将令牌传递到 Azure 媒体服务 v3 密钥传送服务Pass tokens to the Azure Media Services v3 key delivery service

媒体服务徽标 v3media services logo v3


客户经常会问,播放器如何将令牌传递到 Azure 媒体服务密钥传送服务来进行验证,以便播放器可以获取密钥。Customers often ask how a player can pass tokens to the Azure Media Services key delivery service for verification so the player can obtain the key. 媒体服务支持简单 Web 令牌 (SWT) 和 JSON Web 令牌 (JWT) 格式。Media Services supports the simple web token (SWT) and JSON Web Token (JWT) formats. 令牌身份验证可应用于任何类型的密钥,不论系统中使用的是通用加密还是高级加密标准 (AES) 信封加密。Token authentication is applied to any type of key, regardless of whether you use common encryption or Advanced Encryption Standard (AES) envelope encryption in the system.

可使用播放器通过以下方式传递令牌,具体取决于设定为目标的播放器和平台:Depending on the player and platform you target, you can pass the token with your player in the following ways:

通过 HTTP 授权标头传递令牌Pass a token through the HTTP authorization header

备注

根据 OAuth 2.0 规格,应使用“Bearer”前缀。The "Bearer" prefix is expected per the OAuth 2.0 specs. 若要设置视频源,请选择“AES(JWT 令牌)”或“AES(SWT 令牌)”。To set the video source, choose AES (JWT Token) or AES (SWT Token). 令牌是通过授权标头传递的。The token is passed via the Authorization header.

通过使用“token=tokenvalue”添加一个 URL 查询参数来传递令牌。Pass a token via the addition of a URL query parameter with "token=tokenvalue."

备注

不应使用“Bearer”前缀。The "Bearer" prefix isn't expected. 由于令牌是通过 URL 发送的,因此需要保护令牌字符串。Because the token is sent through a URL, you need to armor the token string. 下面的 C# 示例代码显示了如何执行此操作:Here is a C# sample code that shows how to do it:

    string armoredAuthToken = System.Web.HttpUtility.UrlEncode(authToken);
    string uriWithTokenParameter = string.Format("{0}&token={1}", keyDeliveryServiceUri.AbsoluteUri, armoredAuthToken);
    Uri keyDeliveryUrlWithTokenParameter = new Uri(uriWithTokenParameter);

通过 CustomData 字段传递令牌Pass a token through the CustomData field

此选项仅用于 PlayReady 许可证获取,通过 PlayReady 许可证获取质询的 CustomData 字段。This option is used for PlayReady license acquisition only, through the CustomData field of the PlayReady License Acquisition Challenge. 在此情况下,令牌必须位于如下所述的 xml 文档中:In this case, the token must be inside the XML document as described here:

    <?xml version="1.0"?>
    <CustomData xmlns="http://schemas.microsoft.com/Azure/MediaServices/KeyDelivery/PlayReadyCustomData/v1"> 
        <Token></Token> 
    </CustomData>

将身份验证令牌放入 Token 元素中。Put your authentication token in the Token element.