Changes in Amazon CloudFront presigning from version 1 to version 2 - AWS SDK for Java 2.x
High-level changesAPI changes

Changes in Amazon CloudFront presigning from version 1 to version 2

This topic details the changes in the Amazon CloudFront from version 1 (v1) to version 2 (v2).

High-level changes

Change v1 v2

Maven dependencies

 
<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>com.amazonaws</groupId>
            <artifactId>aws-java-sdk-bom</artifactId>
            <version>1.12.5871</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>
<dependencies>
    <dependency>  
        <groupId>com.amazonaws</groupId>
        <artifactId>cloudfront</artifactId>
    </dependency>
</dependencies>
 
<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>software.amazon.awssdk</groupId>
            <artifactId>bom</artifactId>
            <version>2.27.212</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>
<dependencies>
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>cloudfront</artifactId>
    </dependency>
</dependencies>
Package name com.amazonaws.services.cloudfront software.amazon.awssdk.services.cloudfront
Class names

CloudFrontUrlSigner

CloudFrontCookieSigner

CloudFrontUtilities

SignedUrl

CannedSignerRequest

CustomSignerRequest

1 Latest version. 2 Latest version.

API changes

Behavior v1 v2
Build a canned request Arguments are passed directly to the API. 
CannedSignerRequest cannedRequest =
      CannedSignerRequest.builder()
                         .resourceUrl(resourceUrl)
                         .privateKey(privateKey)
                         .keyPairId(keyPairId)
                         .expirationDate(expirationDate)
                         .build();
Build a custom request Arguments are passed directly to the API. 
CustomSignerRequest customRequest =
      CustomSignerRequest.builder()
                         .resourceUrl(resourceUrl)
                         .resourceUrlPattern(resourceUrlPattern)
                         .privateKey(keyFile)
                         .keyPairId(keyPairId)
                         .expirationDate(expirationDate)
                         .activeDate(activeDate)
                         .ipRange(ipRange)
                         .build();
Generate a signed URL (canned) 
String signedUrl =
  CloudFrontUrlSigner.getSignedURLWithCannedPolicy(
    resourceUrl, keyPairId, privateKey, expirationDate);
 
CloudFrontUtilities cloudFrontUtilities =
    CloudFrontUtilities.create();

SignedUrl signedUrl =        
    cloudFrontUtilities.getSignedUrlWithCannedPolicy(cannedRequest);

String url = signedUrl.url();
Generate a signed cookie (custom) 
CookiesForCustomPolicy cookies =
    CloudFrontCookieSigner.getCookiesForCustomPolicy(
        resourceUrl, privateKey, keyPairId, expirationDate, 
        activeDate, ipRange);

CloudFrontUtilities cloudFrontUtilities =
    CloudFrontUtilities.create();

CookiesForCustomPolicy cookies =
     cloudFrontUtilities.getCookiesForCustomPolicy(customRequest);

Refactored cookie headers in v2

In Java v1, the Java SDK delivers cookie headers as a Map.Entry<String, String>.

Map.Entry<String, String> signatureMap = cookies.getSignature();
String signatureKey = signatureMap.getKey(); // "CloudFront-Signature"
String signatureValue = signatureMap.getValue(); // "[SIGNATURE_VALUE]"

The Java v2 SDK delivers the entire header as a single String.

String signatureHeaderValue = cookies.signatureHeaderValue(); // "CloudFront-Signature=[SIGNATURE_VALUE]"