From 611df7b22dcacfc91c61deea81ab6906fc94eb2d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominik=20S=C3=BC=C3=9F?= <dominik@suess.wtf>
Date: Mon, 5 Dec 2022 11:09:22 +0100
Subject: [PATCH] [bugfix]: Prevent extension of S3 presigned url TTL (#1208)

Thanks :)
---
 internal/storage/storage.go | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/internal/storage/storage.go b/internal/storage/storage.go
index 099ae536c..93f0b6310 100644
--- a/internal/storage/storage.go
+++ b/internal/storage/storage.go
@@ -26,7 +26,7 @@ import (
 	"path"
 	"time"
 
-	"codeberg.org/gruf/go-cache/v3"
+	"codeberg.org/gruf/go-cache/v3/ttl"
 	"codeberg.org/gruf/go-store/v2/kv"
 	"codeberg.org/gruf/go-store/v2/storage"
 	"github.com/minio/minio-go/v7"
@@ -52,7 +52,7 @@ type Driver struct {
 	// S3-only parameters
 	Proxy          bool
 	Bucket         string
-	PresignedCache cache.Cache[string, *url.URL]
+	PresignedCache *ttl.Cache[string, *url.URL]
 }
 
 // URL will return a presigned GET object URL, but only if running on S3 storage with proxying disabled.
@@ -63,8 +63,9 @@ func (d *Driver) URL(ctx context.Context, key string) *url.URL {
 		return nil
 	}
 
-	if u, ok := d.PresignedCache.Get(key); ok {
-		return u
+	// access the cache member directly to avoid extending the TTL
+	if u, ok := d.PresignedCache.Cache.Get(key); ok {
+		return u.Value
 	}
 
 	u, err := s3.Client().PresignedGetObject(ctx, d.Bucket, key, urlCacheTTL, url.Values{
@@ -139,7 +140,7 @@ func NewS3Storage() (*Driver, error) {
 	}
 
 	// ttl should be lower than the expiry used by S3 to avoid serving invalid URLs
-	presignedCache := cache.New[string, *url.URL](0, 1000, urlCacheTTL-urlCacheExpiryFrequency)
+	presignedCache := ttl.New[string, *url.URL](0, 1000, urlCacheTTL-urlCacheExpiryFrequency)
 	presignedCache.Start(urlCacheExpiryFrequency)
 
 	return &Driver{