Skip to content

Instantly share code, notes, and snippets.

@nhancv nhancv/cloudfront.service.ts Secret

Last active Mar 14, 2020
Embed
What would you like to do?
AWS CloudFront
import {Injectable} from '@nestjs/common';
import CloudFront from "aws-sdk/clients/cloudfront";
import AWS from "aws-sdk";
import {Signer} from "aws-sdk/lib/cloudfront/signer";
import * as fs from 'fs';
@Injectable()
export class CloudfrontService {
cloudFront: CloudFront;
keyPairId: string;
privateKey: string;
constructor() {
this.keyPairId = process.env.AWS_CLOUDFRONT_ACCESSKEY_ID || '';
this.privateKey = fs.readFileSync(`./keys/pk-${this.keyPairId}.pem`).toString();
this.cloudFront = new CloudFront();
}
// Get specific signed url
getSignedUrl(url: string): Promise<string> {
return new Promise((resolve, reject) => {
const expiry = Math.floor(Date.now() / 1000) + 120; // 2 minutes
const signer = new AWS.CloudFront.Signer(this.keyPairId, this.privateKey);
const options = {url: url, expires: expiry};
signer.getSignedUrl(options, function (err, data) {
if (err) {
reject(err);
} else {
resolve(data);
}
});
});
}
// Get specific signed cookies
getSignedCookie(domain: string): Promise<Signer.CustomPolicy> {
return new Promise((resolve, reject) => {
const expiry = Math.floor(Date.now() / 1000) + 86400; // 1day
const policy = {
'Statement': [{
'Resource': "https://" + domain + "/*",
'Condition': {
'DateLessThan': {'AWS:EpochTime': expiry}
}
}]
};
const policyString = JSON.stringify(policy);
const signer = new AWS.CloudFront.Signer(this.keyPairId, this.privateKey);
const options = {url: "https://" + domain, policy: policyString};
signer.getSignedCookie(options, function (err, data) {
if (err) {
reject(err);
} else {
resolve(data);
}
});
});
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.