Nicholai/Correspondents
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Correspondents/node_modules/@aws-sdk/middleware-bucket-endpoint/dist-cjs/index.js
Nicholai 2a8023fa0a fixed scrolling
2025-11-14 06:32:36 -07:00

353 lines
17 KiB
JavaScript
Raw Blame History

'use strict';
var utilConfigProvider = require('@smithy/util-config-provider');
var utilArnParser = require('@aws-sdk/util-arn-parser');
var protocolHttp = require('@smithy/protocol-http');
const NODE_DISABLE_MULTIREGION_ACCESS_POINT_ENV_NAME = "AWS_S3_DISABLE_MULTIREGION_ACCESS_POINTS";
const NODE_DISABLE_MULTIREGION_ACCESS_POINT_INI_NAME = "s3_disable_multiregion_access_points";
const NODE_DISABLE_MULTIREGION_ACCESS_POINT_CONFIG_OPTIONS = {
environmentVariableSelector: (env) => utilConfigProvider.booleanSelector(env, NODE_DISABLE_MULTIREGION_ACCESS_POINT_ENV_NAME, utilConfigProvider.SelectorType.ENV),
configFileSelector: (profile) => utilConfigProvider.booleanSelector(profile, NODE_DISABLE_MULTIREGION_ACCESS_POINT_INI_NAME, utilConfigProvider.SelectorType.CONFIG),
default: false,
};
const NODE_USE_ARN_REGION_ENV_NAME = "AWS_S3_USE_ARN_REGION";
const NODE_USE_ARN_REGION_INI_NAME = "s3_use_arn_region";
const NODE_USE_ARN_REGION_CONFIG_OPTIONS = {
environmentVariableSelector: (env) => utilConfigProvider.booleanSelector(env, NODE_USE_ARN_REGION_ENV_NAME, utilConfigProvider.SelectorType.ENV),
configFileSelector: (profile) => utilConfigProvider.booleanSelector(profile, NODE_USE_ARN_REGION_INI_NAME, utilConfigProvider.SelectorType.CONFIG),
default: undefined,
};
const DOMAIN_PATTERN = /^[a-z0-9][a-z0-9\.\-]{1,61}[a-z0-9]$/;
const IP_ADDRESS_PATTERN = /(\d+\.){3}\d+/;
const DOTS_PATTERN = /\.\./;
const DOT_PATTERN = /\./;
const S3_HOSTNAME_PATTERN = /^(.+\.)?s3(-fips)?(\.dualstack)?[.-]([a-z0-9-]+)\./;
const S3_US_EAST_1_ALTNAME_PATTERN = /^s3(-external-1)?\.amazonaws\.com$/;
const AWS_PARTITION_SUFFIX = "amazonaws.com";
const isBucketNameOptions = (options) => typeof options.bucketName === "string";
const isDnsCompatibleBucketName = (bucketName) => DOMAIN_PATTERN.test(bucketName) && !IP_ADDRESS_PATTERN.test(bucketName) && !DOTS_PATTERN.test(bucketName);
const getRegionalSuffix = (hostname) => {
const parts = hostname.match(S3_HOSTNAME_PATTERN);
return [parts[4], hostname.replace(new RegExp(`^${parts[0]}`), "")];
};
const getSuffix = (hostname) => S3_US_EAST_1_ALTNAME_PATTERN.test(hostname) ? ["us-east-1", AWS_PARTITION_SUFFIX] : getRegionalSuffix(hostname);
const getSuffixForArnEndpoint = (hostname) => S3_US_EAST_1_ALTNAME_PATTERN.test(hostname)
? [hostname.replace(`.${AWS_PARTITION_SUFFIX}`, ""), AWS_PARTITION_SUFFIX]
: getRegionalSuffix(hostname);
const validateArnEndpointOptions = (options) => {
if (options.pathStyleEndpoint) {
throw new Error("Path-style S3 endpoint is not supported when bucket is an ARN");
}
if (options.accelerateEndpoint) {
throw new Error("Accelerate endpoint is not supported when bucket is an ARN");
}
if (!options.tlsCompatible) {
throw new Error("HTTPS is required when bucket is an ARN");
}
};
