Skip to content

Instantly share code, notes, and snippets.

@oestrich
Created October 21, 2015 02:21
  • Star 5 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save oestrich/44602a5262ad3c469681 to your computer and use it in GitHub Desktop.
Signing Google Cloud Storage URLs
private_key = "..."
client_email = "..."
bucket = "..."
path = "..."
full_path = "/#{bucket}/#{path}"
expiration = 5.minutes.from_now.to_i
signature_string = [
"GET",
"",
"",
expiration,
full_path,
].join("\n")
digest = OpenSSL::Digest::SHA256.new
signer = OpenSSL::PKey::RSA.new(private_key)
signature = Base64.strict_encode64(signer.sign(digest, signature_string))
signature = CGI.escape(signature)
"https://storage.googleapis.com#{full_path}?GoogleAccessId=#{client_email}&Expires=#{expiration}&Signature=#{signature}"
@mberrueta
Copy link

good 1

@mberrueta
Copy link

A suggestion for rubocop builds, and read the key from the google json directly

    file = File.read('/gc_api_json_path')
    data = JSON.parse(file)
    private_key = data['private_key']
    client_email = data['client_email']
    bucket = 'gc_storage_bucket_name'
    path = 'file'
    full_path = "/#{bucket}/#{path}"
    expiration = 5.minutes.from_now.to_i

    signature_string = [
      'GET',
      '',
      '',
      expiration,
      full_path
    ].join("\n")
   # remove the las ',' 

again, thanks man, it help me a lot!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment