AWS S3 temporaryUrl fails on Valet

[mariomeyer]

Description

I'm using S3 temporaryUrls on a private bucket. I can get working tmpUrl on tinker and artisan serve. But when I'm accessing the app through tinker the ULR doesn't seem to be working properly. Both options seem to do a transformation on the AWS KEY for the URL, while on Valet it keeps the KEY from the environment variable intact. Looked around for a fair bit and couldn't find the root cause. Only noticed the difference in the KEY on the generated URL.

Don't know if this is a Valet or Laravel issue, though. But the only point of failure seems to be when I'm running it on Valet. Looked around for a fair bit and couldn't find the root cause.

Steps To Reproduce

1. Create a Laravel App
2. Link your App on Valet
3. Connect a filesystem to AWS S3 Bucket with no public visibility
4. Upload an image to that S3 Bucket
5. Go to thinker and do a Storage::disk('s3')->temporaryUrl(<file>, now()->addMinutes(5); and try out the URL.
6. Create a blade file to display an image with an $url received by parameter
7. Create a route to that view passing the same Storage::disk('s3')->temporaryUrl(<file>, now()->addMinutes(5); as $url
8. The view won't show the image
9. Execute php artisan serve, and it will show the image.

Diagnosis

sw_vers

ProductName:		macOS
ProductVersion:		14.4.1
BuildVersion:		23E224

valet --version

Laravel Valet 4.6.1

cat ~/.config/valet/config.json

{
    "tld": "test",
    "loopback": "127.0.0.1",
    "paths": [
        "/Users/mariomeyer/.config/valet/Sites"
    ]
}

cat ~/.composer/composer.json

{
    "require": {
        "laravel/valet": "^4.3"
    }
}

composer global diagnose

Changed current directory to /Users/mariomeyer/.composer
Checking composer.json: WARNING
No license specified, it is recommended to do so. For closed-source software you may use "proprietary" as license.
Checking platform settings: OK
Checking git settings: OK git version 2.44.0
Checking http connectivity to packagist: OK
Checking https connectivity to packagist: OK
Checking github.com rate limit: OK
Checking disk free space: OK
Checking pubkeys: FAIL
Missing pubkey for tags verification
Missing pubkey for dev verification
Run composer self-update --update-keys to set them up
Checking Composer version: OK
Checking Composer and its dependencies for vulnerabilities: OK
Composer version: 2.7.2
PHP version: 8.3.4
PHP binary path: /usr/local/Cellar/php/8.3.4/bin/php
OpenSSL version: OpenSSL 3.2.1 30 Jan 2024
cURL version: 8.7.1 libz 1.2.12 ssl (SecureTransport) OpenSSL/3.2.1
zip: extension present, unzip present, 7-Zip not available

composer global outdated

Changed current directory to /Users/mariomeyer/.composer
Legend:
! patch or minor release available - update recommended
~ major release available - update possible
Direct dependencies required in composer.json:

Everything up to date
Transitive dependencies not required in composer.json:

illuminate/collections   v10.48.7 ~ v11.3.1 The Illuminate Collections package.

illuminate/conditionable v10.48.7 ~ v11.3.1 The Illuminate Conditionable pac...

illuminate/container     v10.48.7 ~ v11.3.1 The Illuminate Container package.

illuminate/contracts     v10.48.7 ~ v11.3.1 The Illuminate Contracts package.

illuminate/macroable     v10.48.7 ~ v11.3.1 The Illuminate Macroable package.

symfony/console          v6.4.6   ~ v7.0.6  Eases the creation of beautiful ...

symfony/event-dispatcher v6.4.3   ~ v7.0.3  Provides tools that allow your a...

symfony/process          v6.4.4   ~ v7.0.4  Executes commands in sub-processes

ls -al /etc/sudoers.d/

total 0
drwxr-xr-x   2 root  wheel    64 Mar 21 02:13 .
drwxr-xr-x  81 root  wheel  2592 Mar 30 10:58 ..

brew config

HOMEBREW_VERSION: 4.2.17
ORIGIN: https://github.com/Homebrew/brew
HEAD: 0476c2e5e4f02b409084553896340b2f4ab3352e
Last commit: 6 days ago
Core tap JSON: 12 Apr 23:16 UTC
Core cask tap JSON: 12 Apr 23:16 UTC
HOMEBREW_PREFIX: /usr/local
HOMEBREW_CASK_OPTS: []
HOMEBREW_MAKE_JOBS: 8
Homebrew Ruby: 3.1.4 => /usr/local/Homebrew/Library/Homebrew/vendor/portable-ruby/3.1.4/bin/ruby
CPU: octa-core 64-bit kabylake
Clang: 15.0.0 build 1500
Git: 2.44.0 => /usr/local/bin/git
Curl: 8.4.0 => /usr/bin/curl
macOS: 14.4.1-x86_64
CLT: 15.3.0.0.1.1708646388
Xcode: N/A

brew services list

Warning: running through sudo, using user/* instead of gui/* domain!
Hide this warning by setting HOMEBREW_SERVICES_NO_DOMAIN_WARNING.
Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).
Name            Status User       File
dnsmasq         error  512      root       ~/Library/LaunchAgents/homebrew.mxcl.dnsmasq.plist
elasticsearch@6 none            mariomeyer 
memcached       none                       
nginx           none            root       
opensearch      none                       
php             none            root       
[email protected]         none            root       
[email protected]         none            root       
redis           none                       
unbound         none

brew list --formula --versions | grep -E "(php|nginx|dnsmasq|mariadb|mysql|mailhog|openssl)(@\d\..*)?\s"

dnsmasq 2.89 2.90
nginx 1.25.4 1.23.3
[email protected] 1.1.1w
php 8.3.4 8.2.2
[email protected] 7.4.33_6 7.4.33_1
[email protected] 8.1.15 8.1.27_1

brew outdated

awscli
certbot
dbt-labs/dbt-cli/dbt
docker
docker-completion
docutils
go
helm
heroku/brew/heroku
imagemagick
libheif
libnghttp2
libomp
libx11
node
opensearch
php
[email protected]
python-setuptools
[email protected]
[email protected]
x265

brew tap

1password/tap
artifacthub/cmd
dbt-labs/dbt-cli
heroku/brew
homebrew/services
shivammathur/php

php -v

PHP 8.3.4 (cli) (built: Mar 12 2024 23:42:26) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.3.4, Copyright (c) Zend Technologies
    with Zend OPcache v8.3.4, Copyright (c), by Zend Technologies

which -a php

/usr/local/bin/php

php --ini

Configuration File (php.ini) Path: /usr/local/etc/php/8.3
Loaded Configuration File:         /usr/local/etc/php/8.3/php.ini
Scan for additional .ini files in: /usr/local/etc/php/8.3/conf.d
Additional .ini files parsed:      /usr/local/etc/php/8.3/conf.d/error_log.ini,
/usr/local/etc/php/8.3/conf.d/ext-opcache.ini,
/usr/local/etc/php/8.3/conf.d/php-memory-limits.ini

nginx -v

nginx version: nginx/1.25.4

curl --version

curl 8.4.0 (x86_64-apple-darwin23.0) libcurl/8.4.0 (SecureTransport) LibreSSL/3.3.6 zlib/1.2.12 nghttp2/1.58.0
Release-Date: 2023-10-11
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS GSS-API HSTS HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz MultiSSL NTLM NTLM_WB SPNEGO SSL threadsafe UnixSockets

php --ri curl

curl
cURL support => enabled

cURL Information => 8.7.1

Age => 10

Features

AsynchDNS => Yes

CharConv => No

Debug => No

GSS-Negotiate => No

IDN => Yes

IPv6 => Yes

krb4 => No

Largefile => Yes

libz => Yes

NTLM => Yes

NTLMWB => No

SPNEGO => Yes

SSL => Yes

SSPI => No

TLS-SRP => Yes

HTTP2 => Yes

GSSAPI => Yes

KERBEROS5 => Yes

UNIX_SOCKETS => Yes

PSL => No

HTTPS_PROXY => Yes

MULTI_SSL => Yes

BROTLI => Yes

ALTSVC => Yes

HTTP3 => No

UNICODE => No

ZSTD => Yes

HSTS => Yes

GSASL => No

Protocols => dict, file, ftp, ftps, gopher, gophers, http, https, imap, imaps, ldap, ldaps, mqtt, pop3, pop3s, rtmp, rtmpe, rtmps, rtmpt, rtmpte, rtmpts, rtsp, scp, sftp, smb, smbs, smtp, smtps, telnet, tftp

