diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 530cc248c40..a24f7b2ebbb 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -8,6 +8,8 @@ /packages/geo @aws-amplify/amplify-js @aws-amplify/amplify-ui /packages/pubsub @aws-amplify/amplify-js @aws-amplify/amplify-data /packages/aws-amplify/package.json @aws-amplify/amplify-js-admins +/packages/storage/src/storageBrowser @aws-amplify/amplify-js @aws-amplify/amplify-ui +/packages/storage/storage-browser @aws-amplify/amplify-js @aws-amplify/amplify-ui /.circleci/ @aws-amplify/amplify-js @aws-amplify/amplify-devops /.github/ @aws-amplify/amplify-js-admins diff --git a/.github/integ-config/integ-all.yml b/.github/integ-config/integ-all.yml index 94a2d85a157..f049dde518e 100644 --- a/.github/integ-config/integ-all.yml +++ b/.github/integ-config/integ-all.yml @@ -827,6 +827,13 @@ tests: sample_name: [multi-part-copy] spec: multi-part-copy browser: *minimal_browser_list + - test_name: integ_react_storage_browser + desc: 'React Storage Browser' + framework: vite + category: storage + sample_name: [storage-browser] + spec: storage-browser + browser: *minimal_browser_list # GEN2 STORAGE - test_name: integ_react_storage @@ -836,6 +843,13 @@ tests: sample_name: [storage-gen2] spec: storage-gen2 browser: *minimal_browser_list + - test_name: integ_react_storage_internal + desc: 'React Storage Gen2 Internal APIs' + framework: react + category: storage + sample_name: [storage-gen2-internal] + spec: storage-gen2-internal + browser: *minimal_browser_list - test_name: integ_next_storage desc: 'Next Storage Auth' framework: next diff --git a/.github/workflows/callable-e2e-test.yml b/.github/workflows/callable-e2e-test.yml index 7df6b042969..ee02150baa3 100644 --- a/.github/workflows/callable-e2e-test.yml +++ b/.github/workflows/callable-e2e-test.yml @@ -46,6 +46,10 @@ env: CYPRESS_GOOGLE_CLIENTID: ${{ secrets.CYPRESS_GOOGLE_CLIENTID }} CYPRESS_GOOGLE_CLIENT_SECRET: ${{ secrets.CYPRESS_GOOGLE_CLIENT_SECRET }} CYPRESS_GOOGLE_REFRESH_TOKEN: ${{ secrets.CYPRESS_GOOGLE_REFRESH_TOKEN }} + CYPRESS_AUTH0_CLIENTID: ${{ secrets.CYPRESS_AUTH0_CLIENTID }} + CYPRESS_AUTH0_SECRET: ${{ secrets.CYPRESS_AUTH0_SECRET }} + CYPRESS_AUTH0_AUDIENCE: ${{ secrets.CYPRESS_AUTH0_AUDIENCE }} + CYPRESS_AUTH0_DOMAIN: ${{ secrets.CYPRESS_AUTH0_DOMAIN }} jobs: e2e-test: diff --git a/docs/api/assets/navigation.js b/docs/api/assets/navigation.js index 5acdbc1baa8..f46098dcac4 100644 --- a/docs/api/assets/navigation.js +++ b/docs/api/assets/navigation.js @@ -1 +1 @@ -window.navigationData = "data:application/octet-stream;base64," \ No newline at end of file +window.navigationData = "data:application/octet-stream;base64," diff --git a/docs/api/assets/search.js b/docs/api/assets/search.js index 16ab23502d6..caad79ef751 100644 --- a/docs/api/assets/search.js +++ b/docs/api/assets/search.js @@ -1 +1 @@ -window.searchData = "data:application/octet-stream;base64,"; \ No newline at end of file +window.searchData = "data:application/octet-stream;base64,"; diff --git a/eslint.config.mjs b/eslint.config.mjs index 079c9406be4..4d4f9c7e3ac 100644 --- a/eslint.config.mjs +++ b/eslint.config.mjs @@ -12,6 +12,8 @@ import tsParser from '@typescript-eslint/parser'; import js from '@eslint/js'; import { FlatCompat } from '@eslint/eslintrc'; +import customClientDtsBundlerConfig from './scripts/dts-bundler/dts-bundler.config.js'; + const __filename = fileURLToPath(import.meta.url); const __dirname = path.dirname(__filename); const compat = new FlatCompat({ @@ -19,6 +21,10 @@ const compat = new FlatCompat({ recommendedConfig: js.configs.recommended, allConfig: js.configs.all, }); +const customClientDtsFiles = customClientDtsBundlerConfig.entries + .map(clientBundlerConfig => clientBundlerConfig.outFile) + .filter(outFile => outFile?.length > 0) + .map(outFile => outFile.replace(__dirname + path.sep, '')) // Convert absolute path to relative path export default [ { @@ -39,6 +45,7 @@ export default [ 'packages/interactions/__tests__', 'packages/predictions/__tests__', 'packages/pubsub/__tests__', + ...customClientDtsFiles, ], }, ...fixupConfigRules( diff --git a/packages/auth/package.json b/packages/auth/package.json index 42771efb06b..1a8240a9ae6 100644 --- a/packages/auth/package.json +++ b/packages/auth/package.json @@ -102,4 +102,4 @@ "@jest/test-sequencer": "^29.7.0", "typescript": "5.0.2" } -} +} \ No newline at end of file diff --git a/packages/aws-amplify/__tests__/exports.test.ts b/packages/aws-amplify/__tests__/exports.test.ts index 0a354d6cf11..16218f13871 100644 --- a/packages/aws-amplify/__tests__/exports.test.ts +++ b/packages/aws-amplify/__tests__/exports.test.ts @@ -239,6 +239,7 @@ describe('aws-amplify Exports', () => { 'getUrl', 'isCancelError', 'StorageError', + 'DEFAULT_PART_SIZE', ].sort(), ); }); @@ -253,6 +254,7 @@ describe('aws-amplify Exports', () => { 'getProperties', 'copy', 'getUrl', + 'DEFAULT_PART_SIZE', ].sort(), ); }); diff --git a/packages/aws-amplify/package.json b/packages/aws-amplify/package.json index 9c05b6b9f25..e6ab7abac6b 100644 --- a/packages/aws-amplify/package.json +++ b/packages/aws-amplify/package.json @@ -293,31 +293,31 @@ "name": "[Analytics] record (Pinpoint)", "path": "./dist/esm/analytics/index.mjs", "import": "{ record }", - "limit": "17.5 kB" + "limit": "17.59 kB" }, { "name": "[Analytics] record (Kinesis)", "path": "./dist/esm/analytics/kinesis/index.mjs", "import": "{ record }", - "limit": "48.74 kB" + "limit": "48.8 kB" }, { "name": "[Analytics] record (Kinesis Firehose)", "path": "./dist/esm/analytics/kinesis-firehose/index.mjs", "import": "{ record }", - "limit": "45.76 kB" + "limit": "45.85 kB" }, { "name": "[Analytics] record (Personalize)", "path": "./dist/esm/analytics/personalize/index.mjs", "import": "{ record }", - "limit": "49.58 kB" + "limit": "49.67 kB" }, { "name": "[Analytics] identifyUser (Pinpoint)", "path": "./dist/esm/analytics/index.mjs", "import": "{ identifyUser }", - "limit": "15.97 kB" + "limit": "16.09 kB" }, { "name": "[Analytics] enable", @@ -335,7 +335,7 @@ "name": "[API] generateClient (AppSync)", "path": "./dist/esm/api/index.mjs", "import": "{ generateClient }", - "limit": "44.1 kB" + "limit": "44.21 kB" }, { "name": "[API] REST API handlers", @@ -353,43 +353,43 @@ "name": "[Auth] resetPassword (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ resetPassword }", - "limit": "12.57 kB" + "limit": "12.66 kB" }, { "name": "[Auth] confirmResetPassword (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ confirmResetPassword }", - "limit": "12.51 kB" + "limit": "12.60 kB" }, { "name": "[Auth] signIn (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ signIn }", - "limit": "30.00 kB" + "limit": "28.78 kB" }, { "name": "[Auth] resendSignUpCode (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ resendSignUpCode }", - "limit": "12.53 kB" + "limit": "12.61 kB" }, { "name": "[Auth] confirmSignUp (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ confirmSignUp }", - "limit": "31.00 kB" + "limit": "29.40 kB" }, { "name": "[Auth] confirmSignIn (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ confirmSignIn }", - "limit": "28.39 kB" + "limit": "28.46 kB" }, { "name": "[Auth] updateMFAPreference (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ updateMFAPreference }", - "limit": "12.00 kB" + "limit": "12.07 kB" }, { "name": "[Auth] fetchMFAPreference (Cognito)", @@ -401,13 +401,13 @@ "name": "[Auth] verifyTOTPSetup (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ verifyTOTPSetup }", - "limit": "12.86 kB" + "limit": "12.94 kB" }, { "name": "[Auth] updatePassword (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ updatePassword }", - "limit": "12.87 kB" + "limit": "12.96 kB" }, { "name": "[Auth] setUpTOTP (Cognito)", @@ -419,7 +419,7 @@ "name": "[Auth] updateUserAttributes (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ updateUserAttributes }", - "limit": "12.1 kB" + "limit": "12.19 kB" }, { "name": "[Auth] getCurrentUser (Cognito)", @@ -431,19 +431,19 @@ "name": "[Auth] confirmUserAttribute (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ confirmUserAttribute }", - "limit": "12.86 kB" + "limit": "12.93 kB" }, { "name": "[Auth] signInWithRedirect (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ signInWithRedirect }", - "limit": "21.19 kB" + "limit": "21.21 kB" }, { "name": "[Auth] fetchUserAttributes (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ fetchUserAttributes }", - "limit": "11.93 kB" + "limit": "12.01 kB" }, { "name": "[Auth] Basic Auth Flow (Cognito)", @@ -455,49 +455,49 @@ "name": "[Auth] OAuth Auth Flow (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ signInWithRedirect, signOut, fetchAuthSession }", - "limit": "21.66 kB" + "limit": "21.64 kB" }, { "name": "[Storage] copy (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ copy }", - "limit": "15.03 kB" + "limit": "16.39 kB" }, { "name": "[Storage] downloadData (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ downloadData }", - "limit": "15.62 kB" + "limit": "16.73 kB" }, { "name": "[Storage] getProperties (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ getProperties }", - "limit": "14.89 kB" + "limit": "15.99 kB" }, { "name": "[Storage] getUrl (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ getUrl }", - "limit": "16.11 kB" + "limit": "17.22 kB" }, { "name": "[Storage] list (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ list }", - "limit": "15.55 kB" + "limit": "16.69 kB" }, { "name": "[Storage] remove (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ remove }", - "limit": "14.75 kB" + "limit": "15.83 kB" }, { "name": "[Storage] uploadData (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ uploadData }", - "limit": "20.17 kB" + "limit": "22.81 kB" } ] } diff --git a/packages/core/__tests__/clients/middleware/retry/defaultRetryDecider.test.ts b/packages/core/__tests__/clients/middleware/retry/defaultRetryDecider.test.ts index 160c4fdbe74..0cee3a38ec1 100644 --- a/packages/core/__tests__/clients/middleware/retry/defaultRetryDecider.test.ts +++ b/packages/core/__tests__/clients/middleware/retry/defaultRetryDecider.test.ts @@ -2,12 +2,26 @@ // SPDX-License-Identifier: Apache-2.0 import { HttpResponse } from '../../../../src/clients'; -import { getRetryDecider } from '../../../../src/clients/middleware/retry/defaultRetryDecider'; +import { getRetryDecider } from '../../../../src/clients/middleware/retry'; +import { isClockSkewError } from '../../../../src/clients/middleware/retry/isClockSkewError'; import { AmplifyError } from '../../../../src/errors'; import { AmplifyErrorCode } from '../../../../src/types'; +jest.mock('../../../../src/clients/middleware/retry/isClockSkewError'); + +const mockIsClockSkewError = jest.mocked(isClockSkewError); + describe('getRetryDecider', () => { const mockErrorParser = jest.fn(); + const mockHttpResponse: HttpResponse = { + statusCode: 200, + headers: {}, + body: 'body' as any, + }; + + beforeEach(() => { + jest.resetAllMocks(); + }); describe('created retryDecider', () => { const mockNetworkErrorThrownFromFetch = new AmplifyError({ @@ -21,20 +35,124 @@ describe('getRetryDecider', () => { test.each([ [ 'a network error from the fetch handler', - true, + { + retryable: true, + }, mockNetworkErrorThrownFromFetch, ], [ 'a network error from the XHR handler defined in Storage', - true, + { + retryable: true, + }, mockNetworkErrorThrownFromXHRInStorage, ], - ])('when receives %p returns %p', (_, expected, error) => { + ])('when receives %p returns %p', async (_, expected, error) => { const mockResponse = {} as unknown as HttpResponse; mockErrorParser.mockReturnValueOnce(error); const retryDecider = getRetryDecider(mockErrorParser); + const result = await retryDecider(mockResponse, error); - expect(retryDecider(mockResponse, error)).resolves.toBe(expected); + expect(result).toEqual(expected); }); }); + + describe('handling throttling errors', () => { + it.each([ + 'BandwidthLimitExceeded', + 'EC2ThrottledException', + 'LimitExceededException', + 'PriorRequestNotComplete', + 'ProvisionedThroughputExceededException', + 'RequestLimitExceeded', + 'RequestThrottled', + 'RequestThrottledException', + 'SlowDown', + 'ThrottledException', + 'Throttling', + 'ThrottlingException', + 'TooManyRequestsException', + ])('should return retryable at %s error', async errorCode => { + expect.assertions(2); + mockErrorParser.mockResolvedValueOnce({ + code: errorCode, + }); + const retryDecider = getRetryDecider(mockErrorParser); + const { retryable, isCredentialsExpiredError } = await retryDecider( + mockHttpResponse, + undefined, + ); + expect(retryable).toBe(true); + expect(isCredentialsExpiredError).toBeFalsy(); + }); + + it('should set retryable for 402 error', async () => { + expect.assertions(2); + const retryDecider = getRetryDecider(mockErrorParser); + const { + retryable, + isCredentialsExpiredError: isInvalidCredentialsError, + } = await retryDecider( + { + ...mockHttpResponse, + statusCode: 429, + }, + undefined, + ); + expect(retryable).toBe(true); + expect(isInvalidCredentialsError).toBeFalsy(); + }); + }); + + describe('handling clockskew error', () => { + it.each([{ code: 'ClockSkew' }, { name: 'ClockSkew' }])( + 'should handle clockskew error %o', + async parsedError => { + expect.assertions(3); + mockErrorParser.mockResolvedValue(parsedError); + mockIsClockSkewError.mockReturnValue(true); + const retryDecider = getRetryDecider(mockErrorParser); + const { retryable, isCredentialsExpiredError } = await retryDecider( + mockHttpResponse, + undefined, + ); + expect(retryable).toBe(true); + expect(isCredentialsExpiredError).toBeFalsy(); + expect(mockIsClockSkewError).toHaveBeenCalledWith( + Object.values(parsedError)[0], + ); + }, + ); + }); + + it.each([500, 502, 503, 504])( + 'should handle server-side status code %s', + async statusCode => { + const retryDecider = getRetryDecider(mockErrorParser); + const { retryable, isCredentialsExpiredError } = await retryDecider( + { + ...mockHttpResponse, + statusCode, + }, + undefined, + ); + expect(retryable).toBe(true); + expect(isCredentialsExpiredError).toBeFalsy(); + }, + ); + + it.each(['TimeoutError', 'RequestTimeout', 'RequestTimeoutException'])( + 'should handle server-side timeout error code %s', + async errorCode => { + expect.assertions(2); + mockErrorParser.mockResolvedValue({ code: errorCode }); + const retryDecider = getRetryDecider(mockErrorParser); + const { retryable, isCredentialsExpiredError } = await retryDecider( + mockHttpResponse, + undefined, + ); + expect(retryable).toBe(true); + expect(isCredentialsExpiredError).toBeFalsy(); + }, + ); }); diff --git a/packages/core/__tests__/clients/middleware/retry/middleware.test.ts b/packages/core/__tests__/clients/middleware/retry/middleware.test.ts index 1391f010d23..05f1b0f8de9 100644 --- a/packages/core/__tests__/clients/middleware/retry/middleware.test.ts +++ b/packages/core/__tests__/clients/middleware/retry/middleware.test.ts @@ -11,13 +11,13 @@ import { jest.spyOn(global, 'setTimeout'); jest.spyOn(global, 'clearTimeout'); -describe(`${retryMiddlewareFactory.name} middleware`, () => { +describe(`retry middleware`, () => { beforeEach(() => { jest.clearAllMocks(); }); const defaultRetryOptions = { - retryDecider: async () => true, + retryDecider: async () => ({ retryable: true }), computeDelay: () => 1, }; const defaultRequest = { url: new URL('https://a.b') }; @@ -72,7 +72,7 @@ describe(`${retryMiddlewareFactory.name} middleware`, () => { const retryableHandler = getRetryableHandler(nextHandler); const retryDecider = jest .fn() - .mockImplementation(response => response.body !== 'foo'); // retry if response is not foo + .mockImplementation(response => ({ retryable: response.body !== 'foo' })); // retry if response is not foo const resp = await retryableHandler(defaultRequest, { ...defaultRetryOptions, retryDecider, @@ -88,11 +88,9 @@ describe(`${retryMiddlewareFactory.name} middleware`, () => { .fn() .mockRejectedValue(new Error('UnretryableError')); const retryableHandler = getRetryableHandler(nextHandler); - const retryDecider = jest - .fn() - .mockImplementation( - (resp, error) => error.message !== 'UnretryableError', - ); + const retryDecider = jest.fn().mockImplementation((resp, error) => ({ + retryable: error.message !== 'UnretryableError', + })); try { await retryableHandler(defaultRequest, { ...defaultRetryOptions, @@ -103,11 +101,46 @@ describe(`${retryMiddlewareFactory.name} middleware`, () => { expect(e.message).toBe('UnretryableError'); expect(nextHandler).toHaveBeenCalledTimes(1); expect(retryDecider).toHaveBeenCalledTimes(1); - expect(retryDecider).toHaveBeenCalledWith(undefined, expect.any(Error)); + expect(retryDecider).toHaveBeenCalledWith( + undefined, + expect.any(Error), + expect.anything(), + ); } expect.assertions(4); }); + test('should set isCredentialsExpired in middleware context if retry decider returns the flag', async () => { + expect.assertions(4); + const coreHandler = jest + .fn() + .mockRejectedValueOnce(new Error('InvalidSignature')) + .mockResolvedValueOnce(defaultResponse); + + const nextMiddleware = jest.fn( + (next: MiddlewareHandler) => (request: any) => next(request), + ); + const retryableHandler = composeTransferHandler<[RetryOptions, any]>( + coreHandler, + [retryMiddlewareFactory, () => nextMiddleware], + ); + const retryDecider = jest.fn().mockImplementation((resp, error) => ({ + retryable: error?.message === 'InvalidSignature', + isCredentialsExpiredError: error?.message === 'InvalidSignature', + })); + const response = await retryableHandler(defaultRequest, { + ...defaultRetryOptions, + retryDecider, + }); + expect(response).toEqual(expect.objectContaining(defaultResponse)); + expect(coreHandler).toHaveBeenCalledTimes(2); + expect(retryDecider).toHaveBeenCalledTimes(2); + expect(nextMiddleware).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ isCredentialsExpired: true }), + ); + }); + test('should call computeDelay for intervals', async () => { const nextHandler = jest.fn().mockResolvedValue(defaultResponse); const retryableHandler = getRetryableHandler(nextHandler); @@ -152,7 +185,7 @@ describe(`${retryMiddlewareFactory.name} middleware`, () => { const nextHandler = jest.fn().mockResolvedValue(defaultResponse); const retryableHandler = getRetryableHandler(nextHandler); const controller = new AbortController(); - const retryDecider = async () => true; + const retryDecider = async () => ({ retryable: true }); const computeDelay = jest.fn().mockImplementation(attempt => { if (attempt === 1) { setTimeout(() => { @@ -204,9 +237,10 @@ describe(`${retryMiddlewareFactory.name} middleware`, () => { const retryDecider = jest .fn() .mockImplementation((response, error: Error) => { - if (error && error.message.endsWith('RetryableError')) return true; + if (error && error.message.endsWith('RetryableError')) + return { retryable: true }; - return false; + return { retryable: false }; }); const computeDelay = jest.fn().mockReturnValue(0); const response = await doubleRetryableHandler(defaultRequest, { diff --git a/packages/core/__tests__/clients/middleware/signing/middleware.test.ts b/packages/core/__tests__/clients/middleware/signing/middleware.test.ts index a3183ebcdb5..874d82e2282 100644 --- a/packages/core/__tests__/clients/middleware/signing/middleware.test.ts +++ b/packages/core/__tests__/clients/middleware/signing/middleware.test.ts @@ -11,6 +11,7 @@ import { getUpdatedSystemClockOffset } from '../../../../src/clients/middleware/ import { HttpRequest, HttpResponse, + Middleware, MiddlewareHandler, } from '../../../../src/clients/types'; @@ -113,6 +114,30 @@ describe('Signing middleware', () => { expect(credentialsProvider).toHaveBeenCalledTimes(1); }); + test('should forceRefresh credentials provider if middleware context isCredentialsInvalid flag is set', async () => { + expect.assertions(2); + const credentialsProvider = jest.fn().mockResolvedValue(credentials); + const nextHandler = jest.fn().mockResolvedValue(defaultResponse); + const setInvalidCredsMiddleware: Middleware = + () => (next, context) => request => { + context.isCredentialsExpired = true; + + return next(request); + }; + const signableHandler = composeTransferHandler< + [any, SigningOptions], + HttpRequest, + HttpResponse + >(nextHandler, [setInvalidCredsMiddleware, signingMiddlewareFactory]); + const config = { + ...defaultSigningOptions, + credentials: credentialsProvider, + }; + await signableHandler(defaultRequest, config); + expect(credentialsProvider).toHaveBeenCalledTimes(1); + expect(credentialsProvider).toHaveBeenCalledWith({ forceRefresh: true }); + }); + test.each([ ['response with Date header', 'Date'], ['response with date header', 'date'], @@ -128,6 +153,7 @@ describe('Signing middleware', () => { const middlewareFunction = signingMiddlewareFactory(defaultSigningOptions)( nextHandler, + {}, ); await middlewareFunction(defaultRequest); diff --git a/packages/core/__tests__/parseAmplifyOutputs.test.ts b/packages/core/__tests__/parseAmplifyOutputs.test.ts index bb93d12116c..38a8fa141c4 100644 --- a/packages/core/__tests__/parseAmplifyOutputs.test.ts +++ b/packages/core/__tests__/parseAmplifyOutputs.test.ts @@ -294,6 +294,59 @@ describe('parseAmplifyOutputs tests', () => { expect(() => parseAmplifyOutputs(amplifyOutputs)).toThrow(); }); + it('should parse storage bucket with paths', () => { + const amplifyOutputs: AmplifyOutputs = { + version: '1.2', + storage: { + aws_region: 'us-west-2', + bucket_name: 'storage-bucket-test', + buckets: [ + { + name: 'default-bucket', + bucket_name: 'storage-bucket-test', + aws_region: 'us-west-2', + paths: { + 'other/*': { + guest: ['get', 'list'], + authenticated: ['get', 'list', 'write'], + }, + 'admin/*': { + groupsauditor: ['get', 'list'], + groupsadmin: ['get', 'list', 'write', 'delete'], + }, + }, + }, + ], + }, + }; + + const result = parseAmplifyOutputs(amplifyOutputs); + + expect(result).toEqual({ + Storage: { + S3: { + bucket: 'storage-bucket-test', + region: 'us-west-2', + buckets: { + 'default-bucket': { + bucketName: 'storage-bucket-test', + region: 'us-west-2', + paths: { + 'other/*': { + guest: ['get', 'list'], + authenticated: ['get', 'list', 'write'], + }, + 'admin/*': { + groupsauditor: ['get', 'list'], + groupsadmin: ['get', 'list', 'write', 'delete'], + }, + }, + }, + }, + }, + }, + }); + }); }); describe('analytics tests', () => { diff --git a/packages/core/src/Platform/types.ts b/packages/core/src/Platform/types.ts index d5c60a84241..488c37efe8b 100644 --- a/packages/core/src/Platform/types.ts +++ b/packages/core/src/Platform/types.ts @@ -133,6 +133,8 @@ export enum StorageAction { Remove = '5', GetProperties = '6', GetUrl = '7', + GetDataAccess = '8', + ListCallerAccessGrants = '9', } interface ActionMap { diff --git a/packages/core/src/clients/index.ts b/packages/core/src/clients/index.ts index a06067604bc..31abf267c77 100644 --- a/packages/core/src/clients/index.ts +++ b/packages/core/src/clients/index.ts @@ -15,9 +15,14 @@ export { } from './middleware/signing/signer/signatureV4'; export { EMPTY_HASH as EMPTY_SHA256_HASH } from './middleware/signing/signer/signatureV4/constants'; export { extendedEncodeURIComponent } from './middleware/signing/utils/extendedEncodeURIComponent'; -export { signingMiddlewareFactory, SigningOptions } from './middleware/signing'; +export { + signingMiddlewareFactory, + SigningOptions, + CredentialsProviderOptions, +} from './middleware/signing'; export { getRetryDecider, + RetryDeciderOutput, jitteredBackoff, retryMiddlewareFactory, RetryOptions, diff --git a/packages/core/src/clients/internal/composeServiceApi.ts b/packages/core/src/clients/internal/composeServiceApi.ts index 259a0ee7cd6..4b788ec852d 100644 --- a/packages/core/src/clients/internal/composeServiceApi.ts +++ b/packages/core/src/clients/internal/composeServiceApi.ts @@ -5,6 +5,42 @@ import { ServiceClientOptions } from '../types/aws'; import { Endpoint, TransferHandler } from '../types/core'; import { HttpRequest, HttpResponse } from '../types/http'; +/** + * Compose a service API handler that accepts input as defined shape and responds conforming to defined output shape. + * A service API handler is composed with: + * * A transfer handler + * * A serializer function + * * A deserializer function + * * A default config object + * + * The returned service API handler, when called, will trigger the following workflow: + * 1. When calling the service API handler function, the default config object is merged into the input config + * object to assign the default values of some omitted configs, resulting to a resolved config object. + * 2. The `endpointResolver` function from the default config object will be invoked with the resolved config object and + * API input object resulting to an endpoint instance. + * 3. The serializer function is invoked with API input object and the endpoint instance resulting to an HTTP request + * instance. + * 4. The HTTP request instance and the resolved config object is passed to the transfer handler function. + * 5. The transfer handler function resolves to an HTTP response instance(can be either successful or failed status code). + * 6. The deserializer function is invoked with the HTTP response instance resulting to the API output object, and + * return to the caller. + * + * + * @param transferHandler Async function for dispatching HTTP requests and returning HTTP response. + * @param serializer Async function for converting object in defined input shape into HTTP request targeting a given + * endpoint. + * @param deserializer Async function for converting HTTP response into output object in defined output shape, or error + * shape. + * @param defaultConfig object containing default options to be consumed by transfer handler, serializer and + * deserializer. + * @returns a async service API handler function that accepts a config object and input object in defined shape, returns + * an output object in defined shape. It may also throw error instance in defined shape in deserializer. The config + * object type is composed with options type of transferHandler, endpointResolver function as well as endpointResolver + * function's input options type, region string. The config object property will be marked as optional if it's also + * defined in defaultConfig. + * + * @internal + */ export const composeServiceApi = < TransferHandlerOptions, Input, @@ -26,9 +62,9 @@ export const composeServiceApi = < return async ( config: OptionalizeKey< TransferHandlerOptions & - ServiceClientOptions & - Partial & - InferEndpointResolverOptionType, + ServiceClientOptions & // Required configs(e.g. endpointResolver, region) to serialize input shapes into requests + InferEndpointResolverOptionType & // Required inputs for endpointResolver + Partial, // Properties defined in default configs, we need to allow overwriting them when invoking the service API handler DefaultConfig >, input: Input, @@ -37,8 +73,8 @@ export const composeServiceApi = < ...defaultConfig, ...config, } as unknown as TransferHandlerOptions & ServiceClientOptions; - // We may want to allow different endpoints from given config(other than region) and input. - // Currently S3 supports additional `useAccelerateEndpoint` option to use accelerate endpoint. + // We need to allow different endpoints based on both given config(other than region) and input. + // However for most of non-S3 services, region is the only input for endpoint resolver. const endpoint = await resolvedConfig.endpointResolver( resolvedConfig, input, @@ -55,6 +91,30 @@ export const composeServiceApi = < }; }; +/** + * Type helper to make a given key optional in a given type. For all the keys