added AWS Signed Url, Fairplay DRM, Widevine DRM, Playready DRM

Author: VladimirParkhomenko

.gitignore

@@ -7,4 +7,6 @@
 
 .cache/
 .vscode/
-.idea/
+.idea/
+build/
+dist/

README.md

@@ -21,15 +21,59 @@ sudo pip install qencode
 ````
 import qencode
 
+API_KEY = 'your-api-qencode-key'
+
+QUERY = """
+{"query": {
+  "source": "https://nyc3.s3.qencode.com/qencode/samples/1080-sample.mov",
+  "format": [
+    {
+      "output": "mp4",
+      "size": "320x240",
+      "video_codec": "libx264"
+    }
+  ]
+  }
+}
+"""
+
 client = qencode.client(API_KEY)
 client.create()
 
 task = client.create_task()
-task.start(TRANSCODING_PROFILEID, VIDEO_URL)
+task.custom_start(QUERY)
+````
 
+````
+#getting status
+
+status = task.status()
+or
+status = task.extend_status()
+````
+
+````
+#getting video metadata
 
-#getting video metadata:
 metadata = client.get_metadata(VIDEO_URL)
+````
+
+**DRM** <sub><sup>*[details](https://docs.qencode.com/api-reference/transcoding/#start_encode2___query__attributes--format__attributes--fps_drm__attributes)*</sup></sub>
+
+````
+# getting Fairplay DRM encryption parameters
+encryption_parameters, payload = cenc_drm(DRM_USERNAME, DRW_PASSWORD)
+
+# getting Widevine and Playready DRM encryption parameters
+encryption_parameters, payload = fps_drm(DRM_USERNAME, DRW_PASSWORD)
+
+````
+
+
+**AWS Signed URL**
+
+````
+source_url = generate_aws_signed_url(region, bucket, object_key, access_key, secret_key, expiration)
 
 ````
 

qencode/__init__.py

@@ -29,7 +29,9 @@ def x265_video_codec():
 
 from exeptions import QencodeClientException, QencodeTaskException
 
-__version__ = "1.0"
+from tools import generate_aws_signed_url, fps_drm, cenc_drm
+
+__version__ = "1.0.1"
 __status__ = "Production/Stable"
 __author__ = "Qencode"
 

qencode/const.py

@@ -17,4 +17,8 @@
 ERROR_BAD_PROFILE       = 11
 ERROR_PROFILE_NOT_FOUND = 12
 ERROR_BAD_TOKENS        = 13
-ERROR_FIELD_REQUIRED    = 14
+ERROR_FIELD_REQUIRED    = 14
+
+FPS_DRM_KEYGENERATOR_URI_TEMPLATE = 'https://cpix.ezdrm.com/KeyGenerator/cpix.aspx?k=%s&u=%s&p=%s&c=resourcename&m=2'
+CENC_DRM_KEYGENERATOR_URI_TEMPLATE = 'https://cpix.ezdrm.com/KeyGenerator/cpix.aspx?k=%s&u=%s&p=%s&c=resourcename&m=1'
+DRM_KEY_URL_TEMPLATE = 'skd://fps.ezdrm.com/;%s'

qencode/task.py

@@ -64,8 +64,8 @@ def custom_start(self, data,  **kwargs):
   def status(self):
     return self._status()
 
-  def main_status(self):
-    return self._status2()
+  def extend_status(self):
+    return self._extend_status()
 
   def progress_changed(self, callback, *args, **kwargs):
     while 1:
@@ -188,4 +188,16 @@ def _status(self):
       self.status_url = status['status_url']
 
     return status
+  
+  def _extend_status(self):
+    response = self.connect.post(self.main_status_url, dict(task_tokens=self.task_token))
+    status = None
+
+    if response['error'] == ERROR_BAD_TOKENS:
+      raise ValueError('Bad token: ' + str(self.task_token))
+
+    if 'statuses' in response and self.task_token in response['statuses']:
+      status = response['statuses'][self.task_token]
+      
+    return status
 