Host => x86_64-apple-darwin23.3.0

SSL Version => (SecureTransport) OpenSSL/3.2.1

ZLib Version => 1.2.12

libSSH Version => libssh2/1.11.0
Directive => Local Value => Master Value

curl.cainfo => no value => no value

/usr/local/bin/ngrok version

ngrok version 3.8.0

ls -al ~/.ngrok2

ls: /Users/mariomeyer/.ngrok2: No such file or directory

brew info nginx

==> nginx: stable 1.25.4 (bottled), HEAD
HTTP(S) server and reverse proxy, and IMAP/POP3 proxy server
https://nginx.org/
/usr/local/Cellar/nginx/1.23.3 (23 files, 2.2MB)
  Built from source
/usr/local/Cellar/nginx/1.25.4 (26 files, 2.4MB) *
  Poured from bottle using the formulae.brew.sh API on 2024-04-01 at 16:51:18
From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/n/nginx.rb
License: BSD-2-Clause
==> Dependencies
Required: openssl@3, pcre2
==> Options
--HEAD
	Install HEAD version
==> Caveats
Docroot is: /usr/local/var/www
The default port has been set in /usr/local/etc/nginx/nginx.conf to 8080 so that

nginx can run without sudo.
nginx will load all files in /usr/local/etc/nginx/servers/.
To start nginx now and restart at login:

brew services start nginx

Or, if you don't want/need a background service you can just run:

/usr/local/opt/nginx/bin/nginx -g daemon\ off;

==> Analytics

install: 10,972 (30 days), 35,300 (90 days), 174,741 (365 days)

install-on-request: 10,952 (30 days), 35,213 (90 days), 174,366 (365 days)

build-error: 1 (30 days)

brew info php

==> php: stable 8.3.6 (bottled), HEAD
General-purpose scripting language
https://www.php.net/
/usr/local/Cellar/php/8.2.2 (516 files, 81.5MB)
  Built from source
/usr/local/Cellar/php/8.3.4 (523 files, 86.7MB) *
  Poured from bottle using the formulae.brew.sh API on 2024-04-01 at 16:50:05
From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/p/php.rb
License: PHP-3.01
==> Dependencies
Build: httpd, pkg-config
Required: apr, apr-util, argon2, aspell, autoconf, curl, freetds, gd, gettext, gmp, icu4c, krb5, libpq, libsodium, libzip, oniguruma, openldap, openssl@3, pcre2, sqlite, tidy-html5, unixodbc
==> Options
--HEAD
	Install HEAD version
==> Caveats
To enable PHP in Apache add the following to httpd.conf and restart Apache:
    LoadModule php_module /usr/local/opt/php/lib/httpd/modules/libphp.so
<FilesMatch \.php$>
    SetHandler application/x-httpd-php
</FilesMatch>

Finally, check DirectoryIndex includes index.php

DirectoryIndex index.php index.html
The php.ini and php-fpm.ini file can be found in:

/usr/local/etc/php/8.3/
To start php now and restart at login:

brew services start php

Or, if you don't want/need a background service you can just run:

/usr/local/opt/php/sbin/php-fpm --nodaemonize

==> Analytics

install: 58,128 (30 days), 179,626 (90 days), 700,597 (365 days)

install-on-request: 54,602 (30 days), 168,479 (90 days), 653,843 (365 days)

build-error: 20 (30 days)

brew info openssl

==> openssl@3: stable 3.2.1 (bottled)
Cryptography and SSL/TLS Toolkit
https://openssl.org/
/usr/local/Cellar/openssl@3/3.2.1 (6,874 files, 32.5MB) *
  Poured from bottle using the formulae.brew.sh API on 2024-04-01 at 16:47:01
From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/o/[email protected]
License: Apache-2.0
==> Dependencies
Required: ca-certificates
==> Caveats
A CA file has been bootstrapped using certificates from the system
keychain. To add additional certificates, place .pem files in
  /usr/local/etc/openssl@3/certs
and run

/usr/local/opt/openssl@3/bin/c_rehash

==> Analytics

install: 300,322 (30 days), 1,048,651 (90 days), 4,253,826 (365 days)

install-on-request: 30,819 (30 days), 131,354 (90 days), 638,262 (365 days)

build-error: 4,154 (30 days)

openssl version -a

OpenSSL 3.2.1 30 Jan 2024 (Library: OpenSSL 3.2.1 30 Jan 2024)
built on: Tue Jan 30 13:14:56 2024 UTC
platform: darwin64-x86_64-cc
options:  bn(64,64)
compiler: clang -fPIC -arch x86_64 -O3 -Wall -DL_ENDIAN -DOPENSSL_PIC -D_REENTRANT -DOPENSSL_BUILDING_OPENSSL -DNDEBUG
OPENSSLDIR: "/usr/local/etc/openssl@3"
ENGINESDIR: "/usr/local/Cellar/openssl@3/3.2.1/lib/engines-3"
MODULESDIR: "/usr/local/Cellar/openssl@3/3.2.1/lib/ossl-modules"
Seeding source: os-specific
CPUINFO: OPENSSL_ia32cap=0x7ffaf3bfffebffff:0x29c67af

