strapi/packages/providers/upload-aws-s3/src/index.ts

import type { ReadStream } from 'node:fs';
import { getOr } from 'lodash/fp';
import {
  S3Client,
  GetObjectCommand,
  DeleteObjectCommand,
  DeleteObjectCommandOutput,
  PutObjectCommandInput,
  CompleteMultipartUploadCommandOutput,
  AbortMultipartUploadCommandOutput,
  S3ClientConfig,
  ObjectCannedACL,
} from '@aws-sdk/client-s3';
import type { AwsCredentialIdentity } from '@aws-sdk/types';
import { getSignedUrl } from '@aws-sdk/s3-request-presigner';
import { Upload } from '@aws-sdk/lib-storage';
import { extractCredentials, isUrlFromBucket } from './utils';

export interface File {
  name: string;
  alternativeText?: string;
  caption?: string;
  width?: number;
  height?: number;
  formats?: Record<string, unknown>;
  hash: string;
  ext?: string;
  mime: string;
  size: number;
  url: string;
  previewUrl?: string;
  path?: string;
  provider?: string;
  provider_metadata?: Record<string, unknown>;
  stream?: ReadStream;
  buffer?: Buffer;
}

export type UploadCommandOutput = (
  | CompleteMultipartUploadCommandOutput
  | AbortMultipartUploadCommandOutput
) & {
  Location: string;
};

export interface AWSParams {
  Bucket: string; // making it required
  ACL?: ObjectCannedACL;
  signedUrlExpires?: number;
}

export interface DefaultOptions extends S3ClientConfig {
  // TODO Remove this in V5
  accessKeyId?: AwsCredentialIdentity['accessKeyId'];
  secretAccessKey?: AwsCredentialIdentity['secretAccessKey'];
  // Keep this for V5
  credentials?: AwsCredentialIdentity;
  params?: AWSParams;
  [k: string]: any;
}

export type InitOptions = (DefaultOptions | { s3Options: DefaultOptions }) & {
  baseUrl?: string;
  rootPath?: string;
  [k: string]: any;
};

const assertUrlProtocol = (url: string) => {
  // Regex to test protocol like "http://", "https://"
  return /^\w*:\/\//.test(url);
};

const getConfig = ({ baseUrl, rootPath, s3Options, ...legacyS3Options }: InitOptions) => {
  if (Object.keys(legacyS3Options).length > 0) {
    process.emitWarning(
      "S3 configuration options passed at root level of the plugin's providerOptions is deprecated and will be removed in a future release. Please wrap them inside the 's3Options:{}' property."
    );
  }
  const credentials = extractCredentials({ s3Options, ...legacyS3Options });
  const config = {
    ...s3Options,
    ...legacyS3Options,
    ...[credentials ? { credentials } : {}],
  };

  config.params.ACL = getOr(ObjectCannedACL.public_read, ['params', 'ACL'], config);

  return config;
};

export default {
  init({ baseUrl, rootPath, s3Options, ...legacyS3Options }: InitOptions) {
    // TODO V5 change config structure to avoid having to do this
    const config = getConfig({ baseUrl, rootPath, s3Options, ...legacyS3Options });
    const s3Client = new S3Client(config);
    const filePrefix = rootPath ? `${rootPath.replace(/\/+$/, '')}/` : '';

    const getFileKey = (file: File) => {
      const path = file.path ? `${file.path}/` : '';
      return `${filePrefix}${path}${file.hash}${file.ext}`;
    };

    const upload = async (file: File, customParams: Partial<PutObjectCommandInput> = {}) => {
      const fileKey = getFileKey(file);
      const uploadObj = new Upload({
        client: s3Client,
        params: {
          Bucket: config.params.Bucket,
          Key: fileKey,
          Body: file.stream || Buffer.from(file.buffer as any, 'binary'),
          ACL: config.params.ACL,
          ContentType: file.mime,
          ...customParams,
        },
      });

      const upload = (await uploadObj.done()) as UploadCommandOutput;

      if (assertUrlProtocol(upload.Location)) {
        file.url = baseUrl ? `${baseUrl}/${fileKey}` : upload.Location;
      } else {
        // Default protocol to https protocol
        file.url = `https://${upload.Location}`;
      }
    };

    return {
      isPrivate() {
        return config.params.ACL === 'private';
      },

      async getSignedUrl(file: File, customParams: any): Promise<{ url: string }> {
        // Do not sign the url if it does not come from the same bucket.
        if (!isUrlFromBucket(file.url, config.params.Bucket, baseUrl)) {
          return { url: file.url };
        }
        const fileKey = getFileKey(file);

