Ubuntu Server 16.04.1 LTS 64位
或Ubuntu Server 18.04.1 LTS 64位
。ubuntu@VM-69-2-ubuntu:~$ export SECRET_ID=AKxxxxxxxxxxxxxxxxxxxxxxx; export SECRET_KEY=xxxxxxxxxxxxxxxxxxxxx;export APPID=125xxxxxxx;export ANTI_LEECH_KEY=xxxx;git clone https://github.com/tencentyun/vod-server-demo.git ~/vod-server-demo; bash ~/vod-server-demo/installer/anti_leech_sign_scf_en.sh
[2020-06-04 15:57:10]开始检查npm。[2020-06-04 15:57:18]npm 安装成功。[2020-06-04 15:57:18]开始安装 ServerLess。[2020-06-04 15:57:19]serverless 安装成功。[2020-06-04 15:57:20]开始部署云点播 Key 防盗链签名派发服务。[2020-06-04 15:57:30]云点播 Key 防盗链签名派发服务部署完成。[2020-06-04 15:57:32]服务地址:https://service-xxxxxxxx-125xxxxxxx.gz.apigw.tencentcs.com/release/anti_leech_sign
https://service-xxxxxxxx-125xxxxxxx.gz.apigw.tencentcs.com/release/anti_leech_sign
)。[2020-04-25 17:18:44]警告:Key 防盗链签名派发服务测试不通过。
curl
命令尝试直接访问该 URL,结果会因不符合 Key 防盗链规则而被服务器拒绝访问,HTTP 返回码为403(测试时,请将命令中的 URL 替换为实际 URL,下同):ubuntu@VM-69-2-ubuntu:~$ curl -I "http://125xxxxxxx.vod2.myqcloud.com/f888c998vodcq125xxxxxxx/c849148f528xxxxxxxxxxxxxxxx/xxxxxxxxxx.mp4"HTTP/1.1 403 ForbiddenServer: NWS_VPConnection: keep-aliveDate: Thu, 04 Jun 2020 08:27:54 GMTContent-Type: text/plainContent-Length: 14
curl
命令来请求步骤4中部署的服务,获取带防盗链签名的 URL(-d
表示使用 POST 方式发起请求,所带的参数为视频 URL):ubuntu@VM-69-2-ubuntu:~$ curl -d 'http://125xxxxxxx.vod2.myqcloud.com/f888c998vodcq125xxxxxxx/c849148f528xxxxxxxxxxxxxxxx/xxxxxxxxxx.mp4' https://service-xxxxxxxx-125xxxxxxx.gz.apigw.tencentcs.com/release/anti_leech_sign; echohttp://125xxxxxxx.vod2.myqcloud.com/f888c998vodcq125xxxxxxx/c849148f528xxxxxxxxxxxxxxxx/xxxxxxxxxx.mp4?t=5ed8b8d2&exper=0&rlimit=0&us=455041&sign=fe6394007c2e7aef39fc70a02e897f69
curl
命令访问上一步得到的带防盗链签名的 URL,能够正常访问(HTTP 返回码为200):ubuntu@VM-69-2-ubuntu:~$ curl -I "http://125xxxxxxx.vod2.myqcloud.com/f888c998vodcq125xxxxxxx/c849148f528xxxxxxxxxxxxxxxx/xxxxxxxxxx.mp4?t=5ed8b8d2&exper=0&rlimit=0&us=455041&sign=fe6394007c2e7aef39fc70a02e897f69"HTTP/1.1 200 OKServer: tencent-cosConnection: keep-aliveDate: Thu, 04 Jun 2020 08:37:17 GMTLast-Modified: Fri, 22 May 2020 15:06:15 GMTContent-Type: video/mp4Content-Length: 232952632Accept-Ranges: bytesETag: "1da6be3a0d1da5edae4ff0b1feff02cf-223"x-cos-hash-crc64ecma: 16209801220610226954x-cos-request-id: NWVkOGIyYmVfZDUyMzYyNjRfYWMwMF85YjkyNzA=X-Daa-Tunnel: hop_count=4X-NWS-LOG-UUID: b404f43e-3c86-4c54-8a78-fb78e4e85cf2 add71e19fb08c6d9dbe1b21a2fb157bfAccess-Control-Allow-Credentials: trueAccess-Control-Allow-Headers: Origin,No-Cache,X-Requested-With,If-Modified-Since,Pragma,Last-Modified,Cache-Control,Expires,Content-Type,X_Requested_With,RangeAccess-Control-Allow-Methods: GET,POST,OPTIONSAccess-Control-Allow-Origin: *
服务 | 云函数名 | 接口形式 | 请求内容 | 返回内容 |
Key 防盗链签名派发 | anti_leech_sign | HTTP POST | 视频原始 URL | 带防盗链签名 URL |
main_handler()
为入口函数。parse_conf_file()
,从config.json
文件中读取配置信息。配置项说明如下(详细参数请参见 Key 防盗链签名参数):字段 | 数据类型 | 功能 |
key | String | Key 防盗链密钥 |
t | Integer | 签名有效时间,单位:秒。在处理请求时,该参数与 SCF 服务器的当前时间相加后,才是防盗链参数中的 t |
exper | Integer | 试看时长 |
rlimit | Integer | 签名最多允许被多少个客户端 IP 访问 |
Dir
参数,本地生成t
和us
参数,从配置文件中读取exper
和rlimit
参数:original_url = event["body"]parse_result = urlparse(original_url)directory = path.split(parse_result.path)[0] + '/'# 签名参数timestamp = int(time.time())rand = random.randint(0, 999999)sign_para = {"t": hex(timestamp + configuration['t'])[2:],"exper": configuration['exper'],"rlimit": configuration['rlimit'],"us": rand}
generate_sign()
计算防盗链签名,详细算法请参见 Key 防盗链签名。sign_para["sign"] = signaturequery_string = urlencode(sign_para)new_parse_result = parse_result._replace(query=query_string)signed_url = urlunparse(new_parse_result)
return {"isBase64Encoded": False,"statusCode": 200,"headers": {"Content-Type": "text/plain; charset=utf-8","Access-Control-Allow-Origin": "*","Access-Control-Allow-Methods": "POST,OPTIONS"},"body": signed_url}
本页内容是否解决了您的问题?