Class: Aws::S3::Presigner

Inherits:
Object
  • Object
show all
Defined in:
gems/aws-sdk-s3/lib/aws-sdk-s3/presigner.rb

Instance Method Summary collapse

Constructor Details

#initialize(options = {}) ⇒ Presigner

Returns a new instance of Presigner.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :client (Client)

    Optionally provide an existing S3 client



35
36
37
# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/presigner.rb', line 35

def initialize(options = {})
  @client = options[:client] || Aws::S3::Client.new
end

Instance Method Details

#presigned_request(method, params = {}) ⇒ String, Hash

Allows you to create presigned URL requests for S3 operations. This method returns a tuple containing the URL and the signed X-amz-* headers to be used with the presigned url.

Examples:

signer = Aws::S3::Presigner.new
url, headers = signer.presigned_request(
  :get_object, bucket: "bucket", key: "key"
)

Parameters:

  • method (Symbol)

    Symbolized method name of the operation you want to presign.

  • params (Hash) (defaults to: {})

    a customizable set of options

Options Hash (params):

  • :expires_in (Integer) — default: 900

    The number of seconds before the presigned URL expires. Defaults to 15 minutes. As signature version 4 has a maximum expiry time of one week for presigned URLs, attempts to set this value to greater than one week (604800) will raise an exception.

  • :time (Time) — default: Time.now

    The starting time for when the presigned url becomes active.

  • :secure (Boolean) — default: true

    When false, a HTTP URL is returned instead of the default HTTPS URL.

  • :virtual_host (Boolean) — default: false

    When true, the bucket name will be used as the hostname. This will cause the returned URL to be 'http' and not 'https'.

  • :use_accelerate_endpoint (Boolean) — default: false

    When true, Presigner will attempt to use accelerated endpoint.

  • :whitelist_headers (Array<String>) — default: []

    Additional headers to be included for the signed request. Certain headers beyond the authorization header could, in theory, be changed for various reasons (including but not limited to proxies) while in transit and after signing. This would lead to signature errors being returned, despite no actual problems with signing. (see BLACKLISTED_HEADERS)

Returns:

  • (String, Hash)

    A tuple with a presigned URL and headers that should be included with the request.

Raises:

  • (ArgumentError)

    Raises an ArgumentError if :expires_in exceeds one week.



127
128
129
# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/presigner.rb', line 127

def presigned_request(method, params = {})
  _presigned_request(method, params, false)
end

#presigned_url(method, params = {}) ⇒ String

Create presigned URLs for S3 operations.

Examples:

signer = Aws::S3::Presigner.new
url = signer.presigned_url(:get_object, bucket: "bucket", key: "key")

Parameters:

  • method (Symbol)

    Symbolized method name of the operation you want to presign.

  • params (Hash) (defaults to: {})

    a customizable set of options

Options Hash (params):

  • :expires_in (Integer) — default: 900

    The number of seconds before the presigned URL expires. Defaults to 15 minutes. As signature version 4 has a maximum expiry time of one week for presigned URLs, attempts to set this value to greater than one week (604800) will raise an exception.

  • :time (Time) — default: Time.now

    The starting time for when the presigned url becomes active.

  • :secure (Boolean) — default: true

    When false, a HTTP URL is returned instead of the default HTTPS URL.

  • :virtual_host (Boolean) — default: false

    When true, the bucket name will be used as the hostname. This will cause the returned URL to be 'http' and not 'https'.

  • :use_accelerate_endpoint (Boolean) — default: false

    When true, Presigner will attempt to use accelerated endpoint.

  • :whitelist_headers (Array<String>) — default: []

    Additional headers to be included for the signed request. Certain headers beyond the authorization header could, in theory, be changed for various reasons (including but not limited to proxies) while in transit and after signing. This would lead to signature errors being returned, despite no actual problems with signing. (see BLACKLISTED_HEADERS)

Returns:

  • (String)

    a presigned url

Raises:

  • (ArgumentError)

    Raises an ArgumentError if :expires_in exceeds one week.



78
79
80
81
# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/presigner.rb', line 78

def presigned_url(method, params = {})
  url, _headers = _presigned_request(method, params)
  url
end