I have an application running on GAE/J that streams video from AWS S3.
I need a solution for protecting the video from being stolen and I found that pre-signed URLs might be it (??).
How can I create pre-signed URLs from GAE/J or there's a better solution to secure the videos?
thanks
I need a solution for protecting the
video from being stolen and I found
that pre-signed URLs might be it (??).
What you're asking for is impossible. Pre-signed URLs will limit the availability of the file to a certain window of time, after which the link will stop working, but there's no way to allow someone to download something with a video player, but not store it to their computer.
Nick, that is not quite right. You can securely stream video with Amazons protected Flash rtmp video streaming service, using Cloudfront. Nobody will be able to download your files. There are tutorials about how to do it on the net. For instance here. You can also go straight to the cloudfront documentation. (Can't post the link here as I'm new to SO and can only post one link).
Related
I'm doing an app similar to Instagram. I want to save the files that the users upload to the app to a central server. I have tried different solutions but none has worked. My idea is use Box, Google Drive, Mega or similar to host these files. I had implemented some of these but always they ask for the credentials to the users and if the user has an account, the file finally is hosted in his cloud. ¿Is it possible does a central file server from the app without asking for the credentials with these services or know you some service that fulfills my objective? I'm searching for a service that offers a free space with an expandable space paying a fee. (Like Box, Drive...)
Thank you and sorry for my English.
After investigate a lot, and with the help of your answers I had found the way to store files on a central server from Android.
I want to highlight two ways:
Using a Parse Server
Using Google Firebase
The two options are very well documented and you can try they for free.
I have tried back4app.com and buddy.com for Parse server and the free tier of Google Firebase and I have decided to use any Parse server instead of Firebase for the independece that this platform offers.
The BlobStore API is marked as 'superseded' also limited to Limits to 32 MB.
The Google Cloud Storage is a vendor lock-in.
Is there a way to upload blobs with a 3rd part lib
In Google App Engine (not flexible / managed-vms) for example JClouds
And how would one bypass the 60 Seconds request limit that causes DeadlineExceededException?
To enhance the question;
Security is an issue, it would be preferably to run every request trough the application, so also blob uploads. Which makes the 60 seconds an issue.
The seperate uploadUrl is an option, but i do not wish to use BlobStore or Cloud Storage, but is there a generic way to handle things like this in GAE?
32MB is not a limitation of the BlobStore, but rather request playloads that go to your GAE app. You can upload larger files to both Cloud Storage and the BlobStore by creating a temporary URL for the user to submit the file to, which does not go through your ap, but rather goes directly to the storage service. You can find documentation about that for blobstore here. I don't personally use Cloud Storage, so I don't the a documentation link handy.
You can certainly use any other service in a similar way, but I'm afraid I can't explain how other than to say "consult their documentation". I know that's not a great answer to your question, but maybe insight into how it works with Google's products will help you understand how to use a 3rd party as well.
As for the 60 second request limit: since your upload requests cannot go through your server anyway, this is a non-issue. The 60 second limit only applies to requests made directly to your app.
I have succesfully posted images and messages in java application to twitter using twitter4j.jar by refering this link http://javapapers.com/core-java/post-to-twitter-using-java/ , now i am tring to upload video/mp4/chunk to twiiter.
I googled about this topic and found many answers-
Some posts says its not possible yet ,some say its possible through rest API ,some with twitvid API ,some with tweetinvi (http://tweetinvi.codeplex.com/discussions/640413)
My questions are:
1.) Is it possible to upload video to twiter?
2.) If yes,is it possible only through Rest API or(is it possible using twitter.media support jar in twitter4j).
Any suggestion, answer, post regarding this are welcomed and thanked.
I am the developer of Tweetinvi and I can confirm that it is possible to upload a video in chunks with the upload api.
I do not know about Twitter4J apart for its name but you can do an upload by using multi-part webrequests divivded by chunks of up to 5MB.
You can read more about it here : dev.twitter.com/rest/public/uploading-media
The process is the following :
INIT (inform twitter that you want to upload a video/image
APPEND the binary (x times up to 15MB)
FINALIZE you query
In each of the steps, Twitter will return the media_id in the JSON. After the finalize you can use this media_id for 1 hour and use it as part of a tweet publication.
Cheers,
Linvi
I created a pull request to add this feature in twitter4j. You can look at the implementation here: Adding Chuncked, video upload. This supports async upload of large videos 512mb and 140 sec.
