From 4cf044ce89508ec61472d6b95e3b4d645e20d9db Mon Sep 17 00:00:00 2001
From: Mingfei Shao <2475897+mfshao@users.noreply.github.com>
Date: Thu, 29 Aug 2024 10:49:37 -0500
Subject: [PATCH] Fix/presigned url addressing style (#1179)

* test

* test

* update

* add endpoint url to s3 client

* update version

* add more endpoint url
---
 fence/blueprints/data/indexd.py           | 5 +++--
 fence/blueprints/data/multipart_upload.py | 8 +++++++-
 pyproject.toml                            | 2 +-
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/fence/blueprints/data/indexd.py b/fence/blueprints/data/indexd.py
index 81abfee98..89ad5052f 100755
--- a/fence/blueprints/data/indexd.py
+++ b/fence/blueprints/data/indexd.py
@@ -30,7 +30,6 @@
     login_required,
     set_current_token,
     validate_request,
-    JWTError,
 )
 from fence.config import config
 from fence.errors import (
@@ -1096,13 +1095,15 @@ def get_signed_url(
             region = flask.current_app.boto.get_bucket_region(
                 self.parsed_url.netloc, credential
             )
+        endpoint_url = bucket.get("endpoint_url", None)
         s3client = boto3.client(
             "s3",
             aws_access_key_id=credential["aws_access_key_id"],
             aws_secret_access_key=credential["aws_secret_access_key"],
             aws_session_token=credential.get("aws_session_token", None),
             region_name=region,
-            config=Config(s3={"addressing_style": "path"}, signature_version="s3v4"),
+            endpoint_url=endpoint_url,
+            config=Config(signature_version="s3v4"),
         )
 
         cirrus_aws = AwsService(s3client)
diff --git a/fence/blueprints/data/multipart_upload.py b/fence/blueprints/data/multipart_upload.py
index fd271317b..459aa1c11 100644
--- a/fence/blueprints/data/multipart_upload.py
+++ b/fence/blueprints/data/multipart_upload.py
@@ -142,13 +142,19 @@ def generate_presigned_url_for_uploading_part(
         presigned_url(str)
     """
     try:
+        s3_buckets = get_value(
+            config, "S3_BUCKETS", InternalError("S3_BUCKETS not configured")
+        )
+        bucket = s3_buckets.get(bucket_name)
+        endpoint_url = bucket.get("endpoint_url", None)
         s3client = boto3.client(
             "s3",
             aws_access_key_id=credentials["aws_access_key_id"],
             aws_secret_access_key=credentials["aws_secret_access_key"],
             aws_session_token=credentials.get("aws_session_token", None),
             region_name=region,
-            config=Config(s3={"addressing_style": "path"}, signature_version="s3v4"),
+            endpoint_url=endpoint_url,
+            config=Config(signature_version="s3v4"),
         )
         cirrus_aws = AwsService(s3client)
 
diff --git a/pyproject.toml b/pyproject.toml
index 9086fa0ca..b3fcd659f 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "fence"
-version = "10.3.0"
+version = "10.3.1"
 description = "Gen3 AuthN/AuthZ OIDC Service"
 authors = ["CTDS UChicago <cdis@uchicago.edu>"]
 license = "Apache-2.0"