const validateService = (service) => {
if (service !== "s3" && service !== "s3-outposts" && service !== "s3-object-lambda") {
throw new Error("Expect 's3' or 's3-outposts' or 's3-object-lambda' in ARN service component");
}
};
const validateS3Service = (service) => {
if (service !== "s3") {
throw new Error("Expect 's3' in Accesspoint ARN service component");
}
};
const validateOutpostService = (service) => {
if (service !== "s3-outposts") {
throw new Error("Expect 's3-posts' in Outpost ARN service component");
}
};
const validatePartition = (partition, options) => {
if (partition !== options.clientPartition) {
throw new Error(`Partition in ARN is incompatible, got "${partition}" but expected "${options.clientPartition}"`);
}
};
const validateRegion = (region, options) => { };
const validateRegionalClient = (region) => {
if (["s3-external-1", "aws-global"].includes(region)) {
throw new Error(`Client region ${region} is not regional`);
}
};
const validateAccountId = (accountId) => {
if (!/[0-9]{12}/.exec(accountId)) {
throw new Error("Access point ARN accountID does not match regex '[0-9]{12}'");
}
};
const validateDNSHostLabel = (label, options = { tlsCompatible: true }) => {
if (label.length >= 64 ||
!/^[a-z0-9][a-z0-9.-]*[a-z0-9]$/.test(label) ||
/(\d+\.){3}\d+/.test(label) ||
/[.-]{2}/.test(label) ||
(options?.tlsCompatible && DOT_PATTERN.test(label))) {
throw new Error(`Invalid DNS label ${label}`);
}
};
const validateCustomEndpoint = (options) => {
if (options.isCustomEndpoint) {
if (options.dualstackEndpoint)
throw new Error("Dualstack endpoint is not supported with custom endpoint");
if (options.accelerateEndpoint)
throw new Error("Accelerate endpoint is not supported with custom endpoint");
}
};
const getArnResources = (resource) => {
const delimiter = resource.includes(":") ? ":" : "/";
const [resourceType, ...rest] = resource.split(delimiter);
if (resourceType === "accesspoint") {
if (rest.length !== 1 || rest[0] === "") {
throw new Error(`Access Point ARN should have one resource accesspoint${delimiter}{accesspointname}`);
}
return { accesspointName: rest[0] };
}
else if (resourceType === "outpost") {
if (!rest[0] || rest[1] !== "accesspoint" || !rest[2] || rest.length !== 3) {
throw new Error(`Outpost ARN should have resource outpost${delimiter}{outpostId}${delimiter}accesspoint${delimiter}{accesspointName}`);
}
const [outpostId, _, accesspointName] = rest;
return { outpostId, accesspointName };
}
else {
throw new Error(`ARN resource should begin with 'accesspoint${delimiter}' or 'outpost${delimiter}'`);
}
};
const validateNoDualstack = (dualstackEndpoint) => { };
const validateNoFIPS = (useFipsEndpoint) => {
if (useFipsEndpoint)
throw new Error(`FIPS region is not supported with Outpost.`);
};
const validateMrapAlias = (name) => {
try {
name.split(".").forEach((label) => {
validateDNSHostLabel(label);
});
}
catch (e) {
throw new Error(`"${name}" is not a DNS compatible name.`);
}
};
const bucketHostname = (options) => {
validateCustomEndpoint(options);
return isBucketNameOptions(options)
?