I have spent the past 2 days struggling with Amazon's S3 SDK for Android. I was able to get the Java one (in Eclipse) working without any problems whatsoever; I could upload pictures, download them, and it would be no problem. Changing gears to Android, however, and I have had no luck. Currently, with this selected code:
AmazonS3Client s3 = new AmazonS3Client( new BasicAWSCredentials(
Constants.AWS_ACCESS_KEY, Constants.AWS_SECRET_ACCESS_KEY ) );
//These are correct, I have already confirmed.
ObjectMetadata metaData = new ObjectMetadata();
metaData.setContentType("jpeg"); //binary data
PutObjectRequest putObjectRequest = new PutObjectRequest(
Constants.BUCKETNAME, Constants.KEY3, new File(selectedImageUri.getPath())
);
//selectedImageUri is correct as well,
//(file:///storage/emulated/0/MyDir/image_1437585138776.jpg)
putObjectRequest.setMetadata(metaData);
s3.putObject(putObjectRequest); //Errors out here
I am getting multiple errors, the most common of which is this:
AmazonHttpClient﹕ Unable to execute HTTP request: Write error: ssl=0xb8cefc10: I/O error during system call, Connection reset by peer
javax.net.ssl.SSLException: Write error: ssl=0xb8cefc10: I/O error during system call, Connection reset by peer
at com.android.org.conscrypt.NativeCrypto.SSL_write(Native Method)
I have done a ton of research and had no luck finding WORKING code. I used this link from Amazon: https://aws.amazon.com/articles/SDKs/Android/3002109349624271 Without it working for me at all. They say up top it is deprecated, but I cannot find any links to working code. If you follow the SDK links to 'android sample code' files, their github repo (here: https://github.com/awslabs/aws-sdk-android-samples) contains zero code on the topic of uploading files (namely pictures).
Does anyone have ANY idea where I can find some working code that shows how to just upload a stupid picture to my bucket?!??! (Wish I knew why this was so simple in Java/ Eclipse and not so in Android / Studio).
PS: I have my api_key in the correct assets folder, my credentials are correct for login, the image is under 5mb, and this is being run on a background (async) thread so as to not be on the main thread.
-Pat
Have you tested to see that file:///storage/emulated/0/MyDir/image_1437585138776.jpg is a useable file? A content URI is Android does not typically map to a file and is typically used with content resolvers. I would double check that is actually a file path and not a content resolver uri path, which is what it looks like.
If that pans out, then double check the internet connection of the device. Can you call any AWS api? Are you behind some kind of firewall or protected wifi?
Finally it is not secure to use embedded credentials in an Android app (understandable if you are just testing locally, but never ship an app with embedded credentials, instead use Amazon Cognito to authenticate). For other example with S3 you can see the Getting Started Guide http://docs-aws.amazon.com/mobile/sdkforandroid/developerguide/getting-started-android.html which has a bunch of S3 example. And the S3 sample on GitHub (which was updated on July 22nd) has an S3 uploader sample using the Transfer Utility, and a step-by-step tutorial along with it.
Hope that helps!
Figured out the answer, though the why still eludes me. Turns out, the issue was with the Buckets on the back-end. One of my buckets was renamed slightly (whitespace) which prevented any uploads to it. I deleted and recreated by bucket and then re-posted it, and it seemed to work just fine.
WestonE, you bring up some excellent tips in your post, making sure this does not go to production with local credentials is a very good call. And to answer your Q, yes, surprisingly, file:///storage/emulated/0/MyDir/image_1437585138776.jpg is indeed a valid file. It may be as simple as the fact that HTC phones have really weird storage location systems.
Relating to Streaming video in play framework using videojs I'd like to know the best way to stream a video using a Play controller.
I store my videos on the filesystem, and since not every user is allowed to watch every video, I want to restrict access using a controller. So my question is, how can I stream a video from within the controller to the client (running videojs)?
Thank you!
your video is a static content like an image or a .css file. you can use any webserver to serve this content.
if you want control the access there are many techniques. you can create a controller who validate the request, open the video and write bytes in the response. I never try this, for me is much more interesting generate a security token and serve the file over a apache or nginx who use some security plugin.
but if you think in something different than progressive download (like http live streaming or rtmp, rtsp, etc) you need a video server like wowza, flash media server or red5. you can use the same strategy of tokens