in the `InputDefaultsType`, if its value + * is assignable to the value of the same key in `InputType`, we will mark the key in `InputType` is optional. If + * the `InputType` and `InputDefaultsType` has the same key but un-assignable types, the resulting type is `never` to + * trigger a type error down the line. + * + * @example + * type InputType = { + * a: string; + * b: number; + * c: string; + * }; + * type InputDefaultsType = { + * a: string; + * b: number; + * }; + * type OutputType = OptionalizeKey; + * OutputType equals to: + * { + * a?: string; + * b?: number; + * c: string; + * } + */ type OptionalizeKey = { [KeyWithDefaultValue in keyof InputDefaultsType]?: KeyWithDefaultValue extends keyof InputType ? InputType[KeyWithDefaultValue] @@ -67,7 +127,7 @@ type OptionalizeKey = { }; type InferEndpointResolverOptionType = T extends { - endpointResolver(options: infer EndpointOptions): any; + endpointResolver(options: infer EndpointOptions, input: any): any; } ? EndpointOptions : never; diff --git a/packages/core/src/clients/middleware/retry/defaultRetryDecider.ts b/packages/core/src/clients/middleware/retry/defaultRetryDecider.ts index a990fbbdc3c..feb350fbbf0 100644 --- a/packages/core/src/clients/middleware/retry/defaultRetryDecider.ts +++ b/packages/core/src/clients/middleware/retry/defaultRetryDecider.ts @@ -5,6 +5,7 @@ import { AmplifyErrorCode } from '../../../types'; import { ErrorParser, HttpResponse } from '../../types'; import { isClockSkewError } from './isClockSkewError'; +import { RetryDeciderOutput } from './types'; /** * Get retry decider function @@ -12,7 +13,10 @@ import { isClockSkewError } from './isClockSkewError'; */ export const getRetryDecider = (errorParser: ErrorParser) => - async (response?: HttpResponse, error?: unknown): Promise => { + async ( + response?: HttpResponse, + error?: unknown, + ): Promise => { const parsedError = (error as Error & { code: string }) ?? (await errorParser(response)) ?? @@ -20,12 +24,15 @@ export const getRetryDecider = const errorCode = parsedError?.code || parsedError?.name; const statusCode = response?.statusCode; - return ( + const isRetryable = isConnectionError(error) || isThrottlingError(statusCode, errorCode) || isClockSkewError(errorCode) || - isServerSideError(statusCode, errorCode) - ); + isServerSideError(statusCode, errorCode); + + return { + retryable: isRetryable, + }; }; // reference: https://github.com/aws/aws-sdk-js-v3/blob/ab0e7be36e7e7f8a0c04834357aaad643c7912c3/packages/service-error-classification/src/constants.ts#L22-L37 diff --git a/packages/core/src/clients/middleware/retry/index.ts b/packages/core/src/clients/middleware/retry/index.ts index 4c82c603508..fdf34552fa7 100644 --- a/packages/core/src/clients/middleware/retry/index.ts +++ b/packages/core/src/clients/middleware/retry/index.ts @@ -4,3 +4,4 @@ export { RetryOptions, retryMiddlewareFactory } from './middleware'; export { jitteredBackoff } from './jitteredBackoff'; export { getRetryDecider } from './defaultRetryDecider'; +export { RetryDeciderOutput } from './types'; diff --git a/packages/core/src/clients/middleware/retry/middleware.ts b/packages/core/src/clients/middleware/retry/middleware.ts index bce886abb73..9bf7e093030 100644 --- a/packages/core/src/clients/middleware/retry/middleware.ts +++ b/packages/core/src/clients/middleware/retry/middleware.ts @@ -8,6 +8,8 @@ import { Response, } from '../../types/core'; +import { RetryDeciderOutput } from './types'; + const DEFAULT_RETRY_ATTEMPTS = 3; /** @@ -19,9 +21,14 @@ export interface RetryOptions { * * @param response Optional response of the request. * @param error Optional error thrown from previous attempts. + * @param middlewareContext Optional context object to store data between retries. * @returns True if the request should be retried. */ - retryDecider(response?: TResponse, error?: unknown): Promise; + retryDecider( + response?: TResponse, + error?: unknown, + middlewareContext?: MiddlewareContext, + ): Promise; /** * Function to compute the delay in milliseconds before the next retry based * on the number of attempts. @@ -87,7 +94,14 @@ export const retryMiddlewareFactory = ({ ? (context.attemptsCount ?? 0) : attemptsCount + 1; context.attemptsCount = attemptsCount; - if (await retryDecider(response, error)) { + const { isCredentialsExpiredError, retryable } = await retryDecider( + response, + error, + context, + ); + if (retryable) { + // Setting isCredentialsInvalid flag to notify signing middleware to forceRefresh credentials provider. + context.isCredentialsExpired = !!isCredentialsExpiredError; if (!abortSignal?.aborted && attemptsCount < maxAttempts) { // prevent sleep for last attempt or cancelled request; const delay = computeDelay(attemptsCount); diff --git a/packages/core/src/clients/middleware/retry/types.ts b/packages/core/src/clients/middleware/retry/types.ts new file mode 100644 index 00000000000..a229216edee --- /dev/null +++ b/packages/core/src/clients/middleware/retry/types.ts @@ -0,0 +1,7 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +export interface RetryDeciderOutput { + retryable: boolean; + isCredentialsExpiredError?: boolean; +} diff --git a/packages/core/src/clients/middleware/signing/index.ts b/packages/core/src/clients/middleware/signing/index.ts index a1458bca3e4..1ce90db4b7e 100644 --- a/packages/core/src/clients/middleware/signing/index.ts +++ b/packages/core/src/clients/middleware/signing/index.ts @@ -1,4 +1,8 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -export { signingMiddlewareFactory, SigningOptions } from './middleware'; +export { + signingMiddlewareFactory, + SigningOptions, + CredentialsProviderOptions, +} from './middleware'; diff --git a/packages/core/src/clients/middleware/signing/middleware.ts b/packages/core/src/clients/middleware/signing/middleware.ts index a7bed1e6b7f..1b36519729e 100644 --- a/packages/core/src/clients/middleware/signing/middleware.ts +++ b/packages/core/src/clients/middleware/signing/middleware.ts @@ -7,16 +7,27 @@ import { HttpResponse, MiddlewareHandler, } from '../../types'; +import { MiddlewareContext } from '../../types/core'; import { signRequest } from './signer/signatureV4'; import { getSkewCorrectedDate } from './utils/getSkewCorrectedDate'; import { getUpdatedSystemClockOffset } from './utils/getUpdatedSystemClockOffset'; +/** + * Options type for the async callback function returning aws credentials. This + * function is used by SigV4 signer to resolve the aws credentials + */ +export interface CredentialsProviderOptions { + forceRefresh?: boolean; +} + /** * Configuration of the signing middleware */ export interface SigningOptions { - credentials: Credentials | (() => Promise); + credentials: + | Credentials + | ((options?: CredentialsProviderOptions) => Promise); region: string; service: string; @@ -41,12 +52,19 @@ export const signingMiddlewareFactory = ({ }: SigningOptions) => { let currentSystemClockOffset: number; - return (next: MiddlewareHandler) => + return ( + next: MiddlewareHandler, + context: MiddlewareContext, + ) => async function signingMiddleware(request: HttpRequest) { currentSystemClockOffset = currentSystemClockOffset ?? 0; const signRequestOptions = { credentials: - typeof credentials === 'function' ? await credentials() : credentials, + typeof credentials === 'function' + ? await credentials({ + forceRefresh: !!context?.isCredentialsExpired, + }) + : credentials, signingDate: getSkewCorrectedDate(currentSystemClockOffset), signingRegion: region, signingService: service, diff --git a/packages/core/src/clients/types/core.ts b/packages/core/src/clients/types/core.ts index 1fa122250b6..a6348655899 100644 --- a/packages/core/src/clients/types/core.ts +++ b/packages/core/src/clients/types/core.ts @@ -30,6 +30,11 @@ export type MiddlewareHandler = ( * The context object to store states across the middleware chain. */ export interface MiddlewareContext { + /** + * Whether an error indicating expired credentials has been returned from server-side. + * This is set by the retry middleware. + */ + isCredentialsExpired?: boolean; /** * The number of times the request has been attempted. This is set by retry middleware */ diff --git a/packages/core/src/clients/types/index.ts b/packages/core/src/clients/types/index.ts index e2b8953a4d2..0ee905fb162 100644 --- a/packages/core/src/clients/types/index.ts +++ b/packages/core/src/clients/types/index.ts @@ -4,6 +4,7 @@ export { Middleware, MiddlewareHandler, + MiddlewareContext, Request, Response, TransferHandler, diff --git a/packages/core/src/parseAmplifyOutputs.ts b/packages/core/src/parseAmplifyOutputs.ts index c7a5d819487..0fcbd0eebee 100644 --- a/packages/core/src/parseAmplifyOutputs.ts +++ b/packages/core/src/parseAmplifyOutputs.ts @@ -88,12 +88,14 @@ function parseAuth( oauth, username_attributes, standard_required_attributes, + groups, } = amplifyOutputsAuthProperties; const authConfig = { Cognito: { userPoolId: user_pool_id, userPoolClientId: user_pool_client_id, + groups, }, } as AuthConfig; @@ -373,18 +375,21 @@ function createBucketInfoMap( ): Record { const mappedBuckets: Record = {}; - buckets.forEach(({ name, bucket_name: bucketName, aws_region: region }) => { - if (name in mappedBuckets) { - throw new Error( - `Duplicate friendly name found: ${name}. Name must be unique.`, - ); - } - - mappedBuckets[name] = { - bucketName, - region, - }; - }); + buckets.forEach( + ({ name, bucket_name: bucketName, aws_region: region, paths }) => { + if (name in mappedBuckets) { + throw new Error( + `Duplicate friendly name found: ${name}. Name must be unique.`, + ); + } + + mappedBuckets[name] = { + bucketName, + region, + paths, + }; + }, + ); return mappedBuckets; } diff --git a/packages/core/src/singleton/AmplifyOutputs/types.ts b/packages/core/src/singleton/AmplifyOutputs/types.ts index c3a23fc98ab..a862d4e4efe 100644 --- a/packages/core/src/singleton/AmplifyOutputs/types.ts +++ b/packages/core/src/singleton/AmplifyOutputs/types.ts @@ -13,7 +13,8 @@ export type AmplifyOutputsAuthMFAConfiguration = | 'NONE'; export type AmplifyOutputsAuthMFAMethod = 'SMS' | 'TOTP'; - +type UserGroupName = string; +type UserGroupPrecedence = Record; export interface AmplifyOutputsAuthProperties { aws_region: string; authentication_flow_type?: 'USER_SRP_AUTH' | 'CUSTOM_AUTH'; @@ -41,6 +42,7 @@ export interface AmplifyOutputsAuthProperties { unauthenticated_identities_enabled?: boolean; mfa_configuration?: string; mfa_methods?: string[]; + groups?: Record[]; } export interface AmplifyOutputsStorageBucketProperties { @@ -50,6 +52,8 @@ export interface AmplifyOutputsStorageBucketProperties { bucket_name: string; /** Region for the bucket */ aws_region: string; + /** Paths to object with access permissions */ + paths?: Record>; } export interface AmplifyOutputsStorageProperties { /** Default region for Storage */ diff --git a/packages/core/src/singleton/Auth/types.ts b/packages/core/src/singleton/Auth/types.ts index e33eb6ab07a..987ac966a59 100644 --- a/packages/core/src/singleton/Auth/types.ts +++ b/packages/core/src/singleton/Auth/types.ts @@ -108,6 +108,9 @@ export type LegacyUserAttributeKey = Uppercase; export type AuthVerifiableAttributeKey = 'email' | 'phone_number'; +type UserGroupName = string; +type UserGroupPrecedence = Record; + export type AuthConfigUserAttributes = Partial< Record >; @@ -130,6 +133,7 @@ export interface AuthIdentityPoolConfig { userAttributes?: never; mfa?: never; passwordFormat?: never; + groups?: never; }; } @@ -171,6 +175,7 @@ export interface CognitoUserPoolConfig { requireNumbers?: boolean; requireSpecialCharacters?: boolean; }; + groups?: Record[]; } export interface OAuthConfig { diff --git a/packages/core/src/singleton/Storage/types.ts b/packages/core/src/singleton/Storage/types.ts index 5bca120c9b3..160c93da2e5 100644 --- a/packages/core/src/singleton/Storage/types.ts +++ b/packages/core/src/singleton/Storage/types.ts @@ -12,6 +12,8 @@ export interface BucketInfo { bucketName: string; /** Region of the bucket */ region: string; + /** Paths to object with access permissions */ + paths?: Record>; } export interface S3ProviderConfig { S3: { diff --git a/packages/interactions/package.json b/packages/interactions/package.json index c6afad8222d..321baa44372 100644 --- a/packages/interactions/package.json +++ b/packages/interactions/package.json @@ -89,19 +89,19 @@ "name": "Interactions (default to Lex v2)", "path": "./dist/esm/index.mjs", "import": "{ Interactions }", - "limit": "52.61 kB" + "limit": "54.05 kB" }, { "name": "Interactions (Lex v2)", "path": "./dist/esm/lex-v2/index.mjs", "import": "{ Interactions }", - "limit": "52.61 kB" + "limit": "54.05 kB" }, { "name": "Interactions (Lex v1)", "path": "./dist/esm/lex-v1/index.mjs", "import": "{ Interactions }", - "limit": "47.41 kB" + "limit": "47.46 kB" } ] } diff --git a/packages/storage/__tests__/internals/apis/copy.test.ts b/packages/storage/__tests__/internals/apis/copy.test.ts new file mode 100644 index 00000000000..2692f4f6a68 --- /dev/null +++ b/packages/storage/__tests__/internals/apis/copy.test.ts @@ -0,0 +1,57 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +import { AmplifyClassV6 } from '@aws-amplify/core'; + +import { copy as advancedCopy } from '../../../src/internals'; +import { copy as copyInternal } from '../../../src/providers/s3/apis/internal/copy'; + +jest.mock('../../../src/providers/s3/apis/internal/copy'); +const mockedCopyInternal = jest.mocked(copyInternal); + +describe('copy (internals)', () => { + beforeEach(() => { + jest.clearAllMocks(); + mockedCopyInternal.mockResolvedValue({ + path: 'output/path/to/mock/object', + }); + }); + + it('should pass advanced option locationCredentialsProvider to internal list', async () => { + const customEndpoint = 's3.dualstack.us-east-2.amazonaws.com'; + const locationCredentialsProvider = async () => ({ + credentials: { + accessKeyId: 'akid', + secretAccessKey: 'secret', + sessionToken: 'token', + expiration: new Date(), + }, + }); + const copyInputWithAdvancedOptions = { + source: { + path: 'path/to/object', + bucket: 'bucket', + eTag: 'eTag', + notModifiedSince: new Date(), + expectedBucketOwner: '012345678901', + }, + destination: { + path: 'path/to/object', + bucket: 'bucket', + expectedBucketOwner: '212345678901', + }, + options: { + locationCredentialsProvider, + customEndpoint, + }, + }; + const result = await advancedCopy(copyInputWithAdvancedOptions); + expect(mockedCopyInternal).toHaveBeenCalledTimes(1); + expect(mockedCopyInternal).toHaveBeenCalledWith( + expect.any(AmplifyClassV6), + copyInputWithAdvancedOptions, + ); + expect(result).toEqual({ + path: 'output/path/to/mock/object', + }); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/downloadData.test.ts b/packages/storage/__tests__/internals/apis/downloadData.test.ts new file mode 100644 index 00000000000..f18ea441e69 --- /dev/null +++ b/packages/storage/__tests__/internals/apis/downloadData.test.ts @@ -0,0 +1,82 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { downloadData as advancedDownloadData } from '../../../src/internals'; +import { downloadData as downloadDataInternal } from '../../../src/providers/s3/apis/internal/downloadData'; + +jest.mock('../../../src/providers/s3/apis/internal/downloadData'); +const mockedDownloadDataInternal = jest.mocked(downloadDataInternal); + +describe('downloadData (internal)', () => { + beforeEach(() => { + mockedDownloadDataInternal.mockReturnValue({ + result: Promise.resolve({ + path: 'output/path/to/mock/object', + body: { + blob: () => Promise.resolve(new Blob()), + json: () => Promise.resolve(''), + text: () => Promise.resolve(''), + }, + }), + cancel: jest.fn(), + state: 'SUCCESS', + }); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass advanced option locationCredentialsProvider to internal downloadData', async () => { + const useAccelerateEndpoint = true; + const expectedBucketOwner = '012345678901'; + const bucket = { bucketName: 'bucket', region: 'us-east-1' }; + const customEndpoint = 's3.dualstack.us-east-2.amazonaws.com'; + const locationCredentialsProvider = async () => ({ + credentials: { + accessKeyId: 'akid', + secretAccessKey: 'secret', + sessionToken: 'token', + expiration: new Date(), + }, + }); + const onProgress = jest.fn(); + const bytesRange = { start: 1024, end: 2048 }; + + const output = await advancedDownloadData({ + path: 'input/path/to/mock/object', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + locationCredentialsProvider, + onProgress, + bytesRange, + expectedBucketOwner, + }, + }); + + expect(mockedDownloadDataInternal).toHaveBeenCalledTimes(1); + expect(mockedDownloadDataInternal).toHaveBeenCalledWith({ + path: 'input/path/to/mock/object', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + locationCredentialsProvider, + onProgress, + bytesRange, + expectedBucketOwner, + }, + }); + + expect(await output.result).toEqual({ + path: 'output/path/to/mock/object', + body: { + blob: expect.any(Function), + json: expect.any(Function), + text: expect.any(Function), + }, + }); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/getDataAccess.test.ts b/packages/storage/__tests__/internals/apis/getDataAccess.test.ts new file mode 100644 index 00000000000..34c41fe2bc7 --- /dev/null +++ b/packages/storage/__tests__/internals/apis/getDataAccess.test.ts @@ -0,0 +1,133 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { CredentialsProviderOptions } from '@aws-amplify/core/internals/aws-client-utils'; + +import { getDataAccess } from '../../../src/internals/apis/getDataAccess'; +import { getDataAccess as getDataAccessClient } from '../../../src/providers/s3/utils/client/s3control'; +import { GetDataAccessInput } from '../../../src/internals/types/inputs'; + +jest.mock('../../../src/providers/s3/utils/client/s3control'); + +const MOCK_ACCOUNT_ID = 'accountId'; +const MOCK_REGION = 'us-east-2'; +const MOCK_ACCESS_ID = 'accessId'; +const MOCK_SECRET_ACCESS_KEY = 'secretAccessKey'; +const MOCK_SESSION_TOKEN = 'sessionToken'; +const MOCK_EXPIRATION = '2013-09-17T18:07:53.000Z'; +const MOCK_EXPIRATION_DATE = new Date(MOCK_EXPIRATION); +const MOCK_SCOPE = 's3://mybucket/files/*'; +const MOCK_CREDENTIALS = { + credentials: { + accessKeyId: MOCK_ACCESS_ID, + secretAccessKey: MOCK_SECRET_ACCESS_KEY, + sessionToken: MOCK_SESSION_TOKEN, + expiration: MOCK_EXPIRATION_DATE, + }, +}; +const MOCK_ACCESS_CREDENTIALS = { + AccessKeyId: MOCK_ACCESS_ID, + SecretAccessKey: MOCK_SECRET_ACCESS_KEY, + SessionToken: MOCK_SESSION_TOKEN, + Expiration: MOCK_EXPIRATION_DATE, +}; +const MOCK_CUSTOM_ENDPOINT = 's3-accesspoint.dualstack.us-east-2.amazonaws.com'; +const MOCK_CREDENTIAL_PROVIDER = jest.fn().mockResolvedValue(MOCK_CREDENTIALS); +const sharedGetDataAccessParams: GetDataAccessInput = { + accountId: MOCK_ACCOUNT_ID, + customEndpoint: MOCK_CUSTOM_ENDPOINT, + credentialsProvider: MOCK_CREDENTIAL_PROVIDER, + durationSeconds: 900, + permission: 'READWRITE', + region: MOCK_REGION, + scope: MOCK_SCOPE, +}; + +describe('getDataAccess', () => { + const getDataAccessClientMock = jest.mocked(getDataAccessClient); + + beforeEach(() => { + jest.clearAllMocks(); + + getDataAccessClientMock.mockResolvedValue({ + Credentials: MOCK_ACCESS_CREDENTIALS, + MatchedGrantTarget: MOCK_SCOPE, + $metadata: {}, + }); + }); + + it('should invoke the getDataAccess client correctly', async () => { + expect.assertions(6); + const result = await getDataAccess(sharedGetDataAccessParams); + + expect(getDataAccessClientMock).toHaveBeenCalledWith( + expect.objectContaining({ + credentials: expect.any(Function), + customEndpoint: MOCK_CUSTOM_ENDPOINT, + region: MOCK_REGION, + userAgentValue: expect.stringContaining('storage/8'), + }), + expect.objectContaining({ + AccountId: MOCK_ACCOUNT_ID, + Target: MOCK_SCOPE, + Permission: 'READWRITE', + TargetType: undefined, + DurationSeconds: 900, + }), + ); + const inputCredentialsProvider = getDataAccessClientMock.mock.calls[0][0] + .credentials as (input: CredentialsProviderOptions) => any; + expect(inputCredentialsProvider).toBeInstanceOf(Function); + await expect( + inputCredentialsProvider({ forceRefresh: true }), + ).resolves.toEqual(MOCK_CREDENTIALS.credentials); + expect(MOCK_CREDENTIAL_PROVIDER).toHaveBeenCalledWith({ + forceRefresh: true, + }); + + expect(result.credentials).toEqual(MOCK_CREDENTIALS.credentials); + expect(result.scope).toEqual(MOCK_SCOPE); + }); + + it('should throw an error if the service does not return credentials', async () => { + expect.assertions(1); + + getDataAccessClientMock.mockResolvedValue({ + Credentials: undefined, + MatchedGrantTarget: MOCK_SCOPE, + $metadata: {}, + }); + + expect(getDataAccess(sharedGetDataAccessParams)).rejects.toThrow( + 'Service did not return valid temporary credentials.', + ); + }); + + it('should set the correct target type when accessing an object', async () => { + const MOCK_OBJECT_SCOPE = 's3://mybucket/files/file.md'; + + getDataAccessClientMock.mockResolvedValue({ + Credentials: MOCK_ACCESS_CREDENTIALS, + MatchedGrantTarget: MOCK_OBJECT_SCOPE, + $metadata: {}, + }); + + const result = await getDataAccess({ + ...sharedGetDataAccessParams, + scope: MOCK_OBJECT_SCOPE, + }); + + expect(getDataAccessClientMock).toHaveBeenCalledWith( + expect.any(Object), + expect.objectContaining({ + AccountId: MOCK_ACCOUNT_ID, + Target: MOCK_OBJECT_SCOPE, + Permission: 'READWRITE', + TargetType: 'Object', + DurationSeconds: 900, + }), + ); + + expect(result.scope).toEqual(MOCK_OBJECT_SCOPE); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/getProperties.test.ts b/packages/storage/__tests__/internals/apis/getProperties.test.ts new file mode 100644 index 00000000000..aa0c2c9815e --- /dev/null +++ b/packages/storage/__tests__/internals/apis/getProperties.test.ts @@ -0,0 +1,63 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +import { AmplifyClassV6 } from '@aws-amplify/core'; + +import { getProperties as advancedGetProperties } from '../../../src/internals'; +import { getProperties as getPropertiesInternal } from '../../../src/providers/s3/apis/internal/getProperties'; + +jest.mock('../../../src/providers/s3/apis/internal/getProperties'); +const mockedGetPropertiesInternal = jest.mocked(getPropertiesInternal); + +describe('getProperties (internal)', () => { + beforeEach(() => { + mockedGetPropertiesInternal.mockResolvedValue({ + path: 'output/path/to/mock/object', + }); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass advanced option locationCredentialsProvider to internal getProperties', async () => { + const useAccelerateEndpoint = true; + const expectedBucketOwner = '012345678901'; + const bucket = { bucketName: 'bucket', region: 'us-east-1' }; + const customEndpoint = 's3.dualstack.us-east-2.amazonaws.com'; + const locationCredentialsProvider = async () => ({ + credentials: { + accessKeyId: 'akid', + secretAccessKey: 'secret', + sessionToken: 'token', + expiration: new Date(), + }, + }); + const result = await advancedGetProperties({ + path: 'input/path/to/mock/object', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + expectedBucketOwner, + locationCredentialsProvider, + }, + }); + expect(mockedGetPropertiesInternal).toHaveBeenCalledTimes(1); + expect(mockedGetPropertiesInternal).toHaveBeenCalledWith( + expect.any(AmplifyClassV6), + { + path: 'input/path/to/mock/object', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + expectedBucketOwner, + locationCredentialsProvider, + }, + }, + ); + expect(result).toEqual({ + path: 'output/path/to/mock/object', + }); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/getUrl.test.ts b/packages/storage/__tests__/internals/apis/getUrl.test.ts new file mode 100644 index 00000000000..fcffafd3f2e --- /dev/null +++ b/packages/storage/__tests__/internals/apis/getUrl.test.ts @@ -0,0 +1,81 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +import { AmplifyClassV6 } from '@aws-amplify/core'; + +import { getUrl as advancedGetUrl } from '../../../src/internals'; +import { getUrl as getUrlInternal } from '../../../src/providers/s3/apis/internal/getUrl'; + +jest.mock('../../../src/providers/s3/apis/internal/getUrl'); +const mockedGetUrlInternal = jest.mocked(getUrlInternal); + +const MOCK_URL = new URL('https://s3.aws/mock-presigned-url'); +const MOCK_DATE = new Date(); +MOCK_DATE.setMonth(MOCK_DATE.getMonth() + 1); + +describe('getUrl (internal)', () => { + beforeEach(() => { + mockedGetUrlInternal.mockResolvedValue({ + url: MOCK_URL, + expiresAt: MOCK_DATE, + }); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass through advanced options to the internal getUrl', async () => { + const useAccelerateEndpoint = true; + const validateObjectExistence = false; + const expectedBucketOwner = '012345678901'; + const expiresIn = 300; // seconds + const contentDisposition = 'inline; filename="example.jpg"'; + const contentType = 'image/jpeg'; + const bucket = { bucketName: 'bucket', region: 'us-east-1' }; + const customEndpoint = 's3.dualstack.us-east-2.amazonaws.com'; + const locationCredentialsProvider = async () => ({ + credentials: { + accessKeyId: 'akid', + secretAccessKey: 'secret', + sessionToken: 'token', + expiration: new Date(), + }, + }); + const result = await advancedGetUrl({ + path: 'input/path/to/mock/object', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + validateObjectExistence, + expiresIn, + contentDisposition, + contentType, + expectedBucketOwner, + locationCredentialsProvider, + }, + }); + expect(mockedGetUrlInternal).toHaveBeenCalledTimes(1); + expect(mockedGetUrlInternal).toHaveBeenCalledWith( + expect.any(AmplifyClassV6), + { + path: 'input/path/to/mock/object', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + validateObjectExistence, + expiresIn, + contentDisposition, + contentType, + expectedBucketOwner, + locationCredentialsProvider, + }, + }, + ); + expect(result).toEqual({ + url: MOCK_URL, + expiresAt: MOCK_DATE, + }); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/list.test.ts b/packages/storage/__tests__/internals/apis/list.test.ts new file mode 100644 index 00000000000..16ea0e5037b --- /dev/null +++ b/packages/storage/__tests__/internals/apis/list.test.ts @@ -0,0 +1,60 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +import { AmplifyClassV6 } from '@aws-amplify/core'; + +import { list as advancedList } from '../../../src/internals'; +import { list as listInternal } from '../../../src/providers/s3/apis/internal/list'; + +jest.mock('../../../src/providers/s3/apis/internal/list'); +const mockedListInternal = jest.mocked(listInternal); + +describe('list (internals)', () => { + beforeEach(() => { + jest.clearAllMocks(); + mockedListInternal.mockResolvedValue({ + items: [], + }); + }); + + it('should pass advanced option locationCredentialsProvider to internal list', async () => { + const useAccelerateEndpoint = true; + const expectedBucketOwner = '012345678901'; + const bucket = { bucketName: 'bucket', region: 'us-east-1' }; + const customEndpoint = 's3.dualstack.us-east-2.amazonaws.com'; + const locationCredentialsProvider = async () => ({ + credentials: { + accessKeyId: 'akid', + secretAccessKey: 'secret', + sessionToken: 'token', + expiration: new Date(), + }, + }); + const result = await advancedList({ + path: 'input/path/to/mock/object', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + expectedBucketOwner, + locationCredentialsProvider, + }, + }); + expect(mockedListInternal).toHaveBeenCalledTimes(1); + expect(mockedListInternal).toHaveBeenCalledWith( + expect.any(AmplifyClassV6), + { + path: 'input/path/to/mock/object', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + expectedBucketOwner, + locationCredentialsProvider, + }, + }, + ); + expect(result).toEqual({ + items: [], + }); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/listCallerAccessGrants.test.ts b/packages/storage/__tests__/internals/apis/listCallerAccessGrants.test.ts new file mode 100644 index 00000000000..43d96f24488 --- /dev/null +++ b/packages/storage/__tests__/internals/apis/listCallerAccessGrants.test.ts @@ -0,0 +1,138 @@ +// SPDX-License-Identifier: Apache-2.0 +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + +import { CredentialsProviderOptions } from '@aws-amplify/core/internals/aws-client-utils'; + +import { listCallerAccessGrants } from '../../../src/internals/apis/listCallerAccessGrants'; +import { listCallerAccessGrants as listCallerAccessGrantsClient } from '../../../src/providers/s3/utils/client/s3control'; + +jest.mock('../../../src/providers/s3/utils/client/s3control'); + +const mockAccountId = '1234567890'; +const mockRegion = 'us-foo-2'; +const mockCredentials = { + accessKeyId: 'key', + secretAccessKey: 'secret', + sessionToken: 'session', + expiration: new Date(), +}; +const mockCredentialsProvider = jest + .fn() + .mockResolvedValue({ credentials: mockCredentials }); +const mockNextToken = '123'; +const mockPageSize = 123; +const mockCustomEndpoint = 's3-accesspoint.dualstack.us-east-2.amazonaws.com'; + +describe('listCallerAccessGrants', () => { + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should invoke the listCallerAccessGrants client with expected parameters', async () => { + expect.assertions(4); + jest.mocked(listCallerAccessGrantsClient).mockResolvedValue({ + NextToken: undefined, + CallerAccessGrantsList: [], + $metadata: {} as any, + }); + await listCallerAccessGrants({ + accountId: mockAccountId, + customEndpoint: mockCustomEndpoint, + region: mockRegion, + credentialsProvider: mockCredentialsProvider, + nextToken: mockNextToken, + pageSize: mockPageSize, + }); + expect(listCallerAccessGrantsClient).toHaveBeenCalledWith( + expect.objectContaining({ + region: mockRegion, + credentials: expect.any(Function), + customEndpoint: mockCustomEndpoint, + }), + expect.objectContaining({ + AccountId: mockAccountId, + NextToken: mockNextToken, + MaxResults: mockPageSize, + AllowedByApplication: true, + }), + ); + const inputCredentialsProvider = jest.mocked(listCallerAccessGrantsClient) + .mock.calls[0][0].credentials as ( + input: CredentialsProviderOptions, + ) => any; + expect(inputCredentialsProvider).toBeInstanceOf(Function); + await expect( + inputCredentialsProvider({ forceRefresh: true }), + ).resolves.toEqual(mockCredentials); + expect(mockCredentialsProvider).toHaveBeenCalledWith({ + forceRefresh: true, + }); + }); + + it('should set a default page size', async () => { + expect.assertions(1); + jest.mocked(listCallerAccessGrantsClient).mockResolvedValue({ + NextToken: undefined, + CallerAccessGrantsList: [], + $metadata: {} as any, + }); + await listCallerAccessGrants({ + accountId: mockAccountId, + region: mockRegion, + credentialsProvider: mockCredentialsProvider, + }); + expect(listCallerAccessGrantsClient).