getEndpointFromBucketName(options)
:
getEndpointFromArn(options);
};
const getEndpointFromBucketName = ({ accelerateEndpoint = false, clientRegion: region, baseHostname, bucketName, dualstackEndpoint = false, fipsEndpoint = false, pathStyleEndpoint = false, tlsCompatible = true, isCustomEndpoint = false, }) => {
const [clientRegion, hostnameSuffix] = isCustomEndpoint ? [region, baseHostname] : getSuffix(baseHostname);
if (pathStyleEndpoint || !isDnsCompatibleBucketName(bucketName) || (tlsCompatible && DOT_PATTERN.test(bucketName))) {
return {
bucketEndpoint: false,
hostname: dualstackEndpoint ? `s3.dualstack.${clientRegion}.${hostnameSuffix}` : baseHostname,
};
}
if (accelerateEndpoint) {
baseHostname = `s3-accelerate${dualstackEndpoint ? ".dualstack" : ""}.${hostnameSuffix}`;
}
else if (dualstackEndpoint) {
baseHostname = `s3.dualstack.${clientRegion}.${hostnameSuffix}`;
}
return {
bucketEndpoint: true,
hostname: `${bucketName}.${baseHostname}`,
};
};
const getEndpointFromArn = (options) => {
const { isCustomEndpoint, baseHostname, clientRegion } = options;
const hostnameSuffix = isCustomEndpoint ? baseHostname : getSuffixForArnEndpoint(baseHostname)[1];
const { pathStyleEndpoint, accelerateEndpoint = false, fipsEndpoint = false, tlsCompatible = true, bucketName, clientPartition = "aws", } = options;
validateArnEndpointOptions({ pathStyleEndpoint, accelerateEndpoint, tlsCompatible });
const { service, partition, accountId, region, resource } = bucketName;
validateService(service);
validatePartition(partition, { clientPartition });
validateAccountId(accountId);
const { accesspointName, outpostId } = getArnResources(resource);
if (service === "s3-object-lambda") {
return getEndpointFromObjectLambdaArn({ ...options, tlsCompatible, bucketName, accesspointName, hostnameSuffix });
}
if (region === "") {
return getEndpointFromMRAPArn({ ...options, mrapAlias: accesspointName, hostnameSuffix });
}
if (outpostId) {
return getEndpointFromOutpostArn({ ...options, clientRegion, outpostId, accesspointName, hostnameSuffix });
}
return getEndpointFromAccessPointArn({ ...options, clientRegion, accesspointName, hostnameSuffix });
};
const getEndpointFromObjectLambdaArn = ({ dualstackEndpoint = false, fipsEndpoint = false, tlsCompatible = true, useArnRegion, clientRegion, clientSigningRegion = clientRegion, accesspointName, bucketName, hostnameSuffix, }) => {
const { accountId, region, service } = bucketName;
validateRegionalClient(clientRegion);
const DNSHostLabel = `${accesspointName}-${accountId}`;
validateDNSHostLabel(DNSHostLabel, { tlsCompatible });
const endpointRegion = useArnRegion ? region : clientRegion;
const signingRegion = useArnRegion ? region : clientSigningRegion;
return {
bucketEndpoint: true,
hostname: `${DNSHostLabel}.${service}${fipsEndpoint ? "-fips" : ""}.${endpointRegion}.${hostnameSuffix}`,
signingRegion,
signingService: service,
};
};
const getEndpointFromMRAPArn = ({ disableMultiregionAccessPoints, dualstackEndpoint = false, isCustomEndpoint, mrapAlias, hostnameSuffix, }) => {
if (disableMultiregionAccessPoints === true) {
throw new Error("SDK is attempting to use a MRAP ARN. Please enable to feature.");
}
validateMrapAlias(mrapAlias);
return {
bucketEndpoint: true,
hostname: `${mrapAlias}${isCustomEndpoint ? "" : `.accesspoint.s3-global`}.${hostnameSuffix}`,
signingRegion: "*",
};
};
const getEndpointFromOutpostArn = ({ useArnRegion, clientRegion, clientSigningRegion = clientRegion, bucketName, outpostId, dualstackEndpoint = false, fipsEndpoint = false, tlsCompatible = true, accesspointName, isCustomEndpoint, hostnameSuffix, }) => {
validateRegionalClient(clientRegion);
const DNSHostLabel = `${accesspointName}-${bucketName.accountId}`;
validateDNSHostLabel(DNSHostLabel, { tlsCompatible });
const endpointRegion = useArnRegion ? bucketName.region : clientRegion;
const signingRegion = useArnRegion ? bucketName.region : clientSigningRegion;
validateOutpostService(bucketName.service);
validateDNSHostLabel(outpostId, { tlsCompatible });
validateNoFIPS(fipsEndpoint);
const hostnamePrefix = `${DNSHostLabel}.${outpostId}`;
return {
bucketEndpoint: true,
hostname: `${hostnamePrefix}${isCustomEndpoint ? "" : `.s3-outposts.${endpointRegion}`}.${hostnameSuffix}`,
signingRegion,
signingService: "s3-outposts",
};
};
const getEndpointFromAccessPointArn = ({ useArnRegion, clientRegion, clientSigningRegion = clientRegion, bucketName, dualstackEndpoint = false, fipsEndpoint = false, tlsCompatible = true, accesspointName, isCustomEndpoint, hostnameSuffix, }) => {
validateRegionalClient(clientRegion);
const hostnamePrefix = `${accesspointName}-${bucketName.accountId}`;
validateDNSHostLabel(hostnamePrefix, { tlsCompatible });
const endpointRegion = useArnRegion ? bucketName.region : clientRegion;
const signingRegion = useArnRegion ? bucketName.region : clientSigningRegion;
validateS3Service(bucketName.service);
return {
bucketEndpoint: true,
hostname: `${hostnamePrefix}${isCustomEndpoint
? ""
: `.s3-accesspoint${fipsEndpoint ? "-fips" : ""}${dualstackEndpoint ? ".dualstack" : ""}.${endpointRegion}`}.${hostnameSuffix}`,
signingRegion,
};
};
const bucketEndpointMiddleware = (options) => (next, context) => async (args) => {
const { Bucket: bucketName } = args.input;
let replaceBucketInPath = options.bucketEndpoint;
const request = args.request;
if (protocolHttp.HttpRequest.isInstance(request)) {
if (options.bucketEndpoint) {
request.hostname = bucketName;
}
else if (utilArnParser.validate(bucketName)) {
const bucketArn = utilArnParser.parse(bucketName);
const clientRegion = await options.region();
const useDualstackEndpoint = await options.useDualstackEndpoint();
const useFipsEndpoint = await options.useFipsEndpoint();
const { partition, signingRegion = clientRegion } = (await options.regionInfoProvider(clientRegion, { useDualstackEndpoint, useFipsEndpoint })) || {};
const useArnRegion = await options.useArnRegion();
const { hostname, bucketEndpoint, signingRegion: modifiedSigningRegion, signingService, } = bucketHostname({
bucketName: bucketArn,
baseHostname: request.hostname,
accelerateEndpoint: options.useAccelerateEndpoint,
dualstackEndpoint: useDualstackEndpoint,
fipsEndpoint: useFipsEndpoint,
pathStyleEndpoint: options.forcePathStyle,
tlsCompatible: request.protocol === "https:",
useArnRegion,
clientPartition: partition,
clientSigningRegion: signingRegion,
clientRegion: clientRegion,
isCustomEndpoint: options.isCustomEndpoint,
disableMultiregionAccessPoints: await options.disableMultiregionAccessPoints(),
});
