You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Matt Ryan (Jira)" <ji...@apache.org> on 2022/02/25 23:51:00 UTC
[jira] [Created] (OAK-9710) Allow direct download client to specify a shorter signed URI TTL
Matt Ryan created OAK-9710:
------------------------------
Summary: Allow direct download client to specify a shorter signed URI TTL
Key: OAK-9710
URL: https://issues.apache.org/jira/browse/OAK-9710
Project: Jackrabbit Oak
Issue Type: Story
Components: blob-cloud, blob-cloud-azure, blob-plugins
Affects Versions: 1.42.0
Reporter: Matt Ryan
Assignee: Matt Ryan
When you request a direct download URI from cloud blob storage, the TTL that is specified for the URI is set to a default value that is specified in configuration.
We could consider extending the capabilities of requesting a direct download URI such that a client can specify their own TTL, *so long as* that TTL does not exceed the value specified in the configuration. This would allow a client to request a more restrictive-use URI, but not the opposite.
In other words - supposing the default configured TTL is 1800 (30 minutes). In this case:
* A client that does not specify any other TTL value would get URIs that expire in 1800 seconds.
* A client that chooses to specify a TTL value could provide any value greater than 0 but less than or equal to 1800 seconds.
* Specifying a TTL value of over 1800 would be an error condition.
* Specifying a TTL value of 0 would be an error condition.
* Specifying a TTL value of less than 0 would be the same as the default value (-1), meaning to use the configured value.
What error condition should occur? Typically in the direct download code an error results in the return of a {{null}} value for the URI, accompanied by a log message.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)