Glad you worked that out. I ended up following the instructions at
https://developers.google.com/storage/docs/accesscontrol#Signed-URLs
to create signed URLs from scratch -- I spent a little time looking
through the PHP libraries and didn't see anything that looked quite
right. It turned out to be pretty easy:
/*
* Create a signed URL to access the named resource at the cloud
* storage facility. Right now, this is Google Cloud Storage. The
* URL will be returned to the client, which uses Cross-Origin
Resource
* Sharing (CORS) to access the file directly.
*/
function storageURL( $id, $method = 'GET', $duration = 10 ) {
$expires = time( ) + $duration;
$content_type = ($method == 'PUT') ? 'application/x-www-form-
urlencoded' : '';
$to_sign = ($method . "\n" .
/* Content-MD5 */ "\n" .
$content_type . "\n" .
$expires . "\n" .
'/bucket-name/' . $id);
$signature = '*Put signature here*';
if (!openssl_sign( $to_sign, $signature, '--put-private-key-here--',
'sha256' )) {
error_log( 'openssl_sign failed!' );
$signature = '<failed>';
} else {
$signature = urlencode( base64_encode( $signature ) );
}
return ('
https://bucket-name.commondatastorage.googleapis.com/' .
$id .
'?GoogleAccessId=' . '--put-email-id here--' .
'&Expires=' . $expires . '&Signature=' . $signature);