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ + MaxResults: 1000, + }), + ); + }); + + it('should set response location type correctly', async () => { + expect.assertions(2); + jest.mocked(listCallerAccessGrantsClient).mockResolvedValue({ + NextToken: undefined, + CallerAccessGrantsList: [ + { + GrantScope: 's3://bucket/*', + Permission: 'READ', + }, + { + GrantScope: 's3://bucket/path/*', + Permission: 'READWRITE', + }, + { + GrantScope: 's3://bucket/path/to/object', + Permission: 'READ', + ApplicationArn: 'arn:123', + }, + ], + $metadata: {} as any, + }); + const { locations, nextToken } = await listCallerAccessGrants({ + accountId: mockAccountId, + region: mockRegion, + credentialsProvider: mockCredentialsProvider, + }); + + expect(locations).toEqual([ + { + scope: 's3://bucket/*', + type: 'BUCKET', + permission: 'READ', + }, + { + scope: 's3://bucket/path/*', + type: 'PREFIX', + permission: 'READWRITE', + }, + { + scope: 's3://bucket/path/to/object', + type: 'OBJECT', + permission: 'READ', + }, + ]); + expect(nextToken).toBeUndefined(); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/listPaths/getHighestPrecedenceUserGroup.test.ts b/packages/storage/__tests__/internals/apis/listPaths/getHighestPrecedenceUserGroup.test.ts new file mode 100644 index 00000000000..76897ebc0ca --- /dev/null +++ b/packages/storage/__tests__/internals/apis/listPaths/getHighestPrecedenceUserGroup.test.ts @@ -0,0 +1,57 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + UserGroupConfig, + getHighestPrecedenceUserGroup, +} from '../../../../src/internals/apis/listPaths/getHighestPrecedenceUserGroup'; + +const userGroupsFromConfig: UserGroupConfig = [ + { + editor: { + precedence: 0, + }, + }, + { + admin: { + precedence: 1, + }, + }, + { + auditor: { + precedence: 2, + }, + }, +]; +const currentUserGroups = ['guest', 'user', 'admin']; + +describe('getHighestPrecedenceUserGroup', () => { + it('should return the user group with the highest precedence', () => { + const result = getHighestPrecedenceUserGroup( + userGroupsFromConfig, + currentUserGroups, + ); + expect(result).toBe('admin'); + }); + + it('should return undefined if userGroupsFromConfig is undefined', () => { + const result = getHighestPrecedenceUserGroup(undefined, currentUserGroups); + expect(result).toBeUndefined(); + }); + + it('should return undefined if currentUserGroups is undefined', () => { + const result = getHighestPrecedenceUserGroup( + userGroupsFromConfig, + undefined, + ); + expect(result).toBeUndefined(); + }); + + it('should handle currentUserGroups containing groups not present in userGroupsFromConfig', () => { + const result = getHighestPrecedenceUserGroup(userGroupsFromConfig, [ + 'unknown', + 'user', + ]); + expect(result).toBe(undefined); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/listPaths/listPaths.test.ts b/packages/storage/__tests__/internals/apis/listPaths/listPaths.test.ts new file mode 100644 index 00000000000..dfe1a711c5a --- /dev/null +++ b/packages/storage/__tests__/internals/apis/listPaths/listPaths.test.ts @@ -0,0 +1,202 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { Amplify, AuthTokens, fetchAuthSession } from '@aws-amplify/core'; + +import { resolveLocationsForCurrentSession } from '../../../../src/internals/apis/listPaths/resolveLocationsForCurrentSession'; +import { getHighestPrecedenceUserGroup } from '../../../../src/internals/apis/listPaths/getHighestPrecedenceUserGroup'; +import { listPaths } from '../../../../src/internals'; + +jest.mock('@aws-amplify/core', () => ({ + ConsoleLogger: jest.fn(), + Amplify: { + getConfig: jest.fn(), + Auth: { + getConfig: jest.fn(), + fetchAuthSession: jest.fn(), + }, + }, + fetchAuthSession: jest.fn(), +})); +jest.mock( + '../../../../src/internals/apis/listPaths/resolveLocationsForCurrentSession', +); +jest.mock( + '../../../../src/internals/apis/listPaths/getHighestPrecedenceUserGroup', +); + +const credentials = { + accessKeyId: 'accessKeyId', + sessionToken: 'sessionToken', + secretAccessKey: 'secretAccessKey', +}; +const identityId = 'identityId'; + +const mockGetConfig = jest.mocked(Amplify.getConfig); +const mockFetchAuthSession = jest.mocked(fetchAuthSession); +const mockResolveLocationsFromCurrentSession = + resolveLocationsForCurrentSession as jest.Mock; +const mockGetHighestPrecedenceUserGroup = jest.mocked( + getHighestPrecedenceUserGroup, +); + +const mockAuthConfig = { + Auth: { + Cognito: { + userPoolClientId: 'userPoolClientId', + userPoolId: 'userPoolId', + identityPoolId: 'identityPoolId', + groups: [{ admin: { precedence: 0 } }], + }, + }, +}; +const mockBuckets = { + bucket1: { + bucketName: 'bucket1', + region: 'region1', + paths: { + '/path1': { + authenticated: ['read', 'write'], + groupsadmin: ['read'], + guest: ['read'], + }, + }, + }, +}; + +describe('listPaths', () => { + beforeEach(() => { + jest.clearAllMocks(); + }); + + mockGetConfig.mockReturnValue({ + ...mockAuthConfig, + Storage: { + S3: { + bucket: 'bucket1', + region: 'region1', + buckets: { + 'bucket-1': { + bucketName: 'bucket-1', + region: 'region1', + paths: {}, + }, + }, + }, + }, + }); + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId, + tokens: { + accessToken: { payload: {} }, + }, + }); + + it('should return empty locations when buckets are not defined', async () => { + mockGetConfig.mockReturnValue({ + ...mockAuthConfig, + Storage: { S3: { buckets: undefined } }, + }); + + const result = await listPaths(); + + expect(result).toEqual({ locations: [] }); + }); + + it('should generate locations correctly when buckets are defined', async () => { + mockGetConfig.mockReturnValue({ + ...mockAuthConfig, + Storage: { S3: { buckets: mockBuckets } }, + }); + mockResolveLocationsFromCurrentSession.mockReturnValue([ + { + type: 'PREFIX', + permission: ['read', 'write'], + bucket: 'bucket1', + prefix: '/path1', + }, + ]); + + const result = await listPaths(); + + expect(result).toEqual({ + locations: [ + { + type: 'PREFIX', + permission: ['read', 'write'], + bucket: 'bucket1', + prefix: '/path1', + }, + ], + }); + }); + + it('should call resolveLocations with authenticated false for unauthenticated user', async () => { + mockGetConfig.mockReturnValue({ + Auth: { + Cognito: { + userPoolClientId: 'userPoolClientId', + userPoolId: 'userPoolId', + identityPoolId: 'identityPoolId', + groups: [{ admin: { precedence: 0 } }], + }, + }, + + Storage: { S3: { buckets: mockBuckets } }, + }); + mockFetchAuthSession.mockResolvedValue({ + tokens: undefined, + identityId: undefined, + }); + mockResolveLocationsFromCurrentSession.mockReturnValue({ + locations: { + type: 'PREFIX', + permission: ['read'], + bucket: 'bucket1', + prefix: '/path1', + }, + }); + await listPaths(); + + expect(mockResolveLocationsFromCurrentSession).toHaveBeenCalled(); + expect(mockResolveLocationsFromCurrentSession).toHaveBeenCalledWith({ + buckets: mockBuckets, + isAuthenticated: false, + identityId: undefined, + userGroup: undefined, + }); + }); + + it('should call resolveLocations with right userGroup when provided', async () => { + mockGetConfig.mockReturnValue({ + Auth: { + Cognito: { + userPoolClientId: 'userPoolClientId', + userPoolId: 'userPoolId', + identityPoolId: 'identityPoolId', + groups: [{ admin: { precedence: 0 } }], + }, + }, + + Storage: { S3: { buckets: mockBuckets } }, + }); + mockFetchAuthSession.mockResolvedValue({ + tokens: { + accessToken: { payload: {} }, + } as AuthTokens, + identityId: 'identityId', + }); + mockGetHighestPrecedenceUserGroup.mockReturnValue('admin'); + + await listPaths(); + + expect(mockResolveLocationsFromCurrentSession).toHaveBeenCalled(); + expect(mockResolveLocationsFromCurrentSession).toHaveBeenCalledWith({ + buckets: mockBuckets, + isAuthenticated: true, + identityId: 'identityId', + userGroup: 'admin', + }); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/listPaths/resolveLocationsForCurrentSession.test.ts b/packages/storage/__tests__/internals/apis/listPaths/resolveLocationsForCurrentSession.test.ts new file mode 100644 index 00000000000..3040ca68d5a --- /dev/null +++ b/packages/storage/__tests__/internals/apis/listPaths/resolveLocationsForCurrentSession.test.ts @@ -0,0 +1,141 @@ +import { resolveLocationsForCurrentSession } from '../../../../src/internals/apis/listPaths/resolveLocationsForCurrentSession'; +import { BucketInfo } from '../../../../src/providers/s3/types/options'; + +describe('resolveLocationsForCurrentSession', () => { + const mockBuckets: Record = { + bucket1: { + bucketName: 'bucket1', + region: 'region1', + paths: { + 'path1/*': { + guest: ['get', 'list'], + authenticated: ['get', 'list', 'write'], + }, + 'path2/*': { + groupsauditor: ['get', 'list'], + groupsadmin: ['get', 'list', 'write', 'delete'], + }, + // eslint-disable-next-line no-template-curly-in-string + 'profile-pictures/${cognito-identity.amazonaws.com:sub}/*': { + entityidentity: ['get', 'list', 'write', 'delete'], + }, + }, + }, + bucket2: { + bucketName: 'bucket2', + region: 'region1', + paths: { + 'path3/*': { + guest: ['read'], + }, + }, + }, + }; + + it('should generate locations correctly when tokens are true', () => { + const result = resolveLocationsForCurrentSession({ + buckets: mockBuckets, + isAuthenticated: true, + identityId: '12345', + }); + + expect(result).toEqual([ + { + type: 'PREFIX', + permission: ['get', 'list', 'write'], + bucket: 'bucket1', + prefix: 'path1/*', + }, + { + type: 'PREFIX', + permission: ['get', 'list', 'write', 'delete'], + bucket: 'bucket1', + prefix: 'profile-pictures/12345/*', + }, + ]); + }); + + it('should generate locations correctly when tokens are true & userGroup', () => { + const result = resolveLocationsForCurrentSession({ + buckets: mockBuckets, + isAuthenticated: true, + identityId: '12345', + userGroup: 'admin', + }); + + expect(result).toEqual([ + { + type: 'PREFIX', + permission: ['get', 'list', 'write', 'delete'], + bucket: 'bucket1', + prefix: 'path2/*', + }, + ]); + }); + + it('should return empty locations when tokens are true & bad userGroup', () => { + const result = resolveLocationsForCurrentSession({ + buckets: mockBuckets, + isAuthenticated: true, + identityId: '12345', + userGroup: 'editor', + }); + + expect(result).toEqual([]); + }); + + it('should continue to next bucket when paths are not defined', () => { + const result = resolveLocationsForCurrentSession({ + buckets: { + bucket1: { + bucketName: 'bucket1', + region: 'region1', + paths: undefined, + }, + bucket2: { + bucketName: 'bucket1', + region: 'region1', + paths: { + 'path1/*': { + guest: ['get', 'list'], + authenticated: ['get', 'list', 'write'], + }, + }, + }, + }, + isAuthenticated: true, + identityId: '12345', + }); + + expect(result).toEqual([ + { + type: 'PREFIX', + permission: ['get', 'list', 'write'], + bucket: 'bucket1', + prefix: 'path1/*', + }, + ]); + }); + + it('should generate locations correctly when tokens are false', () => { + const result = resolveLocationsForCurrentSession({ + buckets: mockBuckets, + isAuthenticated: false, + }); + + expect(result).toEqual([ + { + type: 'PREFIX', + permission: ['get', 'list'], + bucket: 'bucket1', + prefix: 'path1/*', + }, + { + type: 'PREFIX', + permission: ['read'], + bucket: 'bucket2', + prefix: 'path3/*', + }, + ]); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/remove.test.ts b/packages/storage/__tests__/internals/apis/remove.test.ts new file mode 100644 index 00000000000..2adab6dd0ef --- /dev/null +++ b/packages/storage/__tests__/internals/apis/remove.test.ts @@ -0,0 +1,65 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +import { AmplifyClassV6 } from '@aws-amplify/core'; + +import { remove as advancedRemove } from '../../../src/internals'; +import { remove as removeInternal } from '../../../src/providers/s3/apis/internal/remove'; + +jest.mock('../../../src/providers/s3/apis/internal/remove'); +const mockedRemoveInternal = jest.mocked(removeInternal); + +describe('remove (internal)', () => { + beforeEach(() => { + mockedRemoveInternal.mockResolvedValue({ + path: 'output/path/to/mock/object', + }); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass advanced option locationCredentialsProvider to internal remove', async () => { + const useAccelerateEndpoint = true; + const expectedBucketOwner = '012345678901'; + const bucket = { bucketName: 'bucket', region: 'us-east-1' }; + const customEndpoint = 's3.dualstack.us-east-2.amazonaws.com'; + const locationCredentialsProvider = async () => ({ + credentials: { + accessKeyId: 'akid', + secretAccessKey: 'secret', + sessionToken: 'token', + expiration: new Date(), + }, + }); + + const result = await advancedRemove({ + path: 'input/path/to/mock/object', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + expectedBucketOwner, + locationCredentialsProvider, + }, + }); + + expect(mockedRemoveInternal).toHaveBeenCalledTimes(1); + expect(mockedRemoveInternal).toHaveBeenCalledWith( + expect.any(AmplifyClassV6), + { + path: 'input/path/to/mock/object', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + expectedBucketOwner, + locationCredentialsProvider, + }, + }, + ); + expect(result).toEqual({ + path: 'output/path/to/mock/object', + }); + }); +}); diff --git a/packages/storage/__tests__/internals/apis/uploadData.test.ts b/packages/storage/__tests__/internals/apis/uploadData.test.ts new file mode 100644 index 00000000000..c26096d8464 --- /dev/null +++ b/packages/storage/__tests__/internals/apis/uploadData.test.ts @@ -0,0 +1,76 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { uploadData as advancedUploadData } from '../../../src/internals'; +import { uploadData as uploadDataInternal } from '../../../src/providers/s3/apis/internal/uploadData'; + +jest.mock('../../../src/providers/s3/apis/internal/uploadData'); +const mockedUploadDataInternal = jest.mocked(uploadDataInternal); +const mockedUploadTask = 'UPLOAD_TASK'; + +describe('uploadData (internal)', () => { + beforeEach(() => { + mockedUploadDataInternal.mockReturnValue(mockedUploadTask as any); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass advanced option locationCredentialsProvider to internal remove', async () => { + const useAccelerateEndpoint = true; + const expectedBucketOwner = '012345678901'; + const bucket = { bucketName: 'bucket', region: 'us-east-1' }; + const customEndpoint = 's3.dualstack.us-east-2.amazonaws.com'; + + const locationCredentialsProvider = async () => ({ + credentials: { + accessKeyId: 'akid', + secretAccessKey: 'secret', + sessionToken: 'token', + expiration: new Date(), + }, + }); + const contentDisposition = { type: 'attachment', filename: 'foo' } as const; + const onProgress = jest.fn(); + const metadata = { foo: 'bar' }; + + const result = advancedUploadData({ + path: 'input/path/to/mock/object', + data: 'data', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + locationCredentialsProvider, + contentDisposition, + contentEncoding: 'gzip', + contentType: 'text/html', + onProgress, + metadata, + expectedBucketOwner, + checksumAlgorithm: 'crc-32', + }, + }); + + expect(mockedUploadDataInternal).toHaveBeenCalledTimes(1); + expect(mockedUploadDataInternal).toHaveBeenCalledWith({ + path: 'input/path/to/mock/object', + data: 'data', + options: { + customEndpoint, + useAccelerateEndpoint, + bucket, + locationCredentialsProvider, + contentDisposition, + contentEncoding: 'gzip', + contentType: 'text/html', + onProgress, + metadata, + expectedBucketOwner, + checksumAlgorithm: 'crc-32', + }, + }); + expect(result).toEqual(mockedUploadTask); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/copy.test.ts b/packages/storage/__tests__/providers/s3/apis/copy.test.ts index 7ddd0430dd8..606786ebfc2 100644 --- a/packages/storage/__tests__/providers/s3/apis/copy.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/copy.test.ts @@ -1,412 +1,44 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { AWSCredentials } from '@aws-amplify/core/internals/utils'; -import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; +import { Amplify } from '@aws-amplify/core'; -import { StorageError } from '../../../../src/errors/StorageError'; -import { StorageValidationErrorCode } from '../../../../src/errors/types/validation'; -import { copyObject } from '../../../../src/providers/s3/utils/client'; +import { CopyInput, CopyWithPathInput } from '../../../../src'; import { copy } from '../../../../src/providers/s3/apis'; -import { - CopyInput, - CopyOutput, - CopyWithPathInput, - CopyWithPathOutput, -} from '../../../../src/providers/s3/types'; -import './testUtils'; -import { BucketInfo } from '../../../../src/providers/s3/types/options'; +import { copy as internalCopyImpl } from '../../../../src/providers/s3/apis/internal/copy'; -jest.mock('../../../../src/providers/s3/utils/client'); -jest.mock('@aws-amplify/core', () => ({ - ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { - return { debug: jest.fn() }; - }), - Amplify: { - getConfig: jest.fn(), - Auth: { - fetchAuthSession: jest.fn(), - }, - }, -})); -const mockCopyObject = copyObject as jest.Mock; -const mockFetchAuthSession = Amplify.Auth.fetchAuthSession as jest.Mock; -const mockGetConfig = Amplify.getConfig as jest.Mock; +jest.mock('../../../../src/providers/s3/apis/internal/copy'); -const sourceKey = 'sourceKey'; -const destinationKey = 'destinationKey'; -const bucket = 'bucket'; -const region = 'region'; -const targetIdentityId = 'targetIdentityId'; -const defaultIdentityId = 'defaultIdentityId'; -const credentials: AWSCredentials = { - accessKeyId: 'accessKeyId', - sessionToken: 'sessionToken', - secretAccessKey: 'secretAccessKey', -}; -const copyObjectClientConfig = { - credentials, - region, - userAgentValue: expect.any(String), -}; -const copyObjectClientBaseParams = { - Bucket: bucket, - MetadataDirective: 'COPY', -}; +const mockInternalCopyImpl = jest.mocked(internalCopyImpl); -describe('copy API', () => { - beforeAll(() => { - mockFetchAuthSession.mockResolvedValue({ - credentials, - identityId: defaultIdentityId, - }); - mockGetConfig.mockReturnValue({ - Storage: { - S3: { - bucket, - region, - buckets: { 'bucket-1': { bucketName: bucket, region } }, - }, - }, - }); +describe('client-side copy', () => { + beforeEach(() => { + jest.clearAllMocks(); }); - describe('Happy Cases', () => { - describe('With key', () => { - const copyWrapper = async (input: CopyInput): Promise => - copy(input); - beforeEach(() => { - mockCopyObject.mockImplementation(() => { - return { - Metadata: { key: 'value' }, - }; - }); - }); - afterEach(() => { - jest.clearAllMocks(); - }); - const testCases: { - source: { accessLevel?: StorageAccessLevel; targetIdentityId?: string }; - destination: { - accessLevel?: StorageAccessLevel; - }; - expectedSourceKey: string; - expectedDestinationKey: string; - }[] = [ - { - source: { accessLevel: 'guest' }, - destination: { accessLevel: 'guest' }, - expectedSourceKey: `${bucket}/public/${sourceKey}`, - expectedDestinationKey: `public/${destinationKey}`, - }, - { - source: { accessLevel: 'guest' }, - destination: { accessLevel: 'private' }, - expectedSourceKey: `${bucket}/public/${sourceKey}`, - expectedDestinationKey: `private/${defaultIdentityId}/${destinationKey}`, - }, - { - source: { accessLevel: 'guest' }, - destination: { accessLevel: 'protected' }, - expectedSourceKey: `${bucket}/public/${sourceKey}`, - expectedDestinationKey: `protected/${defaultIdentityId}/${destinationKey}`, - }, - { - source: { accessLevel: 'private' }, - destination: { accessLevel: 'guest' }, - expectedSourceKey: `${bucket}/private/${defaultIdentityId}/${sourceKey}`, - expectedDestinationKey: `public/${destinationKey}`, - }, - { - source: { accessLevel: 'private' }, - destination: { accessLevel: 'private' }, - expectedSourceKey: `${bucket}/private/${defaultIdentityId}/${sourceKey}`, - expectedDestinationKey: `private/${defaultIdentityId}/${destinationKey}`, - }, - { - source: { accessLevel: 'private' }, - destination: { accessLevel: 'protected' }, - expectedSourceKey: `${bucket}/private/${defaultIdentityId}/${sourceKey}`, - expectedDestinationKey: `protected/${defaultIdentityId}/${destinationKey}`, - }, - { - source: { accessLevel: 'protected' }, - destination: { accessLevel: 'guest' }, - expectedSourceKey: `${bucket}/protected/${defaultIdentityId}/${sourceKey}`, - expectedDestinationKey: `public/${destinationKey}`, - }, - { - source: { accessLevel: 'protected' }, - destination: { accessLevel: 'private' }, - expectedSourceKey: `${bucket}/protected/${defaultIdentityId}/${sourceKey}`, - expectedDestinationKey: `private/${defaultIdentityId}/${destinationKey}`, - }, - { - source: { accessLevel: 'protected' }, - destination: { accessLevel: 'protected' }, - expectedSourceKey: `${bucket}/protected/${defaultIdentityId}/${sourceKey}`, - expectedDestinationKey: `protected/${defaultIdentityId}/${destinationKey}`, - }, - { - source: { accessLevel: 'protected', targetIdentityId }, - destination: { accessLevel: 'guest' }, - expectedSourceKey: `${bucket}/protected/${targetIdentityId}/${sourceKey}`, - expectedDestinationKey: `public/${destinationKey}`, - }, - { - source: { accessLevel: 'protected', targetIdentityId }, - destination: { accessLevel: 'private' }, - expectedSourceKey: `${bucket}/protected/${targetIdentityId}/${sourceKey}`, - expectedDestinationKey: `private/${defaultIdentityId}/${destinationKey}`, - }, - { - source: { accessLevel: 'protected', targetIdentityId }, - destination: { accessLevel: 'protected' }, - expectedSourceKey: `${bucket}/protected/${targetIdentityId}/${sourceKey}`, - expectedDestinationKey: `protected/${defaultIdentityId}/${destinationKey}`, - }, - ]; - testCases.forEach( - ({ - source, - destination, - expectedSourceKey, - expectedDestinationKey, - }) => { - const targetIdentityIdMsg = source?.targetIdentityId - ? `with targetIdentityId` - : ''; - it(`should copy ${source.accessLevel} ${targetIdentityIdMsg} -> ${destination.accessLevel}`, async () => { - const { key } = await copyWrapper({ - source: { - ...source, - key: sourceKey, - }, - destination: { - ...destination, - key: destinationKey, - }, - }); - expect(key).toEqual(destinationKey); - expect(copyObject).toHaveBeenCalledTimes(1); - await expect(copyObject).toBeLastCalledWithConfigAndInput( - copyObjectClientConfig, - { - ...copyObjectClientBaseParams, - CopySource: expectedSourceKey, - Key: expectedDestinationKey, - }, - ); - }); - }, - ); - - it('should override bucket in copyObject call when bucket option is passed', async () => { - const bucketInfo: BucketInfo = { - bucketName: 'bucket-2', - region: 'region-2', - }; - await copyWrapper({ - source: { key: 'sourceKey', bucket: 'bucket-1' }, - destination: { - key: 'destinationKey', - bucket: bucketInfo, - }, - }); - expect(copyObject).toHaveBeenCalledTimes(1); - await expect(copyObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region: bucketInfo.region, - userAgentValue: expect.any(String), - }, - { - Bucket: bucketInfo.bucketName, - MetadataDirective: 'COPY', - CopySource: `${bucket}/public/sourceKey`, - Key: 'public/destinationKey', - }, - ); - }); - }); - - describe('With path', () => { - const copyWrapper = async ( - input: CopyWithPathInput, - ): Promise => copy(input); - - beforeEach(() => { - mockCopyObject.mockImplementation(() => { - return { - Metadata: { key: 'value' }, - }; - }); - }); - afterEach(() => { - jest.clearAllMocks(); - }); - - test.each([ - { - sourcePath: 'sourcePathAsString', - expectedSourcePath: 'sourcePathAsString', - destinationPath: 'destinationPathAsString', - expectedDestinationPath: 'destinationPathAsString', - }, - { - sourcePath: () => 'sourcePathAsFunction', - expectedSourcePath: 'sourcePathAsFunction', - destinationPath: () => 'destinationPathAsFunction', - expectedDestinationPath: 'destinationPathAsFunction', - }, - ])( - 'should copy $sourcePath -> $destinationPath', - async ({ - sourcePath, - expectedSourcePath, - destinationPath, - expectedDestinationPath, - }) => { - const { path } = await copyWrapper({ - source: { path: sourcePath }, - destination: { path: destinationPath }, - }); - expect(path).toEqual(expectedDestinationPath); - expect(copyObject).toHaveBeenCalledTimes(1); - await expect(copyObject).toBeLastCalledWithConfigAndInput( - copyObjectClientConfig, - { - ...copyObjectClientBaseParams, - CopySource: `${bucket}/${expectedSourcePath}`, - Key: expectedDestinationPath, - }, - ); - }, - ); - it('should override bucket in copyObject call when bucket option is passed', async () => { - const bucketInfo: BucketInfo = { - bucketName: 'bucket-2', - region: 'region-2', - }; - await copyWrapper({ - source: { path: 'sourcePath', bucket: 'bucket-1' }, - destination: { - path: 'destinationPath', - bucket: bucketInfo, - }, - }); - expect(copyObject).toHaveBeenCalledTimes(1); - await expect(copyObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region: bucketInfo.region, - userAgentValue: expect.any(String), - }, - { - Bucket: bucketInfo.bucketName, - MetadataDirective: 'COPY', - CopySource: `${bucket}/sourcePath`, - Key: 'destinationPath', - }, - ); - }); - }); + it('should pass through input with key and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalCopyImpl.mockReturnValue(mockInternalResult); + const input: CopyInput = { + source: { + key: 'source-key', + }, + destination: { + key: 'destination-key', + }, + }; + expect(copy(input)).toEqual(mockInternalResult); + expect(mockInternalCopyImpl).toBeCalledWith(Amplify, input); }); - describe('Error Cases:', () => { - afterEach(() => { - jest.clearAllMocks(); - }); - it('should return a not found error', async () => { - mockCopyObject.mockRejectedValueOnce( - Object.assign(new Error(), { - $metadata: { httpStatusCode: 404 }, - name: 'NotFound', - }), - ); - expect.assertions(3); - const missingSourceKey = 'SourceKeyNotFound'; - try { - await copy({ - source: { key: missingSourceKey }, - destination: { key: destinationKey }, - }); - } catch (error: any) { - expect(copyObject).toHaveBeenCalledTimes(1); - await expect(copyObject).toBeLastCalledWithConfigAndInput( - copyObjectClientConfig, - { - ...copyObjectClientBaseParams, - CopySource: `${bucket}/public/${missingSourceKey}`, - Key: `public/${destinationKey}`, - }, - ); - expect(error.