Hello,

I’m trying to use shrinerb with Cloudfront on Rails for signed urls and I’m getting the next error:

Either a policy or a resource with an expiration time must be provided.

And this is my initializer:

require 'shrine'

if Rails.env.production?
  require 'shrine/storage/s3'

  signer = Aws::CloudFront::UrlSigner.new(
    key_pair_id:      "my_cloudfront_access_key",
    private_key_path: "./cf_private_key.pem"
  )

  s3_options = Rails.application.secrets.s3

  Shrine.storages = {
    cache: Shrine::Storage::S3.new(prefix: 'cache', **s3_options),
    store: Shrine::Storage::S3.new(signer: signer.method(:signed_url), **s3_options),
  }

else
  require 'shrine/storage/file_system'

  Shrine.storages = {
    cache: Shrine::Storage::FileSystem.new('public', prefix: 'uploads/cache'),
    store: Shrine::Storage::FileSystem.new('public', prefix: 'uploads')
  }
end

Shrine.plugin :activerecord
Shrine.plugin :cached_attachment_data
Shrine.plugin :restore_cached_data
Shrine.plugin :remove_invalid
Shrine.plugin :validation_helpers
Shrine.plugin :url_options, store: { host: "https://mycloudfronturl.cloudfront.net", expires_in: 3600 }

The error seems to come from the cloudfront gem when tries to sign the url. Should this method receive the expires_in parameter from shrinerb?

Thanks!

It appears that the CloudFront signer option is named :expires (source), so using that instead of :expires_in might work.

It works! Thanks @janko