Description

SignWithPolicy returns the cookies needed to allow user agents to make arbetrairy requets to cloudfront for the resource(s) defined by the policy.

The returned slice cookies should all be added to the Client's cookies or server's response.

Example:

s := NewCookieSigner(keyID, privKey)

policy := &sign.Policy{
    Statements: []sign.Statement{
        {
            // Read the provided documentation on how to set this
            // correctly, you'll probably want to use wildcards.
            Resource: RawCloudFrontURL,
            Condition: sign.Condition{
                // Optional IP source address range
                IPAddress: &sign.IPAddress{SourceIP: "192.0.2.0/24"},
                // Optional date URL is not valid until
                DateGreaterThan: &sign.AWSEpochTime{time.Now().Add(30 * time.Minute)},
                // Required date the URL will expire after
                DateLessThan: &sign.AWSEpochTime{time.Now().Add(1 * time.Hour)},
            },
        },
    },
}

// Get Signed cookies for a resource that will expire in 1 hour
cookies, err := s.SignWithPolicy(policy)
if err != nil {
    fmt.Println("failed to create signed cookies", err)
    return
}

// Or get Signed cookies for a resource that will expire in 1 hour
// and set path and domain of cookies
cookies, err := s.Sign(policy, func(o *sign.CookieOptions) {
    o.Path = "/"
    o.Domain = ".example.com"
})
if err != nil {
    fmt.Println("failed to create signed cookies", err)
    return
}

// Server Response via http.ResponseWriter
for _, c := range cookies {
    http.SetCookie(w, c)
}

// Client request via the cookie jar
if client.CookieJar != nil {
    for _, c := range cookies {
       client.Cookie(w, c)
    }
}