openssl ciphers

TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA

sudo nginx -t

nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful

which -a php-fpm

/usr/local/opt/php/sbin/php-fpm -v

PHP 8.3.4 (fpm-fcgi) (built: Mar 12 2024 23:42:26)
Copyright (c) The PHP Group
Zend Engine v4.3.4, Copyright (c) Zend Technologies
    with Zend OPcache v8.3.4, Copyright (c), by Zend Technologies

sudo /usr/local/opt/php/sbin/php-fpm -y /usr/local/etc/php/8.3/php-fpm.conf --test

[12-Apr-2024 19:16:37] NOTICE: configuration file /usr/local/etc/php/8.3/php-fpm.conf test is successful

ls -al ~/Library/LaunchAgents | grep homebrew

-rw-r--r--    1 mariomeyer  staff   788 Apr 11 16:51 homebrew.mxcl.dnsmasq.plist
-rw-r--r--    1 mariomeyer  staff   775 Apr 11 16:51 [email protected]

ls -al /Library/LaunchAgents | grep homebrew

ls -al /Library/LaunchDaemons | grep homebrew

-rw-r--r--   1 root  admin   788 Apr 12 19:03 homebrew.mxcl.dnsmasq.plist
-rw-r--r--   1 root  admin   679 Apr 12 19:05 homebrew.mxcl.nginx.plist
-rw-r--r--   1 root  admin   772 Apr 12 19:03 homebrew.mxcl.php.plist
-rw-r--r--   1 root  admin   780 Apr 12 19:03 [email protected]
-rw-r--r--   1 root  admin   780 Apr 12 19:03 [email protected]

ls -al /Library/LaunchDaemons | grep "com.laravel.valet."

ls -aln /etc/resolv.conf

lrwxr-xr-x  1 0  0  22 Mar 21 02:13 /etc/resolv.conf -> ../var/run/resolv.conf

cat /etc/resolv.conf

#
# macOS Notice
#
# This file is not consulted for DNS hostname resolution, address
# resolution, or the DNS query routing mechanism used by most
# processes on this system.
#
# To view the DNS configuration used by this system, use:
#   scutil --dns
#
# SEE ALSO
#   dns-sd(1), scutil(8)
#
# This file is automatically generated.
#
search home
nameserver 192.168.2.220

ifconfig lo0

lo0: flags=8049 mtu 16384
	options=1203
	inet 127.0.0.1 netmask 0xff000000
	inet6 ::1 prefixlen 128 
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 
	nd6 options=201

sh -c 'echo "------\n/usr/local/etc/nginx/valet/valet.conf\n---\n"; cat /usr/local/etc/nginx/valet/valet.conf | grep -n "# valet loopback"; echo "\n------\n"'

------
/usr/local/etc/nginx/valet/valet.conf
---
3:    #listen VALET_LOOPBACK:80; # valet loopback
------

sh -c 'for file in ~/.config/valet/dnsmasq.d/*; do echo "------\n~/.config/valet/dnsmasq.d/$(basename $file)\n---\n"; cat $file; echo "\n------\n"; done'

------
~/.config/valet/dnsmasq.d/tld-test.conf
---
address=/.test/127.0.0.1

listen-address=127.0.0.1
------

sh -c 'for file in ~/.config/valet/nginx/*; do echo "------\n~/.config/valet/nginx/$(basename $file)\n---\n"; cat $file | grep -n "# valet loopback"; echo "\n------\n"; done'

------
~/.config/valet/nginx/inagene-lab.test
---
5:    #listen VALET_LOOPBACK:80; # valet loopback


~/.config/valet/nginx/inagene-portal.test
5:    #listen VALET_LOOPBACK:80; # valet loopback


~/.config/valet/nginx/reyem.test
3:    #listen 127.0.0.1:80; # valet loopback

10:    #listen VALET_LOOPBACK:443 ssl; # valet loopback

54:    #listen 127.0.0.1:60; # valet loopback
------

[driesvints]

What's your APP_URL value?

[driesvints]

Closing this issue because it's inactive, already solved, old or not relevant anymore. Feel to open up a new issue if you're still experiencing this.