class Aws::S3::Presigner
Allows you to create presigned URLs for S3 operations.
Example Use:
signer = Aws::S3::Presigner.new url = signer.presigned_url(:get_object, bucket: "bucket", key: "key")
Constants
- FIFTEEN_MINUTES
@api private
- ONE_WEEK
@api private
Public Class Methods
new(options = {})
click to toggle source
@option options [Client] :client Optionally provide an existing
S3 client
# File lib/aws-sdk-core/s3/presigner.rb, line 21 def initialize(options = {}) @client = options[:client] || Aws::S3::Client.new end
Public Instance Methods
presigned_url(method, params = {})
click to toggle source
@param [Symbol] method Symbolized method name of the operation you want
to presign.
@option params [Integer] :expires_in (900) The number of seconds
before the presigned URL expires. Defaults to 15 minutes.
@option params [Boolean] :secure (true) When `false`, a HTTP URL
is returned instead of the default HTTPS URL.
@option params [Boolean] :virtual_host (false) When `true`, the
{#bucket} name will be used as the hostname. This will cause the returned URL to be 'http' and not 'https'.
@raise [ArgumentError] Raises an ArgumentError if `:expires_in`
exceeds one week.
# File lib/aws-sdk-core/s3/presigner.rb, line 41 def presigned_url(method, params = {}) virtual_host = !!params.delete(:virtual_host) scheme = http_scheme(params, virtual_host) req = @client.build_request(method, params) use_bucket_as_hostname(req) if virtual_host sign_but_dont_send(req, expires_in(params), scheme) req.send_request.data end
Private Instance Methods
expires_in(params)
click to toggle source
# File lib/aws-sdk-core/s3/presigner.rb, line 61 def expires_in(params) if expires_in = params.delete(:expires_in) if expires_in > ONE_WEEK msg = "expires_in value of #{expires_in} exceeds one-week maximum" raise ArgumentError, msg end expires_in else FIFTEEN_MINUTES end end
http_scheme(params, virtual_host)
click to toggle source
# File lib/aws-sdk-core/s3/presigner.rb, line 53 def http_scheme(params, virtual_host) if params.delete(:secure) == false || virtual_host 'http' else 'https' end end
sign_but_dont_send(req, expires_in, scheme)
click to toggle source
# File lib/aws-sdk-core/s3/presigner.rb, line 83 def sign_but_dont_send(req, expires_in, scheme) req.handlers.remove(Plugins::S3RequestSigner::SigningHandler) req.handlers.remove(Seahorse::Client::Plugins::ContentLength::Handler) req.handle(step: :send) do |context| context.http_request.endpoint.scheme = scheme signer = Signers::V4.new( context.config.credentials, 's3', context.config.region ) url = signer.presigned_url( context.http_request, expires_in: expires_in, body_digest: "UNSIGNED-PAYLOAD" ) Seahorse::Client::Response.new(context: context, data: url) end end
use_bucket_as_hostname(req)
click to toggle source
# File lib/aws-sdk-core/s3/presigner.rb, line 73 def use_bucket_as_hostname(req) req.handlers.remove(Plugins::S3BucketDns::Handler) req.handle do |context| uri = context.http_request.endpoint uri.host = context.params[:bucket] uri.path = uri.path.sub("/#{context.params[:bucket]}", '') @handler.call(context) end end