$metadata.httpStatusCode).toBe(404); - } - }); - - it('should return a path not found error when source uses path and destination uses key', async () => { - expect.assertions(2); - try { - // @ts-expect-error mismatch copy input not allowed - await copy({ - source: { path: 'sourcePath' }, - destination: { key: 'destinationKey' }, - }); - } catch (error: any) { - expect(error).toBeInstanceOf(StorageError); - // source uses path so destination expects path as well - expect(error.name).toBe(StorageValidationErrorCode.NoDestinationPath); - } - }); - - it('should return a key not found error when source uses key and destination uses path', async () => { - expect.assertions(2); - try { - // @ts-expect-error mismatch copy input not allowed - await copy({ - source: { key: 'sourcePath' }, - destination: { path: 'destinationKey' }, - }); - } catch (error: any) { - expect(error).toBeInstanceOf(StorageError); - expect(error.name).toBe(StorageValidationErrorCode.NoDestinationKey); - } - }); - - it('should throw an error when only source has bucket option', async () => { - expect.assertions(2); - try { - await copy({ - source: { path: 'source', bucket: 'bucket-1' }, - destination: { - path: 'destination', - }, - }); - } catch (error: any) { - expect(error).toBeInstanceOf(StorageError); - expect(error.name).toBe( - StorageValidationErrorCode.InvalidCopyOperationStorageBucket, - ); - } - }); - - it('should throw an error when only one destination has bucket option', async () => { - expect.assertions(2); - try { - await copy({ - source: { key: 'source' }, - destination: { - key: 'destination', - bucket: 'bucket-1', - }, - }); - } catch (error: any) { - expect(error).toBeInstanceOf(StorageError); - expect(error.name).toBe( - StorageValidationErrorCode.InvalidCopyOperationStorageBucket, - ); - } - }); + it('should pass through input with path and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalCopyImpl.mockReturnValue(mockInternalResult); + const input: CopyWithPathInput = { + source: { path: 'abc' }, + destination: { path: 'abc' }, + }; + expect(copy(input)).toEqual(mockInternalResult); + expect(mockInternalCopyImpl).toBeCalledWith(Amplify, input); }); }); diff --git a/packages/storage/__tests__/providers/s3/apis/downloadData.test.ts b/packages/storage/__tests__/providers/s3/apis/downloadData.test.ts index 35b790366bc..baf27558169 100644 --- a/packages/storage/__tests__/providers/s3/apis/downloadData.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/downloadData.test.ts @@ -1,500 +1,40 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { AWSCredentials } from '@aws-amplify/core/internals/utils'; -import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; +import { downloadData } from '../../../../src/providers/s3/apis'; +import { downloadData as internalDownloadDataImpl } from '../../../../src/providers/s3/apis/internal/downloadData'; -import { getObject } from '../../../../src/providers/s3/utils/client'; -import { downloadData } from '../../../../src/providers/s3'; -import { - createDownloadTask, - validateStorageOperationInput, -} from '../../../../src/providers/s3/utils'; -import { - DownloadDataInput, - DownloadDataWithPathInput, -} from '../../../../src/providers/s3/types'; -import { - STORAGE_INPUT_KEY, - STORAGE_INPUT_PATH, -} from '../../../../src/providers/s3/utils/constants'; -import { StorageDownloadDataOutput } from '../../../../src/types'; -import { - ItemWithKey, - ItemWithPath, -} from '../../../../src/providers/s3/types/outputs'; -import './testUtils'; -import { BucketInfo } from '../../../../src/providers/s3/types/options'; +jest.mock('../../../../src/providers/s3/apis/internal/downloadData'); -jest.mock('../../../../src/providers/s3/utils/client'); -jest.mock('../../../../src/providers/s3/utils'); -jest.mock('@aws-amplify/core', () => ({ - ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { - return { debug: jest.fn() }; - }), - Amplify: { - getConfig: jest.fn(), - Auth: { - fetchAuthSession: jest.fn(), - }, - }, -})); -const credentials: AWSCredentials = { - accessKeyId: 'accessKeyId', - sessionToken: 'sessionToken', - secretAccessKey: 'secretAccessKey', -}; -const inputKey = 'key'; -const inputPath = 'path'; -const bucket = 'bucket'; -const region = 'region'; -const targetIdentityId = 'targetIdentityId'; -const defaultIdentityId = 'defaultIdentityId'; -const mockDownloadResultBase = { - body: 'body', - lastModified: 'lastModified', - size: 'contentLength', - eTag: 'eTag', - metadata: 'metadata', - versionId: 'versionId', - contentType: 'contentType', -}; - -const mockFetchAuthSession = Amplify.Auth.fetchAuthSession as jest.Mock; -const mockCreateDownloadTask = createDownloadTask as jest.Mock; -const mockValidateStorageInput = validateStorageOperationInput as jest.Mock; -const mockGetConfig = jest.mocked(Amplify.getConfig); - -describe('downloadData with key', () => { - beforeAll(() => { - mockFetchAuthSession.mockResolvedValue({ - credentials, - identityId: defaultIdentityId, - }); - mockGetConfig.mockReturnValue({ - Storage: { - S3: { - bucket, - region, - buckets: { 'default-bucket': { bucketName: bucket, region } }, - }, - }, - }); - }); +const mockInternalDownloadDataImpl = jest.mocked(internalDownloadDataImpl); +describe('client-side downloadData', () => { beforeEach(() => { jest.clearAllMocks(); - - mockCreateDownloadTask.mockReturnValue('downloadTask'); - mockValidateStorageInput.mockReturnValue({ - inputType: STORAGE_INPUT_KEY, - objectKey: inputKey, - }); }); - it('should return a download task with key', async () => { - const mockDownloadInput: DownloadDataInput = { - key: inputKey, - options: { accessLevel: 'protected', targetIdentityId }, - }; - expect(downloadData(mockDownloadInput)).toBe('downloadTask'); - }); - - const testCases: { - expectedKey: string; - options?: { accessLevel?: StorageAccessLevel; targetIdentityId?: string }; - }[] = [ - { - expectedKey: `public/${inputKey}`, - }, - { - options: { accessLevel: 'guest' }, - expectedKey: `public/${inputKey}`, - }, - { - options: { accessLevel: 'private' }, - expectedKey: `private/${defaultIdentityId}/${inputKey}`, - }, - { - options: { accessLevel: 'protected' }, - expectedKey: `protected/${defaultIdentityId}/${inputKey}`, - }, - { - options: { accessLevel: 'protected', targetIdentityId }, - expectedKey: `protected/${targetIdentityId}/${inputKey}`, - }, - ]; - - test.each(testCases)( - 'should supply the correct parameters to getObject API handler with $expectedKey accessLevel', - async ({ options, expectedKey }) => { - (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); - const onProgress = jest.fn(); - downloadData({ - key: inputKey, - options: { - ...options, - useAccelerateEndpoint: true, - onProgress, - }, - }); - const { job } = mockCreateDownloadTask.mock.calls[0][0]; - const { key, body }: StorageDownloadDataOutput = await job(); - expect({ key, body }).toEqual({ - key: inputKey, - body: 'body', - }); - expect(getObject).toHaveBeenCalledTimes(1); - await expect(getObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - useAccelerateEndpoint: true, - onDownloadProgress: onProgress, - abortSignal: expect.any(AbortSignal), - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - Key: expectedKey, - }, - ); - }, - ); - - it('should assign the getObject API handler response to the result with key', async () => { - (getObject as jest.Mock).mockResolvedValueOnce({ - Body: 'body', - LastModified: 'lastModified', - ContentLength: 'contentLength', - ETag: 'eTag', - Metadata: 'metadata', - VersionId: 'versionId', - ContentType: 'contentType', - }); - downloadData({ key: inputKey }); - const { job } = mockCreateDownloadTask.mock.calls[0][0]; - const { - key, - body, - contentType, - eTag, - lastModified, - metadata, - size, - versionId, - }: StorageDownloadDataOutput = await job(); - expect(getObject).toHaveBeenCalledTimes(1); - expect({ - key, - body, - contentType, - eTag, - lastModified, - metadata, - size, - versionId, - }).toEqual({ - key: inputKey, - ...mockDownloadResultBase, - }); - }); - - it('should forward the bytes range option to the getObject API', async () => { - const start = 1; - const end = 100; - (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); - - downloadData({ - key: inputKey, + it('should pass through input with key and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalDownloadDataImpl.mockReturnValue(mockInternalResult); + const input = { + key: 'key', + data: 'data', options: { - bytesRange: { start, end }, - }, - }); - - const { job } = mockCreateDownloadTask.mock.calls[0][0]; - await job(); - - expect(getObject).toHaveBeenCalledWith( - expect.anything(), - expect.objectContaining({ - Range: `bytes=${start}-${end}`, - }), - ); - }); - - describe('bucket passed in options', () => { - it('should override bucket in getObject call when bucket is object', async () => { - (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); - const abortController = new AbortController(); - const bucketInfo: BucketInfo = { - bucketName: 'bucket-1', - region: 'region-1', - }; - - downloadData({ - key: inputKey, - options: { - bucket: bucketInfo, - }, - }); - - const { job } = mockCreateDownloadTask.mock.calls[0][0]; - await job(); - - expect(getObject).toHaveBeenCalledTimes(1); - await expect(getObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region: bucketInfo.region, - abortSignal: abortController.signal, - userAgentValue: expect.any(String), - }, - { - Bucket: bucketInfo.bucketName, - Key: `public/${inputKey}`, - }, - ); - }); - - it('should override bucket in getObject call when bucket is string', async () => { - (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); - const abortController = new AbortController(); - - downloadData({ - key: inputKey, - options: { - bucket: 'default-bucket', - }, - }); - - const { job } = mockCreateDownloadTask.mock.calls[0][0]; - await job(); - - expect(getObject).toHaveBeenCalledTimes(1); - await expect(getObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - abortSignal: abortController.signal, - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - Key: `public/${inputKey}`, - }, - ); - }); - }); -}); - -describe('downloadData with path', () => { - beforeAll(() => { - mockFetchAuthSession.mockResolvedValue({ - credentials, - identityId: defaultIdentityId, - }); - mockGetConfig.mockReturnValue({ - Storage: { - S3: { - bucket, - region, - buckets: { 'default-bucket': { bucketName: bucket, region } }, - }, + accessLevel: 'protected' as const, }, - }); - mockCreateDownloadTask.mockReturnValue('downloadTask'); - mockValidateStorageInput.mockReturnValue({ - inputType: STORAGE_INPUT_PATH, - objectKey: inputPath, - }); - }); - - beforeEach(() => { - jest.clearAllMocks(); - }); - - it('should return a download task with path', async () => { - const mockDownloadInput: DownloadDataWithPathInput = { - path: inputPath, - options: { useAccelerateEndpoint: true }, }; - expect(downloadData(mockDownloadInput)).toBe('downloadTask'); - }); - - test.each([ - { - path: inputPath, - expectedKey: inputPath, - }, - { - path: () => inputPath, - expectedKey: inputPath, - }, - ])( - 'should call getObject API with $expectedKey when path provided is $path', - async ({ path, expectedKey }) => { - (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); - const onProgress = jest.fn(); - downloadData({ - path, - options: { - useAccelerateEndpoint: true, - onProgress, - }, - }); - const { job } = mockCreateDownloadTask.mock.calls[0][0]; - const { - path: resultPath, - body, - }: StorageDownloadDataOutput = await job(); - expect({ - path: resultPath, - body, - }).toEqual({ - path: expectedKey, - body: 'body', - }); - expect(getObject).toHaveBeenCalledTimes(1); - await expect(getObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - useAccelerateEndpoint: true, - onDownloadProgress: onProgress, - abortSignal: expect.any(AbortSignal), - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - Key: expectedKey, - }, - ); - }, - ); - - it('should assign the getObject API handler response to the result with path', async () => { - (getObject as jest.Mock).mockResolvedValueOnce({ - Body: 'body', - LastModified: 'lastModified', - ContentLength: 'contentLength', - ETag: 'eTag', - Metadata: 'metadata', - VersionId: 'versionId', - ContentType: 'contentType', - }); - downloadData({ path: inputPath }); - const { job } = mockCreateDownloadTask.mock.calls[0][0]; - const { - path, - body, - contentType, - eTag, - lastModified, - metadata, - size, - versionId, - }: StorageDownloadDataOutput = await job(); - expect(getObject).toHaveBeenCalledTimes(1); - expect({ - path, - body, - contentType, - eTag, - lastModified, - metadata, - size, - versionId, - }).toEqual({ - path: inputPath, - ...mockDownloadResultBase, - }); - }); - - it('should forward the bytes range option to the getObject API', async () => { - const start = 1; - const end = 100; - (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); - - downloadData({ - path: inputPath, - options: { - bytesRange: { start, end }, - }, - }); - - const { job } = mockCreateDownloadTask.mock.calls[0][0]; - await job(); - - expect(getObject).toHaveBeenCalledWith( - expect.anything(), - expect.objectContaining({ - Range: `bytes=${start}-${end}`, - }), - ); + expect(downloadData(input)).toEqual(mockInternalResult); + expect(mockInternalDownloadDataImpl).toBeCalledWith(input); }); - describe('bucket passed in options', () => { - it('should override bucket in getObject call when bucket is object', async () => { - (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); - const abortController = new AbortController(); - const bucketInfo: BucketInfo = { - bucketName: 'bucket-1', - region: 'region-1', - }; - - downloadData({ - path: inputPath, - options: { - bucket: bucketInfo, - }, - }); - - const { job } = mockCreateDownloadTask.mock.calls[0][0]; - await job(); - - expect(getObject).toHaveBeenCalledTimes(1); - await expect(getObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region: bucketInfo.region, - abortSignal: abortController.signal, - userAgentValue: expect.any(String), - }, - { - Bucket: bucketInfo.bucketName, - Key: inputPath, - }, - ); - }); - - it('should override bucket in getObject call when bucket is string', async () => { - (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); - const abortController = new AbortController(); - - downloadData({ - path: inputPath, - options: { - bucket: 'default-bucket', - }, - }); - - const { job } = mockCreateDownloadTask.mock.calls[0][0]; - await job(); - - expect(getObject).toHaveBeenCalledTimes(1); - await expect(getObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - abortSignal: abortController.signal, - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - Key: inputPath, - }, - ); - }); + it('should pass through input with path and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalDownloadDataImpl.mockReturnValue(mockInternalResult); + const input = { + path: 'path', + data: 'data', + }; + expect(downloadData(input)).toEqual(mockInternalResult); + expect(mockInternalDownloadDataImpl).toBeCalledWith(input); }); }); diff --git a/packages/storage/__tests__/providers/s3/apis/getProperties.test.ts b/packages/storage/__tests__/providers/s3/apis/getProperties.test.ts index 0fcd989453e..70367b21e6a 100644 --- a/packages/storage/__tests__/providers/s3/apis/getProperties.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/getProperties.test.ts @@ -1,414 +1,41 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { AWSCredentials } from '@aws-amplify/core/internals/utils'; -import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; +import { Amplify } from '@aws-amplify/core'; -import { headObject } from '../../../../src/providers/s3/utils/client'; -import { getProperties } from '../../../../src/providers/s3'; import { GetPropertiesInput, - GetPropertiesOutput, GetPropertiesWithPathInput, - GetPropertiesWithPathOutput, -} from '../../../../src/providers/s3/types'; -import './testUtils'; -import { BucketInfo } from '../../../../src/providers/s3/types/options'; +} from '../../../../src'; +import { getProperties } from '../../../../src/providers/s3/apis'; +import { getProperties as internalGetPropertiesImpl } from '../../../../src/providers/s3/apis/internal/getProperties'; -jest.mock('../../../../src/providers/s3/utils/client'); -jest.mock('@aws-amplify/core', () => ({ - ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { - return { debug: jest.fn() }; - }), - Amplify: { - getConfig: jest.fn(), - Auth: { - fetchAuthSession: jest.fn(), - }, - }, -})); -const mockHeadObject = headObject as jest.MockedFunction; -const mockFetchAuthSession = Amplify.Auth.fetchAuthSession as jest.Mock; -const mockGetConfig = jest.mocked(Amplify.getConfig); +jest.mock('../../../../src/providers/s3/apis/internal/getProperties'); -const bucket = 'bucket'; -const region = 'region'; -const credentials: AWSCredentials = { - accessKeyId: 'accessKeyId', - sessionToken: 'sessionToken', - secretAccessKey: 'secretAccessKey', -}; -const inputKey = 'key'; -const inputPath = 'path'; -const targetIdentityId = 'targetIdentityId'; -const defaultIdentityId = 'defaultIdentityId'; +const mockInternalGetPropertiesImpl = jest.mocked(internalGetPropertiesImpl); -const expectedResult = { - size: 100, - contentType: 'text/plain', - eTag: 'etag', - metadata: { key: 'value' }, - lastModified: new Date('01-01-1980'), - versionId: 'version-id', -}; - -describe('getProperties with key', () => { - const getPropertiesWrapper = ( - input: GetPropertiesInput, - ): Promise => getProperties(input); - beforeAll(() => { - mockFetchAuthSession.mockResolvedValue({ - credentials, - identityId: defaultIdentityId, - }); - mockGetConfig.mockReturnValue({ - Storage: { - S3: { - bucket, - region, - buckets: { 'default-bucket': { bucketName: bucket, region } }, - }, - }, - }); +describe('client-side getProperties', () => { + beforeEach(() => { + jest.clearAllMocks(); }); - describe('Happy cases: With key', () => { - const config = { - credentials, - region, - userAgentValue: expect.any(String), + it('should pass through input with key and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalGetPropertiesImpl.mockReturnValue(mockInternalResult); + const input: GetPropertiesInput = { + key: 'source-key', }; - beforeEach(() => { - mockHeadObject.mockResolvedValue({ - ContentLength: 100, - ContentType: 'text/plain', - ETag: 'etag', - LastModified: new Date('01-01-1980'), - Metadata: { key: 'value' }, - VersionId: 'version-id', - $metadata: {} as any, - }); - }); - afterEach(() => { - jest.clearAllMocks(); - }); - - const testCases: { - expectedKey: string; - options?: { accessLevel?: StorageAccessLevel; targetIdentityId?: string }; - }[] = [ - { - expectedKey: `public/${inputKey}`, - }, - { - options: { accessLevel: 'guest' }, - expectedKey: `public/${inputKey}`, - }, - { - options: { accessLevel: 'private' }, - expectedKey: `private/${defaultIdentityId}/${inputKey}`, - }, - { - options: { accessLevel: 'protected' }, - expectedKey: `protected/${defaultIdentityId}/${inputKey}`, - }, - { - options: { accessLevel: 'protected', targetIdentityId }, - expectedKey: `protected/${targetIdentityId}/${inputKey}`, - }, - ]; - test.each(testCases)( - 'should getProperties with key $expectedKey', - async ({ options, expectedKey }) => { - const headObjectOptions = { - Bucket: 'bucket', - Key: expectedKey, - }; - const { - key, - contentType, - eTag, - lastModified, - metadata, - size, - versionId, - } = await getPropertiesWrapper({ - key: inputKey, - options, - }); - expect({ - key, - contentType, - eTag, - lastModified, - metadata, - size, - versionId, - }).toEqual({ - key: inputKey, - ...expectedResult, - }); - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - config, - headObjectOptions, - ); - }, - ); - - describe('bucket passed in options', () => { - it('should override bucket in headObject call when bucket is object', async () => { - const bucketInfo: BucketInfo = { - bucketName: 'bucket-1', - region: 'region-1', - }; - const headObjectOptions = { - Bucket: bucketInfo.bucketName, - Key: `public/${inputKey}`, - }; - - await getPropertiesWrapper({ - key: inputKey, - options: { - bucket: bucketInfo, - }, - }); - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region: bucketInfo.region, - - userAgentValue: expect.any(String), - }, - headObjectOptions, - ); - }); - it('should override bucket in headObject call when bucket is string', async () => { - await getPropertiesWrapper({ - key: inputKey, - options: { - bucket: 'default-bucket', - }, - }); - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - Key: `public/${inputKey}`, - }, - ); - }); - }); + expect(getProperties(input)).toEqual(mockInternalResult); + expect(mockInternalGetPropertiesImpl).toBeCalledWith(Amplify, input); }); - describe('Error cases : With key', () => { - afterEach(() => { - jest.clearAllMocks(); - }); - it('getProperties should return a not found error', async () => { - mockHeadObject.mockRejectedValueOnce( - Object.assign(new Error(), { - $metadata: { httpStatusCode: 404 }, - name: 'NotFound', - }), - ); - expect.assertions(3); - try { - await getPropertiesWrapper({ key: inputKey }); - } catch (error: any) { - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region: 'region', - userAgentValue: expect.any(String), - }, - { - Bucket: 'bucket', - Key: `public/${inputKey}`, - }, - ); - expect(error.$metadata.httpStatusCode).toBe(404); - } - }); - }); -}); - -describe('Happy cases: With path', () => { - const getPropertiesWrapper = ( - input: GetPropertiesWithPathInput, - ): Promise => getProperties(input); - beforeAll(() => { - mockFetchAuthSession.mockResolvedValue({ - credentials, - identityId: defaultIdentityId, - }); - mockGetConfig.mockReturnValue({ - Storage: { - S3: { - bucket, - region, - buckets: { 'default-bucket': { bucketName: bucket, region } }, - }, - }, - }); - }); - describe('getProperties with path', () => { - const config = { - credentials, - region: 'region', - useAccelerateEndpoint: true, - userAgentValue: expect.any(String), + it('should pass through input with path and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalGetPropertiesImpl.mockReturnValue(mockInternalResult); + const input: GetPropertiesWithPathInput = { + path: 'abc', }; - beforeEach(() => { - mockHeadObject.mockResolvedValue({ - ContentLength: 100, - ContentType: 'text/plain', - ETag: 'etag', - LastModified: new Date('01-01-1980'), - Metadata: { key: 'value' }, - VersionId: 'version-id', - $metadata: {} as any, - }); - }); - afterEach(() => { - jest.clearAllMocks(); - }); - test.each([ - { - testPath: inputPath, - expectedPath: inputPath, - }, - { - testPath: () => inputPath, - expectedPath: inputPath, - }, - ])( - 'should getProperties with path $path and expectedPath $expectedPath', - async ({ testPath, expectedPath }) => { - const headObjectOptions = { - Bucket: 'bucket', - Key: expectedPath, - }; - const { - path, - contentType, - eTag, - lastModified, - metadata, - size, - versionId, - } = await getPropertiesWrapper({ - path: testPath, - options: { - useAccelerateEndpoint: true, - }, - }); - expect({ - path, - contentType, - eTag, - lastModified, - metadata, - size, - versionId, - }).toEqual({ - path: expectedPath, - ...expectedResult, - }); - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - config, - headObjectOptions, - ); - }, - ); - describe('bucket passed in options', () => { - it('should override bucket in headObject call when bucket is object', async () => { - const bucketInfo: BucketInfo = { - bucketName: 'bucket-1', - region: 'region-1', - }; - const headObjectOptions = { - Bucket: bucketInfo.bucketName, - Key: inputPath, - }; - - await getPropertiesWrapper({ - path: inputPath, - options: { - bucket: bucketInfo, - }, - }); - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region: bucketInfo.region, - - userAgentValue: expect.any(String), - }, - headObjectOptions, - ); - }); - it('should override bucket in headObject call when bucket is string', async () => { - await getPropertiesWrapper({ - path: inputPath, - options: { - bucket: 'default-bucket', - }, - }); - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - Key: inputPath, - }, - ); - }); - }); - }); - - describe('Error cases : With path', () => { - afterEach(() => { - jest.clearAllMocks(); - }); - it('getProperties should return a not found error', async () => { - mockHeadObject.mockRejectedValueOnce( - Object.assign(new Error(), { - $metadata: { httpStatusCode: 404 }, - name: 'NotFound', - }), - ); - expect.assertions(3); - try { - await getPropertiesWrapper({ path: inputPath }); - } catch (error: any) { - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region: 'region', - userAgentValue: expect.any(String), - }, - { - Bucket: 'bucket', - Key: inputPath, - }, - ); - expect(error.$metadata.httpStatusCode).toBe(404); - } - }); + expect(getProperties(input)).toEqual(mockInternalResult); + expect(mockInternalGetPropertiesImpl).toBeCalledWith(Amplify, input); }); }); diff --git a/packages/storage/__tests__/providers/s3/apis/getUrl.test.ts b/packages/storage/__tests__/providers/s3/apis/getUrl.test.ts index 52e65ddd1b0..b7e43285d49 100644 --- a/packages/storage/__tests__/providers/s3/apis/getUrl.