Skip to content
This repository

Expires time is calculated twice when using expires_in and can cause signature authentication problems #54

Open
wants to merge 2 commits into from

1 participant

W. Andrew Loe III
W. Andrew Loe III
loe commented January 31, 2012

@bmo figured this out, I'm just the messenger.

The build method in QueryString calls #expires, and so does #encoded_canonical.

 # Keep in alphabetical order
 def build
   "AWSAccessKeyId=#{access_key_id}&Expires=#{expires}&Signature=#{encoded_canonical}"
 end

If these calls lie on separate sides of a second tick the signature will be wrong. The solution is to memoize the first call so encoded_canonical uses the same value.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Showing 2 unique commits by 1 author.

Jan 31, 2012
W. Andrew Loe III Memoize the expires time. 40a4dd0
W. Andrew Loe III Style. a7aedc3
This page is out of date. Refresh to see the latest.

Showing 1 changed file with 2 additions and 2 deletions. Show diff stats Hide diff stats

  1. 4  lib/aws/s3/authentication.rb
4  lib/aws/s3/authentication.rb
@@ -115,7 +115,7 @@ def initialize(*args)
115 115
           #   3) The current time in seconds since the epoch plus the default number of seconds (60 seconds)
116 116
           def expires
117 117
             return options[:expires] if options[:expires]
118  
-            date.to_i + expires_in
  118
+            @expires ||= date.to_i + expires_in
119 119
           end
120 120
           
121 121
           def expires_in
@@ -218,4 +218,4 @@ def only_path
218 218
       end
219 219
     end
220 220
   end
221  
-end
  221
+end
Commit_comment_tip

Tip: You can add notes to lines in a file. Hover to the left of a line to make a note

Something went wrong with that request. Please try again.