UNPKG

@itwin/object-storage-oss

Version:

Object storage implementation using OSS

github.com/iTwin/object-storage/tree/main/storage/oss

iTwin/object-storage

122 lines 4.68 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.OssTransferConfigProvider = void 0; const internal_1 = require("@itwin/object-storage-core/lib/common/internal"); const internal_2 = require("@itwin/object-storage-core/lib/server/internal"); const internal_3 = require("@itwin/object-storage-s3/lib/server/internal"); const common_1 = require("../common"); const internal_4 = require("./internal"); class OssTransferConfigProvider { _config; _client; constructor(client, config) { this._config = config; this._client = client; } async getDownloadConfig(directory, expiry) { const policy = { Version: "1", Statement: [ { Effect: "Allow", Action: ["oss:GetObject"], Resource: [ `acs:oss:*:*:${this._config.bucket}/${(0, internal_1.buildObjectDirectoryString)(directory)}/*`, ], }, ], }; const { Credentials } = await this._client.request("AssumeRole", { RoleArn: this._config.roleArn, RoleSessionName: (0, internal_2.getRandomString)(), Policy: JSON.stringify(policy), DurationSeconds: (0, internal_3.getExpiresInSeconds)(expiry), }, { method: "POST", }); return { authentication: { accessKey: Credentials.AccessKeyId, secretKey: Credentials.AccessKeySecret, sessionToken: Credentials.SecurityToken, }, expiration: new Date(Credentials.Expiration), baseUrl: this._config.baseUrl, region: this._config.region, bucket: this._config.bucket, storageType: common_1.Constants.storageType, }; } async getUploadConfig(directory, expiry) { const policy = { Version: "1", Statement: [ { Effect: "Allow", Action: ["oss:PutObject"], Resource: [ `acs:oss:*:*:${this._config.bucket}/${(0, internal_1.buildObjectDirectoryString)(directory)}/*`, ], }, ], }; const { Credentials } = await this._client.request("AssumeRole", { RoleArn: this._config.roleArn, RoleSessionName: (0, internal_2.getRandomString)(), Policy: JSON.stringify(policy), DurationSeconds: (0, internal_3.getExpiresInSeconds)(expiry), }, { method: "POST", }); return { authentication: { accessKey: Credentials.AccessKeyId, secretKey: Credentials.AccessKeySecret, sessionToken: Credentials.SecurityToken, }, expiration: new Date(Credentials.Expiration), baseUrl: this._config.baseUrl, region: this._config.region, bucket: this._config.bucket, storageType: common_1.Constants.storageType, }; } async getDirectoryAccessConfig(directory, expiry) { const actions = (0, internal_4.getActions)(); const policy = { Version: "1", Statement: [ { Effect: "Allow", Action: actions, Resource: [ `acs:oss:*:*:${this._config.bucket}/${(0, internal_1.buildObjectDirectoryString)(directory)}/*`, `acs:oss:*:*:${this._config.bucket}`, ], }, ], }; const { Credentials } = await this._client.request("AssumeRole", { RoleArn: this._config.roleArn, RoleSessionName: (0, internal_2.getRandomString)(), Policy: JSON.stringify(policy), DurationSeconds: (0, internal_3.getExpiresInSeconds)(expiry), }, { method: "POST", }); return { authentication: { accessKey: Credentials.AccessKeyId, secretKey: Credentials.AccessKeySecret, sessionToken: Credentials.SecurityToken, }, expiration: new Date(Credentials.Expiration), baseUrl: this._config.baseUrl, region: this._config.region, bucket: this._config.bucket, storageType: common_1.Constants.storageType, }; } } exports.OssTransferConfigProvider = OssTransferConfigProvider; //# sourceMappingURL=OssTransferConfigProvider.js.map