@@ 1,5 1,6 @@
import hmac
import time
+import boto3
import base64
import hashlib
try:
@@ 53,8 54,8 @@ class SecureS3(object):
return (bucket, filename, s.scheme)
- def get_auth_link(self, bucket, filename,
- scheme='http', expires=300, timestamp=None):
+ def get_auth_link(self, bucket, filename, scheme='http',
+ expires=300, timestamp=None):
''' Return a secure S3 link with an expiration on the download.
key: S3 Access Key (login)
@@ 66,23 67,23 @@ class SecureS3(object):
'''
filename = quote_plus(filename)
filename = filename.replace('%2F', '/')
- path = '/%s/%s' % (bucket, filename)
if timestamp is not None:
- expire_time = float(timestamp)
+ expires_in = int(timestamp - time.time())
else:
- expire_time = time.time() + expires
+ expires_in = expires
- expire_str = '%.0f' % (expire_time)
- string_to_sign = u'GET\n\n\n%s\n%s' % (expire_str, path)
- params = {
- 'AWSAccessKeyId': self.key,
- 'Expires': expire_str,
- 'Signature': self.gen_signature(string_to_sign.encode('utf-8')),
- }
-
- return '%s://s3.amazonaws.com/%s/%s?%s' % (
- scheme, bucket, filename, urlencode(params))
+ s3_client = boto3.client(
+ 's3',
+ aws_access_key_id=self.key,
+ aws_secret_access_key=self.secret_key,
+ )
+ url = s3_client.generate_presigned_url(
+ ClientMethod='get_object',
+ Params={'Bucket': bucket, 'Key': filename},
+ ExpiresIn=expires_in,
+ )
+ return url
def get_easy_auth_link(self, url, expires=600):
''' url should be the full URL to the secure file hosted on S3.