Skip to content

Instantly share code, notes, and snippets.

@revdan
Created January 8, 2014 11:22
Show Gist options
  • Save revdan/8315414 to your computer and use it in GitHub Desktop.
Save revdan/8315414 to your computer and use it in GitHub Desktop.
vzaar user-signed security examples
// This example requires the apache commons-codec library
// (http://commmons.apache.org/codec)
import org.apache.commons.codec.digest.DigestUtils;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.TimeZone;
public class VzaarUssTokens {
public static void main(String[] args) {
SimpleDateFormat dateFormat = new SimpleDateFormat("yyyyMMddHHmmss");
dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
String expiryTimestamp = dateFormat.format(
new Date(System.currentTimeMillis() + (120 * 1000)));
String signingKey = "000033337777aaaa222233334444bbbb";
int videoId = 920344;
// Generate a video-specific token
String signatureVs = DigestUtils.md5Hex(
String.format("%d:%s:%s", videoId, signingKey, expiryTimestamp));
String tokenVs = String.format("2.%s.%s", expiryTimestamp, signatureVs);
// Generate a user-specific token
String signatureUs = DigestUtils.md5Hex(
String.format("%s:%s", signingKey, expiryTimestamp));
String tokenUs = String.format("3.%s.%s", expiryTimestamp, signatureUs);
// Generate a video- and format-specific token
// This allows only playback, not downloads
String signatureFs = DigestUtils.md5Hex(
String.format("%s:%d:%s:%s", "video", videoId, signingKey, expiryTimestamp));
String tokenFs = String.format("4.%s.%s", expiryTimestamp, signatureFs);
// This allows only downloads, not playback
String signatureFs = DigestUtils.md5Hex(
String.format("%s:%d:%s:%s", "download", videoId, signingKey, expiryTimestamp));
String tokenFs = String.format("4.%s.%s", expiryTimestamp, signatureFs);
}
}
<?php
# Expire in 2 minutes time
$time = new DateTime('now', new DateTimeZone('UTC'));
$time -> modify("+2 minutes");
$expiry_timestamp = $time -> format('YmdHis');
$signing_key = "000033337777aaaa222233334444bbbb";
$video_id = 920344;
# Generate a video-specific token
$signature_vs = md5("{$video_id}:{$signing_key}:{$expiry_timestamp}");
$token_vs = "2.{$expiry_timestamp}.{$signature_vs}";
# Generate a user-specific token
$signature_us = md5("{$signing_key}:{$expiry_timestamp}");
$token_us = "3.{$expiry_timestamp}.{$signature_us}";
# Generate a video- and format-specific token
# This allows only playback, not downloads
$signature_fs = md5("video:{$video_id}:{$signing_key}:{$expiry_timestamp}");
$token_fs = "4.{$expiry_timestamp}.{$signature_fs}";
# This allows only downloads, not playback
$signature_fs = md5("download:{$video_id}:{$signing_key}:{$expiry_timestamp}");
$token_fs = "4.{$expiry_timestamp}.{$signature_fs}";
?>
require 'digest'
# Expire in 2 minutes time
expiry_timestamp = (Time.now.utc + 120).strftime("%Y%m%d%H%M%S")
signing_key = "000033337777aaaa222233334444bbbb"
video_id = 920344
# Generate a video-specific token
signature_vs = Digest::MD5.hexdigest(
"#{video_id}:#{signing_key}:#{expiry_timestamp}"
)
token_vs = "2.#{expiry_timestamp}.#{signature_vs}"
# Generate a user-specific token
signature_us = Digest::MD5.hexdigest(
"#{signing_key}:#{expiry_timestamp}"
)
token_us = "3.#{expiry_timestamp}.#{signature_us}"
# Generate a video- and format-specific token
# This allows only playback, not downloads
signature_fs = Digest::MD5.hexdigest(
"video:#{video_id}:#{signing_key}:#{expiry_timestamp}"
)
token_fs = "4.#{expiry_timestamp}.#{signature_fs}"
# This allows only downloads, not playback
signature_fs = Digest::MD5.hexdigest(
"download:#{video_id}:#{signing_key}:#{expiry_timestamp}"
)
token_fs = "4.#{expiry_timestamp}.#{signature_fs}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment