[jira] [Created] (OAK-9710) Allow direct download client to specify a shorter signed URI TTL

["Matt Ryan (Jira)" <ji...@apache.org>]

Matt Ryan created OAK-9710:
------------------------------

             Summary: Allow direct download client to specify a shorter signed URI TTL
                 Key: OAK-9710
                 URL: https://issues.apache.org/jira/browse/OAK-9710
             Project: Jackrabbit Oak
          Issue Type: Story
          Components: blob-cloud, blob-cloud-azure, blob-plugins
    Affects Versions: 1.42.0
            Reporter: Matt Ryan
            Assignee: Matt Ryan


When you request a direct download URI from cloud blob storage, the TTL that is specified for the URI is set to a default value that is specified in configuration.

We could consider extending the capabilities of requesting a direct download URI such that a client can specify their own TTL, *so long as* that TTL does not exceed the value specified in the configuration.  This would allow a client to request a more restrictive-use URI, but not the opposite.

In other words - supposing the default configured TTL is 1800 (30 minutes).  In this case:
 * A client that does not specify any other TTL value would get URIs that expire in 1800 seconds.
 * A client that chooses to specify a TTL value could provide any value greater than 0 but less than or equal to 1800 seconds.
 * Specifying a TTL value of over 1800 would be an error condition.
 * Specifying a TTL value of 0 would be an error condition.
 * Specifying a TTL value of less than 0 would be the same as the default value (-1), meaning to use the configured value.

What error condition should occur?  Typically in the direct download code an error results in the return of a {{null}} value for the URI, accompanied by a log message.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)