Superplayer Signature

Last updated: 2020-09-24 11:11:26

    A superplayer signature is used by the application playback service to authorize a client for playback. If the playback service allows the client to play back, it will distribute a valid signature to the client as shown in step 5 below. The client can play back the video within the validity period of the signature.

    Note:

    In the following cases, the application client needs a superplayer signature to play back the video:

    • Key hotlink protection is enabled for the domain name.
    • Another superplayer configuration rather than default is used.
    • An encrypted video is to be played back.

    The superplayer signature parameters and generation rule are as detailed below:

    Signature Parameters

    Parameter Name Required Type Description
    appId Yes Integer Account appId
    fileId Yes String File ID
    currentTimeStamp Yes Integer Current Unix timestamp of distributed signature
    expireTimeStamp No Integer Expiration Unix timestamp of distributed signature. If this parameter is left empty, the signature will never expire
    pcfg No String Name of the superplayer configuration to be used. If you use the default configuration, you can leave this parameter empty
    urlAccessInfo No Object Hotlink protection configuration parameter of playback link, which is in UrlAccessInfo type
    drmLicenseInfo No Object Key configuration parameter of encrypted content, which is in DrmLicenseInfo type

    UrlAccessInfo type

    Parameter Name Required Type Description
    t No String
    • Hexadecimal string indicating the link expiration time
    • For the specific description and valid values, please see the t parameter in hotlink protection parameters
    • If this parameter is left empty, the link will never expire
    exper No Integer
    • Preview duration in decimal seconds
    • If you want to specify the preview duration, it should be no less than 30 seconds
    • For the specific description and valid values, please see the exper parameter in hotlink protection parameters
    rlimit No Integer
    • Maximum decimal number of clients with different IPs allowed for playback
    • For the specific description and valid values, please see the rlimit parameter in hotlink protection parameters
    us No String
    • Link ID, which can uniquely identify a link
    • For the specific description and valid values, please see the us parameter in hotlink protection parameters

    DrmLicenseInfo type

    Parameter Name Required Type Description
    expireTimeStamp No Integer Expiration Unix timestamp of key. If this parameter is left empty, the signature will never expire

    Note:

    • If you use a subapplication, set the AppId of the subapplication as the appId parameter.
    • The description and valid values of t, exper, rlimit, and us in signature parameters are the same as those in hotlink protection parameters.

    Signature Calculation

    The VOD superplayer uses JSON Web Token (JWT), which is a digital token calculated and formed based on Header, PayLoad, and Key.

    Header is in JSON format and indicates the information of the algorithm used by JWT. Its content is fixed as follows:

    {
      "alg": "HS256",
      "typ": "JWT"
    }

    PayLoad

    PayLoad is in JSON format and indicates the superplayer signature parameters; for example:

    {
      "appId": 1255566655,
      "fileId": "4564972818519602447",
      "currentTimeStamp": 1546340400,
      "expireTimeStamp": 1546344000,
      "urlAccessInfo": {
        "t": "5c2b5640",
        "rlimit": 3,
        "us": "72d4cd1101"
      }
    }

    Key

    Key is the key used during signature calculation, which is the same as the KEY parameter in hotlink protection parameters.

    Calculation formula

    1. Calculate the Signature:
      Signature = HMACSHA256(base64UrlEncode(Header) + "." + base64UrlEncode(Payload), KEY)
    2. Calculate the Token:
      Token = base64UrlEncode(Header) + '.' + base64UrlEncode(Payload) + '.' + base64UrlEncode(Signature)
      The final Token is the VOD superplayer signature.

    Note:

    For more information on HMACSHA256, please see RFC 4868 - Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec. For more information on base64UrlEncode, please see 5. Base 64 Encoding with URL and Filename Safe Alphabet.

    To help you calculate and verify the signature, VOD provides online signature generation and verification tools:

    Calculation example

    For example, a superplayer signature is generated for a video whose fileId is 4564972818519602447, which belongs to a user whose appId is 1255566655 and has the following attributes:

    • The enabled hotlink protection KEY is 24FEQmTzro4V5u3D5epW.
    • A custom superplayer configuration is used, and its name is MyCfg.
    • The distribution time of the player signature is 19:00:00, January 1, 2019, and the corresponding Unix time is 1546340400.
    • The expiration time of the player signature is 20:00:00, January 1, 2019, and the corresponding Unix time is 1546344000.
    • The expiration time of hotlink protection is 20:00:00, January 1, 2019, and the corresponding Unix time is 5c2b5640.
    • Up to three different IPs are allowed to play back the video at the URL.
    • The generated random string is 72d4cd1101.

    The signature will be generated as follows:

    1. The following is the content of Header:
      {
      "alg": "HS256",
      "typ": "JWT"
      }
      The result after processing through base64UrlEncode will be:
      eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.
    2. The following is the content of Payload:
      {
      "appId": 1255566655,
      "fileId": "4564972818519602447",
      "currentTimeStamp": 1546340400,
      "expireTimeStamp": 1546344000,
      "urlAccessInfo": {
       "t": "5c2b5640",
       "rlimit": 3,
       "us": "72d4cd1101"
      }
      }
      The result after processing through base64UrlEncode will be:
      eyJhcHBJZCI6MTI1NTU2NjY1NSwiZmlsZUlkIjoiNDU2NDk3MjgxODUxOTYwMjQ0NyIsImN1cnJlbnRUaW1lU3RhbXAiOjE1NDYzNDA0MDAsImV4cGlyZVRpbWVTdGFtcCI6MTU0NjM0NDAwMCwidXJsQWNjZXNzSW5mbyI6eyJ0IjoiNWMyYjU2NDAiLCJybGltaXQiOjMsInVzIjoiNzJkNGNkMTEwMSJ9fQ
    3. Perform HMAC calculation by using 24FEQmTzro4V5u3D5epW as KEY, and the Signature will be:
      TRdfy-ctQFRDJzknfKsT0di5tEaweAVumOgxsA8Qd-8.
    4. The final Token will be:
      eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6MTI1NTU2NjY1NSwiZmlsZUlkIjoiNDU2NDk3MjgxODUxOTYwMjQ0NyIsImN1cnJlbnRUaW1lU3RhbXAiOjE1NDYzNDA0MDAsImV4cGlyZVRpbWVTdGFtcCI6MTU0NjM0NDAwMCwidXJsQWNjZXNzSW5mbyI6eyJ0IjoiNWMyYjU2NDAiLCJybGltaXQiOjMsInVzIjoiNzJkNGNkMTEwMSJ9fQ.TRdfy-ctQFRDJzknfKsT0di5tEaweAVumOgxsA8Qd-8

    Sample Code

    VOD provides code samples of superplayer signature for various programming languages such as Python, Java, Go, C#, PHP, and Node.js. For more information, please see Superplayer Signature - Sample Signature.

    Was this page helpful?

    Was this page helpful?

    • Not at all
    • Not very helpful
    • Somewhat helpful
    • Very helpful
    • Extremely helpful
    Send Feedback
    Help