qencode/tools.py

@@ -0,0 +1,128 @@
+#
+from const import *
+import datetime
+import hashlib
+import hmac
+import requests
+from requests.utils import quote
+import xml.etree.cElementTree as et
+import uuid
+
+def generate_aws_signed_url(region, bucket, object_key, access_key, secret_key, expiration, endpoint=None):
+
+    # request elements
+    http_method = 'GET'
+    endpoint = endpoint if endpoint else 's3.amazonaws.com'
+    host = bucket + '.' + endpoint
+    endpoint = 'https://' + host
+
+    # hashing methods
+    def hash(key, msg):
+        return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest()
+
+    # region is a wildcard value that takes the place of the AWS region value
+    # as COS doen't use regions like AWS, this parameter can accept any string
+    def createSignatureKey(key, datestamp, region, service):
+        keyDate = hash(('AWS4' + key).encode('utf-8'), datestamp)
+        keyRegion = hash(keyDate, region)
+        keyService = hash(keyRegion, service)
+        keySigning = hash(keyService, 'aws4_request')
+        return keySigning
+
+    # assemble the standardized request
+    time = datetime.datetime.utcnow()
+    timestamp = time.strftime('%Y%m%dT%H%M%SZ')
+    datestamp = time.strftime('%Y%m%d')
+
+    standardized_querystring = ('X-Amz-Algorithm=AWS4-HMAC-SHA256' +
+                                '&X-Amz-Credential=' + access_key + '/' + datestamp + '/' + region + '/s3/aws4_request' +
+                                '&X-Amz-Date=' + timestamp +
+                                '&X-Amz-Expires=' + str(expiration) +
+                                '&X-Amz-SignedHeaders=host')
+    standardized_querystring_url_encoded = quote(standardized_querystring, safe='&=')
+
+    standardized_resource = '/' + object_key
+    standardized_resource_url_encoded = quote(standardized_resource, safe='&')
+
+    payload_hash = 'UNSIGNED-PAYLOAD'
+    standardized_headers = 'host:' + host
+    signed_headers = 'host'
+
+    standardized_request = (http_method + '\n' +
+                            standardized_resource + '\n' +
+                            standardized_querystring_url_encoded + '\n' +
+                            standardized_headers + '\n' +
+                            '\n' +
+                            signed_headers + '\n' +
+                            payload_hash).encode('utf-8')
+
+    # assemble string-to-sign
+    hashing_algorithm = 'AWS4-HMAC-SHA256'
+    credential_scope = datestamp + '/' + region + '/' + 's3' + '/' + 'aws4_request'
+    sts = (hashing_algorithm + '\n' +
+           timestamp + '\n' +
+           credential_scope + '\n' +
+           hashlib.sha256(standardized_request).hexdigest())
+
+    # generate the signature
+    signature_key = createSignatureKey(secret_key, datestamp, region, 's3')
+    signature = hmac.new(signature_key,
+                         (sts).encode('utf-8'),
+                         hashlib.sha256).hexdigest()
+
+    # create and send the request
+    # the 'requests' package autmatically adds the required 'host' header
+    request_url = (endpoint + '/' +
+                   object_key + '?' +
+                   standardized_querystring_url_encoded +
+                   '&X-Amz-Signature=' +
+                   signature)
+
+    def hex_hash(key, msg):
+        return hmac.new(b'key', msg.encode('utf-8'), hashlib.sha256).hexdigest()
+
+    def createHexSignatureKey(key, datestamp, region, service):
+        keyDate = hex_hash(('AWS4' + key).encode('utf-8'), datestamp)
+        keyRegion = hex_hash(keyDate, region)
+        keyService = hex_hash(keyRegion, service)
+        keySigning = hex_hash(keyService, 'aws4_request')
+        return keySigning
+
+    signature_key_hex = createHexSignatureKey(secret_key, datestamp, region, 's3')
+
+    # print(request_url)
+    return request_url
+
+
+def fps_drm(username, password, uid=None):
+    asset_id = uid if uid else uuid.uuid4()
+    url = FPS_DRM_KEYGENERATOR_URI_TEMPLATE % (asset_id, username, password)
+    response = requests.post(url, {})
+    tree = et.ElementTree(et.fromstring(response.content))
+    root = tree.getroot()
+    kid = root[0][0].get('kid')
+    iv = root[0][0].get('explicitIV')
+    key = root[0][0][0][0][0].text
+    key_hex = key.decode('base64').encode('hex')
+    iv_hex = iv.decode('base64').encode('hex')
+    key_url = DRM_KEY_URL_TEMPLATE % kid
+    payload = dict(AssetID=asset_id)
+    data = dict(key=key_hex, iv=iv_hex, key_url=key_url)
+    return data, payload
+
+
+def cenc_drm(username, password, uid=None):
+  asset_id = uid if uid else uuid.uuid4()
+  url = CENC_DRM_KEYGENERATOR_URI_TEMPLATE % (asset_id, username, password)
+  response = requests.post(url, {})
+  tree = et.ElementTree(et.fromstring(response.content))
+  root = tree.getroot()
+  key_id = root[0][0].get('kid')
+  key = root[0][0][0][0][0].text
+  pssh = root[1][0][0].text
+  key_id_hex = key_id.replace('-', '')
+  key_hex = key.decode('base64').encode('hex')
+  key_url = DRM_KEY_URL_TEMPLATE % key_id
+  payload = dict(AssetID=asset_id)
+  data = dict(key=key_hex, key_id=key_id_hex, pssh=pssh, key_url=key_url)
+  return data, payload

