dreamonkey/laravel-cloudfront-url-signer

Laravel 5.6+ wrapper around CloudFront canned signed URLs

v3.4.0 2023-04-03 16:31 UTC

README

Easy to use Laravel 6+ wrapper around the official AWS PHP SDK which allows to sign URLs to access Private Content through CloudFront CDN

Inspired by laravel-url-signer

Latest Version on Packagist Total Downloads

This package can create canned policies signed URLs for CloudFront which expires after a given time. This is done by wrapping the AWS SDK method adding a Laravel-style configuration and accessibility.

This is how you can create signed URL that's valid for 30 days:

// With Facade
CloudFrontUrlSigner::sign('https://myapp.com/resource', 30);

// With helper
sign('https://myapp.com/resource', 30);

The output is compliant with CloudFront specifications

Installation

The package can be installed via Composer:

composer require dreamonkey/laravel-cloudfront-url-signer

Configuration

The configuration file can optionally be published via:

php artisan vendor:publish --provider="Dreamonkey\CloudFrontUrlSigner\CloudFrontUrlSignerServiceProvider"

This is the content of the file:

return [
    /*
     * The default expiration time of a URL in days.
     */
    'default_expiration_time_in_days' => 1,

    /*
     * The private key used to sign all URLs.
     */
    'private_key_path' => storage_path(env('CLOUDFRONT_PRIVATE_KEY_PATH', 'trusted-signer.pem')),

    /*
     * Identifies the CloudFront key pair associated
     * to the trusted signer which validates signed URLs.
     */
    'key_pair_id' => env('CLOUDFRONT_KEY_PAIR_ID', ''),

    /*
     * CloudFront API version, by default it uses the latest available.
     */
    'version' => env('CLOUDFRONT_API_VERSION', 'latest'),

];

Usage

Signing URLs

URL's can be signed with the sign method:

CloudFrontUrlSigner::sign('https://myapp.com/resource');

By default the lifetime of an URL is one day. This value can be change in the config-file. If you want a custom life time, you can specify the number of days the URL should be valid:

// The generated URL will be valid for 5 days.
CloudFrontUrlSigner::sign('https://myapp.com/resource', 5);

For fine grained control, you may also pass a DateTime instance as the second parameter. The url will be valid up to that moment. This example uses Carbon for convenience:

// This URL will be valid up until 2 hours from the moment it was generated.
CloudFrontUrlSigner::sign('https://myapp.com/resource', Carbon\Carbon::now()->addHours(2) );

Changelog

Please see CHANGELOG for more information what has changed recently.

Testing

$ vendor/bin/phpunit

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email p.caleffi@dreamonkey.com instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.