Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Signing Google Cloud Storage URLs
private_key = "..."
client_email = "..."
bucket = "..."
path = "..."
full_path = "/#{bucket}/#{path}"
expiration = 5.minutes.from_now.to_i
signature_string = [
"GET",
"",
"",
expiration,
full_path,
].join("\n")
digest = OpenSSL::Digest::SHA256.new
signer = OpenSSL::PKey::RSA.new(private_key)
signature = Base64.strict_encode64(signer.sign(digest, signature_string))
signature = CGI.escape(signature)
"https://storage.googleapis.com#{full_path}?GoogleAccessId=#{client_email}&Expires=#{expiration}&Signature=#{signature}"
@mberrueta

This comment has been minimized.

Copy link

commented Nov 3, 2016

good 1

@mberrueta

This comment has been minimized.

Copy link

commented Nov 4, 2016

A suggestion for rubocop builds, and read the key from the google json directly

    file = File.read('/gc_api_json_path')
    data = JSON.parse(file)
    private_key = data['private_key']
    client_email = data['client_email']
    bucket = 'gc_storage_bucket_name'
    path = 'file'
    full_path = "/#{bucket}/#{path}"
    expiration = 5.minutes.from_now.to_i

    signature_string = [
      'GET',
      '',
      '',
      expiration,
      full_path
    ].join("\n")
   # remove the las ',' 

again, thanks man, it help me a lot!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.