Azure 媒体服务 Fairplay DRM AVPlayer swift 实现
Azure Media Service Fairplay DRM AVPlayer swift implementation
我正在尝试在 iOS 设备上播放受 Fairplay DRM 保护(通过 Azure 媒体服务加密)的 HLS 视频流。
我使用了以下链接中描述的代码和过程:
https://icapps.com/blog/how-integrate-basic-hls-stream-fairplay
https://gist.github.com/fousa/5709fb7c84e5b53dbdae508c9cb4fadc
以下是我为此编写的代码。
import UIKit
import AVFoundation
class ViewController: UIViewController, AVAssetResourceLoaderDelegate {
@IBOutlet weak var videoView: UIView!
var player: AVPlayer!
override func viewDidLoad() {
super.viewDidLoad()
let streamURL = "someexampleurl.com/stream.m3u8"
if let url = URL(string: streamURL) {
//2. Create AVPlayer object
let asset = AVURLAsset(url: url)
let queue = DispatchQueue(label: "Some queue")
asset.resourceLoader.setDelegate(self, queue: queue)
let playerItem = AVPlayerItem(asset: asset)
player = AVPlayer(playerItem: playerItem)
//3. Create AVPlayerLayer object
let playerLayer = AVPlayerLayer(player: player)
playerLayer.frame = self.videoView.bounds //bounds of the view in which AVPlayer should be displayed
playerLayer.videoGravity = .resizeAspect
//4. Add playerLayer to view's layer
self.videoView.layer.addSublayer(playerLayer)
//5. Play Video
player.play()
}
// Do any additional setup after loading the view.
}
func resourceLoader(_ resourceLoader: AVAssetResourceLoader, shouldWaitForLoadingOfRequestedResource loadingRequest: AVAssetResourceLoadingRequest) -> Bool {
// We first check if a url is set in the manifest.
guard let url = loadingRequest.request.url else {
print("", #function, "Unable to read the url/host data.")
loadingRequest.finishLoading(with: NSError(domain: "com.error", code: -1, userInfo:
nil))
return false
}
print("", #function, url)
// When the url is correctly found we try to load the certificate date. Watch out! For this
// example the certificate resides inside the bundle. But it should be preferably fetched from
// the server.
guard
let certificateURL = Bundle.main.url(forResource: "certfps", withExtension: "cer"),
let certificateData = try? Data(contentsOf: certificateURL) else {
print("", #function, "Unable to read the certificate data.")
loadingRequest.finishLoading(with: NSError(domain: "com.error", code: -2, userInfo: nil))
return false
}
// Request the Server Playback Context.
let contentId = "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
guard
let contentIdData = contentId.data(using: String.Encoding.utf8),
let spcData = try? loadingRequest.streamingContentKeyRequestData(forApp: certificateData, contentIdentifier: contentIdData, options: nil),
let dataRequest = loadingRequest.dataRequest else {
loadingRequest.finishLoading(with: NSError(domain: "com.error", code: -3, userInfo: nil))
print("", #function, "Unable to read the SPC data.")
return false
}
// Request the Content Key Context from the Key Server Module.
let ckcURL = URL(string: "https://xxxxx.keydelivery.northeurope.media.azure.net/FairPlay/?kid=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx")!
var request = URLRequest(url: ckcURL)
request.httpMethod = "POST"
let assetIDString = "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
let postString = "spc=\(spcData.base64EncodedString())&assetId=\(assetIDString)"
request.setValue(String(postString.count), forHTTPHeaderField: "Content-Length")
request.setValue("application/x-www-form-urlencoded", forHTTPHeaderField: "Content-Type")
request.httpBody = postString.data(using: .ascii, allowLossyConversion: true)
let session = URLSession(configuration: URLSessionConfiguration.default)
let task = session.dataTask(with: request) { data, response, error in
if let data = data {
// The CKC is correctly returned and is now send to the `AVPlayer` instance so we
// can continue to play the stream.
if var responseString = String(data: data, encoding: .utf8) {
responseString = responseString.replacingOccurrences(of: "<ckc>", with: "").replacingOccurrences(of: "</ckc>", with: "")
var ckcData = Data(base64Encoded: responseString)!
dataRequest.respond(with: ckcData)
loadingRequest.finishLoading()
} else {
// print("Error encountered while fetching FairPlay license for URL: \(self.drmUrl), \(error?.localizedDescription ?? "Unknown error")")
}
task.resume()
return true
}
}
以上一切正常,但在 CKC 响应中我得到
{
"Error": {
"Message": "Failed content key policy evaluation.",
"Code": "AuthorizationPolicyEvaluationFailure"
}
}
任何人都可以在这里让我知道我在这里缺少什么,这是我第一次尝试这个
所以我可能犯了一个非常明显的错误,所以请多多包涵。
关于这方面的任何帮助都将非常有用(我已经为此苦苦思索好几天了。)
谢谢。
可能有助于故障排除的一件事是启用许可证传送日志记录。你可以在 Azure 门户中转到你的媒体服务帐户来执行此操作,在“监视”部分转到“诊断设置”。单击 'Add diagnostic setting'。为设置命名,然后,至少在开始时,告诉它归档到存储帐户。记录 'KeyDeliveryRequests'。保存后重现问题。然后转到您的存储帐户并查找日志结果。存储容器“insights-logs-keydeliveryrequests”将包含日志。
您可以添加请求 header 参数,例如 "authorization"(可能是一个名为 JWT 的 base 64 令牌),"mimetype" 在发出 CKC 请求时,它会起作用。
最后,我发现我遗漏的是没有在 "Authorization" header 中为 CKC 请求传递 JWT。
通过 JWT 就成功了。 :)
注意:JWT 代表 JSON Azure 媒体服务中媒体加密期间生成的网络令牌。
我正在尝试在 iOS 设备上播放受 Fairplay DRM 保护(通过 Azure 媒体服务加密)的 HLS 视频流。 我使用了以下链接中描述的代码和过程:
https://icapps.com/blog/how-integrate-basic-hls-stream-fairplay
https://gist.github.com/fousa/5709fb7c84e5b53dbdae508c9cb4fadc
以下是我为此编写的代码。
import UIKit
import AVFoundation
class ViewController: UIViewController, AVAssetResourceLoaderDelegate {
@IBOutlet weak var videoView: UIView!
