcobucci\JWT\Signer\Ecdsa\Sha384();
$privateKey = InMemory::plainText("
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDDuRdOUNt1lb0OHoDioTKRVOoRYqvyRnjCBZydC9kG7eb1pb0E3r+Wq
6jUEx9Zs1xWgBwYFK4EEACKhZANiAATsETeLPGzsREFHl/K9WFuLMrLazwH64de0
TOgMK9VqCseILxAJVtIuwN/jmBBFLUwe/MdVXpxPzgp60KTVNOqRla73oVdhYOHA
nevl9sJSns1fN3pMsf2TmXBX/B7/O2g=
-----END EC PRIVATE KEY-----
");
$token = "";
$token .= (base64url_encode( json_encode( [
"alg" => "ES384",
"typ" => "JWT"
])));
$token .= ".".(base64url_encode( json_encode( [
"aws:channel-arn" => $channelArn,
"exp" => \Carbon\Carbon::now()->addDays(3)->timestamp]
)));
$signPart = $signer->sign($token, $privateKey);
$tokenComplete = $token.".". base64url_encode($signPart);
return "{$playbackUrl}?token={$tokenComplete}";
}