From 13655bbb2ed6a81ab57673a79d9a2995f2135aa6 Mon Sep 17 00:00:00 2001 From: dark0dave Date: Mon, 22 Jan 2024 16:10:46 +0000 Subject: [PATCH] fix(expiration): Add expiration back Signed-off-by: dark0dave --- docs/backends/gcloud.rst | 9 +++++++++ storages/backends/gcloud.py | 7 +++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/docs/backends/gcloud.rst b/docs/backends/gcloud.rst index 962298eb..b5535a49 100644 --- a/docs/backends/gcloud.rst +++ b/docs/backends/gcloud.rst @@ -219,3 +219,12 @@ Settings It supports `timedelta`, `datetime`, or `integer` seconds since epoch time. Note: The maximum value for this option is 7 days (604800 seconds) in version `v4` (See this `Github issue `_) + +``sa_email`` or ``GS_SA_SIGNING_EMAIL`` + + default: ``''`` + + This is the signing email if it is not fetched from the credentials. Or if you wish to sign the signed urls with a different service_account. + + As above please note that, Default Google Compute Engine (GCE) Service accounts are + `unable to sign urls `_. diff --git a/storages/backends/gcloud.py b/storages/backends/gcloud.py index 77b3e144..83d8faa7 100644 --- a/storages/backends/gcloud.py +++ b/storages/backends/gcloud.py @@ -155,7 +155,6 @@ def client(self): credentials.refresh(requests.Request()) if not hasattr(credentials, "service_account_email"): credentials.service_account_email = self.sa_email - _LOGGER.debug(f"Signing email: {credentials.service_account_email}") self.credentials = credentials if self._client is None: self._client = Client(project=project_id, credentials=self.credentials) @@ -330,9 +329,13 @@ def url(self, name, parameters=None): quoted_name=_quote(name, safe=b"/~"), ) elif not self.custom_endpoint: - return blob.generate_signed_url(**self.signed_url_extra()) + return blob.generate_signed_url( + expiration=self.expiration, + **self.signed_url_extra() + ) else: return blob.generate_signed_url( + expiration=self.expiration, api_access_endpoint=self.custom_endpoint, **self.signed_url_extra() )