解决S3预签名url的7天有效期限制

问题

使用S3的V4版本签名，预签名URL有效期最高只有7天，如果要设置超过7天的有效期，则需要修改签名版本，具体设置方法如下

S3 Java SDK

只需要在构建client的时候，调用config.setSignerOverride("S3SignerType")方法设置签名版本，完整代码如下：

import java.net.URL;
import java.util.Date;

import com.amazonaws.ClientConfiguration;
import com.amazonaws.HttpMethod;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.AmazonS3Client;
import com.amazonaws.services.s3.model.GeneratePresignedUrlRequest;

public class PresignUrl {

    AmazonS3 s3;
    
    PresignUrl(String accessKey, String secretKey, String endpoint, String region) {
        ClientConfiguration config = new ClientConfiguration();

        // S3SignerType: 使用v2版本签名，url有效期支持2年
        // AWSS3V4SignerType: 使用v4版本签名，url有效期最大支持7天
        config.setSignerOverride("S3SignerType");

        AwsClientBuilder.EndpointConfiguration endpointConfig = new AwsClientBuilder.EndpointConfiguration(endpoint, region);
        AWSCredentials awsCredentials = new BasicAWSCredentials(accessKey, secretKey);
        AWSCredentialsProvider awsCredentialsProvider = new AWSStaticCredentialsProvider(awsCredentials);
        this.s3 = AmazonS3Client.builder()
                .withEndpointConfiguration(endpointConfig)
                .withClientConfiguration(config)
                .withCredentials(awsCredentialsProvider)
                .disableChunkedEncoding()
                .withPathStyleAccessEnabled(true)
                .build();
    }
    public URL generatePresignUrl(String bucketName, String keyName, HttpMethod method, Date expiration) {
        GeneratePresignedUrlRequest request = new GeneratePresignedUrlRequest(bucketName, keyName)
                .withMethod(method)
                .withExpiration(expiration);
        return this.s3.generatePresignedUrl(request);
    }
    static public void main(String [ ]str) {
        final String accessKey = "";
        final String secretKey = "";
        final String endpoint = "http://s3.cn-north-1.jdcloud-oss.com";
        final String region = "cn-north-1";
        final String bucketName = "BUCKET";
        final String keyName = "Object";
        final HttpMethod method = HttpMethod.GET;  //此处设置您的PresignUrl允许的HTTP方法
        final Integer expireInSeconds = 704800;  //此处设置您的PresignUrl有效的时间段，以秒为单位
        final Date expiration = new Date(System.currentTimeMillis() + expireInSeconds * 1000);
        URL url = new PresignUrl(accessKey, secretKey, endpoint, region).generatePresignUrl(bucketName, keyName, method, expiration);
        System.out.println("Pre-Signed URL: " + url);
    }
}

S3 Python SDK

import boto3
from botocore.client import Config

# 账号ak/sk
ACCESS_KEY = ''
SECRET_KEY = ''

endpoint = 'https://s3.cn-north-1.jdcloud-oss.com'

s3 = boto3.client(
    's3',
    aws_access_key_id=ACCESS_KEY,
    aws_secret_access_key=SECRET_KEY,
    # signature_version：s3: 使用v2版本签名
    # signature_version：s3v4：使用v4版本签名
    config=Config(signature_version='s3',s3={'addressing_style': 'path'}),
    endpoint_url=endpoint
)

print(s3.generate_presigned_url(ClientMethod='get_object', Params={'Bucket': 'BUCKET', 'Key': 'Object'},ExpiresIn=704800))