if (modifiedSigningRegion && modifiedSigningRegion !== signingRegion) {
context["signing_region"] = modifiedSigningRegion;
}
if (signingService && signingService !== "s3") {
context["signing_service"] = signingService;
}
request.hostname = hostname;
replaceBucketInPath = bucketEndpoint;
}
else {
const clientRegion = await options.region();
const dualstackEndpoint = await options.useDualstackEndpoint();
const fipsEndpoint = await options.useFipsEndpoint();
const { hostname, bucketEndpoint } = bucketHostname({
bucketName,
clientRegion,
baseHostname: request.hostname,
accelerateEndpoint: options.useAccelerateEndpoint,
dualstackEndpoint,
fipsEndpoint,
pathStyleEndpoint: options.forcePathStyle,
tlsCompatible: request.protocol === "https:",
isCustomEndpoint: options.isCustomEndpoint,
});
request.hostname = hostname;
replaceBucketInPath = bucketEndpoint;
}
if (replaceBucketInPath) {
request.path = request.path.replace(/^(\/)?[^\/]+/, "");
if (request.path === "") {
request.path = "/";
}
}
}
return next({ ...args, request });
};
const bucketEndpointMiddlewareOptions = {
tags: ["BUCKET_ENDPOINT"],
name: "bucketEndpointMiddleware",
relation: "before",
toMiddleware: "hostHeaderMiddleware",
override: true,
};
const getBucketEndpointPlugin = (options) => ({
applyToStack: (clientStack) => {
clientStack.addRelativeTo(bucketEndpointMiddleware(options), bucketEndpointMiddlewareOptions);
},
});
function resolveBucketEndpointConfig(input) {
const { bucketEndpoint = false, forcePathStyle = false, useAccelerateEndpoint = false, useArnRegion, disableMultiregionAccessPoints = false, } = input;
return Object.assign(input, {
bucketEndpoint,
forcePathStyle,
useAccelerateEndpoint,
useArnRegion: typeof useArnRegion === "function" ? useArnRegion : () => Promise.resolve(useArnRegion),
disableMultiregionAccessPoints: typeof disableMultiregionAccessPoints === "function"
? disableMultiregionAccessPoints
: () => Promise.resolve(disableMultiregionAccessPoints),
});
}
exports.NODE_DISABLE_MULTIREGION_ACCESS_POINT_CONFIG_OPTIONS = NODE_DISABLE_MULTIREGION_ACCESS_POINT_CONFIG_OPTIONS;
exports.NODE_DISABLE_MULTIREGION_ACCESS_POINT_ENV_NAME = NODE_DISABLE_MULTIREGION_ACCESS_POINT_ENV_NAME;
exports.NODE_DISABLE_MULTIREGION_ACCESS_POINT_INI_NAME = NODE_DISABLE_MULTIREGION_ACCESS_POINT_INI_NAME;
exports.NODE_USE_ARN_REGION_CONFIG_OPTIONS = NODE_USE_ARN_REGION_CONFIG_OPTIONS;
exports.NODE_USE_ARN_REGION_ENV_NAME = NODE_USE_ARN_REGION_ENV_NAME;
exports.NODE_USE_ARN_REGION_INI_NAME = NODE_USE_ARN_REGION_INI_NAME;
exports.bucketEndpointMiddleware = bucketEndpointMiddleware;
exports.bucketEndpointMiddlewareOptions = bucketEndpointMiddlewareOptions;
exports.bucketHostname = bucketHostname;
exports.getArnResources = getArnResources;
exports.getBucketEndpointPlugin = getBucketEndpointPlugin;
exports.getSuffixForArnEndpoint = getSuffixForArnEndpoint;
exports.resolveBucketEndpointConfig = resolveBucketEndpointConfig;
exports.validateAccountId = validateAccountId;
exports.validateDNSHostLabel = validateDNSHostLabel;
exports.validateNoDualstack = validateNoDualstack;
exports.validateNoFIPS = validateNoFIPS;
exports.validateOutpostService = validateOutpostService;
exports.validatePartition = validatePartition;
exports.validateRegion = validateRegion;
Reference in New Issue View Git Blame Copy Permalink