From 37c3da5793b5ed291708faaf8da2a459fca454cc Mon Sep 17 00:00:00 2001
From: Mingfei Shao <2475897+mfshao@users.noreply.github.com>
Date: Mon, 28 Oct 2024 15:09:24 -0500
Subject: [PATCH] Fix/bucket name (#1193)

* fix use real bucket name

* fix

* update comment

* use regex

* update version
---
 fence/blueprints/data/indexd.py | 11 ++++++++---
 pyproject.toml                  |  2 +-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/fence/blueprints/data/indexd.py b/fence/blueprints/data/indexd.py
index 89ad5052f..85f2c021b 100755
--- a/fence/blueprints/data/indexd.py
+++ b/fence/blueprints/data/indexd.py
@@ -1061,6 +1061,11 @@ def get_signed_url(
 
         bucket_name = self.bucket_name()
         bucket = s3_buckets.get(bucket_name)
+        # special handling for bucket names from fence config may contain not allowed characters (e.g.: wildcards)
+        # in this case, use indexd url to determine bucket name
+        real_bucket_name = bucket_name
+        if real_bucket_name and not re.match("^[a-z0-9-.]{3,63}$", real_bucket_name):
+            real_bucket_name = self.parsed_url.netloc
 
         object_id = self.parsed_url.path.strip("/")
 
@@ -1114,7 +1119,7 @@ def get_signed_url(
         # get presigned url for upload
         if action == "PUT":
             url = cirrus_aws.upload_presigned_url(
-                bucket_name, object_id, expires_in, None
+                real_bucket_name, object_id, expires_in, None
             )
         # get presigned url for download
         else:
@@ -1123,11 +1128,11 @@ def get_signed_url(
                 # https://github.com/boto/boto3/issues/3685
                 auth_info["x-amz-request-payer"] = "requester"
                 url = cirrus_aws.requester_pays_download_presigned_url(
-                    bucket_name, object_id, expires_in, auth_info
+                    real_bucket_name, object_id, expires_in, auth_info
                 )
             else:
                 url = cirrus_aws.download_presigned_url(
-                    bucket_name, object_id, expires_in, auth_info
+                    real_bucket_name, object_id, expires_in, auth_info
                 )
 
         return url
diff --git a/pyproject.toml b/pyproject.toml
index 3386bb7cd..38ed3e908 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "fence"
-version = "10.4.0"
+version = "10.4.1"
 description = "Gen3 AuthN/AuthZ OIDC Service"
 authors = ["CTDS UChicago <cdis@uchicago.edu>"]
 license = "Apache-2.0"