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/getUrl.test.ts @@ -1,490 +1,38 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { AWSCredentials } from '@aws-amplify/core/internals/utils'; -import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; +import { Amplify } from '@aws-amplify/core'; +import { GetUrlInput, GetUrlWithPathInput } from '../../../../src'; import { getUrl } from '../../../../src/providers/s3/apis'; -import { - getPresignedGetObjectUrl, - headObject, -} from '../../../../src/providers/s3/utils/client'; -import { - GetUrlInput, - GetUrlOutput, - GetUrlWithPathInput, - GetUrlWithPathOutput, -} from '../../../../src/providers/s3/types'; -import './testUtils'; -import { BucketInfo } from '../../../../src/providers/s3/types/options'; +import { getUrl as internalGetUrlImpl } from '../../../../src/providers/s3/apis/internal/getUrl'; -jest.mock('../../../../src/providers/s3/utils/client'); -jest.mock('@aws-amplify/core', () => ({ - ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { - return { debug: jest.fn() }; - }), - Amplify: { - getConfig: jest.fn(), - Auth: { - fetchAuthSession: jest.fn(), - }, - }, -})); +jest.mock('../../../../src/providers/s3/apis/internal/getUrl'); -const bucket = 'bucket'; -const region = 'region'; -const mockFetchAuthSession = jest.mocked(Amplify.Auth.fetchAuthSession); -const mockGetConfig = jest.mocked(Amplify.getConfig); -const credentials: AWSCredentials = { - accessKeyId: 'accessKeyId', - sessionToken: 'sessionToken', - secretAccessKey: 'secretAccessKey', -}; -const targetIdentityId = 'targetIdentityId'; -const defaultIdentityId = 'defaultIdentityId'; -const mockURL = new URL('https://google.com'); +const mockInternalGetUrlImpl = jest.mocked(internalGetUrlImpl); -describe('getUrl test with key', () => { - const getUrlWrapper = (input: GetUrlInput): Promise => - getUrl(input); - beforeAll(() => { - mockFetchAuthSession.mockResolvedValue({ - credentials, - identityId: defaultIdentityId, - }); - mockGetConfig.mockReturnValue({ - Storage: { - S3: { - bucket, - region, - buckets: { 'default-bucket': { bucketName: bucket, region } }, - }, - }, - }); +describe('client-side getUrl', () => { + beforeEach(() => { + jest.clearAllMocks(); }); - describe('Happy cases: With key', () => { - const config = { - credentials, - region, - userAgentValue: expect.any(String), + it('should pass through input with key and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalGetUrlImpl.mockReturnValue(mockInternalResult); + const input: GetUrlInput = { + key: 'source-key', }; - const key = 'key'; - beforeEach(() => { - jest.mocked(headObject).mockResolvedValue({ - ContentLength: 100, - ContentType: 'text/plain', - ETag: 'etag', - LastModified: new Date('01-01-1980'), - Metadata: { meta: 'value' }, - $metadata: {} as any, - }); - jest.mocked(getPresignedGetObjectUrl).mockResolvedValue(mockURL); - }); - afterEach(() => { - jest.clearAllMocks(); - }); - - const testCases: { - options?: { accessLevel?: StorageAccessLevel; targetIdentityId?: string }; - expectedKey: string; - }[] = [ - { - expectedKey: `public/${key}`, - }, - { - options: { accessLevel: 'guest' }, - expectedKey: `public/${key}`, - }, - { - options: { accessLevel: 'private' }, - expectedKey: `private/${defaultIdentityId}/${key}`, - }, - { - options: { accessLevel: 'protected' }, - expectedKey: `protected/${defaultIdentityId}/${key}`, - }, - { - options: { accessLevel: 'protected', targetIdentityId }, - expectedKey: `protected/${targetIdentityId}/${key}`, - }, - ]; - - test.each(testCases)( - 'should getUrl with key $expectedKey', - async ({ options, expectedKey }) => { - const headObjectOptions = { - Bucket: bucket, - Key: expectedKey, - }; - const { url, expiresAt } = await getUrlWrapper({ - key, - options: { - ...options, - validateObjectExistence: true, - }, - }); - const expectedResult = { - url: mockURL, - expiresAt: expect.any(Date), - }; - expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - config, - headObjectOptions, - ); - expect({ url, expiresAt }).toEqual(expectedResult); - }, - ); - describe('bucket passed in options', () => { - it('should override bucket in getPresignedGetObjectUrl call when bucket is object', async () => { - const bucketInfo: BucketInfo = { - bucketName: 'bucket-1', - region: 'region-1', - }; - await getUrlWrapper({ - key: 'key', - options: { - bucket: bucketInfo, - }, - }); - expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); - await expect(getPresignedGetObjectUrl).toBeLastCalledWithConfigAndInput( - { - credentials, - region: bucketInfo.region, - expiration: expect.any(Number), - }, - { - Bucket: bucketInfo.bucketName, - Key: 'public/key', - }, - ); - }); - it('should override bucket in getPresignedGetObjectUrl call when bucket is string', async () => { - await getUrlWrapper({ - key: 'key', - options: { - bucket: 'default-bucket', - }, - }); - expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); - await expect(getPresignedGetObjectUrl).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - expiration: expect.any(Number), - }, - { - Bucket: bucket, - Key: 'public/key', - }, - ); - }); - }); - }); - describe('Error cases : With key', () => { - afterAll(() => { - jest.clearAllMocks(); - }); - it('should return not found error when the object is not found', async () => { - (headObject as jest.Mock).mockImplementation(() => { - throw Object.assign(new Error(), { - $metadata: { httpStatusCode: 404 }, - name: 'NotFound', - }); - }); - expect.assertions(2); - try { - await getUrlWrapper({ - key: 'invalid_key', - options: { validateObjectExistence: true }, - }); - } catch (error: any) { - expect(headObject).toHaveBeenCalledTimes(1); - expect(error.$metadata?.httpStatusCode).toBe(404); - } - }); - }); -}); - -describe('getUrl test with path', () => { - const getUrlWrapper = ( - input: GetUrlWithPathInput, - ): Promise => getUrl(input); - beforeAll(() => { - mockFetchAuthSession.mockResolvedValue({ - credentials, - identityId: defaultIdentityId, - }); - mockGetConfig.mockReturnValue({ - Storage: { - S3: { - bucket, - region, - buckets: { 'default-bucket': { bucketName: bucket, region } }, - }, - }, - }); - }); - - describe('Happy cases: With path', () => { - const config = { - credentials, - region, - userAgentValue: expect.any(String), - }; - beforeEach(() => { - jest.mocked(headObject).mockResolvedValue({ - ContentLength: 100, - ContentType: 'text/plain', - ETag: 'etag', - LastModified: new Date('01-01-1980'), - Metadata: { meta: 'value' }, - $metadata: {} as any, - }); - jest.mocked(getPresignedGetObjectUrl).mockResolvedValue(mockURL); - }); - afterEach(() => { - jest.clearAllMocks(); - }); - - test.each([ - { - path: 'path', - expectedKey: 'path', - }, - { - path: () => 'path', - expectedKey: 'path', - }, - ])( - 'should getUrl with path $path and expectedKey $expectedKey', - async ({ path, expectedKey }) => { - const headObjectOptions = { - Bucket: bucket, - Key: expectedKey, - }; - const { url, expiresAt } = await getUrlWrapper({ - path, - options: { - validateObjectExistence: true, - }, - }); - expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - config, - headObjectOptions, - ); - expect({ url, expiresAt }).toEqual({ - url: mockURL, - expiresAt: expect.any(Date), - }); - }, - ); - - describe('bucket passed in options', () => { - it('should override bucket in getPresignedGetObjectUrl call when bucket is object', async () => { - const inputPath = 'path/'; - const bucketInfo: BucketInfo = { - bucketName: 'bucket-1', - region: 'region-1', - }; - await getUrlWrapper({ - path: inputPath, - options: { - bucket: bucketInfo, - }, - }); - expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); - await expect(getPresignedGetObjectUrl).toBeLastCalledWithConfigAndInput( - { - credentials, - region: bucketInfo.region, - expiration: expect.any(Number), - }, - { - Bucket: bucketInfo.bucketName, - Key: inputPath, - }, - ); - }); - it('should override bucket in getPresignedGetObjectUrl call when bucket is string', async () => { - const inputPath = 'path/'; - await getUrlWrapper({ - path: inputPath, - options: { - bucket: 'default-bucket', - }, - }); - expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); - await expect(getPresignedGetObjectUrl).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - expiration: expect.any(Number), - }, - { - Bucket: bucket, - Key: inputPath, - }, - ); - }); - }); + expect(getUrl(input)).toEqual(mockInternalResult); + expect(mockInternalGetUrlImpl).toBeCalledWith(Amplify, input); }); - describe('Happy cases: With path and Content Disposition, Content Type', () => { - const config = { - credentials, - region, - userAgentValue: expect.any(String), - }; - beforeEach(() => { - jest.mocked(headObject).mockResolvedValue({ - ContentLength: 100, - ContentType: 'text/plain', - ETag: 'etag', - LastModified: new Date('01-01-1980'), - Metadata: { meta: 'value' }, - $metadata: {} as any, - }); - jest.mocked(getPresignedGetObjectUrl).mockResolvedValue(mockURL); - }); - afterEach(() => { - jest.clearAllMocks(); - }); - test.each([ - { - path: 'path', - expectedKey: 'path', - contentDisposition: 'inline; filename="example.txt"', - contentType: 'text/plain', - }, - { - path: () => 'path', - expectedKey: 'path', - contentDisposition: { - type: 'attachment' as const, - filename: 'example.pdf', - }, - contentType: 'application/pdf', - }, - ])( - 'should getUrl with path $path and expectedKey $expectedKey and content disposition and content type', - async ({ path, expectedKey, contentDisposition, contentType }) => { - const headObjectOptions = { - Bucket: bucket, - Key: expectedKey, - }; - const { url, expiresAt } = await getUrlWrapper({ - path, - options: { - validateObjectExistence: true, - contentDisposition, - contentType, - }, - }); - expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - config, - headObjectOptions, - ); - expect({ url, expiresAt }).toEqual({ - url: mockURL, - expiresAt: expect.any(Date), - }); - }, - ); - }); - describe('Error cases: With invalid Content Disposition', () => { - const config = { - credentials, - region, - userAgentValue: expect.any(String), + it('should pass through input with path and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalGetUrlImpl.mockReturnValue(mockInternalResult); + const input: GetUrlWithPathInput = { + path: 'abc', }; - beforeEach(() => { - jest.mocked(headObject).mockResolvedValue({ - ContentLength: 100, - ContentType: 'text/plain', - ETag: 'etag', - LastModified: new Date('01-01-1980'), - Metadata: { meta: 'value' }, - $metadata: {} as any, - }); - jest.mocked(getPresignedGetObjectUrl).mockResolvedValue(mockURL); - }); - - afterEach(() => { - jest.clearAllMocks(); - }); - - test.each([ - { - path: 'path', - expectedKey: 'path', - contentDisposition: { - type: 'invalid' as 'attachment' | 'inline', - filename: '"example.txt', - }, - }, - { - path: 'path', - expectedKey: 'path', - contentDisposition: { - type: 'invalid' as 'attachment' | 'inline', - }, - }, - ])( - 'should ignore for invalid content disposition: $contentDisposition', - async ({ path, expectedKey, contentDisposition }) => { - const headObjectOptions = { - Bucket: bucket, - Key: expectedKey, - }; - const { url, expiresAt } = await getUrlWrapper({ - path, - options: { - validateObjectExistence: true, - contentDisposition, - }, - }); - expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); - expect(headObject).toHaveBeenCalledTimes(1); - await expect(headObject).toBeLastCalledWithConfigAndInput( - config, - headObjectOptions, - ); - expect({ url, expiresAt }).toEqual({ - url: mockURL, - expiresAt: expect.any(Date), - }); - }, - ); - }); - describe('Error cases : With path', () => { - afterAll(() => { - jest.clearAllMocks(); - }); - it('should return not found error when the object is not found', async () => { - (headObject as jest.Mock).mockImplementation(() => { - throw Object.assign(new Error(), { - $metadata: { httpStatusCode: 404 }, - name: 'NotFound', - }); - }); - expect.assertions(2); - try { - await getUrlWrapper({ - path: 'invalid_key', - options: { validateObjectExistence: true }, - }); - } catch (error: any) { - expect(headObject).toHaveBeenCalledTimes(1); - expect(error.$metadata?.httpStatusCode).toBe(404); - } - }); + expect(getUrl(input)).toEqual(mockInternalResult); + expect(mockInternalGetUrlImpl).toBeCalledWith(Amplify, input); }); }); diff --git a/packages/storage/__tests__/providers/s3/apis/internal/copy.test.ts b/packages/storage/__tests__/providers/s3/apis/internal/copy.test.ts new file mode 100644 index 00000000000..51b0e65fa79 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/internal/copy.test.ts @@ -0,0 +1,533 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { AWSCredentials } from '@aws-amplify/core/internals/utils'; +import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; + +import { StorageError } from '../../../../../src/errors/StorageError'; +import { StorageValidationErrorCode } from '../../../../../src/errors/types/validation'; +import { copyObject } from '../../../../../src/providers/s3/utils/client/s3data'; +import { copy } from '../../../../../src/providers/s3/apis/internal/copy'; +import { + CopyInput, + CopyOutput, + CopyWithPathInput, + CopyWithPathOutput, +} from '../../../../../src/providers/s3/types'; +import './testUtils'; +import { BucketInfo } from '../../../../../src/providers/s3/types/options'; + +jest.mock('../../../../../src/providers/s3/utils/client/s3data'); +jest.mock('@aws-amplify/core', () => ({ + ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { + return { debug: jest.fn() }; + }), + Amplify: { + getConfig: jest.fn(), + Auth: { + fetchAuthSession: jest.fn(), + }, + }, +})); +const mockCopyObject = copyObject as jest.Mock; +const mockFetchAuthSession = Amplify.Auth.fetchAuthSession as jest.Mock; +const mockGetConfig = Amplify.getConfig as jest.Mock; + +const sourceKey = 'sourceKey'; +const destinationKey = 'destinationKey'; +const bucket = 'bucket'; +const region = 'region'; +const targetIdentityId = 'targetIdentityId'; +const defaultIdentityId = 'defaultIdentityId'; +const validBucketOwner = '111122223333'; +const validBucketOwner2 = '123456789012'; +const credentials: AWSCredentials = { + accessKeyId: 'accessKeyId', + sessionToken: 'sessionToken', + secretAccessKey: 'secretAccessKey', +}; +const copyObjectClientConfig = { + credentials, + region, + userAgentValue: expect.any(String), +}; +const copyObjectClientBaseParams = { + Bucket: bucket, + MetadataDirective: 'COPY', +}; + +describe('copy API', () => { + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'bucket-1': { bucketName: bucket, region } }, + }, + }, + }); + }); + + describe('Happy Cases', () => { + describe('With key', () => { + const copyWrapper = async (input: CopyInput) => copy(Amplify, input); + beforeEach(() => { + mockCopyObject.mockImplementation(() => { + return { + Metadata: { key: 'value' }, + }; + }); + }); + afterEach(() => { + jest.clearAllMocks(); + }); + const testCases: { + source: { accessLevel?: StorageAccessLevel; targetIdentityId?: string }; + destination: { + accessLevel?: StorageAccessLevel; + }; + expectedSourceKey: string; + expectedDestinationKey: string; + }[] = [ + { + source: { accessLevel: 'guest' }, + destination: { accessLevel: 'guest' }, + expectedSourceKey: `${bucket}/public/${sourceKey}`, + expectedDestinationKey: `public/${destinationKey}`, + }, + { + source: { accessLevel: 'guest' }, + destination: { accessLevel: 'private' }, + expectedSourceKey: `${bucket}/public/${sourceKey}`, + expectedDestinationKey: `private/${defaultIdentityId}/${destinationKey}`, + }, + { + source: { accessLevel: 'guest' }, + destination: { accessLevel: 'protected' }, + expectedSourceKey: `${bucket}/public/${sourceKey}`, + expectedDestinationKey: `protected/${defaultIdentityId}/${destinationKey}`, + }, + { + source: { accessLevel: 'private' }, + destination: { accessLevel: 'guest' }, + expectedSourceKey: `${bucket}/private/${defaultIdentityId}/${sourceKey}`, + expectedDestinationKey: `public/${destinationKey}`, + }, + { + source: { accessLevel: 'private' }, + destination: { accessLevel: 'private' }, + expectedSourceKey: `${bucket}/private/${defaultIdentityId}/${sourceKey}`, + expectedDestinationKey: `private/${defaultIdentityId}/${destinationKey}`, + }, + { + source: { accessLevel: 'private' }, + destination: { accessLevel: 'protected' }, + expectedSourceKey: `${bucket}/private/${defaultIdentityId}/${sourceKey}`, + expectedDestinationKey: `protected/${defaultIdentityId}/${destinationKey}`, + }, + { + source: { accessLevel: 'protected' }, + destination: { accessLevel: 'guest' }, + expectedSourceKey: `${bucket}/protected/${defaultIdentityId}/${sourceKey}`, + expectedDestinationKey: `public/${destinationKey}`, + }, + { + source: { accessLevel: 'protected' }, + destination: { accessLevel: 'private' }, + expectedSourceKey: `${bucket}/protected/${defaultIdentityId}/${sourceKey}`, + expectedDestinationKey: `private/${defaultIdentityId}/${destinationKey}`, + }, + { + source: { accessLevel: 'protected' }, + destination: { accessLevel: 'protected' }, + expectedSourceKey: `${bucket}/protected/${defaultIdentityId}/${sourceKey}`, + expectedDestinationKey: `protected/${defaultIdentityId}/${destinationKey}`, + }, + { + source: { accessLevel: 'protected', targetIdentityId }, + destination: { accessLevel: 'guest' }, + expectedSourceKey: `${bucket}/protected/${targetIdentityId}/${sourceKey}`, + expectedDestinationKey: `public/${destinationKey}`, + }, + { + source: { accessLevel: 'protected', targetIdentityId }, + destination: { accessLevel: 'private' }, + expectedSourceKey: `${bucket}/protected/${targetIdentityId}/${sourceKey}`, + expectedDestinationKey: `private/${defaultIdentityId}/${destinationKey}`, + }, + { + source: { accessLevel: 'protected', targetIdentityId }, + destination: { accessLevel: 'protected' }, + expectedSourceKey: `${bucket}/protected/${targetIdentityId}/${sourceKey}`, + expectedDestinationKey: `protected/${defaultIdentityId}/${destinationKey}`, + }, + ]; + testCases.forEach( + ({ + source, + destination, + expectedSourceKey, + expectedDestinationKey, + }) => { + const targetIdentityIdMsg = source?.targetIdentityId + ? `with targetIdentityId` + : ''; + it(`should copy ${source.accessLevel} ${targetIdentityIdMsg} -> ${destination.accessLevel}`, async () => { + const { key } = (await copyWrapper({ + source: { + ...source, + key: sourceKey, + }, + destination: { + ...destination, + key: destinationKey, + }, + })) as CopyOutput; + expect(key).toEqual(destinationKey); + expect(copyObject).toHaveBeenCalledTimes(1); + await expect(copyObject).toBeLastCalledWithConfigAndInput( + copyObjectClientConfig, + { + ...copyObjectClientBaseParams, + CopySource: expectedSourceKey, + Key: expectedDestinationKey, + }, + ); + }); + }, + ); + + it('should override bucket in copyObject call when bucket option is passed', async () => { + const bucketInfo: BucketInfo = { + bucketName: 'bucket-2', + region: 'region-2', + }; + await copyWrapper({ + source: { key: 'sourceKey', bucket: 'bucket-1' }, + destination: { + key: 'destinationKey', + bucket: bucketInfo, + }, + }); + expect(copyObject).toHaveBeenCalledTimes(1); + await expect(copyObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region: bucketInfo.region, + userAgentValue: expect.any(String), + }, + { + Bucket: bucketInfo.bucketName, + MetadataDirective: 'COPY', + CopySource: `${bucket}/public/sourceKey`, + Key: 'public/destinationKey', + }, + ); + }); + + it('should pass notModifiedSince to copyObject', async () => { + const mockDate = 'mock-date' as any; + await copyWrapper({ + source: { + key: 'sourceKey', + notModifiedSince: mockDate, + }, + destination: { key: 'destinationKey' }, + }); + expect(copyObject).toHaveBeenCalledTimes(1); + expect(copyObject).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ + CopySourceIfUnmodifiedSince: mockDate, + }), + ); + }); + + it('should pass eTag to copyObject', async () => { + const mockEtag = 'mock-etag'; + await copyWrapper({ + source: { + key: 'sourceKey', + eTag: mockEtag, + }, + destination: { key: 'destinationKey' }, + }); + expect(copyObject).toHaveBeenCalledTimes(1); + expect(copyObject).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ + CopySourceIfMatch: mockEtag, + }), + ); + }); + + describe('ExpectedBucketOwner passed in options', () => { + it('should include expectedBucketOwner in headers when provided', async () => { + const mockEtag = 'mock-etag'; + await copyWrapper({ + source: { + key: 'sourceKey', + eTag: mockEtag, + expectedBucketOwner: validBucketOwner, + }, + destination: { + key: 'destinationKey', + expectedBucketOwner: validBucketOwner2, + }, + }); + expect(copyObject).toHaveBeenCalledTimes(1); + expect(copyObject).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ + ExpectedSourceBucketOwner: validBucketOwner, + ExpectedBucketOwner: validBucketOwner2, + }), + ); + }); + }); + }); + + describe('With path', () => { + const copyWrapper = async (input: CopyWithPathInput) => + copy(Amplify, input); + + beforeEach(() => { + mockCopyObject.mockImplementation(() => { + return { + Metadata: { key: 'value' }, + }; + }); + }); + afterEach(() => { + jest.clearAllMocks(); + }); + + test.each([ + { + sourcePath: 'sourcePathAsString', + expectedSourcePath: 'sourcePathAsString', + destinationPath: 'destinationPathAsString', + expectedDestinationPath: 'destinationPathAsString', + }, + { + sourcePath: () => 'sourcePathAsFunction', + expectedSourcePath: 'sourcePathAsFunction', + destinationPath: () => 'destinationPathAsFunction', + expectedDestinationPath: 'destinationPathAsFunction', + }, + ])( + 'should copy $sourcePath -> $destinationPath', + async ({ + sourcePath, + expectedSourcePath, + destinationPath, + expectedDestinationPath, + }) => { + const { path } = (await copyWrapper({ + source: { path: sourcePath }, + destination: { path: destinationPath }, + })) as CopyWithPathOutput; + expect(path).toEqual(expectedDestinationPath); + expect(copyObject).toHaveBeenCalledTimes(1); + await expect(copyObject).toBeLastCalledWithConfigAndInput( + copyObjectClientConfig, + { + ...copyObjectClientBaseParams, + CopySource: `${bucket}/${expectedSourcePath}`, + Key: expectedDestinationPath, + }, + ); + }, + ); + it('should override bucket in copyObject call when bucket option is passed', async () => { + const bucketInfo: BucketInfo = { + bucketName: 'bucket-2', + region: 'region-2', + }; + await copyWrapper({ + source: { path: 'sourcePath', bucket: 'bucket-1' }, + destination: { + path: 'destinationPath', + bucket: bucketInfo, + }, + }); + expect(copyObject).toHaveBeenCalledTimes(1); + await expect(copyObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region: bucketInfo.region, + userAgentValue: expect.any(String), + }, + { + Bucket: bucketInfo.bucketName, + MetadataDirective: 'COPY', + CopySource: `${bucket}/sourcePath`, + Key: 'destinationPath', + }, + ); + }); + + it('should pass notModifiedSince to copyObject', async () => { + const mockDate = 'mock-date' as any; + await copyWrapper({ + source: { + path: 'sourcePath', + notModifiedSince: mockDate, + }, + destination: { path: 'destinationPath' }, + }); + expect(copyObject).toHaveBeenCalledTimes(1); + expect(copyObject).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ + CopySourceIfUnmodifiedSince: mockDate, + }), + ); + }); + + it('should pass eTag to copyObject', async () => { + const mockEtag = 'mock-etag'; + await copyWrapper({ + source: { + path: 'sourcePath', + eTag: mockEtag, + }, + destination: { path: 'destinationPath' }, + }); + expect(copyObject).toHaveBeenCalledTimes(1); + expect(copyObject).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ + CopySourceIfMatch: mockEtag, + }), + ); + }); + describe('ExpectedBucketOwner passed in options', () => { + it('should include expectedBucketOwner in headers when provided', async () => { + const mockEtag = 'mock-etag'; + await copyWrapper({ + source: { + path: 'public/sourceKey', + eTag: mockEtag, + expectedBucketOwner: validBucketOwner, + }, + destination: { + path: 'public/destinationKey', + expectedBucketOwner: validBucketOwner2, + }, + }); + expect(copyObject).toHaveBeenCalledTimes(1); + expect(copyObject).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ + ExpectedSourceBucketOwner: validBucketOwner, + ExpectedBucketOwner: validBucketOwner2, + }), + ); + }); + }); + }); + }); + + describe('Error Cases:', () => { + afterEach(() => { + jest.clearAllMocks(); + }); + it('should return a not found error', async () => { + mockCopyObject.mockRejectedValueOnce( + Object.assign(new Error(), { + $metadata: { httpStatusCode: 404 }, + name: 'NotFound', + }), + ); + expect.assertions(3); + const missingSourceKey = 'SourceKeyNotFound'; + try { + await copy(Amplify, { + source: { key: missingSourceKey }, + destination: { key: destinationKey }, + }); + } catch (error: any) { + expect(copyObject).toHaveBeenCalledTimes(1); + await expect(copyObject).toBeLastCalledWithConfigAndInput( + copyObjectClientConfig, + { + ...copyObjectClientBaseParams, + CopySource: `${bucket}/public/${missingSourceKey}`, + Key: `public/${destinationKey}`, + }, + ); + expect(error.