        const url = await getSignedUrl(
          s3Client,
          new GetObjectCommand({
            Bucket: config.params.Bucket,
            Key: fileKey,
            ...customParams,
          }),
          {
            expiresIn: getOr(15 * 60, ['params', 'signedUrlExpires'], config),
          }
        );

        return { url };
      },
      uploadStream(file: File, customParams = {}) {
        return upload(file, customParams);
      },
      upload(file: File, customParams = {}) {
        return upload(file, customParams);
      },
      delete(file: File, customParams = {}): Promise<DeleteObjectCommandOutput> {
        const command = new DeleteObjectCommand({
          Bucket: config.params.Bucket,
          Key: getFileKey(file),
          ...customParams,
        });
        return s3Client.send(command);
      },
    };
  },
};
Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00			`import type { ReadStream } from 'node:fs';`
			`import { getOr } from 'lodash/fp';`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`import {`
			`S3Client,`
			`GetObjectCommand,`
			`DeleteObjectCommand,`
			`DeleteObjectCommandOutput,`
			`PutObjectCommandInput,`
			`CompleteMultipartUploadCommandOutput,`
			`AbortMultipartUploadCommandOutput,`
			`S3ClientConfig,`
			`ObjectCannedACL,`
			`} from '@aws-sdk/client-s3';`
			`import type { AwsCredentialIdentity } from '@aws-sdk/types';`
			`import { getSignedUrl } from '@aws-sdk/s3-request-presigner';`
			`import { Upload } from '@aws-sdk/lib-storage';`
			`import { extractCredentials, isUrlFromBucket } from './utils';`

			`export interface File {`
Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00			`name: string;`
			`alternativeText?: string;`
			`caption?: string;`
			`width?: number;`
			`height?: number;`
			`formats?: Record<string, unknown>;`
			`hash: string;`
			`ext?: string;`
			`mime: string;`
			`size: number;`
			`url: string;`
			`previewUrl?: string;`
			`path?: string;`
			`provider?: string;`
			`provider_metadata?: Record<string, unknown>;`
			`stream?: ReadStream;`
			`buffer?: Buffer;`
			`}`
Move upload in modules 2018-02-20 15:57:34 +01:00
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`export type UploadCommandOutput = (`
			`\| CompleteMultipartUploadCommandOutput`
			`\| AbortMultipartUploadCommandOutput`
			`) & {`
			`Location: string;`
			`};`
Move upload in modules 2018-02-20 15:57:34 +01:00
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`export interface AWSParams {`
			`Bucket: string; // making it required`
			`ACL?: ObjectCannedACL;`
			`signedUrlExpires?: number;`
			`}`

			`export interface DefaultOptions extends S3ClientConfig {`
			`// TODO Remove this in V5`
			`accessKeyId?: AwsCredentialIdentity['accessKeyId'];`
			`secretAccessKey?: AwsCredentialIdentity['secretAccessKey'];`
			`// Keep this for V5`
			`credentials?: AwsCredentialIdentity;`
			`params?: AWSParams;`
			`[k: string]: any;`
fix(aws-provider): add https protocol when missing in file url Adding hard coded https:// to url because Digital Ocean only gives the uri without protocol in response to the upload. Fix #14288 2022-10-18 10:56:19 +02:00			`}`

Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`export type InitOptions = (DefaultOptions \| { s3Options: DefaultOptions }) & {`
Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00			`baseUrl?: string;`
			`rootPath?: string;`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`[k: string]: any;`
			`};`
Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`const assertUrlProtocol = (url: string) => {`
			`// Regex to test protocol like "http://", "https://"`
			`return /^\w*:\/\//.test(url);`
			`};`

			`const getConfig = ({ baseUrl, rootPath, s3Options, ...legacyS3Options }: InitOptions) => {`
			`if (Object.keys(legacyS3Options).length > 0) {`
			`process.emitWarning(`
			`"S3 configuration options passed at root level of the plugin's providerOptions is deprecated and will be removed in a future release. Please wrap them inside the 's3Options:{}' property."`
			`);`
			`}`
fix: add only credentials object when credentials are present 2023-11-13 19:54:47 +01:00			`const credentials = extractCredentials({ s3Options, ...legacyS3Options });`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`const config = {`
			`...s3Options,`
			`...legacyS3Options,`
fix: add only credentials object when credentials are present 2023-11-13 19:54:47 +01:00			`...[credentials ? { credentials } : {}],`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`};`
Add baseUrl and rootPath properties to s3 uploader configuration 2022-04-01 18:40:22 +03:00
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`config.params.ACL = getOr(ObjectCannedACL.public_read, ['params', 'ACL'], config);`
Merge branch 'main' into feature/private-s3-bucket 2023-03-21 14:59:26 +01:00
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`return config;`
			`};`
Add s3 upload 2018-02-21 14:06:57 +01:00
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`export default {`
			`init({ baseUrl, rootPath, s3Options, ...legacyS3Options }: InitOptions) {`
			`// TODO V5 change config structure to avoid having to do this`
			`const config = getConfig({ baseUrl, rootPath, s3Options, ...legacyS3Options });`
			`const s3Client = new S3Client(config);`
address PR feedback # Conflicts: # packages/providers/upload-aws-s3/lib/index.js 2022-10-25 14:45:50 +02:00			const filePrefix = rootPath ? `${rootPath.replace(/\/+$/, '')}/` : '';

Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00			`const getFileKey = (file: File) => {`
extract function # Conflicts: # packages/providers/upload-aws-s3/lib/index.js 2022-10-25 14:47:26 +02:00			const path = file.path ? `${file.path}/` : '';
			return `${filePrefix}${path}${file.hash}${file.ext}`;
Update styling 2023-03-20 12:27:33 +01:00			`};`
extract function # Conflicts: # packages/providers/upload-aws-s3/lib/index.js 2022-10-25 14:47:26 +02:00
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`const upload = async (file: File, customParams: Partial<PutObjectCommandInput> = {}) => {`
			`const fileKey = getFileKey(file);`
			`const uploadObj = new Upload({`
			`client: s3Client,`
			`params: {`
Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00			`Bucket: config.params.Bucket,`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`Key: fileKey,`
			`Body: file.stream \|\| Buffer.from(file.buffer as any, 'binary'),`
			`ACL: config.params.ACL,`
Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00			`ContentType: file.mime,`
			`...customParams,`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`},`
			`});`
Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`const upload = (await uploadObj.done()) as UploadCommandOutput;`
Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`if (assertUrlProtocol(upload.Location)) {`
			file.url = baseUrl ? `${baseUrl}/${fileKey}` : upload.Location;
			`} else {`
			`// Default protocol to https protocol`
			file.url = `https://${upload.Location}`;
			`}`
			`};`
migrate aws and cloudinary providers 2022-01-05 19:02:04 +01:00
			`return {`
make s3 bucket private 2023-02-09 15:02:15 +01:00			`isPrivate() {`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`return config.params.ACL === 'private';`
make s3 bucket private 2023-02-09 15:02:15 +01:00			`},`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00
			`async getSignedUrl(file: File, customParams: any): Promise<{ url: string }> {`
do not sign file if it comes from a different bucket 2023-02-20 12:18:37 +01:00			`// Do not sign the url if it does not come from the same bucket.`
feat: implement is url from bucket 2023-05-31 11:26:44 +02:00			`if (!isUrlFromBucket(file.url, config.params.Bucket, baseUrl)) {`
do not sign file if it comes from a different bucket 2023-02-20 12:18:37 +01:00			`return { url: file.url };`
			`}`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`const fileKey = getFileKey(file);`
do not sign file if it comes from a different bucket 2023-02-20 12:18:37 +01:00
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`const url = await getSignedUrl(`
			`s3Client,`
			`new GetObjectCommand({`
			`Bucket: config.params.Bucket,`
			`Key: fileKey,`
			`...customParams,`
			`}),`
			`{`
			`expiresIn: getOr(15 * 60, ['params', 'signedUrlExpires'], config),`
			`}`
			`);`

			`return { url };`
make s3 bucket private 2023-02-09 15:02:15 +01:00			`},`
Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00			`uploadStream(file: File, customParams = {}) {`
migrate aws and cloudinary providers 2022-01-05 19:02:04 +01:00			`return upload(file, customParams);`
			`},`
Migration of providers to ts (#16323) 2023-04-13 08:45:44 +02:00			`upload(file: File, customParams = {}) {`
migrate aws and cloudinary providers 2022-01-05 19:02:04 +01:00			`return upload(file, customParams);`
Move upload in modules 2018-02-20 15:57:34 +01:00			`},`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`delete(file: File, customParams = {}): Promise<DeleteObjectCommandOutput> {`
			`const command = new DeleteObjectCommand({`
			`Bucket: config.params.Bucket,`
			`Key: getFileKey(file),`
			`...customParams,`
Delete AWS S3 file 2018-02-22 14:43:10 +01:00			`});`
Fix: Update AWS (aws-sdk) from deprecated V2 to V3 (#18557) 2023-11-06 16:43:35 +01:00			`return s3Client.send(command);`
Merge branch 'master' into develop 2019-07-18 19:28:52 +02:00			`},`
Move upload in modules 2018-02-20 15:57:34 +01:00			`};`
Merge branch 'master' into develop 2019-07-18 19:28:52 +02:00			`},`
Move upload in modules 2018-02-20 15:57:34 +01:00			`};`