backend: fix accessing signed urls when using local minio service

- signing url with endpoint_url instead of access_endpoint_url, but replace endpoint_url prefix with access_endpoint_url for access. - keep existing behavior of signing access_endpoint_url only if SIGN_ACCESS_ENDPOINT env var is set
2022-06-04 08:29:57 -07:00 · 2022-06-04 08:29:57 -07:00 · ae51114a45
commit ae51114a45
parent 502d687620
1 changed files with 15 additions and 1 deletions
--- a/backend/storages.py
+++ b/backend/storages.py
@ -4,6 +4,7 @@ Storage API
 from typing import Union
 from urllib.parse import urlsplit
 from contextlib import asynccontextmanager
+import os

 from fastapi import Depends, HTTPException
 from aiobotocore.session import get_session
@ -12,6 +13,10 @@ from archives import Archive, DefaultStorage, S3Storage
 from users import User


+# sign access endpoint
+sign_access_endpoint = os.environ.get("SIGN_ACCESS_ENDPOINT")
+
+
 # ============================================================================
 def init_storages_api(archive_ops, crawl_manager, user_dep):
    """ API for updating storage for an archive """
@ -103,11 +108,20 @@ async def get_presigned_url(archive, crawlfile, crawl_manager, duration=3600):
    else:
        raise Exception("No Default Storage Found, Invalid Storage Type")

-    async with get_s3_client(s3storage, True) as (client, bucket, key):
+    async with get_s3_client(s3storage, sign_access_endpoint) as (client, bucket, key):
        key += crawlfile.filename

        presigned_url = await client.generate_presigned_url(
            "get_object", Params={"Bucket": bucket, "Key": key}, ExpiresIn=duration
        )

+        if (
+            not sign_access_endpoint
+            and s3storage.access_endpoint_url
+            and s3storage.access_endpoint_url != s3storage.endpoint_url
+        ):
+            presigned_url = presigned_url.replace(
+                s3storage.endpoint_url, s3storage.access_endpoint_url
+            )
+
    return presigned_url