6.1.2. Create the TempURL

After the metadata is set, you must create an HMAC-SHA1 (RFC 2104) signature. When you generate the TempURL, you determine which method of access you will grant users, GET or PUT. You also determine the path to the object you are granting access to. Lastly, set the time for your TempURL to expire in UNIX epoch notation.

In the below examples, a TempURL is generated for the object my_cat.jpg, which will be available for 60 seconds. The key in the below example is the X-Account-Meta-Temp-Url-Key.

Example 6.2. Create TempURL (in python)

  import hmac
  from hashlib import sha1
  from sys import argv
  from time import time

  if len(argv) != 5:
    print 'Syntax: <method> <url> <seconds> <key>'
    print 'Example: GET https://storage101.dfw1.clouddrive.com/v1/' \
        'MossoCloudFS_12345678-9abc-def0-1234-56789abcdef0/' \
        'container/my_cat.jpg 60 my_shared_secret_key'
  else:
    method, url, seconds, key = argv[1:]
    method = method.upper()
    base_url, object_path = url.split('/v1/')
    object_path = '/v1/' + object_path
    seconds = int(seconds)
    expires = int(time() + seconds)
    hmac_body = '%s\n%s\n%s' % (method, expires, object_path)
    sig = hmac.new(key, hmac_body, sha1).hexdigest()
    print '%s%s?temp_url_sig=%sAMP;temp_url_expires=%s' % \
        (base_url, object_path, sig, expires)

Be certain to use the full URL to the object, just as you would with a normal request.

In this example, the signature might be da39a3ee5e6b4b0d3255bfef95601890afd80709 and the expire time might translate to 1323479485" because the signature and expires completely depend on the time the code is run. On your website, you would provide a link to the below URL:

  https://storage.clouddrive.com/v1/AUTH_account/container/my_cat.jpg?
  temp_url_sig=da39a3ee5e6b4b0d3255bfef95601890afd80709&
  temp_url_expires=1323479485

If you do not provide users with the exact TempURL, they will get 401 (Unauthorized) status errors. HEAD queries are allowed if GET or PUT are allowed.

Example 6.3. Create TempURL (in PHP)

  <?php
  if ($argc != 5) {
      echo "Syntax: <method> <url> <seconds> <key>";
      echo "Example: GET https://storage101.dfw1.clouddrive.com/v1/" .
           "MossoCloudFS_12345678-9abc-def0-1234-56789abcdef0/" .
           "container/my_cat.jpg 60 my_shared_secret_key";
  } else {
    $method = $argv[1];
    $url = $argv[2];
    $seconds = $argv[3];
    $key = $argv[4];
    $method = strtoupper($method);
    list($base_url, $object_path) =  split("/v1/", $url);
    $object_path = "/v1/$object_path";
    $seconds = (int)$seconds;
    $expires = (int)(time() + $seconds);
    $hmac_body = "$method\n$expires\n$object_path";
    $sig = hash_hmac("sha1", $hmac_body, $key);
    echo "$base_url$object_path?" .
         "temp_url_sig=$sig&temp_url_expires=$expires";
  }
  ?>

Example 6.4. Create TempURL (in Ruby)

  require "openssl"

  unless ARGV.length == 4
      puts "Syntax: <method> <url> <seconds> <key>"
      puts ("Example: GET https://storage101.dfw1.clouddrive.com/v1/" +
          "MossoCloudFS_12345678-9abc-def0-1234-56789abcdef0/" +
          "container/path/to/object.file 60 my_shared_secret_key")
  else
      method, url, seconds, key = ARGV
      method = method.upcase
      base_url, object_path = url.split(/\/v1\//)
      object_path = '/v1/' + object_path
      seconds = seconds.to_i
      expires = (Time.now + seconds).to_i
      hmac_body = "#{method}\n#{expires}\n#{object_path}"
      sig = OpenSSL::HMAC.hexdigest("sha1", key, hmac_body)
      puts ("#{base_url}#{object_path}?" +
          "temp_url_sig=#{sig}&temp_url_expires=#{expires}")
  end

Legal notices