Getting Started

​ ​Welcome

Blitline Job

Job Response

Job Options

Functions

Polling and Postbacks

Gotchas

Development Recommendations

Service Limits

Examples List

List of Available Functions

Output Options

S3 Destination

IAM Users

S3 Signed Url

Azure Destination

FTP Destination

Other Service Signed Urls

CDN

Advanced

Metadata

Colorspace

Color Extraction

Static IPs

Signed Jobs

Formats

Pipelines

Image Optimization

Smart Image

PDF

Fonts

Subimage

Special (Non-Image) Processing

AWS Rekognition/Facial Recognition

Apache Tika

Vector Processing

Animated GIFs

Screenshots of Websites

IM Scripts

Video Keyframes

Zipping

​ ​Trancoding Video Presets

​ ​Video Transcoding

Signed Jobs

Updated a month ago ​by Blitline Support

Keeping your Application ID Secret!

If you are running Blitline jobs from a public client (such as Javascript), you need to protect your Application ID. (Or if you just want an additional level of protection on your regularly submitted jobs)

You can do this by using Signed Requests

If your doing your Blitline processing server-side, this is optional, especially if you are using https/ssl

SIGNED REQUESTS

To sign you Blitline jobs, you can do this by replacing the Application ID with

  • public_token : Your public token from your Blitline home page
  • expires : The time at which this signed request will expire, in rfc822 format (“Fri, 23 Dec 2011 09:42:59-0800”)
  • key_transform : A Regex expression designed to match your S3 keys that you will be submitting (like “^mys3folder/”)
  • signature : The SHA1 signed signature of your data

SIGNATURE

The signature consists of a set of concatenated strings.

The strings necessary to generate the signature are the following:

  • secret : Your private secret from your Blitline home page
  • expiresThe time at which this signed request will expire, in rfc822 format (“Fri, 23 Dec 2011 09:42:59-0800”)
  • key_transform : A Regex designed to match your S3 keys that you will be submitting (like “^mys3folder/”)


ONCE YOU HAVE THESE VALUES…

  • You will concatenate those strings and SHA1 that concatenation:

    • signature = SHA1(secret + expires + key_transform)

Ruby Example:

require 'digest/sha1'
my_secret = "87Hyu684720923" #Example secret
expires = DateTime.parse("12/10/2014")
key_transform = "^myfolder"
signature = Digest::SHA1.hexdigest(my_secret + expires.rfc822 + key_transform)

signature valus is now “9ed994e8426ac22ad1f12b8efa6cc2071810cfa5”


LETS PUT IT ALL TOGETHER!

Assuming you have followed the steps above, we can now build our JSON for submitting.


{
  "public_token" : "YOUR_PUBLIC_TOKEN",
  "expires" : "Sun, 12 Oct 2014 00:00:00 +0000",
  "key_transform" : "^myfolder",
  "signature" : "9ed994e8426ac22ad1f12b8efa6cc2071810cfa5",
  "src" : "https://s3.amazonaws.com/blitdoc/pdfs/multi_page_sample.pdf",
  "src_type" : "multi_page",
  "functions" :
  [{
    "name": "resize_to_fit",
    "params": { "width" : 200, "height" : 200},
    "save" : {
          "s3_destination" : {
              "bucket" : "MY_BUCKET",
              "key" : "myfolder/i38d443324/output.png"
          },
          "image_identifier" : "external_sample_1"
      }
   }
  ]
}

When the server gets this job, it will verify that the signature matches the application with the specified public_token, matches the keys, and hasn’t expired.

All keys submitted MUST match the key_transform. If any key has an empty match the entire job will be rejected.

How did we do?