Closed dsdshcym closed 1 year ago
Same issue happens to S3.Download
as well:
when downloading some large files from S3, if the download starts just before the token expiration, the download for later chunks might raise ExpiredToken
error (since the token was issued when requesting the first chunk)
I'd propose we fetch a new token every time we request a new page from S3.
That's probably overkill (and not especially efficient). We know what time the token expires, so it should be sufficient to check it before each use and refresh it if it's going to expire within the next [some short period of time].
I'd welcome a PR to that effect.
Hi @bernardd, Thank you for your response!
check it before each use and refresh it if it's going to expire within the next
Actually, this is already the case now. That's the whole purpose of the AuthCache module: https://github.com/ex-aws/ex_aws/blob/main/lib/ex_aws/config/auth_cache.ex
But when we call ExAws.stream!
or S3.Download
, they would accept a token from the start and reuse this token through the whole stream
.
So if this stream
runs overtime, the token
stored from the start would expire.
So a better solution might be to call AuthCache
every time we need to make a request inside ExAws.stream!
or S3.Download
, instead of reusing the same token
all the time.
I don't have enough time to submit a PR recently, so I opened this issue and hoped someone may help.
Right, yeah, that sounds like the right solution. Probably like you I'm buried under a pile of work at the moment so it isn't likely I'll get to it myself in the short term.
No worries, I'll see what I can do when I get some time (Or someone else may pick it up 😆)
Any update on this? We're running into the exact same issue; creds expiring after 6 hours, but our ExAws.stream!
is taking longer than that.
Environment
Elixir & Erlang versions (elixir --version):
mix deps |grep ex_aws
mix deps | grep hackney
Current behavior
Currently,
ExAws.stream!
would pass a newconfig
struct to the lazy function, https://github.com/ex-aws/ex_aws/blob/87ec5641e53983fc627918a336d1a2c310489b70/lib/ex_aws.ex#L105 when combined withlist_objects
, thisconfig
(and thetoken
inside thisconfig
) would be reused to fetch all the pages, but lazilyIf we pass the
list_objects
stream to a long runningTask.async_stream
, the token might expire when fetching a new page:And the error would be:
Expected behavior
No
ExpiredToken
error would be raised, no matter how much time the stream needs to be processed.I'd propose we fetch a new token every time we request a new page from S3.