Unable to use signed URLs when using AWS S3

[philiplb]

Hi,
I'm using AWS S3 as storage provider like this:

import(
	"github.com/qor/oss/s3"
	awss3 "github.com/aws/aws-sdk-go/service/s3"
)

s3Client := s3.New(&s3.Config{
	AccessID:  ...,
	AccessKey: ...,
	Region:    ...,
	Bucket:    ...,
	ACL:       awss3.BucketCannedACLPrivate,
})

So I don't want to have the uploaded files public. But now the Adminpanel calls GetURL and runs into https://github.com/qor/oss/blob/master/s3/s3.go#L217 where the endpoint is != "" but automatically set to the S3 endpoint.

My current workaround doesn't feel optimal:

type S3Client struct {
	*s3.Client
}

// GetURL get public accessible URL
func (client S3Client) GetURL(path string) (url string, err error) {
	if client.Config.ACL == awss3.BucketCannedACLPrivate || client.Config.ACL == awss3.BucketCannedACLAuthenticatedRead {
		getResponse, _ := client.S3.GetObjectRequest(&awss3.GetObjectInput{
			Bucket: aws.String(client.Config.Bucket),
			Key:    aws.String(client.ToRelativePath(path)),
		})

		return getResponse.Presign(1 * time.Hour)
	}

	return path, nil
}

....

oss.Storage = S3Client{Client: s3Client}

Note the removed check for client.Endpoint == "".

Is there anything I'm missing here? Or have I found a bug?

[sergolius]

Have you tried to define Endpoint as a slash?

s3Client := s3.New(&s3.Config{
	...
	Endpoint:  "/",
})