Support: 1-800-961-4454
1-800-961-2888

Rackspace Cloud Files: How To Create Temporary URLs

2

We frequently update our products, and Cloud Files is no exception. In this series of technical posts, we’ll dig into how developers using the Cloud Files API can leverage new capabilities in Rackspace Cloud Files.

The Temporary URL feature (TempURL) allows you to create limited-time Internet addresses which allow you to grant limited access to your Cloud Files account. Using TempURL, you may allow others to retrieve or put objects in your Cloud Files account for as long or as short a time as you wish. Access to the TempURL is independent of whether or not your account is CDN-enabled. Even if you don’t CDN-enable a directory, you can still grant temporary public access through a TempURL.

This feature is useful if you want to allow a limited audience to download a file from your Cloud Files account or website. You can give out the TempURL and know that after a specified time, no one will be able to access your object through the address. Or, if you want to allow your audience to upload objects into your Cloud Files account, you can give out a TempURL. After the specified time expires, no one will be able to upload to the address.

You may create multiple TempURLs for a single object in Cloud Files for the use case where you might have multiple customers paying for and downloading a specific file. Additionally, you need not worry about time running out when someone downloads a large object. If the time expires while a file is being retrieved, the download will continue until it is finished. Only the link will expire.

Set Account Metadata Key

To create a Temporary URL, you must first set the metadata header X-Account-Meta-Temp-URL-Key on your Cloud Files account to a key that only you know. This key can be any arbitrary sequence as it is for encoding your account.

Once the key is set, you may not change it while you still want others to be able to access your TempURL. If you change it, the TempURL becomes invalid (within 60 seconds, which is the cache time for a key) and others will not be allowed to access it.

Set Account Metadata Key for Public Access

  POST /<api version>/<account> HTTP/1.1
  Host: storage.clouddrive.com
  X-Auth-Token: eaaafd18-0fed-4b3a-81b4-663c99ec1cbb
  X-Account-Meta-Temp-Url-Key: <your key>

Any 2xx response indicates success.

Create The TempURL

When you create a TempURL, Cloud Files validates a GET- or PUT-accessible URL which is time-limited.

After the metadata is set, you must create an HMAC-SHA1 (RFC 2104) signature. When you generate the TempURL, you determine which method of access you will grant users; GET or PUT. You also determine the path to the object or container you are granting access to. If you allow PUT access to your Cloud Files account, you must indicate the object prefix that will be used for each file uploaded. Lastly, set the time in UNIX epoch notation, which is when the TempURL expires.

In the Python example below, a URL is generated for an object (my_cat.jpg), which will be available for 60 seconds.

Create TempURL

  import hmac
  from hashlib import sha1
  from time import time
  method = 'GET'
  expires = int(time() + 60)
  path = '/v1/AUTH_account/container/my_cat.jpg'
  key = 'mykey'
  hmac_body = '%s\n%s\n%s' % (method, expires, path)
  sig = hmac.new(key, hmac_body, sha1).hexdigest()

Be certain to use the full path, from the /v1/ onward.

In this example, the signature becomes da39a3ee5e6b4b0d3255bfef95601890afd80709 and expires is 1323479485. On your website, you would provide a link to the below URL:

  https://storage.clouddrive.com/v1/AUTH_account/container/my_cat.jpg?
  temp_url_sig=da39a3ee5e6b4b0d3255bfef95601890afd80709&
  temp_url_expires=1323479485

If you do not provide users with the exact TempURL, they will get 401 (Unauthorized) status errors. HEAD queries are allowed if GET or PUT are allowed.

This is just one of many new features in Rackspace Cloud Files that developers can take advantage of. Cloud Files customers are urged to try out this new feature in their next API project or add it to a current application. If you’re not yet using Cloud Files, sign up for an account and check it out. And now, using Cloud Files is more affordable since we reduced the cost of Cloud Files by 33 percent.

About the Author

This is a post written and contributed by Jerry Schwartz.

Jerry is a Senior Product Marketing Manager focusing on our cloud storage and managed storage portfolios. He joined Rackspace in 2007 and was the Product Manager for our Microsoft applications including SharePoint, Exchange, SQL and the Windows Server operating system. He has worked in the Rackspace Cloud since 2010 shaping many of Rackspace’s cloud offerings including Cloud Files, Cloud Block Storage, Cloud Backup, and Cloud Servers.

Jerry is a loyal Texas Longhorns fan and received his MBA from the University of Texas at Austin. Outside of Rackspace, you will likely find him on a jet ski at one of the lakes around San Antonio.


More
  • Pradeep Kumar

    Jerry, I am seeing that https streaming of video files with temporary urls is very slow, on the other hand the permanent urls stream very fast, how do I deal with this ?

  • Jerry Schwartz

    Hi Pradeep – The fastest streams will leverage the Akamai CDN, using permanent HTTP CDN URLs. Its your best option since the Akamai CDN is built for use cases like streaming. Temporary URLs leverage our API and pull directly from our Cloud Files infrastructure. Use HTTPS only if you need to as it can negatively impact streaming speed as well.

Racker Powered
©2014 Rackspace, US Inc.