$metadata.httpStatusCode).toBe(404); + } + }); + + it('should return a path not found error when source uses path and destination uses key', async () => { + expect.assertions(2); + try { + // @ts-expect-error mismatch copy input not allowed + await copy(Amplify, { + source: { path: 'sourcePath' }, + destination: { key: 'destinationKey' }, + }); + } catch (error: any) { + expect(error).toBeInstanceOf(StorageError); + // source uses path so destination expects path as well + expect(error.name).toBe(StorageValidationErrorCode.NoDestinationPath); + } + }); + + it('should return a key not found error when source uses key and destination uses path', async () => { + expect.assertions(2); + try { + // @ts-expect-error mismatch copy input not allowed + await copy(Amplify, { + source: { key: 'sourcePath' }, + destination: { path: 'destinationKey' }, + }); + } catch (error: any) { + expect(error).toBeInstanceOf(StorageError); + expect(error.name).toBe(StorageValidationErrorCode.NoDestinationKey); + } + }); + + it('should throw an error when only source has bucket option', async () => { + expect.assertions(2); + try { + await copy(Amplify, { + source: { path: 'source', bucket: 'bucket-1' }, + destination: { + path: 'destination', + }, + }); + } catch (error: any) { + expect(error).toBeInstanceOf(StorageError); + expect(error.name).toBe( + StorageValidationErrorCode.InvalidCopyOperationStorageBucket, + ); + } + }); + + it('should throw an error when only one destination has bucket option', async () => { + expect.assertions(2); + try { + await copy(Amplify, { + source: { key: 'source' }, + destination: { + key: 'destination', + bucket: 'bucket-1', + }, + }); + } catch (error: any) { + expect(error).toBeInstanceOf(StorageError); + expect(error.name).toBe( + StorageValidationErrorCode.InvalidCopyOperationStorageBucket, + ); + } + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/internal/downloadData.test.ts b/packages/storage/__tests__/providers/s3/apis/internal/downloadData.test.ts new file mode 100644 index 00000000000..cb0dafdaf27 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/internal/downloadData.test.ts @@ -0,0 +1,547 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { AWSCredentials } from '@aws-amplify/core/internals/utils'; +import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; + +import { getObject } from '../../../../../src/providers/s3/utils/client/s3data'; +import { downloadData } from '../../../../../src/providers/s3/apis/internal/downloadData'; +import { + createDownloadTask, + validateStorageOperationInput, +} from '../../../../../src/providers/s3/utils'; +import { + DownloadDataInput, + DownloadDataWithPathInput, +} from '../../../../../src/providers/s3/types'; +import { + STORAGE_INPUT_KEY, + STORAGE_INPUT_PATH, +} from '../../../../../src/providers/s3/utils/constants'; +import { StorageDownloadDataOutput } from '../../../../../src/types'; +import { + ItemWithKey, + ItemWithPath, +} from '../../../../../src/providers/s3/types/outputs'; +import './testUtils'; +import { BucketInfo } from '../../../../../src/providers/s3/types/options'; + +jest.mock('../../../../../src/providers/s3/utils/client/s3data'); +jest.mock('../../../../../src/providers/s3/utils'); +jest.mock('@aws-amplify/core', () => ({ + ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { + return { debug: jest.fn() }; + }), + Amplify: { + getConfig: jest.fn(), + Auth: { + fetchAuthSession: jest.fn(), + }, + }, +})); +const credentials: AWSCredentials = { + accessKeyId: 'accessKeyId', + sessionToken: 'sessionToken', + secretAccessKey: 'secretAccessKey', +}; +const inputKey = 'key'; +const inputPath = 'path'; +const bucket = 'bucket'; +const region = 'region'; +const targetIdentityId = 'targetIdentityId'; +const defaultIdentityId = 'defaultIdentityId'; +const validBucketOwner = '111122223333'; +const mockDownloadResultBase = { + body: 'body', + lastModified: 'lastModified', + size: 'contentLength', + eTag: 'eTag', + metadata: 'metadata', + versionId: 'versionId', + contentType: 'contentType', +}; + +const mockFetchAuthSession = Amplify.Auth.fetchAuthSession as jest.Mock; +const mockCreateDownloadTask = createDownloadTask as jest.Mock; +const mockValidateStorageInput = validateStorageOperationInput as jest.Mock; +const mockGetConfig = jest.mocked(Amplify.getConfig); + +describe('downloadData with key', () => { + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'default-bucket': { bucketName: bucket, region } }, + }, + }, + }); + }); + + beforeEach(() => { + jest.clearAllMocks(); + + mockCreateDownloadTask.mockReturnValue('downloadTask'); + mockValidateStorageInput.mockReturnValue({ + inputType: STORAGE_INPUT_KEY, + objectKey: inputKey, + }); + }); + + it('should return a download task with key', async () => { + const mockDownloadInput: DownloadDataInput = { + key: inputKey, + options: { accessLevel: 'protected', targetIdentityId }, + }; + expect(downloadData(mockDownloadInput)).toBe('downloadTask'); + }); + + const testCases: { + expectedKey: string; + options?: { accessLevel?: StorageAccessLevel; targetIdentityId?: string }; + }[] = [ + { + expectedKey: `public/${inputKey}`, + }, + { + options: { accessLevel: 'guest' }, + expectedKey: `public/${inputKey}`, + }, + { + options: { accessLevel: 'private' }, + expectedKey: `private/${defaultIdentityId}/${inputKey}`, + }, + { + options: { accessLevel: 'protected' }, + expectedKey: `protected/${defaultIdentityId}/${inputKey}`, + }, + { + options: { accessLevel: 'protected', targetIdentityId }, + expectedKey: `protected/${targetIdentityId}/${inputKey}`, + }, + ]; + + test.each(testCases)( + 'should supply the correct parameters to getObject API handler with $expectedKey accessLevel', + async ({ options, expectedKey }) => { + (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); + const onProgress = jest.fn(); + downloadData({ + key: inputKey, + options: { + ...options, + useAccelerateEndpoint: true, + onProgress, + }, + }); + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + const { key, body }: StorageDownloadDataOutput = await job(); + expect({ key, body }).toEqual({ + key: inputKey, + body: 'body', + }); + expect(getObject).toHaveBeenCalledTimes(1); + await expect(getObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + useAccelerateEndpoint: true, + onDownloadProgress: onProgress, + abortSignal: expect.any(AbortSignal), + userAgentValue: expect.any(String), + }, + { + Bucket: bucket, + Key: expectedKey, + }, + ); + }, + ); + + it('should assign the getObject API handler response to the result with key', async () => { + (getObject as jest.Mock).mockResolvedValueOnce({ + Body: 'body', + LastModified: 'lastModified', + ContentLength: 'contentLength', + ETag: 'eTag', + Metadata: 'metadata', + VersionId: 'versionId', + ContentType: 'contentType', + }); + downloadData({ key: inputKey }); + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + const { + key, + body, + contentType, + eTag, + lastModified, + metadata, + size, + versionId, + }: StorageDownloadDataOutput = await job(); + expect(getObject).toHaveBeenCalledTimes(1); + expect({ + key, + body, + contentType, + eTag, + lastModified, + metadata, + size, + versionId, + }).toEqual({ + key: inputKey, + ...mockDownloadResultBase, + }); + }); + + it('should forward the bytes range option to the getObject API', async () => { + const start = 1; + const end = 100; + (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); + + downloadData({ + key: inputKey, + options: { + bytesRange: { start, end }, + }, + }); + + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + await job(); + + expect(getObject).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ + Range: `bytes=${start}-${end}`, + }), + ); + }); + + describe('bucket passed in options', () => { + it('should override bucket in getObject call when bucket is object', async () => { + (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); + const abortController = new AbortController(); + const bucketInfo: BucketInfo = { + bucketName: 'bucket-1', + region: 'region-1', + }; + + downloadData({ + key: inputKey, + options: { + bucket: bucketInfo, + }, + }); + + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + await job(); + + expect(getObject).toHaveBeenCalledTimes(1); + await expect(getObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region: bucketInfo.region, + abortSignal: abortController.signal, + userAgentValue: expect.any(String), + }, + { + Bucket: bucketInfo.bucketName, + Key: `public/${inputKey}`, + }, + ); + }); + + it('should override bucket in getObject call when bucket is string', async () => { + (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); + const abortController = new AbortController(); + + downloadData({ + key: inputKey, + options: { + bucket: 'default-bucket', + }, + }); + + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + await job(); + + expect(getObject).toHaveBeenCalledTimes(1); + await expect(getObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + abortSignal: abortController.signal, + userAgentValue: expect.any(String), + }, + { + Bucket: bucket, + Key: `public/${inputKey}`, + }, + ); + }); + }); + + describe('ExpectedBucketOwner passed in options', () => { + it('should include expectedBucketOwner in headers when provided', async () => { + (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); + downloadData({ + key: inputKey, + options: { + expectedBucketOwner: validBucketOwner, + }, + }); + + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + await job(); + + expect(getObject).toHaveBeenCalledTimes(1); + await expect(getObject).toBeLastCalledWithConfigAndInput( + expect.any(Object), + expect.objectContaining({ + ExpectedBucketOwner: validBucketOwner, + }), + ); + }); + }); +}); + +describe('downloadData with path', () => { + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'default-bucket': { bucketName: bucket, region } }, + }, + }, + }); + mockCreateDownloadTask.mockReturnValue('downloadTask'); + mockValidateStorageInput.mockReturnValue({ + inputType: STORAGE_INPUT_PATH, + objectKey: inputPath, + }); + }); + + beforeEach(() => { + jest.clearAllMocks(); + }); + + it('should return a download task with path', async () => { + const mockDownloadInput: DownloadDataWithPathInput = { + path: inputPath, + options: { useAccelerateEndpoint: true }, + }; + expect(downloadData(mockDownloadInput)).toBe('downloadTask'); + }); + + test.each([ + { + path: inputPath, + expectedKey: inputPath, + }, + { + path: () => inputPath, + expectedKey: inputPath, + }, + ])( + 'should call getObject API with $expectedKey when path provided is $path', + async ({ path, expectedKey }) => { + (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); + const onProgress = jest.fn(); + downloadData({ + path, + options: { + useAccelerateEndpoint: true, + onProgress, + }, + }); + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + const { + path: resultPath, + body, + }: StorageDownloadDataOutput = await job(); + expect({ + path: resultPath, + body, + }).toEqual({ + path: expectedKey, + body: 'body', + }); + expect(getObject).toHaveBeenCalledTimes(1); + await expect(getObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + useAccelerateEndpoint: true, + onDownloadProgress: onProgress, + abortSignal: expect.any(AbortSignal), + userAgentValue: expect.any(String), + }, + { + Bucket: bucket, + Key: expectedKey, + }, + ); + }, + ); + + it('should assign the getObject API handler response to the result with path', async () => { + (getObject as jest.Mock).mockResolvedValueOnce({ + Body: 'body', + LastModified: 'lastModified', + ContentLength: 'contentLength', + ETag: 'eTag', + Metadata: 'metadata', + VersionId: 'versionId', + ContentType: 'contentType', + }); + downloadData({ path: inputPath }); + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + const { + path, + body, + contentType, + eTag, + lastModified, + metadata, + size, + versionId, + }: StorageDownloadDataOutput = await job(); + expect(getObject).toHaveBeenCalledTimes(1); + expect({ + path, + body, + contentType, + eTag, + lastModified, + metadata, + size, + versionId, + }).toEqual({ + path: inputPath, + ...mockDownloadResultBase, + }); + }); + + it('should forward the bytes range option to the getObject API', async () => { + const start = 1; + const end = 100; + (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); + + downloadData({ + path: inputPath, + options: { + bytesRange: { start, end }, + }, + }); + + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + await job(); + + expect(getObject).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ + Range: `bytes=${start}-${end}`, + }), + ); + }); + + describe('bucket passed in options', () => { + it('should override bucket in getObject call when bucket is object', async () => { + (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); + const abortController = new AbortController(); + const bucketInfo: BucketInfo = { + bucketName: 'bucket-1', + region: 'region-1', + }; + + downloadData({ + path: inputPath, + options: { + bucket: bucketInfo, + }, + }); + + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + await job(); + + expect(getObject).toHaveBeenCalledTimes(1); + await expect(getObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region: bucketInfo.region, + abortSignal: abortController.signal, + userAgentValue: expect.any(String), + }, + { + Bucket: bucketInfo.bucketName, + Key: inputPath, + }, + ); + }); + + it('should override bucket in getObject call when bucket is string', async () => { + (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); + const abortController = new AbortController(); + + downloadData({ + path: inputPath, + options: { + bucket: 'default-bucket', + }, + }); + + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + await job(); + + expect(getObject).toHaveBeenCalledTimes(1); + await expect(getObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + abortSignal: abortController.signal, + userAgentValue: expect.any(String), + }, + { + Bucket: bucket, + Key: inputPath, + }, + ); + }); + }); + + describe('ExpectedBucketOwner passed in options', () => { + it('should include expectedBucketOwner in headers when provided', async () => { + (getObject as jest.Mock).mockResolvedValueOnce({ Body: 'body' }); + downloadData({ + path: inputKey, + options: { + expectedBucketOwner: validBucketOwner, + }, + }); + + const { job } = mockCreateDownloadTask.mock.calls[0][0]; + await job(); + + expect(getObject).toHaveBeenCalledTimes(1); + await expect(getObject).toBeLastCalledWithConfigAndInput( + expect.any(Object), + expect.objectContaining({ + ExpectedBucketOwner: validBucketOwner, + }), + ); + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/internal/getProperties.test.ts b/packages/storage/__tests__/providers/s3/apis/internal/getProperties.test.ts new file mode 100644 index 00000000000..01d7a73ef2c --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/internal/getProperties.test.ts @@ -0,0 +1,500 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { AWSCredentials } from '@aws-amplify/core/internals/utils'; +import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; + +import { headObject } from '../../../../../src/providers/s3/utils/client/s3data'; +import { getProperties } from '../../../../../src/providers/s3/apis/internal/getProperties'; +import { + GetPropertiesInput, + GetPropertiesOutput, + GetPropertiesWithPathInput, + GetPropertiesWithPathOutput, +} from '../../../../../src/providers/s3/types'; +import './testUtils'; +import { BucketInfo } from '../../../../../src/providers/s3/types/options'; + +jest.mock('../../../../../src/providers/s3/utils/client/s3data'); +jest.mock('@aws-amplify/core', () => ({ + ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { + return { debug: jest.fn() }; + }), + Amplify: { + getConfig: jest.fn(), + Auth: { + fetchAuthSession: jest.fn(), + }, + }, +})); +const mockHeadObject = headObject as jest.MockedFunction; +const mockFetchAuthSession = Amplify.Auth.fetchAuthSession as jest.Mock; +const mockGetConfig = jest.mocked(Amplify.getConfig); + +const bucket = 'bucket'; +const region = 'region'; +const credentials: AWSCredentials = { + accessKeyId: 'accessKeyId', + sessionToken: 'sessionToken', + secretAccessKey: 'secretAccessKey', +}; +const inputKey = 'key'; +const inputPath = 'path'; +const targetIdentityId = 'targetIdentityId'; +const defaultIdentityId = 'defaultIdentityId'; +const validBucketOwner = '111122223333'; +const invalidBucketOwner = '123'; + +const expectedResult = { + size: 100, + contentType: 'text/plain', + eTag: 'etag', + metadata: { key: 'value' }, + lastModified: new Date('01-01-1980'), + versionId: 'version-id', +}; + +describe('getProperties with key', () => { + const getPropertiesWrapper = (input: GetPropertiesInput) => + getProperties(Amplify, input); + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'default-bucket': { bucketName: bucket, region } }, + }, + }, + }); + }); + + describe('Happy cases: With key', () => { + const config = { + credentials, + region, + userAgentValue: expect.any(String), + }; + beforeEach(() => { + mockHeadObject.mockResolvedValue({ + ContentLength: 100, + ContentType: 'text/plain', + ETag: 'etag', + LastModified: new Date('01-01-1980'), + Metadata: { key: 'value' }, + VersionId: 'version-id', + $metadata: {} as any, + }); + }); + afterEach(() => { + jest.clearAllMocks(); + }); + + const testCases: { + expectedKey: string; + options?: { accessLevel?: StorageAccessLevel; targetIdentityId?: string }; + }[] = [ + { + expectedKey: `public/${inputKey}`, + }, + { + options: { accessLevel: 'guest' }, + expectedKey: `public/${inputKey}`, + }, + { + options: { accessLevel: 'private' }, + expectedKey: `private/${defaultIdentityId}/${inputKey}`, + }, + { + options: { accessLevel: 'protected' }, + expectedKey: `protected/${defaultIdentityId}/${inputKey}`, + }, + { + options: { accessLevel: 'protected', targetIdentityId }, + expectedKey: `protected/${targetIdentityId}/${inputKey}`, + }, + ]; + test.each(testCases)( + 'should getProperties with key $expectedKey', + async ({ options, expectedKey }) => { + const headObjectOptions = { + Bucket: 'bucket', + Key: expectedKey, + }; + const { + key, + contentType, + eTag, + lastModified, + metadata, + size, + versionId, + } = (await getPropertiesWrapper({ + key: inputKey, + options, + })) as GetPropertiesOutput; + expect({ + key, + contentType, + eTag, + lastModified, + metadata, + size, + versionId, + }).toEqual({ + key: inputKey, + ...expectedResult, + }); + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + config, + headObjectOptions, + ); + }, + ); + + describe('bucket passed in options', () => { + it('should override bucket in headObject call when bucket is object', async () => { + const bucketInfo: BucketInfo = { + bucketName: 'bucket-1', + region: 'region-1', + }; + const headObjectOptions = { + Bucket: bucketInfo.bucketName, + Key: `public/${inputKey}`, + }; + + await getPropertiesWrapper({ + key: inputKey, + options: { + bucket: bucketInfo, + }, + }); + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region: bucketInfo.region, + + userAgentValue: expect.any(String), + }, + headObjectOptions, + ); + }); + it('should override bucket in headObject call when bucket is string', async () => { + await getPropertiesWrapper({ + key: inputKey, + options: { + bucket: 'default-bucket', + }, + }); + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + userAgentValue: expect.any(String), + }, + { + Bucket: bucket, + Key: `public/${inputKey}`, + }, + ); + }); + }); + }); + + describe('Error cases : With key', () => { + afterEach(() => { + jest.clearAllMocks(); + }); + it('getProperties should return a not found error', async () => { + mockHeadObject.mockRejectedValueOnce( + Object.assign(new Error(), { + $metadata: { httpStatusCode: 404 }, + name: 'NotFound', + }), + ); + expect.assertions(3); + try { + await getPropertiesWrapper({ key: inputKey }); + } catch (error: any) { + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region: 'region', + userAgentValue: expect.any(String), + }, + { + Bucket: 'bucket', + Key: `public/${inputKey}`, + }, + ); + expect(error.$metadata.httpStatusCode).toBe(404); + } + }); + }); +}); + +describe('Happy cases: With path', () => { + const getPropertiesWrapper = (input: GetPropertiesWithPathInput) => + getProperties(Amplify, input); + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'default-bucket': { bucketName: bucket, region } }, + }, + }, + }); + }); + describe('getProperties with path', () => { + const config = { + credentials, + region: 'region', + useAccelerateEndpoint: true, + userAgentValue: expect.any(String), + }; + beforeEach(() => { + mockHeadObject.mockResolvedValue({ + ContentLength: 100, + ContentType: 'text/plain', + ETag: 'etag', + LastModified: new Date('01-01-1980'), + Metadata: { key: 'value' }, + VersionId: 'version-id', + $metadata: {} as any, + }); + }); + afterEach(() => { + jest.clearAllMocks(); + }); + test.each([ + { + testPath: inputPath, + expectedPath: inputPath, + }, + { + testPath: () => inputPath, + expectedPath: inputPath, + }, + ])( + 'should getProperties with path $path and expectedPath $expectedPath', + async ({ testPath, expectedPath }) => { + const headObjectOptions = { + Bucket: 'bucket', + Key: expectedPath, + }; + const { + path, + contentType, + eTag, + lastModified, + metadata, + size, + versionId, + } = (await getPropertiesWrapper({ + path: testPath, + options: { + useAccelerateEndpoint: true, + }, + })) as GetPropertiesWithPathOutput; + expect({ + path, + contentType, + eTag, + lastModified, + metadata, + size, + versionId, + }).toEqual({ + path: expectedPath, + ...expectedResult, + }); + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + config, + headObjectOptions, + ); + }, + ); + describe('bucket passed in options', () => { + it('should override bucket in headObject call when bucket is object', async () => { + const bucketInfo: BucketInfo = { + bucketName: 'bucket-1', + region: 'region-1', + }; + const headObjectOptions = { + Bucket: bucketInfo.bucketName, + Key: inputPath, + }; + + await getPropertiesWrapper({ + path: inputPath, + options: { + bucket: bucketInfo, + }, + }); + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region: bucketInfo.region, + + userAgentValue: expect.any(String), + }, + headObjectOptions, + ); + }); + it('should override bucket in headObject call when bucket is string', async () => { + await getPropertiesWrapper({ + path: inputPath, + options: { + bucket: 'default-bucket', + }, + }); + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + userAgentValue: expect.any(String), + }, + { + Bucket: bucket, + Key: inputPath, + }, + ); + }); + }); + }); + + describe('Error cases : With path', () => { + afterEach(() => { + jest.clearAllMocks(); + }); + it('getProperties should return a not found error', async () => { + mockHeadObject.mockRejectedValueOnce( + Object.assign(new Error(), { + $metadata: { httpStatusCode: 404 }, + name: 'NotFound', + }), + ); + expect.assertions(3); + try { + await getPropertiesWrapper({ path: inputPath }); + } catch (error: any) { + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region: 'region', + userAgentValue: expect.any(String), + }, + { + Bucket: 'bucket', + Key: inputPath, + }, + ); + expect(error.$metadata.httpStatusCode).toBe(404); + } + }); + }); +}); + +describe(`getProperties with path and Expected Bucket Owner`, () => { + const getPropertiesWrapper = (input: GetPropertiesWithPathInput) => + getProperties(Amplify, input); + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'default-bucket': { bucketName: bucket, region } }, + }, + }, + }); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass expectedBucketOwner to headObject', async () => { + const path = 'public/expectedbucketowner_test'; + + await getPropertiesWrapper({ + path, + options: { + expectedBucketOwner: validBucketOwner, + }, + }); + + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + userAgentValue: expect.any(String), + }, + { + Bucket: bucket, + ExpectedBucketOwner: validBucketOwner, + Key: path, + }, + ); + }); + + it('headObject should not expose expectedBucketOwner when not provided', async () => { + const path = 'public/expectedbucketowner_test'; + + await getPropertiesWrapper({ + path, + options: {}, + }); + + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + userAgentValue: expect.any(String), + }, + { + Bucket: bucket, + Key: path, + }, + ); + }); + + it('should throw error on invalid bucket owner id', async () => { + const path = 'public/expectedbucketowner_test'; + + await expect( + getPropertiesWrapper({ + path, + options: { + expectedBucketOwner: invalidBucketOwner, + }, + }), + ).rejects.toThrow('Invalid AWS account ID was provided.'); + + expect(headObject).not.toHaveBeenCalled(); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/internal/getUrl.test.ts b/packages/storage/__tests__/providers/s3/apis/internal/getUrl.test.ts new file mode 100644 index 00000000000..03ade454d44 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/internal/getUrl.test.ts @@ -0,0 +1,575 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { AWSCredentials } from '@aws-amplify/core/internals/utils'; +import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; + +import { getUrl } from '../../../../../src/providers/s3/apis/internal/getUrl'; +import { + getPresignedGetObjectUrl, + headObject, +} from '../../../../../src/providers/s3/utils/client/s3data'; +import { + GetUrlInput, + GetUrlWithPathInput, +} from '../../../../../src/providers/s3/types'; +import './testUtils'; +import { BucketInfo } from '../../../../../src/providers/s3/types/options'; + +jest.mock('../../../../../src/providers/s3/utils/client/s3data'); +jest.mock('@aws-amplify/core', () => ({ + ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { + return { debug: jest.fn() }; + }), + Amplify: { + getConfig: jest.fn(), + Auth: { + fetchAuthSession: jest.fn(), + }, + }, +})); + +const bucket = 'bucket'; +const region = 'region'; +const mockFetchAuthSession = jest.mocked(Amplify.Auth.fetchAuthSession); +const mockGetConfig = jest.mocked(Amplify.getConfig); +const credentials: AWSCredentials = { + accessKeyId: 'accessKeyId', + sessionToken: 'sessionToken', + secretAccessKey: 'secretAccessKey', +}; +const targetIdentityId = 'targetIdentityId'; +const defaultIdentityId = 'defaultIdentityId'; +const mockURL = new URL('https://google.com'); +const validBucketOwner = '111122223333'; +const invalidBucketOwner = '123'; + +describe('getUrl test with key', () => { + const getUrlWrapper = (input: GetUrlInput) => getUrl(Amplify, input); + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'default-bucket': { bucketName: bucket, region } }, + }, + }, + }); + }); + + describe('Happy cases: With key', () => { + const config = { + credentials, + region, + userAgentValue: expect.any(String), + }; + const key = 'key'; + beforeEach(() => { + jest.mocked(headObject).mockResolvedValue({ + ContentLength: 100, + ContentType: 'text/plain', + ETag: 'etag', + LastModified: new Date('01-01-1980'), + Metadata: { meta: 'value' }, + $metadata: {} as any, + }); + jest.mocked(getPresignedGetObjectUrl).mockResolvedValue(mockURL); + }); + afterEach(() => { + jest.clearAllMocks(); + }); + + const testCases: { + options?: { accessLevel?: StorageAccessLevel; targetIdentityId?: string }; + expectedKey: string; + }[] = [ + { + expectedKey: `public/${key}`, + }, + { + options: { accessLevel: 'guest' }, + expectedKey: `public/${key}`, + }, + { + options: { accessLevel: 'private' }, + expectedKey: `private/${defaultIdentityId}/${key}`, + }, + { + options: { accessLevel: 'protected' }, + expectedKey: `protected/${defaultIdentityId}/${key}`, + }, + { + options: { accessLevel: 'protected', targetIdentityId }, + expectedKey: `protected/${targetIdentityId}/${key}`, + }, + ]; + + test.each(testCases)( + 'should getUrl with key $expectedKey', + async ({ options, expectedKey }) => { + const headObjectOptions = { + Bucket: bucket, + Key: expectedKey, + }; + const { url, expiresAt } = await getUrlWrapper({ + key, + options: { + ...options, + validateObjectExistence: true, + }, + }); + const expectedResult = { + url: mockURL, + expiresAt: expect.any(Date), + }; + expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + config, + headObjectOptions, + ); + expect({ url, expiresAt }).toEqual(expectedResult); + }, + ); + describe('bucket passed in options', () => { + it('should override bucket in getPresignedGetObjectUrl call when bucket is object', async () => { + const bucketInfo: BucketInfo = { + bucketName: 'bucket-1', + region: 'region-1', + }; + await getUrlWrapper({ + key: 'key', + options: { + bucket: bucketInfo, + }, + }); + expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); + await expect(getPresignedGetObjectUrl).toBeLastCalledWithConfigAndInput( + { + credentials, + region: bucketInfo.region, + expiration: expect.any(Number), + }, + { + Bucket: bucketInfo.bucketName, + Key: 'public/key', + }, + ); + }); + it('should override bucket in getPresignedGetObjectUrl call when bucket is string', async () => { + await getUrlWrapper({ + key: 'key', + options: { + bucket: 'default-bucket', + }, + }); + expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); + await expect(getPresignedGetObjectUrl).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + expiration: expect.any(Number), + }, + { + Bucket: bucket, + Key: 'public/key', + }, + ); + }); + }); + }); + describe('Error cases : With key', () => { + afterAll(() => { + jest.clearAllMocks(); + }); + it('should return not found error when the object is not found', async () => { + (headObject as jest.Mock).mockImplementation(() => { + throw Object.assign(new Error(), { + $metadata: { httpStatusCode: 404 }, + name: 'NotFound', + }); + }); + expect.assertions(2); + try { + await getUrlWrapper({ + key: 'invalid_key', + options: { validateObjectExistence: true }, + }); + } catch (error: any) { + expect(headObject).toHaveBeenCalledTimes(1); + expect(error.