Customer Sign In

upLynk

Embedding the upLynk player Part 3: Digital rights management (DRM)

Tutorial thumbnail

Summary Introduces the use of authorization tokens to control when and where your content can be played.

Skill level required Some PHP experience required

Time to complete 20 minutes

Things you'll need

Step 1. Verify PHP is installed and running

Because the primary goal of authentication tokens is to provide a level of security, we generate them server side. We will use PHP to generate the authorization tokens, so the rest of the steps in this tutorial require that PHP be installed and running. Although PHP is used here, any server-side language and environment can be used. Let’s test your installation with a quick script.

Put the following code into a file called uplynkhw.ph and place it in a directory from which your server knows how to serve PHP files.

1
2
3
<?php
    echo “Hello, World from PHP!;
?>

To ensure the file is being served correctly, load uplynkhw.php in your browser. You should see the words "Hello, World from PHP!" If you see anything else, including the code you inserted into the file, check your PHP installation on your web server.

Step 2. Convert player.html to player.php

Rename player.html from the previous tutorial to player.php and place it in your PHP-enabled directory. Load it in your browser and ensure your content plays.

Step 3. Enable DRM to (intentionally) break playback

  1. In the upLynk CMS, select the asset you're using in player.html.
  2. Select the Advanced tab in the Editor pane.
  3. Check "Require a token for playback" and click Save.

Return to your browser, reload player.php, and notice that the content will no longer play. Playback is not permitted without a valid authorization token. Because no such token is present, the upLynk system correctly prevents playback from happening.

Step 4. Add token generating code

Modify player.php to the following:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<?php
function Call($uri)
{
    $SECRET = 'YOUR_API_Key'; // See DRM Docs at http://support.uplynk.com/doc_digital_rights_management.html
    $msg = array();
    $msg['exp'] = time() + 300; // 5 minutes from now
    $msg['ct'] = 'a'; // asset
    $parts = parse_url($uri);
    list($part1, $part2) = explode('.',$parts['path']);
    $msg["cid"] = substr($part1,1);
    $msg['iph'] = hash('sha256', $_SERVER['REMOTE_ADDR']);
    $msg['sig'] = hash_hmac('sha256', http_build_query($msg), $SECRET);

    return $uri . '?' . http_build_query($msg);
}
?>

<!DOCTYPE html>
<html>
<head>
<title>upLynk Video Embed</title>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
   <script type="text/javascript" src="http://storage.uplynk.com/js/swfobject.js"></script>
   <script type="text/javascript" src="http://storage.uplynk.com/js/uplynk.js"></script>
</head>
<body>
<div id="videoPlayer"></div>
<script type="text/javascript">
	$(function(){
		$('#videoPlayer').player('play', '<?php echo Call('http://content.uplynk.com/468ba4d137a44f7dab3ad028915d6276.m3u8'); ?>');
});
</script>
</body>
</html>
    		

The PHP code we’ve added provides a function that generates the authorization token. In short, our function sets an expiration time of 300 seconds, sets an asset's content type, extracts the content ID from the playback URL, creates a hash from the user’s IP address, combines all of that together with your API key to create the signature and ultimately combines everything into a tokenized playback URL that will allow playback. The recommended expiration for production tokens is 20-60 seconds.

The PHP code we included in the body of the document serves to call our earlier defined function and insert the playback URL into the resulting HTML.

Reload player.php and playback of the content should begin. Playback works because a valid authorization token was appended to the content playback URL. The upLynk system inspected the token, verified its authenticity, and permitted playback.

At this point you can see that although this page allows playback for any visitor, you can now add server-side logic to conditionally allow playback. Future tutorials will go into specific cases of selective logic such as requiring a user login before playback, or filtering access to content based on their geographic location.

Step 6. Testing authorization tokens in the upLynk CMS

After you’ve familiarized yourself with the upLynk Digital Rights Management Documentation you will learn that there are optional arguments that can be combined in tokens to change their behavior, giving you greater flexibility when it comes to access control. To assist you in debugging your tokens the upLynk CMS provides a form that will validate your generated tokens. Let’s test this now.

  1. Refresh player.php so we have a fresh token.
  2. View the source of player.php in your browser.
  3. Find the playback URL in the source code. Locate and copy your .m3u8 URL including the querystring (everything after the ‘?’).
  4. Open upLynk CMS in your browser.
  5. In the upper right hand corner click your login name and select Account Settings.
  6. Select the Playback Tokens tab on the left.
  7. Under Test tokens, paste the playback URL with the auth token into the text field. Click Test.
  8. A popup will show you the results of the token validation testing.

Finished!

In the next tutorial, we will build on this example and introduce a real world use case using DRM to restrict playback to registered users that are logged into an application.

Back to tutorials