Signed Jobs
Keeping your Application ID Secret!
If you are running Blitline jobs from a public client (such as Javascript), you need to protect your Application ID. (Or if you just want an additional level of protection on your regularly submitted jobs)
You can do this by using Signed Requests
If your doing your Blitline processing server-side, this is optional, especially if you are using https/ssl
SIGNED REQUESTS
To sign you Blitline jobs, you can do this by replacing the Application ID with
- public_token : Your public token from your Blitline home page
- expires : The time at which this signed request will expire, in rfc822 format (“Fri, 23 Dec 2011 09:42:59-0800”)
- key_transform : A Regex expression designed to match your S3 keys that you will be submitting (like “^mys3folder/”)
- signature : The SHA1 signed signature of your data
SIGNATURE
The signature consists of a set of concatenated strings.
The strings necessary to generate the signature are the following:
- secret : Your private secret from your Blitline home page
- expiresThe time at which this signed request will expire, in rfc822 format (“Fri, 23 Dec 2011 09:42:59-0800”)
- key_transform : A Regex designed to match your S3 keys that you will be submitting (like “^mys3folder/”)
ONCE YOU HAVE THESE VALUES…
- You will concatenate those strings and SHA1 that concatenation:
- signature = SHA1(secret + expires + key_transform)
Ruby Example:
require 'digest/sha1'
my_secret = "87Hyu684720923" #Example secret
expires = DateTime.parse("12/10/2014")
key_transform = "^myfolder"
signature = Digest::SHA1.hexdigest(my_secret + expires.rfc822 + key_transform)
signature valus is now “9ed994e8426ac22ad1f12b8efa6cc2071810cfa5”
LETS PUT IT ALL TOGETHER!
Assuming you have followed the steps above, we can now build our JSON for submitting.
{
"public_token" : "YOUR_PUBLIC_TOKEN",
"expires" : "Sun, 12 Oct 2014 00:00:00 +0000",
"key_transform" : "^myfolder",
"signature" : "9ed994e8426ac22ad1f12b8efa6cc2071810cfa5",
"src" : "https://s3.amazonaws.com/blitdoc/pdfs/multi_page_sample.pdf",
"src_type" : "multi_page",
"functions" :
[{
"name": "resize_to_fit",
"params": { "width" : 200, "height" : 200},
"save" : {
"s3_destination" : {
"bucket" : "MY_BUCKET",
"key" : "myfolder/i38d443324/output.png"
},
"image_identifier" : "external_sample_1"
}
}
]
}
When the server gets this job, it will verify that the signature matches the application with the specified public_token, matches the keys, and hasn’t expired.