A player signature is used by the application playback service to authorize a client for playback. If the playback service allows the client to play back, it will distribute a valid signature to the client as shown in step 5 below. The client can play back the video within the validity period of the signature.
Note:The application client needs a player signature to play back a video in the following cases:
- Key hotlink protection has been enabled for the domain name.
- Player configurations other than the
default
one has been used.- An encrypted video needs to be played back.
The player signature parameters and generation rule are as detailed below:
Parameter | Required | Type | Description |
---|---|---|---|
appId | Yes | Integer | The account appId . |
fileId | Yes | String | The file ID. |
currentTimeStamp | Yes | Integer | Current Unix timestamp of the distributed signature. |
expireTimeStamp | No | Integer | Expiration Unix timestamp of the distributed signature. If this parameter is left empty, the signature will never expire. |
pcfg | No | String | The name of the player configuration to be used. If you use the default configuration, you can leave this parameter empty. |
urlAccessInfo | No | Object | Hotlink protection configuration parameter of playback URL, which is in UrlAccessInfo type. |
drmLicenseInfo | No | Object | Key configuration parameter of encrypted content, which is in DrmLicenseInfo type. |
UrlAccessInfo
typeParameter | Required | Type | Description |
---|---|---|---|
t | No | String |
|
exper | No | Integer |
|
rlimit | No | Integer |
|
us | No | String |
|
uid | No | String |
|
DrmLicenseInfo
typeParameter | Required | Type | Description |
---|---|---|---|
expireTimeStamp | No | Integer | Expiration Unix timestamp of the key. If this parameter is left empty, the key will never expire. |
Note:
- If you use a subapplication as described in Subapplication System, set the
AppId
of the subapplication as the value of theappId
parameter.- The description and valid values of
t
,exper
,rlimit
,us
, anduid
in signature parameters are the same as those in hotlink protection parameters as described in Key Hotlink Protection.
The VOD Player uses JSON Web Token (JWT), which is a digital token calculated and formed based on Header
, PayLoad
, and Key
.
Header
is in JSON format and indicates the information of the algorithm used by JWT. Its content is fixed as follows:
{
"alg": "HS256",
"typ": "JWT"
}
PayLoad
is in JSON format and indicates the player signature parameters; for example:
{
"appId": 1255566655,
"fileId": "4564972818519602447",
"currentTimeStamp": 1546300,
"expireTimeStamp": 1546344000,
"urlAccessInfo": {
"t": "5c2b5640",
"rlimit": 3,
"us": "72d4cd1101",
"uid": "1234abcd"
}
}
Key
is the key used during signature calculation, which is the same as the KEY
parameter in hotlink protection parameters.
Signature
:Signature = HMACSHA256(base64UrlEncode(Header) + "." + base64UrlEncode(Payload), KEY)
Token
:Token = base64UrlEncode(Header) + '.' + base64UrlEncode(Payload) + '.' + base64UrlEncode(Signature)
Token
is the VOD Player signature.Note:For more information on
HMACSHA256
, please see RFC 4868 - Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec. For more information onbase64UrlEncode
, please see Base 64 Encoding with URL and Filename Safe Alphabet.
To help you calculate and verify the signature, VOD provides the following tools:
For example, a player signature is generated for a video whose fileId
is 4564972818519602447
, which belongs to a user whose appId
is 1255566655
and has the following attributes:
KEY
is 24FEQmTzro4V5u3D5epW
.MyCfg
.1546300
.1546344000
.5c2b5640
.72d4cd1101
.Calculate the signature as follows:
Header
:{
"alg": "HS256",
"typ": "JWT"
}
The result after processing through base64UrlEncode
will be:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
.
2. Determine the content of Payload
:
{
"appId": 1255566655,
"fileId": "4564972818519602447",
"currentTimeStamp": 1546300,
"expireTimeStamp": 1546344000,
"urlAccessInfo": {
"t": "5c2b5640",
"rlimit": 3,
"us": "72d4cd1101",
"uid": "1234abcd"
}
}
The result after processing through base64UrlEncode
will be:eyJhcHBJZCI6MTI1NTU2NjY1NSwiZmlsZUlkIjoiNDU2NDk3MjgxODUxOTYwMjQ0NyIsImN1cnJlbnRUaW1lU3RhbXAiOjE1NDYzNDA0MDAsImV4cGlyZVRpbWVTdGFtcCI6MTU0NjM0NDAwMCwidXJsQWNjZXNzSW5mbyI6eyJ0IjoiNWMyYjU2NDAiLCJybGltaXQiOjMsInVzIjoiNzJkNGNkMTEwMSIsInVpZCI6IjEyMzRhYmNkIn19
.
3. Perform HMAC calculation by using 24FEQmTzro4V5u3D5epW
as KEY
, and the Signature
will be:j3WJ9W3V4ve_N_Z157_B9AKkT0GhSmGAEdhv6YtoZSY
.
4. The Token
will be:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6MTI1NTU2NjY1NSwiZmlsZUlkIjoiNDU2NDk3MjgxODUxOTYwMjQ0NyIsImN1cnJlbnRUaW1lU3RhbXAiOjE1NDYzNDA0MDAsImV4cGlyZVRpbWVTdGFtcCI6MTU0NjM0NDAwMCwidXJsQWNjZXNzSW5mbyI6eyJ0IjoiNWMyYjU2NDAiLCJybGltaXQiOjMsInVzIjoiNzJkNGNkMTEwMSIsInVpZCI6IjEyMzRhYmNkIn19.j3WJ9W3V4ve_N_Z157_B9AKkT0GhSmGAEdhv6YtoZSY
.
VOD provides sample code for calculating a player signature for Python, Java, Go, C#, PHP, and Node.js. For more information, see Sample Player Signature.
Was this page helpful?