2019-11-01 06:23:19 +00:00
|
|
|
'use strict';
|
|
|
|
var promisify = require('util').promisify;
|
|
|
|
var request = require('@root/request');
|
|
|
|
request = promisify(request);
|
|
|
|
var aws4 = require('aws4');
|
|
|
|
|
|
|
|
var defaults = {
|
|
|
|
awsRegion: 'us-east-1',
|
|
|
|
};
|
|
|
|
|
|
|
|
module.exports.create = function(config) {
|
2019-11-13 07:35:53 +00:00
|
|
|
var awsAccessKey = config.awsAccessKey || null;
|
|
|
|
var awsSecretAccessKey = config.awsSecretAccessKey || null;
|
2019-11-01 06:23:19 +00:00
|
|
|
var awsRegion = config.awsRegion || defaults.awsRegion;
|
2019-11-13 07:35:53 +00:00
|
|
|
var awsBucket = config.awsBucket || null;
|
|
|
|
var awsHost = config.awsHost || 's3.'+awsRegion+'.amazonaws.com';
|
2019-11-01 06:23:19 +00:00
|
|
|
|
2019-11-13 07:35:53 +00:00
|
|
|
if (awsAccessKey===null||awsSecretAccessKey===null){
|
|
|
|
throw new Error('awsAccessKey and awsSecretAccessKey are required');
|
|
|
|
}
|
2019-11-01 06:23:19 +00:00
|
|
|
|
|
|
|
var AWSCredentials = {
|
|
|
|
accessKeyId: awsAccessKey,
|
|
|
|
secretAccessKey: awsSecretAccessKey
|
|
|
|
};
|
|
|
|
|
2019-11-13 07:35:53 +00:00
|
|
|
if (awsBucket===null){
|
|
|
|
throw new Error('awsBucket is required');
|
|
|
|
}
|
|
|
|
|
2019-11-01 06:23:19 +00:00
|
|
|
return {
|
|
|
|
init: function(opts) {
|
|
|
|
return null;
|
|
|
|
},
|
|
|
|
|
|
|
|
set: function(data) {
|
2019-11-12 08:04:40 +00:00
|
|
|
console.log('Add Key Auth URL');
|
2019-11-01 06:23:19 +00:00
|
|
|
var ch = data.challenge;
|
|
|
|
var signed = aws4.sign({
|
|
|
|
host: awsHost,
|
|
|
|
service: 's3',
|
|
|
|
region: awsRegion,
|
2019-11-12 08:04:40 +00:00
|
|
|
path: '/' + awsBucket + '/' + ch.identifier.value + '/' + ch.token,
|
2019-11-01 06:23:19 +00:00
|
|
|
headers: {
|
|
|
|
'Content-Type': 'text/plain;charset=UTF-8'
|
|
|
|
},
|
|
|
|
method: 'PUT',
|
|
|
|
body: ch.keyAuthorization,
|
|
|
|
signQuery: true
|
|
|
|
},
|
|
|
|
AWSCredentials
|
|
|
|
);
|
|
|
|
return request({
|
|
|
|
// debug: true,
|
|
|
|
method: 'PUT',
|
2019-11-13 07:35:53 +00:00
|
|
|
url: 'https://' + signed.host + signed.path,
|
2019-11-01 06:23:19 +00:00
|
|
|
headers: { 'Content-Type': 'text/plain;charset=UTF-8' },
|
|
|
|
body: ch.keyAuthorization
|
|
|
|
|
|
|
|
}).then(function(resp) {
|
|
|
|
// console.log(resp.statusCode);
|
|
|
|
if (200 !== resp.statusCode) {
|
|
|
|
console.error(resp.statusCode);
|
2019-11-12 08:04:40 +00:00
|
|
|
// console.error(resp.body);
|
2019-11-01 06:23:19 +00:00
|
|
|
throw new Error('Could not PUT.');
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
})
|
2019-11-13 07:35:53 +00:00
|
|
|
.catch(function(err) {
|
|
|
|
throw err;
|
|
|
|
// return null;
|
