One Click Multi DRM overview
- Print
- PDF
One Click Multi DRM overview
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Overview
Collaborating with INKA Entworks' PallyCon that has been verified domestically and internationally, One Click Multi DRM provides a content security service that secures high performance and stability.
Based on the support of standard DRMs, Widevine, FairPlay, and PlayReady, you can apply robust security to videos of your choice without facing the obstacle of incompatible operating systems or platforms. When you integrate with the media streaming service of NAVER Cloud Platform, you can easily build an encrypted streaming service without undergoing complicated procedures.
You can apply the DRM through NAVER Cloud Platform's media streaming services, Live Station and VOD Station (planned for 2024), with a simple integration flow.
Common settings
One Click Multi DRM API URL
https://multi-drm.apigw.ntruss.com/api/v1
Request headers
| Header name | Requirement status | Description |
|---|---|---|
| x-ncp-apigw-timestamp | YES | It indicates the time elapsed since January 1, 1970, 00:00:00 UTC in milliseconds, and the request is considered invalid if the time difference from the API Gateway server is 5 minutes or longerx-ncp-apigw-timestamp:{Timestamp} |
| x-ncp-iam-access-key | YES | Value of access key ID issued in the NAVER Cloud Platform portalx-ncp-iam-access-key:{Sub Account Access Key} |
| x-ncp-apigw-signature-v2 | YES | Signature encrypted with the access key ID value and secret keyx-ncp-apigw-signature-v2:{API Gateway Signature} |
| Content-Type | YES | Specifies the request body content type as application/jsonContent-Type: application/json |
| x-ncp-region_code | YES | Region code (KR) |
Authentication header
API Gateway authentication is required to use the One Click Multi DRM API.
Refer to NAVER Cloud Platform API for more detailed guides related to API Gateway authentication.
Creating AUTHPARAMS
AUTHPARAMS request example
curl -i -X GET \
-H "x-ncp-apigw-timestamp:1505290625682" \
-H "x-ncp-iam-access-key:D78BB444D6D3C84CA38A" \
-H "x-ncp-apigw-signature-v2:WTPItrmMIfLUk/UyUIyoQbA/z5hq9o3G8eQMolUzTEo=" \
-H "x-ncp-region_code:KR" \
'https://multi-drm.apigw.ntruss.com/api/v2/sites'
Create a signature (add a new line with \n)
Create a StringToSign appropriate for your request, encrypt it with your secret key and the HMACSHA256 algorithm, and encode it with Base64.
This value is used as
x-ncp-apigw-signature-v2.Requests StringToSign GET /api/v2/channels?pageNo=1
x-ncp-apigw-timestamp={timestamp}
x-ncp-iam-access-key={accesskey}
x-ncp-apigw-signature-v2={signature}GET /api/v2/channels?pageNo=1
{timeStamp}
{accessKey}
Sample code
public String makeSignature() {
String space = " "; // Space
String newLine = "\n"; // Line break
String method = "GET"; // HTTP method
String url = "/api/v2/channels?pageNo=1"; // Full URL under "/" (including query strings), excluding the domain
String accessKey = "{accessKey}"; // access key id (from portal or Sub Account)
String secretKey = "{secretKey}"; // secret key (from portal or Sub Account)
String timestamp = String.valueOf(System.currentTimeMillis()); // Current timestamp (epoch, millisecond)
String message = new StringBuilder()
.append(method)
.append(space)
.append(url)
.append(newLine)
.append(timestamp)
.append(newLine)
.append(accessKey)
.toString();
SecretKeySpec signingKey = new SecretKeySpec(secretKey.getBytes("UTF-8"), "HmacSHA256");
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(signingKey);
byte[] rawHmac = mac.doFinal(message.getBytes("UTF-8"));
String encodeBase64String = Base64.encodeBase64String(rawHmac);
return encodeBase64String;
}
/*
https://code.google.com/archive/p/crypto-js/
https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/crypto-js/CryptoJS%20v3.1.2.zip
*/
/*
CryptoJS v3.1.2
code.google.com/p/crypto-js
(c) 2009-2013 by Jeff Mott. All rights reserved.
code.google.com/p/crypto-js/wiki/License
*/
<script type="text/javascript" src="./CryptoJS/rollups/hmac-sha256.js"></script>
<script type="text/javascript" src="./CryptoJS/components/enc-base64.js"></script>
function makeSignature(secretKey, method, url, timestamp, accessKey) {
var space = " ";
var newLine = "\n";
var hmac = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA256, secretKey); // secret key
hmac.update(method); // HTTP method
hmac.update(space); // Space
hmac.update(url); // Full URL under "/" (including query strings), excluding the domain
hmac.update(newLine); // Line break
hmac.update(timestamp); // Current timestamp (epoch, millisecond)
hmac.update(newLine); // Line break
hmac.update(accessKey); // access key (from portal or iam)
var hash = hmac.finalize();
return hash.toString(CryptoJS.enc.Base64);
}
import sys
import os
import hashlib
import hmac
import base64
import requests
import time
def make_signature():
timestamp = int(time.time() * 1000)
timestamp = str(timestamp) # Current timestamp (epoch, millisecond)
access_key = "{accessKey}" # access key id (from portal or Sub Account)
secret_key = "{secretKey}" # secret key (from portal or Sub Account)
secret_key = bytes(secret_key, 'UTF-8')
method = "GET" # HTTP method
uri = "/api/v2/channels?pageNo=1" # Full URL under "/" (including query strings), excluding the domain
message = method + " " + uri + "\n" + timestamp + "\n"
+ access_key
message = bytes(message, 'UTF-8')
signingKey = base64.b64encode(hmac.new(secret_key, message, digestmod=hashlib.sha256).digest())
return signingKey
function makeSignature() {
nl=$'\\n'
TIMESTAMP=$(echo $(date +%s000)) # Current timestamp (epoch, millisecond)
ACCESSKEY="{accessKey}" # access key id (from portal or Sub Account)
SECRETKEY="{secretKey}" # secret key (from portal or Sub Account)
METHOD="GET" # HTTP method
URI="/api/v2/channels?pageNo=1" # Full URL under "/" (including query strings), excluding the domain
SIG="$METHOD"' '"$URI"${nl}
SIG+="$TIMESTAMP"${nl}
SIG+="$ACCESSKEY"
SIGNATURE=$(echo -n -e "$SIG"|iconv -t utf8 |openssl dgst -sha256 -hmac $SECRETKEY -binary|openssl enc -base64)
}
One Click Multi DRM API request configuration
Header
x-ncp-apigw-timestamp:{Timestamp}
x-ncp-iam-access-key:{Sub Account Access Key}
x-ncp-apigw-signature-v2:{API Gateway Signature}
x-ncp-region_code:KR
Content-Type:application/json
Body
Json Object
URL
https://multi-drm.apigw.ntruss.com/api/v1/{action}
One Click Multi DRM API request sample
curl -i -s -X GET \
-H "Content-Type:application/json" \
-H "x-ncp-apigw-timestamp:1521787414578" \
-H "x-ncp-iam-access-key:6uxz1nKkcYwUjWRG5Q1V7NsW0i5jErlu2NjBXXgy" \
-H "x-ncp-apigw-signature-v2:iJFK773KH0WwQ79PasqJ+ZGixtpDQ/abS57WGQdld2M=" \
-H "x-ncp-region_code:KR" \
"https:///multi-drm.beta-apigw.ntruss.com/api/v1/sites"
One Click Multi DRM API Content-Type
application/json is used for the content-type of all data delivered through Multi DRM API HTTP requests and response bodies.
Was this article helpful?