$metadata?.httpStatusCode).toBe(404); + } + }); + }); +}); + +describe('getUrl test with path', () => { + const getUrlWrapper = (input: GetUrlWithPathInput) => getUrl(Amplify, input); + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'default-bucket': { bucketName: bucket, region } }, + }, + }, + }); + }); + + describe('Happy cases: With path', () => { + const config = { + credentials, + region, + userAgentValue: expect.any(String), + }; + beforeEach(() => { + jest.mocked(headObject).mockResolvedValue({ + ContentLength: 100, + ContentType: 'text/plain', + ETag: 'etag', + LastModified: new Date('01-01-1980'), + Metadata: { meta: 'value' }, + $metadata: {} as any, + }); + jest.mocked(getPresignedGetObjectUrl).mockResolvedValue(mockURL); + }); + afterEach(() => { + jest.clearAllMocks(); + }); + + test.each([ + { + path: 'path', + expectedKey: 'path', + }, + { + path: () => 'path', + expectedKey: 'path', + }, + ])( + 'should getUrl with path $path and expectedKey $expectedKey', + async ({ path, expectedKey }) => { + const headObjectOptions = { + Bucket: bucket, + Key: expectedKey, + }; + const { url, expiresAt } = await getUrlWrapper({ + path, + options: { + validateObjectExistence: true, + }, + }); + expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + config, + headObjectOptions, + ); + expect({ url, expiresAt }).toEqual({ + url: mockURL, + expiresAt: expect.any(Date), + }); + }, + ); + + describe('bucket passed in options', () => { + it('should override bucket in getPresignedGetObjectUrl call when bucket is object', async () => { + const inputPath = 'path/'; + const bucketInfo: BucketInfo = { + bucketName: 'bucket-1', + region: 'region-1', + }; + await getUrlWrapper({ + path: inputPath, + options: { + bucket: bucketInfo, + }, + }); + expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); + await expect(getPresignedGetObjectUrl).toBeLastCalledWithConfigAndInput( + { + credentials, + region: bucketInfo.region, + expiration: expect.any(Number), + }, + { + Bucket: bucketInfo.bucketName, + Key: inputPath, + }, + ); + }); + it('should override bucket in getPresignedGetObjectUrl call when bucket is string', async () => { + const inputPath = 'path/'; + await getUrlWrapper({ + path: inputPath, + options: { + bucket: 'default-bucket', + }, + }); + expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); + await expect(getPresignedGetObjectUrl).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + expiration: expect.any(Number), + }, + { + Bucket: bucket, + Key: inputPath, + }, + ); + }); + }); + }); + describe('Happy cases: With path and Content Disposition, Content Type', () => { + const config = { + credentials, + region, + userAgentValue: expect.any(String), + }; + beforeEach(() => { + jest.mocked(headObject).mockResolvedValue({ + ContentLength: 100, + ContentType: 'text/plain', + ETag: 'etag', + LastModified: new Date('01-01-1980'), + Metadata: { meta: 'value' }, + $metadata: {} as any, + }); + jest.mocked(getPresignedGetObjectUrl).mockResolvedValue(mockURL); + }); + afterEach(() => { + jest.clearAllMocks(); + }); + + test.each([ + { + path: 'path', + expectedKey: 'path', + contentDisposition: 'inline; filename="example.txt"', + contentType: 'text/plain', + }, + { + path: () => 'path', + expectedKey: 'path', + contentDisposition: { + type: 'attachment' as const, + filename: 'example.pdf', + }, + contentType: 'application/pdf', + }, + ])( + 'should getUrl with path $path and expectedKey $expectedKey and content disposition and content type', + async ({ path, expectedKey, contentDisposition, contentType }) => { + const headObjectOptions = { + Bucket: bucket, + Key: expectedKey, + }; + const { url, expiresAt } = await getUrlWrapper({ + path, + options: { + validateObjectExistence: true, + contentDisposition, + contentType, + }, + }); + expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + config, + headObjectOptions, + ); + expect({ url, expiresAt }).toEqual({ + url: mockURL, + expiresAt: expect.any(Date), + }); + }, + ); + }); + describe('Error cases: With invalid Content Disposition', () => { + const config = { + credentials, + region, + userAgentValue: expect.any(String), + }; + beforeEach(() => { + jest.mocked(headObject).mockResolvedValue({ + ContentLength: 100, + ContentType: 'text/plain', + ETag: 'etag', + LastModified: new Date('01-01-1980'), + Metadata: { meta: 'value' }, + $metadata: {} as any, + }); + jest.mocked(getPresignedGetObjectUrl).mockResolvedValue(mockURL); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + test.each([ + { + path: 'path', + expectedKey: 'path', + contentDisposition: { + type: 'invalid' as 'attachment' | 'inline', + filename: '"example.txt', + }, + }, + { + path: 'path', + expectedKey: 'path', + contentDisposition: { + type: 'invalid' as 'attachment' | 'inline', + }, + }, + ])( + 'should ignore for invalid content disposition: $contentDisposition', + async ({ path, expectedKey, contentDisposition }) => { + const headObjectOptions = { + Bucket: bucket, + Key: expectedKey, + }; + const { url, expiresAt } = await getUrlWrapper({ + path, + options: { + validateObjectExistence: true, + contentDisposition, + }, + }); + expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); + expect(headObject).toHaveBeenCalledTimes(1); + await expect(headObject).toBeLastCalledWithConfigAndInput( + config, + headObjectOptions, + ); + expect({ url, expiresAt }).toEqual({ + url: mockURL, + expiresAt: expect.any(Date), + }); + }, + ); + }); + describe('Error cases : With path', () => { + afterAll(() => { + jest.clearAllMocks(); + }); + it('should return not found error when the object is not found', async () => { + (headObject as jest.Mock).mockImplementation(() => { + throw Object.assign(new Error(), { + $metadata: { httpStatusCode: 404 }, + name: 'NotFound', + }); + }); + expect.assertions(2); + try { + await getUrlWrapper({ + path: 'invalid_key', + options: { validateObjectExistence: true }, + }); + } catch (error: any) { + expect(headObject).toHaveBeenCalledTimes(1); + expect(error.$metadata?.httpStatusCode).toBe(404); + } + }); + }); +}); + +describe(`getURL with path and Expected Bucket Owner`, () => { + const getUrlWrapper = (input: GetUrlWithPathInput) => getUrl(Amplify, input); + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'default-bucket': { bucketName: bucket, region } }, + }, + }, + }); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass expectedBucketOwner to getPresignedGetObjectUrl', async () => { + const path = 'public/expectedbucketowner_test'; + + await getUrlWrapper({ + path, + options: { + expiresIn: 300, + expectedBucketOwner: validBucketOwner, + }, + }); + + expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); + await expect(getPresignedGetObjectUrl).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + expiration: expect.any(Number), + }, + { + Bucket: bucket, + ExpectedBucketOwner: validBucketOwner, + Key: path, + }, + ); + }); + + it('getPresignedGetObjectUrl should not expose expectedBucketOwner when not provided', async () => { + const path = 'public/expectedbucketowner_test'; + + await getUrlWrapper({ + path, + options: { + expiresIn: 300, + }, + }); + + expect(getPresignedGetObjectUrl).toHaveBeenCalledTimes(1); + await expect(getPresignedGetObjectUrl).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + expiration: expect.any(Number), + }, + { + Bucket: bucket, + Key: path, + }, + ); + }); + + it('should throw error on invalid bucket owner id', async () => { + const path = 'public/expectedbucketowner_test'; + + await expect( + getUrlWrapper({ + path, + options: { + expectedBucketOwner: invalidBucketOwner, + }, + }), + ).rejects.toThrow('Invalid AWS account ID was provided.'); + + expect(getPresignedGetObjectUrl).not.toHaveBeenCalled(); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/internal/list.test.ts b/packages/storage/__tests__/providers/s3/apis/internal/list.test.ts new file mode 100644 index 00000000000..e861652a90e --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/internal/list.test.ts @@ -0,0 +1,1107 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { AWSCredentials } from '@aws-amplify/core/internals/utils'; +import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; + +import { listObjectsV2 } from '../../../../../src/providers/s3/utils/client/s3data'; +import { list } from '../../../../../src/providers/s3/apis/internal/list'; +import { + ListAllInput, + ListAllWithPathInput, + ListAllWithPathOutput, + ListPaginateInput, + ListPaginateOutput, + ListPaginateWithPathInput, + ListPaginateWithPathOutput, +} from '../../../../../src/providers/s3/types'; +import './testUtils'; +import { ListObjectsV2CommandInput } from '../../../../../src/providers/s3/utils/client/s3data/types'; + +jest.mock('../../../../../src/providers/s3/utils/client/s3data'); +jest.mock('@aws-amplify/core', () => ({ + ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { + return { debug: jest.fn() }; + }), + Amplify: { + getConfig: jest.fn(), + Auth: { + fetchAuthSession: jest.fn(), + }, + }, +})); +const mockFetchAuthSession = Amplify.Auth.fetchAuthSession as jest.Mock; +const mockGetConfig = jest.mocked(Amplify.getConfig); +const mockListObject = listObjectsV2 as jest.Mock; +const inputKey = 'path/itemsKey'; +const bucket = 'bucket'; +const region = 'region'; +const nextToken = 'nextToken'; +const targetIdentityId = 'targetIdentityId'; +const defaultIdentityId = 'defaultIdentityId'; +const etagValue = 'eTag'; +const lastModifiedValue = 'lastModified'; +const sizeValue = 'size'; +const validBucketOwner = '111122223333'; +const credentials: AWSCredentials = { + accessKeyId: 'accessKeyId', + sessionToken: 'sessionToken', + secretAccessKey: 'secretAccessKey', +}; +const listObjectClientConfig = { + credentials, + region, + userAgentValue: expect.any(String), +}; +const listObjectClientBaseResultItem = { + ETag: etagValue, + LastModified: lastModifiedValue, + Size: sizeValue, +}; +const listResultItem = { + eTag: etagValue, + lastModified: lastModifiedValue, + size: sizeValue, +}; +const mockListObjectsV2ApiWithPages = (pages: number) => { + let methodCalls = 0; + mockListObject.mockClear(); + mockListObject.mockImplementation(async (_, input) => { + let token: string | undefined; + methodCalls++; + if (methodCalls > pages) { + fail(`listObjectsV2 calls are more than expected. Expected ${pages}`); + } + if (input.ContinuationToken === undefined || methodCalls < pages) { + token = nextToken; + } + + return { + ...mockListResponse(input), + Contents: [{ ...listObjectClientBaseResultItem, Key: input.Prefix }], + NextContinuationToken: token, + }; + }); +}; +const mockListResponse = (listParams: ListObjectsV2CommandInput) => ({ + Name: listParams.Bucket, + Delimiter: listParams.Delimiter, + MaxKeys: listParams.MaxKeys, + Prefix: listParams.Prefix, + ContinuationToken: listParams.ContinuationToken, +}); + +describe('list API', () => { + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'default-bucket': { bucketName: bucket, region } }, + }, + }, + }); + }); + describe('Prefix: Happy Cases:', () => { + const listAllWrapper = (input: ListAllInput) => list(Amplify, input); + const listPaginatedWrapper = (input: ListPaginateInput) => + list(Amplify, input); + afterEach(() => { + jest.clearAllMocks(); + }); + + const accessLevelTests: { + prefix?: string; + expectedKey: string; + options?: { + accessLevel?: StorageAccessLevel; + targetIdentityId?: string; + }; + }[] = [ + { + expectedKey: `public/`, + }, + { + options: { accessLevel: 'guest' }, + expectedKey: `public/`, + }, + { + prefix: inputKey, + expectedKey: `public/${inputKey}`, + }, + { + prefix: inputKey, + options: { accessLevel: 'guest' }, + expectedKey: `public/${inputKey}`, + }, + { + prefix: inputKey, + options: { accessLevel: 'private' }, + expectedKey: `private/${defaultIdentityId}/${inputKey}`, + }, + { + prefix: inputKey, + options: { accessLevel: 'protected' }, + expectedKey: `protected/${defaultIdentityId}/${inputKey}`, + }, + { + prefix: inputKey, + options: { accessLevel: 'protected', targetIdentityId }, + expectedKey: `protected/${targetIdentityId}/${inputKey}`, + }, + ]; + + accessLevelTests.forEach(({ prefix, options, expectedKey }) => { + const pathMsg = prefix ? 'custom' : 'default'; + const accessLevelMsg = options?.accessLevel ?? 'default'; + const targetIdentityIdMsg = options?.targetIdentityId + ? `with targetIdentityId` + : ''; + it(`should list objects with pagination, default pageSize, ${pathMsg} path, ${accessLevelMsg} accessLevel ${targetIdentityIdMsg}`, async () => { + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + Contents: [{ ...listObjectClientBaseResultItem, Key: expectedKey }], + NextContinuationToken: nextToken, + }; + }); + const response = (await listPaginatedWrapper({ + prefix, + options, + })) as ListPaginateOutput; + const { key, eTag, size, lastModified } = response.items[0]; + expect(response.items).toHaveLength(1); + expect({ key, eTag, size, lastModified }).toEqual({ + key: prefix ?? '', + ...listResultItem, + }); + expect(response.nextToken).toEqual(nextToken); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: expectedKey, + }), + ); + }); + }); + + accessLevelTests.forEach(({ prefix, options, expectedKey }) => { + const pathMsg = prefix ? 'custom' : 'default'; + const accessLevelMsg = options?.accessLevel ?? 'default'; + const targetIdentityIdMsg = options?.targetIdentityId + ? `with targetIdentityId` + : ''; + it(`should list objects with pagination using pageSize, nextToken, ${pathMsg} path, ${accessLevelMsg} accessLevel ${targetIdentityIdMsg}`, async () => { + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + Contents: [{ ...listObjectClientBaseResultItem, Key: expectedKey }], + NextContinuationToken: nextToken, + }; + }); + const customPageSize = 5; + const response = (await listPaginatedWrapper({ + prefix, + options: { + ...options, + pageSize: customPageSize, + nextToken, + }, + })) as ListPaginateOutput; + const { key, eTag, size, lastModified } = response.items[0]; + expect(response.items).toHaveLength(1); + expect({ key, eTag, size, lastModified }).toEqual({ + key: prefix ?? '', + ...listResultItem, + }); + expect(response.nextToken).toEqual(nextToken); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + Prefix: expectedKey, + ContinuationToken: nextToken, + MaxKeys: customPageSize, + }), + ); + }); + }); + + accessLevelTests.forEach(({ prefix, options, expectedKey }) => { + const pathMsg = prefix ? 'custom' : 'default'; + const accessLevelMsg = options?.accessLevel ?? 'default'; + const targetIdentityIdMsg = options?.targetIdentityId + ? `with targetIdentityId` + : ''; + it(`should list objects with zero results with ${pathMsg} path, ${accessLevelMsg} accessLevel ${targetIdentityIdMsg}`, async () => { + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + IsTruncated: false, + KeyCount: 0, + }; + }); + const response = (await listPaginatedWrapper({ + prefix, + options, + })) as ListPaginateOutput; + expect(response.items).toEqual([]); + + expect(response.nextToken).toEqual(undefined); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: expectedKey, + }), + ); + }); + }); + + accessLevelTests.forEach( + ({ prefix: inputPrefix, options, expectedKey }) => { + const pathMsg = inputPrefix ? 'custom' : 'default'; + const accessLevelMsg = options?.accessLevel ?? 'default'; + const targetIdentityIdMsg = options?.targetIdentityId + ? `with targetIdentityId` + : ''; + it(`should list all objects having three pages with ${pathMsg} path, ${accessLevelMsg} accessLevel ${targetIdentityIdMsg}`, async () => { + mockListObjectsV2ApiWithPages(3); + const result = (await listAllWrapper({ + prefix: inputPrefix, + options: { ...options, listAll: true }, + })) as ListPaginateOutput; + const { key, eTag, lastModified, size } = result.items[0]; + expect(result.items).toHaveLength(3); + expect({ key, eTag, lastModified, size }).toEqual({ + ...listResultItem, + key: inputPrefix ?? '', + }); + expect(result).not.toHaveProperty(nextToken); + + // listing three times for three pages + expect(listObjectsV2).toHaveBeenCalledTimes(3); + + // first input receives undefined as the Continuation Token + await expect(listObjectsV2).toHaveBeenNthCalledWithConfigAndInput( + 1, + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + Prefix: expectedKey, + MaxKeys: 1000, + ContinuationToken: undefined, + }), + ); + // last input receives TEST_TOKEN as the Continuation Token + await expect(listObjectsV2).toHaveBeenNthCalledWithConfigAndInput( + 3, + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + Prefix: expectedKey, + MaxKeys: 1000, + ContinuationToken: nextToken, + }), + ); + }); + }, + ); + + describe('bucket passed in options', () => { + it('should override bucket in listObject call when bucket is object', async () => { + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + Contents: [ + { + ...listObjectClientBaseResultItem, + Key: listParams.Prefix + inputKey, + }, + ], + NextContinuationToken: nextToken, + }; + }); + const mockBucketName = 'bucket-1'; + const mockRegion = 'region-1'; + await listPaginatedWrapper({ + prefix: inputKey, + options: { + bucket: { bucketName: mockBucketName, region: mockRegion }, + }, + }); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + { + credentials, + region: mockRegion, + userAgentValue: expect.any(String), + }, + expect.objectContaining({ + Bucket: mockBucketName, + MaxKeys: 1000, + Prefix: `public/${inputKey}`, + }), + ); + }); + + it('should override bucket in listObject call when bucket is string', async () => { + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + Contents: [ + { + ...listObjectClientBaseResultItem, + Key: listParams.Prefix + inputKey, + }, + ], + NextContinuationToken: nextToken, + }; + }); + await listPaginatedWrapper({ + prefix: inputKey, + options: { + bucket: 'default-bucket', + }, + }); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + userAgentValue: expect.any(String), + }, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: `public/${inputKey}`, + }), + ); + }); + }); + }); + + describe('Path: Happy Cases:', () => { + const listAllWrapper = (input: ListAllWithPathInput) => + list(Amplify, input); + const listPaginatedWrapper = (input: ListPaginateWithPathInput) => + list(Amplify, input); + const resolvePath = ( + path: string | (({ identityId }: { identityId: string }) => string), + ) => + typeof path === 'string' ? path : path({ identityId: defaultIdentityId }); + afterEach(() => { + jest.clearAllMocks(); + mockListObject.mockClear(); + }); + const pathTestCases = [ + { + path: `public/${inputKey}`, + }, + { + path: ({ identityId }: { identityId: string }) => + `protected/${identityId}/${inputKey}`, + }, + ]; + + it.each(pathTestCases)( + 'should list objects with pagination, default pageSize, custom path', + async ({ path: inputPath }) => { + const resolvedPath = resolvePath(inputPath); + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + Contents: [ + { + ...listObjectClientBaseResultItem, + Key: resolvePath(inputPath), + }, + ], + NextContinuationToken: nextToken, + }; + }); + const response = (await listPaginatedWrapper({ + path: resolvedPath, + })) as ListPaginateWithPathOutput; + const { path, eTag, lastModified, size } = response.items[0]; + expect(response.items).toHaveLength(1); + expect({ path, eTag, lastModified, size }).toEqual({ + ...listResultItem, + path: resolvedPath, + }); + expect(response.nextToken).toEqual(nextToken); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: resolvePath(inputPath), + }), + ); + }, + ); + + it.each(pathTestCases)( + 'should list objects with pagination using custom pageSize, nextToken and custom path: $path', + async ({ path: inputPath }) => { + const resolvedPath = resolvePath(inputPath); + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + Contents: [ + { + ...listObjectClientBaseResultItem, + Key: resolvePath(inputPath), + }, + ], + NextContinuationToken: nextToken, + }; + }); + const customPageSize = 5; + const response = (await listPaginatedWrapper({ + path: resolvedPath, + options: { + pageSize: customPageSize, + nextToken, + }, + })) as ListPaginateWithPathOutput; + const { path, eTag, lastModified, size } = response.items[0]; + expect(response.items).toHaveLength(1); + expect({ path, eTag, lastModified, size }).toEqual({ + ...listResultItem, + path: resolvedPath, + }); + expect(response.nextToken).toEqual(nextToken); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + Prefix: resolvePath(inputPath), + ContinuationToken: nextToken, + MaxKeys: customPageSize, + }), + ); + }, + ); + + it.each(pathTestCases)( + 'should list objects with zero results with custom path: $path', + async ({ path }) => { + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + IsTruncated: false, + KeyCount: 0, + }; + }); + const response = (await listPaginatedWrapper({ + path: resolvePath(path), + })) as ListPaginateWithPathOutput; + expect(response.items).toEqual([]); + + expect(response.nextToken).toEqual(undefined); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: resolvePath(path), + }), + ); + }, + ); + + it.each(pathTestCases)( + 'should list all objects having three pages with custom path: $path', + async ({ path: inputPath }) => { + const resolvedPath = resolvePath(inputPath); + mockListObjectsV2ApiWithPages(3); + const result = (await listAllWrapper({ + path: resolvedPath, + options: { listAll: true }, + })) as ListPaginateWithPathOutput; + + const listResult = { + path: resolvedPath, + ...listResultItem, + }; + const { path, lastModified, eTag, size } = result.items[0]; + expect(result.items).toHaveLength(3); + expect({ path, lastModified, eTag, size }).toEqual(listResult); + expect(result.items).toEqual([listResult, listResult, listResult]); + expect(result).not.toHaveProperty(nextToken); + + // listing three times for three pages + expect(listObjectsV2).toHaveBeenCalledTimes(3); + + // first input receives undefined as the Continuation Token + await expect(listObjectsV2).toHaveBeenNthCalledWithConfigAndInput( + 1, + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + Prefix: resolvedPath, + MaxKeys: 1000, + ContinuationToken: undefined, + }), + ); + // last input receives TEST_TOKEN as the Continuation Token + await expect(listObjectsV2).toHaveBeenNthCalledWithConfigAndInput( + 3, + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + Prefix: resolvedPath, + MaxKeys: 1000, + ContinuationToken: nextToken, + }), + ); + }, + ); + + describe('bucket passed in options', () => { + it('should override bucket in listObject call when bucket is object', async () => { + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + Contents: [ + { + ...listObjectClientBaseResultItem, + Key: 'path/', + }, + ], + NextContinuationToken: nextToken, + }; + }); + const mockBucketName = 'bucket-1'; + const mockRegion = 'region-1'; + await listPaginatedWrapper({ + path: 'path/', + options: { + bucket: { bucketName: mockBucketName, region: mockRegion }, + }, + }); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + { + credentials, + region: mockRegion, + userAgentValue: expect.any(String), + }, + expect.objectContaining({ + Bucket: mockBucketName, + MaxKeys: 1000, + Prefix: 'path/', + }), + ); + }); + + it('should override bucket in listObject call when bucket is string', async () => { + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + Contents: [ + { + ...listObjectClientBaseResultItem, + Key: 'path/', + }, + ], + NextContinuationToken: nextToken, + }; + }); + await listPaginatedWrapper({ + path: 'path/', + options: { + bucket: 'default-bucket', + }, + }); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + userAgentValue: expect.any(String), + }, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: 'path/', + }), + ); + }); + }); + }); + + describe('Error Cases:', () => { + afterEach(() => { + jest.clearAllMocks(); + }); + it('should return a not found error', async () => { + mockListObject.mockRejectedValueOnce( + Object.assign(new Error(), { + $metadata: { httpStatusCode: 404 }, + name: 'NotFound', + }), + ); + try { + await list(Amplify, {}); + } catch (error: any) { + expect.assertions(3); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: 'public/', + }), + ); + expect(error.$metadata.httpStatusCode).toBe(404); + } + }); + + describe.each([ + { + type: 'Prefix', + mockListFunction: () => list(Amplify, { prefix: 'test/' }), + }, + { + type: 'Path', + mockListFunction: () => list(Amplify, { path: 'test/' }), + }, + ])('$type response validation check', ({ mockListFunction }) => { + it.each([ + { + name: 'missing Delimiter echo', + override: { Delimiter: 'mock-invalid-value' }, + }, + { + name: 'missing MaxKeys echo', + override: { MaxKeys: 'mock-invalid-value' }, + }, + { + name: 'missing Prefix echo', + override: { Prefix: 'mock-invalid-value' }, + }, + { + name: 'missing ContinuationToken echo', + override: { ContinuationToken: 'mock-invalid-value' }, + }, + ])('should throw with $name', async ({ override }) => { + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + ...override, + }; + }); + + await expect(mockListFunction()).rejects.toThrow( + 'An unknown error has occurred.', + ); + }); + }); + }); + + describe('with delimiter', () => { + const mockedContents = [ + { + Key: 'photos/', + ...listObjectClientBaseResultItem, + }, + { + Key: 'photos/2023.png', + ...listObjectClientBaseResultItem, + }, + { + Key: 'photos/2024.png', + ...listObjectClientBaseResultItem, + }, + ]; + const mockedCommonPrefixes = [ + { Prefix: 'photos/2023/' }, + { Prefix: 'photos/2024/' }, + { Prefix: 'photos/2025/' }, + ]; + + const expectedExcludedSubpaths = mockedCommonPrefixes.map( + ({ Prefix }) => Prefix, + ); + + const mockedPath = 'photos/'; + + beforeEach(() => { + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + CommonPrefixes: mockedCommonPrefixes, + Contents: mockedContents, + NextContinuationToken: nextToken, + KeyCount: 3, + }; + }); + }); + afterEach(() => { + jest.clearAllMocks(); + mockListObject.mockClear(); + }); + + it('should return excludedSubpaths when "exclude" strategy is passed in the request', async () => { + const { items, excludedSubpaths } = (await list(Amplify, { + path: mockedPath, + options: { + subpathStrategy: { strategy: 'exclude' }, + }, + })) as ListPaginateWithPathOutput; + + expect(items).toHaveLength(3); + expect(excludedSubpaths).toEqual(expectedExcludedSubpaths); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: mockedPath, + Delimiter: '/', + }), + ); + }); + + it('should return excludedSubpaths when "exclude" strategy and listAll are passed in the request', async () => { + mockListObject.mockReset(); + mockListObject.mockImplementationOnce((_, listParams) => { + return { + ...mockListResponse(listParams), + CommonPrefixes: mockedCommonPrefixes, + Contents: mockedContents, + KeyCount: 3, + NextContinuationToken: undefined, + IsTruncated: false, + }; + }); + + const { items, excludedSubpaths } = (await list(Amplify, { + path: mockedPath, + options: { + subpathStrategy: { strategy: 'exclude' }, + listAll: true, + }, + })) as ListAllWithPathOutput; + expect(items).toHaveLength(3); + expect(excludedSubpaths).toEqual(expectedExcludedSubpaths); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: mockedPath, + Delimiter: '/', + }), + ); + }); + + it('should return excludedSubpaths when "exclude" strategy and pageSize are passed in the request', async () => { + const { items, excludedSubpaths } = (await list(Amplify, { + path: mockedPath, + options: { + subpathStrategy: { strategy: 'exclude' }, + pageSize: 3, + }, + })) as ListPaginateWithPathOutput; + expect(items).toHaveLength(3); + expect(excludedSubpaths).toEqual(expectedExcludedSubpaths); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 3, + Prefix: mockedPath, + Delimiter: '/', + }), + ); + }); + + it('should listObjectsV2 contain a custom Delimiter when "exclude" with delimiter is passed', async () => { + (await list(Amplify, { + path: mockedPath, + options: { + subpathStrategy: { + strategy: 'exclude', + delimiter: '-', + }, + }, + })) as ListPaginateWithPathOutput; + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: mockedPath, + Delimiter: '-', + }), + ); + }); + + it('should listObjectsV2 contain an undefined Delimiter when "include" strategy is passed', async () => { + await list(Amplify, { + path: mockedPath, + options: { + subpathStrategy: { + strategy: 'include', + }, + }, + }); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: mockedPath, + Delimiter: undefined, + }), + ); + }); + + it('should listObjectsV2 contain an undefined Delimiter when no options are passed', async () => { + await list(Amplify, { + path: mockedPath, + }); + expect(listObjectsV2).toHaveBeenCalledTimes(1); + await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + