Created
July 22, 2013 20:29
-
-
Save djechlin/6057364 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"name": "unroll-aws", | |
"version": "0.0.1", | |
"description": "Bug reproduction for https://github.com/aws/aws-sdk-js/issues/136", | |
"author": "Dan Echlin <dan@unroll.me>", | |
"private": "true", | |
"main": "s3.js", | |
"dependencies": { | |
"q": "~0.9.6", | |
"q-io": "~1.9.1", | |
"aws-sdk": "~1.3.2" | |
}, | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/*jshint node: true, camelcase: true, eqeqeq: true, forin: true, immed: true, latedef: true, newcap: true, noarg: true, undef: true, globalstrict: true*/ | |
"use strict"; | |
var AWS = require('aws-sdk'); | |
var s3 = new AWS.S3({ | |
apiVersion: '2006-03-01' | |
}); | |
var Q = require('q'); | |
var qhttp = require('q-io/http'); | |
var getSignedUrlBroken = module.exports.getSignedUrlBroken = function(bucket, item) { | |
var param = { | |
Bucket: bucket, | |
Key: item | |
}; | |
return Q.ninvoke(s3, 'getSignedUrl', 'getObject', param); | |
}; | |
var getSignedUrlFixed = module.exports.getSignedUrlFixed = function(bucket, item) { | |
var param = { | |
Bucket: bucket, | |
Key: item | |
}; | |
return Q.ninvoke(s3, 'getSignedUrl', 'getObject', param).then(function(url) { | |
// per https://github.com/aws/aws-sdk-js/issues/136 | |
// when using IAM STS, i.e., when using the IAM role obtained from | |
// EC2, x-amz-security-token is missing, so we manually append this. | |
// I suspect this patch here creates a race condition since we may retrieve | |
// a different token than matches with the accessKeyId used when the URL is | |
// generated, but ideally this patch will become obsolete soon enough. | |
if(/x-amz-security-token/.test(url)) { | |
// they fixed it! Can get rid of this patch | |
console.error("x-amz-security-token issue fixed in aws/s3.js!! Get rid of patch."); | |
return url; | |
} | |
return Q.ninvoke(AWS.config, 'getCredentials') | |
.then(function(credentials) { | |
return url + '&x-amz-security-token=' + encodeURIComponent(credentials.sessionToken); | |
}); | |
}); | |
}; | |
function get(url) { | |
// don't think we need this for this bug reproduction, | |
// but in case you want it | |
qhttp.request(url).then(function(response) { | |
console.log("Status: " + response.status); | |
response.body.read().then(function(body) { | |
console.log("Body: " + body); | |
}).done(); | |
}).done(); | |
} | |
function test() { | |
var bucket = 'unrollme_node_unittest'; | |
var key = 'item.txt'; | |
function printUrl(text, url) { | |
console.log(text + ": " + url); | |
} | |
getSignedUrlFixed(bucket, key).then(printUrl.bind(null, "Fixed")).done(); | |
getSignedUrlBroken(bucket, key).then(printUrl.bind(null, "\nBroke")).done(); | |
} | |
if (require.main === module) { | |
test(); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment