Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions,
see Getting Started with Amazon Web Services in China
(PDF).
Changes in Amazon CloudFront presigning from version 1 to
version 2
This topic details the changes in the Amazon CloudFront from version 1 (v1) to version 2
(v2).
High-level changes
Change |
v1 |
v2 |
Maven dependencies
|
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-bom</artifactId>
<version>1.12.5871 </version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>cloudfront</artifactId>
</dependency>
</dependencies>
|
<dependencyManagement>
<dependencies>
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>bom</artifactId>
<version>2.27.212 </version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>cloudfront</artifactId>
</dependency>
</dependencies>
|
Package name |
com.amazonaws.services.cloudfront |
software.amazon.awssdk.services.cloudfront |
Class names |
CloudFrontUrlSigner
CloudFrontCookieSigner
|
CloudFrontUtilities
SignedUrl
CannedSignerRequest
CustomSignerRequest
|
1
Latest
version. 2
Latest
version.
API changes
Behavior |
v1 |
v2 |
Build a canned request |
Arguments are passed directly to the API. |
CannedSignerRequest cannedRequest =
CannedSignerRequest.builder()
.resourceUrl(resourceUrl)
.privateKey(privateKey)
.keyPairId(keyPairId)
.expirationDate(expirationDate)
.build();
|
Build a custom request |
Arguments are passed directly to the API. |
CustomSignerRequest customRequest =
CustomSignerRequest.builder()
.resourceUrl(resourceUrl)
.privateKey(keyFile)
.keyPairId(keyPairId)
.expirationDate(expirationDate)
.activeDate(activeDate)
.ipRange(ipRange)
.build();
|
Generate a signed URL (canned) |
String signedUrl =
CloudFrontUrlSigner.getSignedURLWithCannedPolicy(
resourceUrl, keyPairId, privateKey, expirationDate);
|
CloudFrontUtilities cloudFrontUtilities =
CloudFrontUtilities.create();
SignedUrl signedUrl =
cloudFrontUtilities.getSignedUrlWithCannedPolicy(cannedRequest);
String url = signedUrl.url();
|
Generate a signed cookie (custom) |
CookiesForCustomPolicy cookies =
CloudFrontCookieSigner.getCookiesForCustomPolicy(
resourceUrl, privateKey, keyPairId, expirationDate,
activeDate, ipRange);
|
CloudFrontUtilities cloudFrontUtilities =
CloudFrontUtilities.create();
CookiesForCustomPolicy cookies =
cloudFrontUtilities.getCookiesForCustomPolicy(customRequest);
|
In Java v1, the Java SDK delivers cookie headers as a Map.Entry<String,
String>
.
Map.Entry<String, String> signatureMap = cookies.getSignature();
String signatureKey = signatureMap.getKey(); // "CloudFront-Signature"
String signatureValue = signatureMap.getValue(); // "[SIGNATURE_VALUE]"
The Java v2 SDK delivers the entire header as a single String
.
String signatureHeaderValue = cookies.signatureHeaderValue(); // "CloudFront-Signature=[SIGNATURE_VALUE]"