Proyectos de Subversion Moodle

<?php

namespace Aws\S3;

use Aws\Credentials\CredentialsInterface;

use GuzzleHttp\Psr7\Uri;

use Aws\Signature\SignatureTrait;

use Aws\Signature\SignatureV4 as SignatureV4;

use Aws\Api\TimestampShape as TimestampShape;

/**

 * Encapsulates the logic for getting the data for an S3 object POST upload form

 *

 * @link http://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectPOST.html

 * @link http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-post-example.html

 */

class PostObjectV4

{

    use SignatureTrait;

    private $client;

    private $bucket;

    private $formAttributes;

    private $formInputs;

    /**

     * Constructs the PostObject.

     *

     * The options array accepts the following keys:

     * @link http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html

     *

     * @param S3ClientInterface $client     Client used with the POST object

     * @param string            $bucket     Bucket to use

     * @param array             $formInputs Associative array of form input

     *                                      fields.

     * @param array             $options    Policy condition options

     * @param mixed             $expiration Upload expiration time value. By

     *                                      default: 1 hour valid period.

     */

    public function __construct(

        S3ClientInterface $client,

        $bucket,

        array $formInputs,

        array $options = [],

        $expiration = '+1 hours'

    ) {

        $this->client = $client;

        $this->bucket = $bucket;

        // setup form attributes

        $this->formAttributes = [

            'action'  => $this->generateUri(),

            'method'  => 'POST',

            'enctype' => 'multipart/form-data'

        ];

        $credentials   = $this->client->getCredentials()->wait();

        if ($securityToken = $credentials->getSecurityToken()) {

            $options [] = ['x-amz-security-token' => $securityToken];

            $formInputs['X-Amz-Security-Token'] = $securityToken;

        }

        // setup basic policy

        $policy = [

            'expiration' => TimestampShape::format($expiration, 'iso8601'),

            'conditions' => $options,

        ];

        // setup basic formInputs

        $this->formInputs = $formInputs + ['key' => '${filename}'];

        // finalize policy and signature

        $this->formInputs += $this->getPolicyAndSignature(

            $credentials,

            $policy

        );

    }

    /**

     * Gets the S3 client.

     *

     * @return S3ClientInterface

     */

    public function getClient()

    {

        return $this->client;

    }

    /**

     * Gets the bucket name.

     *

     * @return string

     */

    public function getBucket()

    {

        return $this->bucket;

    }

    /**

     * Gets the form attributes as an array.

     *

     * @return array

     */

    public function getFormAttributes()

    {

        return $this->formAttributes;

    }

    /**

     * Set a form attribute.

     *

     * @param string $attribute Form attribute to set.

     * @param string $value     Value to set.

     */

    public function setFormAttribute($attribute, $value)

    {

        $this->formAttributes[$attribute] = $value;

    }

    /**

     * Gets the form inputs as an array.

     *

     * @return array

     */

    public function getFormInputs()

    {

        return $this->formInputs;

    }

    /**

     * Set a form input.

     *

     * @param string $field Field name to set

     * @param string $value Value to set.

     */

    public function setFormInput($field, $value)

    {

        $this->formInputs[$field] = $value;

    }

    private function generateUri()

    {

        $uri = new Uri($this->client->getEndpoint());

        if ($this->client->getConfig('use_path_style_endpoint') === true

            || ($uri->getScheme() === 'https'

            && strpos($this->bucket, '.') !== false)

        ) {

            // Use path-style URLs

            $uri = $uri->withPath("/{$this->bucket}");

        } else {

            // Use virtual-style URLs if haven't been set up already

            if (strpos($uri->getHost(), $this->bucket . '.') !== 0) {

                $uri = $uri->withHost($this->bucket . '.' . $uri->getHost());

            }

        }

        return (string) $uri;

    }

    protected function getPolicyAndSignature(

        CredentialsInterface $credentials,

        array $policy

    ){

        $ldt = gmdate(SignatureV4::ISO8601_BASIC);

        $sdt = substr($ldt, 0, 8);

        $policy['conditions'][] = ['X-Amz-Date' => $ldt];

        $region = $this->client->getRegion();

        $scope = $this->createScope($sdt, $region, 's3');

        $creds = "{$credentials->getAccessKeyId()}/$scope";

        $policy['conditions'][] = ['X-Amz-Credential' => $creds];

        $policy['conditions'][] = ['X-Amz-Algorithm' => "AWS4-HMAC-SHA256"];

        $jsonPolicy64 = base64_encode(json_encode($policy));

        $key = $this->getSigningKey(

            $sdt,

            $region,

            's3',

            $credentials->getSecretKey()

        );

        return [

            'X-Amz-Credential' => $creds,

            'X-Amz-Algorithm' => "AWS4-HMAC-SHA256",

            'X-Amz-Date' => $ldt,

            'Policy'           => $jsonPolicy64,

            'X-Amz-Signature'  => bin2hex(

                hash_hmac('sha256', $jsonPolicy64, $key, true)

            ),

        ];

    }

}