var player: AVPlayer!
override func viewDidLoad() {
super.viewDidLoad()
let streamURL = "someexampleurl.com/stream.m3u8"
if let url = URL(string: streamURL) {
//2. Create AVPlayer object
let asset = AVURLAsset(url: url)
let queue = DispatchQueue(label: "Some queue")
asset.resourceLoader.setDelegate(self, queue: queue)
let playerItem = AVPlayerItem(asset: asset)
player = AVPlayer(playerItem: playerItem)
//3. Create AVPlayerLayer object
let playerLayer = AVPlayerLayer(player: player)
playerLayer.frame = self.videoView.bounds //bounds of the view in which AVPlayer should be displayed
playerLayer.videoGravity = .resizeAspect
//4. Add playerLayer to view's layer
self.videoView.layer.addSublayer(playerLayer)
//5. Play Video
player.play()
}
// Do any additional setup after loading the view.
}
func resourceLoader(_ resourceLoader: AVAssetResourceLoader, shouldWaitForLoadingOfRequestedResource loadingRequest: AVAssetResourceLoadingRequest) -> Bool {
// We first check if a url is set in the manifest.
guard let url = loadingRequest.request.url else {
print("", #function, "Unable to read the url/host data.")
loadingRequest.finishLoading(with: NSError(domain: "com.error", code: -1, userInfo:
nil))
return false
}
print("", #function, url)
// When the url is correctly found we try to load the certificate date. Watch out! For this
// example the certificate resides inside the bundle. But it should be preferably fetched from
// the server.
guard
let certificateURL = Bundle.main.url(forResource: "certfps", withExtension: "cer"),
let certificateData = try? Data(contentsOf: certificateURL) else {
print("", #function, "Unable to read the certificate data.")
loadingRequest.finishLoading(with: NSError(domain: "com.error", code: -2, userInfo: nil))
return false
}
// Request the Server Playback Context.
let contentId = "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
guard
let contentIdData = contentId.data(using: String.Encoding.utf8),
let spcData = try? loadingRequest.streamingContentKeyRequestData(forApp: certificateData, contentIdentifier: contentIdData, options: nil),
let dataRequest = loadingRequest.dataRequest else {
loadingRequest.finishLoading(with: NSError(domain: "com.error", code: -3, userInfo: nil))
print("", #function, "Unable to read the SPC data.")
return false
}
// Request the Content Key Context from the Key Server Module.
let ckcURL = URL(string: "https://xxxxx.keydelivery.northeurope.media.azure.net/FairPlay/?kid=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx")!
var request = URLRequest(url: ckcURL)
request.httpMethod = "POST"
let assetIDString = "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
let postString = "spc=\(spcData.base64EncodedString())&assetId=\(assetIDString)"
request.setValue(String(postString.count), forHTTPHeaderField: "Content-Length")
request.setValue("application/x-www-form-urlencoded", forHTTPHeaderField: "Content-Type")
request.httpBody = postString.data(using: .ascii, allowLossyConversion: true)
let session = URLSession(configuration: URLSessionConfiguration.default)
let task = session.dataTask(with: request) { data, response, error in
if let data = data {
// The CKC is correctly returned and is now send to the `AVPlayer` instance so we
// can continue to play the stream.
if var responseString = String(data: data, encoding: .utf8) {
responseString = responseString.replacingOccurrences(of: "<ckc>", with: "").replacingOccurrences(of: "</ckc>", with: "")
var ckcData = Data(base64Encoded: responseString)!
dataRequest.respond(with: ckcData)
loadingRequest.finishLoading()
} else {
// print("Error encountered while fetching FairPlay license for URL: \(self.drmUrl), \(error?.localizedDescription ?? "Unknown error")")
}
task.resume()
return true
}
}
以上一切正常,但在 CKC 响应中我得到
{
"Error": {
"Message": "Failed content key policy evaluation.",
"Code": "AuthorizationPolicyEvaluationFailure"
}
}
任何人都可以在这里让我知道我在这里缺少什么,这是我第一次尝试这个 所以我可能犯了一个非常明显的错误,所以请多多包涵。
关于这方面的任何帮助都将非常有用(我已经为此苦苦思索好几天了。)
谢谢。
可能有助于故障排除的一件事是启用许可证传送日志记录。你可以在 Azure 门户中转到你的媒体服务帐户来执行此操作,在“监视”部分转到“诊断设置”。单击 'Add diagnostic setting'。为设置命名,然后,至少在开始时,告诉它归档到存储帐户。记录 'KeyDeliveryRequests'。保存后重现问题。然后转到您的存储帐户并查找日志结果。存储容器“insights-logs-keydeliveryrequests”将包含日志。
您可以添加请求 header 参数,例如 "authorization"(可能是一个名为 JWT 的 base 64 令牌),"mimetype" 在发出 CKC 请求时,它会起作用。
最后,我发现我遗漏的是没有在 "Authorization" header 中为 CKC 请求传递 JWT。 通过 JWT 就成功了。 :)
注意:JWT 代表 JSON Azure 媒体服务中媒体加密期间生成的网络令牌。