https://github.com/tierratelematics/cfsign
A Typescript/Javascript lib for working with CloudFront signatures in NodeJs
https://github.com/tierratelematics/cfsign
aws cloudfront nodejs signature typescript
Last synced: 11 months ago
JSON representation
A Typescript/Javascript lib for working with CloudFront signatures in NodeJs
- Host: GitHub
- URL: https://github.com/tierratelematics/cfsign
- Owner: tierratelematics
- License: other
- Created: 2018-10-23T08:42:36.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2018-11-29T17:00:21.000Z (over 7 years ago)
- Last Synced: 2025-08-09T03:03:46.201Z (11 months ago)
- Topics: aws, cloudfront, nodejs, signature, typescript
- Language: TypeScript
- Homepage:
- Size: 29.3 KB
- Stars: 6
- Watchers: 6
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# cfsign
A Typescript/Javascript lib for working with CloudFront signatures in NodeJs.
## Getting started
Install `cfsign` from [npm](https://www.npmjs.com/package/cfsign).
Instantiate a signer with your key configuration:
```javascript
import { Signer } from "cfsign";
const signer = new Signer({
id: "APKAXXXXXXXXXXXXXXXX",
privateKeyPem: "-----BEGIN RSA PRIVATE KEY-----\nXXXX..."
});
```
As per [AWS documentation](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html),
`cfsign` supports short-ish URLs, signed using a "canned" policy. In this
case a URL and an expiration date will do:
```javascript
const expiration = new Date(new Date().getTime() + 10*60*1000);
const signedUrl = signer.signUrl(`https://xyz.cloudfront.net/example/path`, expiration);
```
To sign a more complex policy, just build one and then get the resulting
cookies or query parameters.
```javascript
const policy = {
Statement: [{
Condition: {
DateGreaterThan: { "AWS:EpochTime": 0 },
DateLessThan: { "AWS:EpochTime": 1 },
IpAddress: { "AWS:SourceIp": "1.1.1.0/24" }
},
Resource: "http://test.com/folder/*"
}]
};
const signature = sut.sign(policy);
const cookies = signature.toCookies();
const signedUrl = signature.addToUrl("http://test.com/folder/file");
```
In typescript the `Policy` type will help you to write a correct policy.
## Extra utils
If you prefer to set the key via a single line string, rather than a PEM,
there's `pemFormat()`:
```javascript
import { pemFormat } from "cfsign/lib/keyUtils";
const signer = new Signer({
id: "APKAXXXXXXXXXXXXXXXX",
privateKeyPem: pemFormat("XXXX")
});
```
Refer to typedocs or tests for further details and examples.