clj-aws-s3 icon indicating copy to clipboard operation
clj-aws-s3 copied to clipboard

Published 20 hours ago verified publisher icon weavejester

Support path-style access URLs

Open elliot42 opened this issue 11 years ago • 3 comments

There are two ways to generate S3 object URLs, virtual-hosted style URLs vs. path-style URLs 1:

  • Virtual-hosted-style: http://bucket.s3.amazonaws.com
  • Path-style: http://s3.amazonaws.com/bucket

Virtual-hosted-style is Amazon's preferred default, however HTTPS is not compatible with all virtual-hosted-style URLs. Specifically, virtual-hosted-style buckets with dots in their names always cause HTTPS cert validation errors, as per RFC 2818 2:

https://foo.bar.s3.amazonaws.com/key

Path-style access works fine with HTTPS, without forcing a bucket rename:

https://s3.amazonaws.com/foo.bar/key

This commit allows configuring the client for path-style access via the cred map:

(let [cred {:access-key ...
            :secret-key ...
            :path-style-access? true}]
  (generate-presigned-url cred bucket key))

Note that when using path style access you may need to manually specify your region-specific S3 endpoint 1:

(let [cred {...
            :path-style-access? true
            :endpoint "s3-us-west-1.amazonaws.com"}]
  ...)

elliot42 avatar Sep 26 '14 11:09 elliot42

As :path-style-access is a boolean, can you add a ? onto the end?

weavejester avatar Sep 26 '14 12:09 weavejester

Updated to include ? at ends of keyword keys/symbols.

elliot42 avatar Sep 26 '14 12:09 elliot42

Thanks. Could you also slim down the commit message? There's no need to explain everything about the change. You can just provide a small explanation and a link to more details.

Add support for path-style access

This is necessary to support HTTPS URLs to buckets with periods in
their name.
See: http://shlomoswidler.com/2009/08/amazon-s3-gotcha-using-virtual-host.html

Conversely, it would be useful to add more information to the namespace docstring, detailing the option you've added. The docstring is currently a little cluttered, so you may want to reformat it like so:

  "Functions to access the Amazon S3 storage service.

  Each function takes a map of credentials as its first argument, which must
  contain the following keys:

    :access-key - the AWS access key ID
    :secret-key - the AWS secret access key

  The credentials may optionally have keys:

    :endpoint           - a URL or keyword refering to the AWS endpoint
    :proxy              - a map locating a HTTP proxy
    :path-style-access? - true if path-style access should be used

  The :proxy map must contain the following keys:

    :host - the hostname of the proxy
    :port - the port of the proxy

  And may contain:

    :user        - the user to use for the proxy
    :password    - the password of the user
    :domain      - the domain of the user, if applicable
    :workstation - the workstation of the user, if applicable"

weavejester avatar Sep 26 '14 15:09 weavejester