Amazon S3 - How to Check if Presigned URL is Expired?

Question

If I have a generated Presigned URL that expired, should I be doing get_headers() (in PHP) to see if a 403 Forbidden error is thrown, otherwise use that same URL? Or is that a bad idea because it's an unnecessary GET request? Should I always just regenerate a new Presigned URL every time? I'm a little confused because there doesn't seem to be much information about this.

Answer 1

On macOS, use date -r 1535416265.

Answer 2

The URL has the time it expires at.

Signature Version 2

htt ps://bucket.s3.amazonaws.com/foo.txt?AWSAccessKeyId=AKIAABCDEFGHIJK&Expires=1508608760&Signature=xxxxxxxxxxx

Expires gives the time in Unix timestamp (in seconds) and Coordinated Universal Time (UTC) .

$ date -d @1508608760
Sat Oct 21 17:59:20 UTC 2017

You can extract the value and compare it with the current time in UTC [time()], then decide to regenerate or not.

---

Signature Version 4

htt ps://s3.amazonaws.com/bucket/foo.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256& X-Amz-Expires=3600&X-Amz-Credential=AKIAJRZXXXXXXXXus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20171021T190750Z&X-Amz-Signature=8b84ae9b59e9f8a8d7066ecc39e797c8dc29848abcdef61717

X-Amz-Date gives the UTC time in ISO 8601 format.

You can extract the value, convert it to epoch/UTC and compare it with the current time in UTC [time()], then decide to regenerate or not.