|
|
|
});
|
2019-11-01 06:23:19 +00:00
|
|
|
},
|
|
|
|
get: function(data) {
|
2019-11-12 08:04:40 +00:00
|
|
|
console.log('List Key Auth URL');
|
2019-11-01 06:23:19 +00:00
|
|
|
var ch = data.challenge;
|
|
|
|
var signed = aws4.sign({
|
|
|
|
host: awsHost,
|
|
|
|
service: 's3',
|
|
|
|
region: awsRegion,
|
2019-11-12 08:04:40 +00:00
|
|
|
path: '/' + awsBucket + '/' + ch.identifier.value + '/' + ch.token,
|
2019-11-01 06:23:19 +00:00
|
|
|
headers: {
|
|
|
|
'Content-Type': 'text/plain;charset=UTF-8'
|
|
|
|
},
|
|
|
|
method: 'GET',
|
|
|
|
signQuery: true
|
|
|
|
},
|
|
|
|
AWSCredentials
|
|
|
|
);
|
2019-11-13 07:35:53 +00:00
|
|
|
|
2019-11-01 06:23:19 +00:00
|
|
|
return request({
|
|
|
|
// debug: true,
|
|
|
|
method: 'GET',
|
2019-11-13 07:35:53 +00:00
|
|
|
url: 'https://' + signed.host + signed.path,
|
2019-11-01 06:23:19 +00:00
|
|
|
headers: { 'Content-Type': 'text/plain;charset=UTF-8' }
|
2019-11-12 08:04:40 +00:00
|
|
|
}).then(function(resp) {
|
|
|
|
if (200 === resp.statusCode) {
|
|
|
|
return {
|
|
|
|
keyAuthorization: resp.body
|
|
|
|
};
|
2019-11-13 07:35:53 +00:00
|
|
|
} else if (404 === resp.statusCode) {
|
2019-11-12 08:04:40 +00:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
// wrong sign returns 403
|
|
|
|
console.error(resp.statusCode);
|
|
|
|
// console.error(resp.body);
|
|
|
|
throw new Error('Could not GET');
|
|
|
|
})
|
|
|
|
.catch(function(err) {
|
|
|
|
throw err;
|
|
|
|
// return null;
|
|
|
|
});
|
|
|
|
|
|
|
|
},
|
|
|
|
|
|
|
|
remove: function(data) {
|
|
|
|
console.log('Remove Key Auth URL');
|
|
|
|
var ch = data.challenge;
|
|
|
|
|
|
|
|
var signed = aws4.sign({
|
|
|
|
host: awsHost,
|
|
|
|
service: 's3',
|
|
|
|
region: awsRegion,
|
|
|
|
path: '/' + awsBucket + '/' + ch.identifier.value + '/' + ch.token,
|
|
|
|
method: 'DELETE',
|
|
|
|
signQuery: true
|
|
|
|
},
|
|
|
|
AWSCredentials
|
|
|
|
);
|
|
|
|
return request({
|
|
|
|
// debug: true,
|
|
|
|
method: 'DELETE',
|
2019-11-13 07:35:53 +00:00
|
|
|
url: 'https://' + signed.host + signed.path
|
2019-11-01 06:23:19 +00:00
|
|
|
}).then(function(resp) {
|
|
|
|
// console.log(resp.statusCode);
|
2019-11-12 08:04:40 +00:00
|
|
|
if (204 !== resp.statusCode) {
|
2019-11-01 06:23:19 +00:00
|
|
|
console.error(resp.statusCode);
|
|
|
|
console.error(resp.body);
|
2019-11-12 08:04:40 +00:00
|
|
|
throw new Error('Could not DELETE.');
|
2019-11-01 06:23:19 +00:00
|
|
|
}
|
2019-11-12 08:04:40 +00:00
|
|
|
return true;
|
2019-11-01 06:23:19 +00:00
|
|
|
})
|
2019-11-13 07:35:53 +00:00
|
|
|
.catch(function(err) {
|
|
|
|
throw err;
|
|
|
|
// return null;
|
|
|
|
});
|
2019-11-01 06:23:19 +00:00
|
|
|
|
|
|
|
}
|
|
|
|
};
|
|
|
|
};
|