search

scaleflex / cloudimage-rb

Official Ruby API wrapper for Cloudimage's API. Any questions or issues, please report to https://github.com/scaleflex/cloudimage-rb/issues
Other
4 stars 1 forks source link

Losing AWS Signature with transforms #31

Open mikecx opened 3 years ago

mikecx commented 3 years ago

Using shrine-cloudimage, so please let me know if this is better posted over there, however I believe it just wraps this library which is doing the heavy lifting.

When generating an image url, the library loses the remote images AWS signature which causes the image not to return. If I call file.cloudimage_url without transform parameters, the image works and returns a properly AWS signed image url. If I pass file.cloudimage_url(w: 200, h: 200) I get a url that has the proper transforms in the URL, but that has lost the AWS signature.

mikecx commented 3 years ago

Upon further investigation, it looks like it's happening somewhere in the .to_url call. Shrine is providing a signed url, client.path() is holding the right information in both the @path and @uri variables, but once you call .to_url it's stripped out. 

[20] pry(main)> attachment.file.url
=> "https://xxxxxxxxxx.s3.amazonaws.com/bucket/key/4645862f5d123d43b39618da6ca21b02.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=xxxxxxxxxxxxx%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210524T232556Z&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=xxxxxxxxxxxxxxx"
[21] pry(main)> uri = client.path(attachment.file.url)
=> #<Cloudimage::URI:0x00007f9f0e825e38
  @path=
  "/https://xxxxxxxxxx.s3.amazonaws.com/bucket/key/4645862f5d123d43b39618da6ca21b02.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=xxxxxxxxxxxxx%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210524T232556Z&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=xxxxxxxxxxxxxxx",
 @sealed_params=#<Set: {}>,
 @uri=
  #<Addressable::URI:0x15bd0 URI:https://xxxxxxxxxx.s3.amazonaws.com/bucket/key/4645862f5d123d43b39618da6ca21b02.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=xxxxxxxxxxxxx%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210524T232556Z&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=xxxxxxxxxxxxxxx>>
[22] pry(main)> uri.to_url
=> "xxxxxxxxxx.s3.amazonaws.com/bucket/key/4645862f5d123d43b39618da6ca21b02.png?p="

Update (May 25th): Turns out it's the following line https://github.com/scaleflex/cloudimage-rb/blob/master/lib/cloudimage/uri.rb#L99 that will automatically squash any existing uri.query_values with whatever is sent in.

I'm currently working around it by grabbing the parameters before the call and pushing them on the options hash, but that's incredibly hacky. Took a go at updating the gem but I don't like my solution, open to any suggestions:

      query_values = if uri.query_values&.any?
                       uri.query_values.transform_keys(&:to_sym).filter { |param| !PARAMS.include?(param)} .merge!(url_params)
                     else
                       url_params
                     end

      uri.query_values = query_values
alfuken commented 2 years ago

+1 to having the issue with how this library handles query params. This definitely needs fixing.

janklimo commented 1 year ago

I reached out to Cloudimage's support to discuss how to best handle this and there is a cleaner approach explained in their docs using ci_url_encoded=1 param:

Screen Shot 2022-10-13 at 22 27 09

I think shrine-cloudimage should always encode resource URL which will resolve this.