kzkn/cf_signed_url.rb

## cf_signed_url.rb
require 'openssl'
require 'json'
require 'base64'

key_paid_id = 'CLOUD_FRONT_PUBLIC_KEY_ID'
url = 'https://CLOUD_FRONT_DOMAIN/path/to/contents'
expires_at_epoch = (Time.new + 3600).to_i
policy = {
  "Statement" => [
    {
      "Resource" => url,
      "Condition" => {
        "DateLessThan" => {
          "AWS:EpochTime" => expires_at_epoch
        }
      }
    }
  ]
}
policy_text = JSON.dump(policy)
key = OpenSSL::PKey.read(File.open('private_key.pem'))
sign = key.sign('SHA1', policy_text)
signature = Base64.strict_encode64(sign).tr('+=/', '-_~')

puts "#{url}?Expires=#{expires_at_epoch}&Signature=#{signature}&Key-Pair-Id=#{key_paid_id}"
	require 'openssl'
	require 'json'
	require 'base64'

	key_paid_id = 'CLOUD_FRONT_PUBLIC_KEY_ID'
	url = 'https://CLOUD_FRONT_DOMAIN/path/to/contents'
	expires_at_epoch = (Time.new + 3600).to_i
	policy = {
	"Statement" => [
	{
	"Resource" => url,
	"Condition" => {
	"DateLessThan" => {
	"AWS:EpochTime" => expires_at_epoch
	}
	}
	}
	]
	}
	policy_text = JSON.dump(policy)
	key = OpenSSL::PKey.read(File.open('private_key.pem'))
	sign = key.sign('SHA1', policy_text)
	signature = Base64.strict_encode64(sign).tr('+=/', '-_~')

	puts "#{url}?Expires=#{expires_at_epoch}&Signature=#{signature}&Key-Pair-Id=#{key_paid_id}"