Class: Aws::S3::Presigner

Inherits:

Object

• Object
• Aws::S3::Presigner

Defined in:

lib/aws-sdk-s3/presigner.rb

Constant Summary

ONE_WEEK =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

60 * 60 * 24 * 7

FIFTEEN_MINUTES =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

60 * 15

BLACKLISTED_HEADERS =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

[
  'accept',
  'amz-sdk-request',
  'cache-control',
  'content-length', # due to a ELB bug
  'expect',
  'from',
  'if-match',
  'if-none-match',
  'if-modified-since',
  'if-unmodified-since',
  'if-range',
  'max-forwards',
  'pragma',
  'proxy-authorization',
  'referer',
  'te',
  'user-agent'
].freeze

Instance Method Summary

• #initialize(options = {}) ⇒ Presigner constructor

  A new instance of Presigner.

• #presigned_request(method, params = {}) ⇒ String, Hash

  Allows you to create presigned URL requests for S3 operations.

• #presigned_url(method, params = {}) ⇒ String

  Create presigned URLs for S3 operations.

Constructor Details

#initialize(options = {}) ⇒ Presigner

Returns a new instance of Presigner.

Parameters:

• options (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (options):

• :client (Client) —

  Optionally provide an existing S3 client

# File 'lib/aws-sdk-s3/presigner.rb', line 35

def initialize(options = {})
  @client = options[:client] || Aws::S3::Client.new
end

Instance Method Details

#presigned_request(method, params = {}) ⇒ String, Hash

Allows you to create presigned URL requests for S3 operations. This method returns a tuple containing the URL and the signed X-amz-* headers to be used with the presigned url.

Examples:

signer = Aws::S3::Presigner.new
url, headers = signer.presigned_request(
  :get_object, bucket: "bucket", key: "key"
)

Parameters:

• method (Symbol) —

  Symbolized method name of the operation you want to presign.

• params (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (params):

• :expires_in (Integer) — default: 900 —

  The number of seconds before the presigned URL expires. Defaults to 15 minutes. As signature version 4 has a maximum expiry time of one week for presigned URLs, attempts to set this value to greater than one week (604800) will raise an exception. The min value of this option and the credentials expiration time is used in the presigned URL.

• :time (Time) — default: Time.now —

  The starting time for when the presigned url becomes active.

• :secure (Boolean) — default: true —

  When ‘false`, a HTTP URL is returned instead of the default HTTPS URL.

• :virtual_host (Boolean) — default: false —

  When ‘true`, the bucket name will be used as the hostname. This will cause the returned URL to be ’http’ and not ‘https’.

• :use_accelerate_endpoint (Boolean) — default: false —

  When ‘true`, Presigner will attempt to use accelerated endpoint.

• :whitelist_headers (Array<String>) — default: [] —

  Additional headers to be included for the signed request. Certain headers beyond the authorization header could, in theory, be changed for various reasons (including but not limited to proxies) while in transit and after signing. This would lead to signature errors being returned, despite no actual problems with signing. (see BLACKLISTED_HEADERS)

Returns:

• (String, Hash) —

  A tuple with a presigned URL and headers that should be included with the request.

Raises:

• (ArgumentError) —

  Raises an ArgumentError if ‘:expires_in` exceeds one week.

# File 'lib/aws-sdk-s3/presigner.rb', line 128

def presigned_request(method, params = {})
  _presigned_request(method, params, false)
end

#presigned_url(method, params = {}) ⇒ String

Create presigned URLs for S3 operations.

Examples:

signer = Aws::S3::Presigner.new
url = signer.presigned_url(:get_object, bucket: "bucket", key: "key")

Parameters:

• method (Symbol) —

  Symbolized method name of the operation you want to presign.

• params (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (params):

• :expires_in (Integer) — default: 900 —

  The number of seconds before the presigned URL expires. Defaults to 15 minutes. As signature version 4 has a maximum expiry time of one week for presigned URLs, attempts to set this value to greater than one week (604800) will raise an exception. The min value of this option and the credentials expiration time is used in the presigned URL.

• :time (Time) — default: Time.now —

  The starting time for when the presigned url becomes active.

• :secure (Boolean) — default: true —

  When ‘false`, a HTTP URL is returned instead of the default HTTPS URL.

• :virtual_host (Boolean) — default: false —

  When ‘true`, the bucket name will be used as the hostname.

• :use_accelerate_endpoint (Boolean) — default: false —

  When ‘true`, Presigner will attempt to use accelerated endpoint.

• :whitelist_headers (Array<String>) — default: [] —

  Additional headers to be included for the signed request. Certain headers beyond the authorization header could, in theory, be changed for various reasons (including but not limited to proxies) while in transit and after signing. This would lead to signature errors being returned, despite no actual problems with signing. (see BLACKLISTED_HEADERS)

Returns:

• (String) —

  a presigned url

Raises:

• (ArgumentError) —

  Raises an ArgumentError if ‘:expires_in` exceeds one week.

# File 'lib/aws-sdk-s3/presigner.rb', line 78

def presigned_url(method, params = {})
  url, _headers = _presigned_request(method, params)
  url
end