From 7a730b371c7e8e52e53f804b4c9ffafb778228c1 Mon Sep 17 00:00:00 2001 From: Trevor Rowe Date: Wed, 9 Dec 2015 12:44:56 -0800 Subject: [PATCH] Bug fix for s3 presigned urls using `secure: false`. Closes #998 --- CHANGELOG.md | 6 ++++++ aws-sdk-core/features/s3/presigned.feature | 9 ++++++++- aws-sdk-core/features/s3/step_definitions.rb | 3 ++- aws-sdk-core/lib/aws-sdk-core/s3/presigner.rb | 7 ++++++- 4 files changed, 22 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e09bb292c3a..5861466d212 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ Unreleased Changes ------------------ +* Issue - Aws::S3 - Resolved a regression with `Aws::S3::Presigner#presigned_url` + when using the `secure: false` option. Added integration test to prevent + future regressions. + + See [related GitHub issue #998](https://github.com/aws/aws-sdk-ruby/issues/998). + * Issue - Aws::Route53 - Fixed an issue that prevented users from calling the `Aws::Route53::Client#get_traffic_policy` operation. The endpoint builder was failing to convert the paramters to strings before URI encoding them. diff --git a/aws-sdk-core/features/s3/presigned.feature b/aws-sdk-core/features/s3/presigned.feature index cc5316c4373..bdfea0b7940 100644 --- a/aws-sdk-core/features/s3/presigned.feature +++ b/aws-sdk-core/features/s3/presigned.feature @@ -5,13 +5,20 @@ Feature: S3 Presigned Operations Background: Given I create a bucket - Scenario: Presigning a get object request + Scenario: Presigning a HTTPS get object request When I put "signed" to the key "retrieve_me" And I create a presigned url for "get_object" with: | key | retrieve_me | And I send an HTTP get request for the presigned url Then the response should be "signed" + Scenario: Presinging a HTTP get object request + When I put "signed" to the key "retrieve_me" + And I create a non-secure presigned url for "get_object" with: + | key | retrieve_me | + And I send an HTTP get request for the presigned url + Then the response should be "signed" + Scenario: Presigning a put object request When I create a presigned url for "put_object" with: | key | test | diff --git a/aws-sdk-core/features/s3/step_definitions.rb b/aws-sdk-core/features/s3/step_definitions.rb index b8a70841d2d..74039480d3e 100644 --- a/aws-sdk-core/features/s3/step_definitions.rb +++ b/aws-sdk-core/features/s3/step_definitions.rb @@ -188,10 +188,11 @@ def create_bucket(options = {}) @client.head_object(bucket: @bucket_name, key: @key) end -When(/^I create a presigned url for "(.*?)" with:$/) do |method, params| +When(/^I create a (non-secure )?presigned url for "(.*?)" with:$/) do |non_secure, method, params| presigner = Aws::S3::Presigner.new(client: @client) params = symbolized_params(params) params[:bucket] = @bucket_name + params[:secure] = false if non_secure @url = presigner.presigned_url(method.to_sym, params) end diff --git a/aws-sdk-core/lib/aws-sdk-core/s3/presigner.rb b/aws-sdk-core/lib/aws-sdk-core/s3/presigner.rb index d4e89e8fe53..15acf310c35 100644 --- a/aws-sdk-core/lib/aws-sdk-core/s3/presigner.rb +++ b/aws-sdk-core/lib/aws-sdk-core/s3/presigner.rb @@ -89,7 +89,12 @@ def sign_but_dont_send(req, expires_in, scheme) req.handlers.remove(Plugins::S3RequestSigner::SigningHandler) req.handlers.remove(Seahorse::Client::Plugins::ContentLength::Handler) req.handle(step: :send) do |context| - context.http_request.endpoint.scheme = scheme + if scheme != context.http_request.endpoint.scheme + endpoint = context.http_request.endpoint.dup + endpoint.scheme = scheme + endpoint.port = (scheme == 'http' ? 80 : 443) + context.http_request.endpoint = URI.parse(endpoint.to_s) + end signer = Signers::V4.new( context.config.credentials, 's3', context.config.region