requirements.txt

@@ -1,5 +1,4 @@
-json
-urllib
-urllib2
-urlparse
-tuspy
+tuspy
+requests
+
+

sample-code/start_with_aws_signed_url.py

@@ -0,0 +1,89 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+import sys
+import os.path
+sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__), os.path.pardir)))
+import qencode
+import time
+import json
+from qencode import QencodeClientException, QencodeTaskException
+from qencode import generate_aws_signed_url
+
+# replace with your API KEY (can be found in your Project settings on Qencode portal)
+API_KEY = 'your-api-qencode-key'
+
+# request elements
+region = 'us-east-2'
+bucket = 'your-bucket-name'
+object_key = 'path'
+expiration = 86400  # time in seconds
+access_key = 'your-AWS-access-key'
+secret_key = 'your-AWS-secret-key'
+
+# generate AWS signed url
+source_url = generate_aws_signed_url(region, bucket, object_key, access_key, secret_key, expiration)
+print(source_url)
+
+format_240 = dict(
+    output="mp4",
+    size="320x240",
+    video_codec="libx264"
+)
+
+format_720 = dict(
+    output="mp4",
+    size="1280x720",
+    video_codec="libx264"
+)
+
+format = [format_240, format_720]
+
+query = dict(
+    source=source_url,
+    format=format
+)
+
+params = dict(query=query)
+
+def start_encode():
+
+  """
+    Create client object
+    :param api_key: string. required
+    :param api_url: string. not required
+    :param api_version: int. not required. default 'v1'
+    :return: task object
+  """
+
+
+  client = qencode.client(API_KEY)
+  if client.error:
+    raise QencodeClientException(client.message)
+
+  print('The client created. Expire date: {0}'.format(client.expire))
+
+  task = client.create_task()
+
+  if task.error:
+    raise QencodeTaskException(task.message)
+
+  task.custom_start(params)
+
+  if task.error:
+    raise QencodeTaskException(task.message)
+
+  print('Start encode. Task: {0}'.format(task.task_token))
+
+  line = "-"*80
+  while True:
+    print(line)
+    status = task.status()
+    # print status
+    print(json.dumps(status, indent=2, sort_keys=True))
+    if status['error'] or status['status'] == 'completed':
+      break
+    time.sleep(5)
+
+if __name__ == '__main__':
+  start_encode()