listObjectClientConfig, + expect.objectContaining({ + Bucket: bucket, + MaxKeys: 1000, + Prefix: mockedPath, + Delimiter: undefined, + }), + ); + }); + }); + + describe(`List with path and Expected Bucket Owner`, () => { + describe(`v1`, () => { + const listAllWrapper = (input: ListAllInput) => list(Amplify, input); + const listPaginatedWrapper = (input: ListPaginateInput) => + list(Amplify, input); + const resolvePath = ( + path: string | (({ identityId }: { identityId: string }) => string), + ) => + typeof path === 'string' + ? path + : path({ identityId: defaultIdentityId }); + const mockPrefix = 'test-path'; + const mockBucket = 'bucket-1'; + const mockRegion = 'region-1'; + afterEach(() => { + jest.clearAllMocks(); + mockListObject.mockClear(); + }); + it('should include expectedBucketOwner in headers with listAll call when provided', async () => { + const resolvedPath = resolvePath(mockPrefix); + mockListObjectsV2ApiWithPages(3); + await listAllWrapper({ + prefix: resolvedPath, + options: { + bucket: { bucketName: mockBucket, region: mockRegion }, + listAll: true, + expectedBucketOwner: validBucketOwner, + }, + }); + + expect(listObjectsV2).toHaveBeenNthCalledWithConfigAndInput( + 1, + expect.any(Object), + expect.objectContaining({ + ExpectedBucketOwner: validBucketOwner, + }), + ); + }); + it('should include expectedBucketOwner in headers with paginated call when provided', async () => { + const resolvedPath = resolvePath(mockPrefix); + mockListObjectsV2ApiWithPages(3); + const customPageSize = 5; + await listPaginatedWrapper({ + prefix: resolvedPath, + options: { + bucket: { bucketName: mockBucket, region: mockRegion }, + listAll: false, + pageSize: customPageSize, + expectedBucketOwner: validBucketOwner, + }, + }); + + expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + expect.any(Object), + expect.objectContaining({ + ExpectedBucketOwner: validBucketOwner, + }), + ); + }); + }); + + describe(`v2`, () => { + const listAllWrapper = (input: ListAllWithPathInput) => + list(Amplify, input); + const listPaginatedWrapper = (input: ListPaginateWithPathInput) => + list(Amplify, input); + const resolvePath = ( + path: string | (({ identityId }: { identityId: string }) => string), + ) => + typeof path === 'string' + ? path + : path({ identityId: defaultIdentityId }); + const mockPath = 'public/test-path'; + const mockBucket = 'bucket-1'; + const mockRegion = 'region-1'; + afterEach(() => { + jest.clearAllMocks(); + mockListObject.mockClear(); + }); + it('should include expectedBucketOwner in headers with listAll call when provided', async () => { + const resolvedPath = resolvePath(mockPath); + mockListObjectsV2ApiWithPages(3); + await listAllWrapper({ + path: resolvedPath, + options: { + bucket: { bucketName: mockBucket, region: mockRegion }, + listAll: true, + expectedBucketOwner: validBucketOwner, + }, + }); + + expect(listObjectsV2).toHaveBeenNthCalledWithConfigAndInput( + 1, + expect.any(Object), + expect.objectContaining({ + Bucket: mockBucket, + MaxKeys: 1000, + Prefix: mockPath, + ExpectedBucketOwner: validBucketOwner, + }), + ); + }); + it('should include expectedBucketOwner in headers with paginated call when provided', async () => { + const resolvedPath = resolvePath(mockPath); + mockListObjectsV2ApiWithPages(3); + const customPageSize = 5; + await listPaginatedWrapper({ + path: resolvedPath, + options: { + bucket: { bucketName: mockBucket, region: mockRegion }, + listAll: false, + pageSize: customPageSize, + expectedBucketOwner: validBucketOwner, + }, + }); + + expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + expect.any(Object), + expect.objectContaining({ + Bucket: mockBucket, + Prefix: mockPath, + ExpectedBucketOwner: validBucketOwner, + }), + ); + }); + }); + }); + + describe.each([ + { + type: 'Prefix', + listFunction: (options?: any) => + list(Amplify, { + prefix: 'some folder with unprintable unicode/', + options, + }), + key: 'key', + }, + { + type: 'Path', + listFunction: (options?: any) => + list(Amplify, { + path: 'public/some folder with unprintable unicode/', + options, + }), + key: 'path', + }, + ])('Encoding for List with $type', ({ listFunction, key }) => { + afterEach(() => { + mockListObject.mockClear(); + }); + it('should decode encoded list output', async () => { + const encodedBadKeys = [ + 'some+folder+with+spaces/', + 'real%0A%0A%0A%0A%0A%0A%0A%0A%0Afunny%0A%0A%0A%0A%0A%0A%0A%0A%0Abiz', + 'some+folder+with+%E3%81%8A%E3%81%AF%E3%82%88%E3%81%86+multibyte+unicode/', + 'bad%3Cdiv%3Ekey', + 'bad%00key', + 'bad%01key', + ]; + + mockListObject.mockReturnValueOnce({ + Name: bucket, + Prefix: 'public/some+folder+with++unprintable+unicode/', + Delimiter: 'bad%08key', + MaxKeys: 1000, + StartAfter: 'bad%7Fbiz/', + EncodingType: 'url', + Contents: encodedBadKeys.map(badKey => ({ + ...listObjectClientBaseResultItem, + Key: key === 'key' ? `public/${badKey}` : badKey, + })), + }); + + const result = await listFunction({ + subpathStrategy: { strategy: 'exclude', delimiter: 'bad\x08key' }, + }); + + expect(listObjectsV2).toBeLastCalledWithConfigAndInput( + expect.any(Object), + expect.objectContaining({ + Bucket: bucket, + EncodingType: 'url', + }), + ); + + const decodedKeys = [ + 'some folder with spaces/', + 'real\x0a\x0a\x0a\x0a\x0a\x0a\x0a\x0a\x0afunny\x0a\x0a\x0a\x0a\x0a\x0a\x0a\x0a\x0abiz', + 'some folder with おはよう multibyte unicode/', + 'bad
key', + 'bad\x00key', + 'bad\x01key', + ]; + + const expectedResult = { + items: decodedKeys.map(decodedKey => ({ + [key]: decodedKey, + eTag: 'eTag', + lastModified: 'lastModified', + size: 'size', + })), + nextToken: undefined, + }; + expect(result).toEqual(expectedResult); + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/internal/remove.test.ts b/packages/storage/__tests__/providers/s3/apis/internal/remove.test.ts new file mode 100644 index 00000000000..6db2fcb997a --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/internal/remove.test.ts @@ -0,0 +1,337 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { AWSCredentials } from '@aws-amplify/core/internals/utils'; +import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; + +import { deleteObject } from '../../../../../src/providers/s3/utils/client/s3data'; +import { remove } from '../../../../../src/providers/s3/apis/internal/remove'; +import { StorageValidationErrorCode } from '../../../../../src/errors/types/validation'; +import { + RemoveInput, + RemoveOutput, + RemoveWithPathInput, + RemoveWithPathOutput, +} from '../../../../../src/providers/s3/types'; +import './testUtils'; + +jest.mock('../../../../../src/providers/s3/utils/client/s3data'); +jest.mock('@aws-amplify/core', () => ({ + ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { + return { debug: jest.fn() }; + }), + Amplify: { + getConfig: jest.fn(), + Auth: { + fetchAuthSession: jest.fn(), + }, + }, +})); +const mockDeleteObject = deleteObject as jest.Mock; +const mockFetchAuthSession = Amplify.Auth.fetchAuthSession as jest.Mock; +const mockGetConfig = jest.mocked(Amplify.getConfig); +const inputKey = 'key'; +const bucket = 'bucket'; +const region = 'region'; +const defaultIdentityId = 'defaultIdentityId'; +const validBucketOwner = '111122223333'; +const credentials: AWSCredentials = { + accessKeyId: 'accessKeyId', + sessionToken: 'sessionToken', + secretAccessKey: 'secretAccessKey', +}; +const deleteObjectClientConfig = { + credentials, + region, + userAgentValue: expect.any(String), +}; + +describe('remove API', () => { + beforeAll(() => { + mockFetchAuthSession.mockResolvedValue({ + credentials, + identityId: defaultIdentityId, + }); + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + buckets: { 'default-bucket': { bucketName: bucket, region } }, + }, + }, + }); + }); + describe('Happy Cases', () => { + describe('With Key', () => { + const removeWrapper = (input: RemoveInput) => remove(Amplify, input); + + beforeEach(() => { + mockDeleteObject.mockImplementation(() => { + return { + Metadata: { key: 'value' }, + }; + }); + }); + afterEach(() => { + jest.clearAllMocks(); + }); + const testCases: { + expectedKey: string; + options?: { accessLevel?: StorageAccessLevel }; + }[] = [ + { + expectedKey: `public/${inputKey}`, + }, + { + options: { accessLevel: 'guest' }, + expectedKey: `public/${inputKey}`, + }, + { + options: { accessLevel: 'private' }, + expectedKey: `private/${defaultIdentityId}/${inputKey}`, + }, + { + options: { accessLevel: 'protected' }, + expectedKey: `protected/${defaultIdentityId}/${inputKey}`, + }, + ]; + + testCases.forEach(({ options, expectedKey }) => { + const accessLevel = options?.accessLevel ?? 'default'; + + it(`should remove object with ${accessLevel} accessLevel`, async () => { + const { key } = (await removeWrapper({ + key: inputKey, + options, + })) as RemoveOutput; + expect(key).toEqual(inputKey); + expect(deleteObject).toHaveBeenCalledTimes(1); + await expect(deleteObject).toBeLastCalledWithConfigAndInput( + deleteObjectClientConfig, + { + Bucket: bucket, + Key: expectedKey, + }, + ); + }); + }); + + describe('bucket passed in options', () => { + it('should override bucket in deleteObject call when bucket is object', async () => { + const mockBucketName = 'bucket-1'; + const mockRegion = 'region-1'; + await removeWrapper({ + key: inputKey, + options: { + bucket: { bucketName: mockBucketName, region: mockRegion }, + }, + }); + expect(deleteObject).toHaveBeenCalledTimes(1); + await expect(deleteObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region: mockRegion, + userAgentValue: expect.any(String), + }, + { + Bucket: mockBucketName, + Key: `public/${inputKey}`, + }, + ); + }); + it('should override bucket in deleteObject call when bucket is string', async () => { + await removeWrapper({ + key: inputKey, + options: { + bucket: 'default-bucket', + }, + }); + expect(deleteObject).toHaveBeenCalledTimes(1); + await expect(deleteObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + userAgentValue: expect.any(String), + }, + { + Bucket: bucket, + Key: `public/${inputKey}`, + }, + ); + }); + }); + describe('ExpectedBucketOwner passed in options', () => { + it('should include expectedBucketOwner in headers when provided', async () => { + const mockKey = 'test-path'; + const mockBucket = 'bucket-1'; + const mockRegion = 'region-1'; + await removeWrapper({ + key: mockKey, + options: { + bucket: { bucketName: mockBucket, region: mockRegion }, + expectedBucketOwner: validBucketOwner, + }, + }); + expect(deleteObject).toHaveBeenCalledTimes(1); + expect(deleteObject).toHaveBeenNthCalledWithConfigAndInput( + 1, + expect.any(Object), + expect.objectContaining({ + ExpectedBucketOwner: validBucketOwner, + }), + ); + }); + }); + }); + describe('With Path', () => { + const removeWrapper = (input: RemoveWithPathInput) => + remove(Amplify, input); + beforeEach(() => { + mockDeleteObject.mockImplementation(() => { + return { + Metadata: { key: 'value' }, + }; + }); + }); + afterEach(() => { + jest.clearAllMocks(); + }); + [ + { + path: `public/${inputKey}`, + }, + { + path: ({ identityId }: { identityId?: string }) => + `protected/${identityId}/${inputKey}`, + }, + ].forEach(({ path: inputPath }) => { + const resolvedPath = + typeof inputPath === 'string' + ? inputPath + : inputPath({ identityId: defaultIdentityId }); + + it(`should remove object for the given path`, async () => { + const { path } = (await removeWrapper({ + path: inputPath, + })) as RemoveWithPathOutput; + expect(path).toEqual(resolvedPath); + expect(deleteObject).toHaveBeenCalledTimes(1); + await expect(deleteObject).toBeLastCalledWithConfigAndInput( + deleteObjectClientConfig, + { + Bucket: bucket, + Key: resolvedPath, + }, + ); + }); + }); + + describe('bucket passed in options', () => { + it('should override bucket in deleteObject call when bucket is object', async () => { + const mockBucketName = 'bucket-1'; + const mockRegion = 'region-1'; + await removeWrapper({ + path: 'path/', + options: { + bucket: { bucketName: mockBucketName, region: mockRegion }, + }, + }); + expect(deleteObject).toHaveBeenCalledTimes(1); + await expect(deleteObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region: mockRegion, + userAgentValue: expect.any(String), + }, + { + Bucket: mockBucketName, + Key: 'path/', + }, + ); + }); + it('should override bucket in deleteObject call when bucket is string', async () => { + await removeWrapper({ + path: 'path/', + options: { + bucket: 'default-bucket', + }, + }); + expect(deleteObject).toHaveBeenCalledTimes(1); + await expect(deleteObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + userAgentValue: expect.any(String), + }, + { + Bucket: bucket, + Key: 'path/', + }, + ); + }); + }); + describe('ExpectedBucketOwner passed in options', () => { + it('should include expectedBucketOwner in headers when provided', async () => { + const mockPath = 'public/test-path'; + const mockBucket = 'bucket-1'; + const mockRegion = 'region-1'; + await removeWrapper({ + path: mockPath, + options: { + bucket: { bucketName: mockBucket, region: mockRegion }, + expectedBucketOwner: validBucketOwner, + }, + }); + expect(deleteObject).toHaveBeenCalledTimes(1); + expect(deleteObject).toHaveBeenNthCalledWithConfigAndInput( + 1, + expect.any(Object), + expect.objectContaining({ + ExpectedBucketOwner: validBucketOwner, + }), + ); + }); + }); + }); + }); + + describe('Error Cases:', () => { + afterEach(() => { + jest.clearAllMocks(); + }); + it('should return a not found error', async () => { + mockDeleteObject.mockRejectedValueOnce( + Object.assign(new Error(), { + $metadata: { httpStatusCode: 404 }, + name: 'NotFound', + }), + ); + expect.assertions(3); + const key = 'wrongKey'; + try { + await remove(Amplify, { key }); + } catch (error: any) { + expect(deleteObject).toHaveBeenCalledTimes(1); + await expect(deleteObject).toBeLastCalledWithConfigAndInput( + deleteObjectClientConfig, + { + Bucket: bucket, + Key: `public/${key}`, + }, + ); + expect(error.$metadata.httpStatusCode).toBe(404); + } + }); + it('should throw InvalidStorageOperationInput error when the path is empty', async () => { + expect.assertions(1); + try { + await remove(Amplify, { path: '' }); + } catch (error: any) { + expect(error.name).toBe( + StorageValidationErrorCode.InvalidStorageOperationInput, + ); + } + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/testUtils.ts b/packages/storage/__tests__/providers/s3/apis/internal/testUtils.ts similarity index 100% rename from packages/storage/__tests__/providers/s3/apis/testUtils.ts rename to packages/storage/__tests__/providers/s3/apis/internal/testUtils.ts diff --git a/packages/storage/__tests__/providers/s3/apis/uploadData/byteLength.test.ts b/packages/storage/__tests__/providers/s3/apis/internal/uploadData/byteLength.test.ts similarity index 91% rename from packages/storage/__tests__/providers/s3/apis/uploadData/byteLength.test.ts rename to packages/storage/__tests__/providers/s3/apis/internal/uploadData/byteLength.test.ts index 24b46ac4f0d..eaffab3fcb4 100644 --- a/packages/storage/__tests__/providers/s3/apis/uploadData/byteLength.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/internal/uploadData/byteLength.test.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { byteLength } from '../../../../../src/providers/s3/apis/uploadData/byteLength'; +import { byteLength } from '../../../../../../src/providers/s3/apis/internal/uploadData/byteLength'; describe('byteLength', () => { it('returns 0 for null or undefined', () => { diff --git a/packages/storage/__tests__/providers/s3/apis/uploadData/index.test.ts b/packages/storage/__tests__/providers/s3/apis/internal/uploadData/index.test.ts similarity index 64% rename from packages/storage/__tests__/providers/s3/apis/uploadData/index.test.ts rename to packages/storage/__tests__/providers/s3/apis/internal/uploadData/index.test.ts index ad1ce8d4009..9b2c94d1252 100644 --- a/packages/storage/__tests__/providers/s3/apis/uploadData/index.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/internal/uploadData/index.test.ts @@ -1,22 +1,30 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { uploadData } from '../../../../../src/providers/s3/apis'; -import { MAX_OBJECT_SIZE } from '../../../../../src/providers/s3/utils/constants'; -import { createUploadTask } from '../../../../../src/providers/s3/utils'; +import { uploadData } from '../../../../../../src/providers/s3/apis/internal/uploadData'; +import { MAX_OBJECT_SIZE } from '../../../../../../src/providers/s3/utils/constants'; +import { createUploadTask } from '../../../../../../src/providers/s3/utils'; import { StorageValidationErrorCode, validationErrorMap, -} from '../../../../../src/errors/types/validation'; -import { putObjectJob } from '../../../../../src/providers/s3/apis/uploadData/putObjectJob'; -import { getMultipartUploadHandlers } from '../../../../../src/providers/s3/apis/uploadData/multipart'; -import { UploadDataInput, UploadDataWithPathInput } from '../../../../../src'; +} from '../../../../../../src/errors/types/validation'; +import { putObjectJob } from '../../../../../../src/providers/s3/apis/internal/uploadData/putObjectJob'; +import { getMultipartUploadHandlers } from '../../../../../../src/providers/s3/apis/internal/uploadData/multipart'; +import { + UploadDataInput, + UploadDataWithPathInput, +} from '../../../../../../src'; -jest.mock('../../../../../src/providers/s3/utils/'); -jest.mock('../../../../../src/providers/s3/apis/uploadData/putObjectJob'); -jest.mock('../../../../../src/providers/s3/apis/uploadData/multipart'); +jest.mock('../../../../../../src/providers/s3/utils/'); +jest.mock( + '../../../../../../src/providers/s3/apis/internal/uploadData/putObjectJob', +); +jest.mock( + '../../../../../../src/providers/s3/apis/internal/uploadData/multipart', +); const testPath = 'testPath/object'; +const validBucketOwner = '111122223333'; const mockCreateUploadTask = createUploadTask as jest.Mock; const mockPutObjectJob = putObjectJob as jest.Mock; const mockGetMultipartUploadHandlers = ( @@ -47,12 +55,17 @@ describe('uploadData with key', () => { ); }); - it('should NOT throw if data size is unknown', async () => { - uploadData({ - key: 'key', - data: {} as any, - }); - expect(mockCreateUploadTask).toHaveBeenCalled(); + it('should throw if data size is unknown', async () => { + expect(() => + uploadData({ + key: 'key', + data: {} as any, + }), + ).toThrow( + expect.objectContaining( + validationErrorMap[StorageValidationErrorCode.InvalidUploadSource], + ), + ); }); }); @@ -67,6 +80,22 @@ describe('uploadData with key', () => { expect(mockGetMultipartUploadHandlers).not.toHaveBeenCalled(); }); + it('should use putObject for 0 bytes data (e.g. create a folder)', () => { + const testInput = { + key: 'key', + data: '', // 0 bytes + }; + + uploadData(testInput); + + expect(mockPutObjectJob).toHaveBeenCalledWith( + expect.objectContaining(testInput), + expect.any(AbortSignal), + expect.any(Number), + ); + expect(mockGetMultipartUploadHandlers).not.toHaveBeenCalled(); + }); + it('should use uploadTask', async () => { mockPutObjectJob.mockReturnValueOnce('putObjectJob'); mockCreateUploadTask.mockReturnValueOnce('uploadTask'); @@ -142,12 +171,17 @@ describe('uploadData with path', () => { ); }); - it('should NOT throw if data size is unknown', async () => { - uploadData({ - path: testPath, - data: {} as any, - }); - expect(mockCreateUploadTask).toHaveBeenCalled(); + it('should throw if data size is unknown', async () => { + expect(() => + uploadData({ + path: testPath, + data: {} as any, + }), + ).toThrow( + expect.objectContaining( + validationErrorMap[StorageValidationErrorCode.InvalidUploadSource], + ), + ); }); }); @@ -172,7 +206,7 @@ describe('uploadData with path', () => { uploadData(testInput); expect(mockPutObjectJob).toHaveBeenCalledWith( - testInput, + expect.objectContaining(testInput), expect.any(AbortSignal), expect.any(Number), ); @@ -189,7 +223,7 @@ describe('uploadData with path', () => { uploadData(testInput); expect(mockPutObjectJob).toHaveBeenCalledWith( - testInput, + expect.objectContaining(testInput), expect.any(AbortSignal), expect.any(Number), ); @@ -228,7 +262,7 @@ describe('uploadData with path', () => { expect(mockPutObjectJob).not.toHaveBeenCalled(); expect(mockGetMultipartUploadHandlers).toHaveBeenCalledWith( - testInput, + expect.objectContaining(testInput), expect.any(Number), ); }); @@ -251,4 +285,51 @@ describe('uploadData with path', () => { ); }); }); + + describe('ExpectedBucketOwner passed in options', () => { + it('should include expectedBucketOwner in headers when provided for singlepartUpload', async () => { + mockPutObjectJob.mockReturnValueOnce('putObjectJob'); + const smallData = 'smallData'; + uploadData({ + path: testPath, + data: smallData, + options: { + expectedBucketOwner: validBucketOwner, + }, + }); + expect(mockPutObjectJob).toHaveBeenCalledWith( + expect.objectContaining({ + path: 'testPath/object', + data: 'smallData', + options: expect.objectContaining({ + expectedBucketOwner: '111122223333', + }), + }), + expect.any(Object), + expect.any(Number), + ); + + expect(mockGetMultipartUploadHandlers).not.toHaveBeenCalled(); + }); + it('should include expectedBucketOwner in headers when provided for multipartUpload', async () => { + const biggerData = { size: 5 * 1024 * 1024 + 1 } as any; + const testInput = { + path: testPath, + data: biggerData, + options: { + expectedBucketOwner: validBucketOwner, + }, + }; + uploadData(testInput); + expect(mockGetMultipartUploadHandlers).toHaveBeenCalledWith( + { + ...testInput, + options: expect.objectContaining(testInput.options), + }, + expect.any(Number), + ); + + expect(mockPutObjectJob).not.toHaveBeenCalled(); + }); + }); }); diff --git a/packages/storage/__tests__/providers/s3/apis/uploadData/multipartHandlers.test.ts b/packages/storage/__tests__/providers/s3/apis/internal/uploadData/multipartHandlers.test.ts similarity index 69% rename from packages/storage/__tests__/providers/s3/apis/uploadData/multipartHandlers.test.ts rename to packages/storage/__tests__/providers/s3/apis/internal/uploadData/multipartHandlers.test.ts index 8957c9ef764..9bf25707adb 100644 --- a/packages/storage/__tests__/providers/s3/apis/uploadData/multipartHandlers.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/internal/uploadData/multipartHandlers.test.ts @@ -11,20 +11,27 @@ import { headObject, listParts, uploadPart, -} from '../../../../../src/providers/s3/utils/client'; -import { getMultipartUploadHandlers } from '../../../../../src/providers/s3/apis/uploadData/multipart'; +} from '../../../../../../src/providers/s3/utils/client/s3data'; +import { getMultipartUploadHandlers } from '../../../../../../src/providers/s3/apis/internal/uploadData/multipart'; import { StorageValidationErrorCode, validationErrorMap, -} from '../../../../../src/errors/types/validation'; -import { UPLOADS_STORAGE_KEY } from '../../../../../src/providers/s3/utils/constants'; -import { byteLength } from '../../../../../src/providers/s3/apis/uploadData/byteLength'; -import { CanceledError } from '../../../../../src/errors/CanceledError'; -import { StorageOptions } from '../../../../../src/types'; +} from '../../../../../../src/errors/types/validation'; +import { + CHECKSUM_ALGORITHM_CRC32, + UPLOADS_STORAGE_KEY, +} from '../../../../../../src/providers/s3/utils/constants'; +import { CanceledError } from '../../../../../../src/errors/CanceledError'; +import { StorageOptions } from '../../../../../../src/types'; +import { calculateContentCRC32 } from '../../../../../../src/providers/s3/utils/crc32'; +import { calculateContentMd5 } from '../../../../../../src/providers/s3/utils'; +import { byteLength } from '../../../../../../src/providers/s3/apis/internal/uploadData/byteLength'; + import '../testUtils'; jest.mock('@aws-amplify/core'); -jest.mock('../../../../../src/providers/s3/utils/client'); +jest.mock('../../../../../../src/providers/s3/utils/client/s3data'); +jest.mock('../../../../../../src/providers/s3/utils/crc32'); const credentials: AWSCredentials = { accessKeyId: 'accessKeyId', @@ -37,9 +44,10 @@ const bucket = 'bucket'; const region = 'region'; const defaultKey = 'key'; const defaultContentType = 'application/octet-stream'; -const defaultCacheKey = '8388608_application/octet-stream_bucket_public_key'; +const defaultCacheKey = + 'Jz3O2w==_8388608_application/octet-stream_bucket_public_key'; const testPath = 'testPath/object'; -const testPathCacheKey = `8388608_${defaultContentType}_${bucket}_custom_${testPath}`; +const testPathCacheKey = `Jz3O2w==_8388608_${defaultContentType}_${bucket}_custom_${testPath}`; const mockCreateMultipartUpload = jest.mocked(createMultipartUpload); const mockUploadPart = jest.mocked(uploadPart); @@ -47,11 +55,40 @@ const mockCompleteMultipartUpload = jest.mocked(completeMultipartUpload); const mockAbortMultipartUpload = jest.mocked(abortMultipartUpload); const mockListParts = jest.mocked(listParts); const mockHeadObject = jest.mocked(headObject); +const mockCalculateContentCRC32 = jest.mocked(calculateContentCRC32); const disableAssertionFlag = true; const MB = 1024 * 1024; +jest.mock('../../../../../../src/providers/s3/utils', () => ({ + ...jest.requireActual('../../../../../../src/providers/s3/utils'), + calculateContentMd5: jest.fn(), +})); + +const getZeroDelayTimeout = () => + new Promise(resolve => { + setTimeout(() => { + resolve(); + }, 0); + }); + +const mockCalculateContentCRC32Mock = () => { + mockCalculateContentCRC32.mockReset(); + mockCalculateContentCRC32.mockResolvedValue({ + checksumArrayBuffer: new ArrayBuffer(0), + checksum: 'mockChecksum', + seed: 0, + }); +}; +const mockCalculateContentCRC32Reset = () => { + mockCalculateContentCRC32.mockReset(); + mockCalculateContentCRC32.mockImplementation( + jest.requireActual('../../../../../../src/providers/s3/utils/crc32') + .calculateContentCRC32, + ); +}; + const mockMultipartUploadSuccess = (disableAssertion?: boolean) => { let totalSize = 0; mockCreateMultipartUpload.mockResolvedValueOnce({ @@ -75,7 +112,7 @@ const mockMultipartUploadSuccess = (disableAssertion?: boolean) => { totalBytes: body.byteLength, }); - totalSize += byteLength(input.Body)!; + totalSize += byteLength(input.Body!)!; return { Etag: `etag-${input.PartNumber}`, @@ -149,9 +186,10 @@ describe('getMultipartUploadHandlers with key', () => { }); }); - afterEach(() => { + beforeEach(() => { jest.clearAllMocks(); resetS3Mocks(); + mockCalculateContentCRC32Reset(); }); it('should return multipart upload handlers', async () => { @@ -200,11 +238,14 @@ describe('getMultipartUploadHandlers with key', () => { `should upload a %s type body that splits in 2 parts using ${accessLevelMsg} accessLevel`, async (_, twoPartsPayload) => { mockMultipartUploadSuccess(); - const { multipartUploadJob } = getMultipartUploadHandlers({ - key: defaultKey, - data: twoPartsPayload, - options: options as StorageOptions, - }); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: defaultKey, + data: twoPartsPayload, + options: options as StorageOptions, + }, + byteLength(twoPartsPayload)!, + ); const result = await multipartUploadJob(); await expect( mockCreateMultipartUpload, @@ -230,12 +271,88 @@ describe('getMultipartUploadHandlers with key', () => { ); }); + it.each([ + [ + 'file', + new File([getBlob(8 * MB)], 'someName'), + ['JCnBsQ==', 'HELzGQ=='], + ], + ['blob', getBlob(8 * MB), ['JCnBsQ==', 'HELzGQ==']], + ['string', 'Ü'.repeat(4 * MB), ['DL735w==', 'Akga7g==']], + ['arrayBuffer', new ArrayBuffer(8 * MB), ['yTuzdQ==', 'eXJPxg==']], + ['arrayBufferView', new Uint8Array(8 * MB), ['yTuzdQ==', 'eXJPxg==']], + ])( + `should create crc32 for %s type body`, + async (_, twoPartsPayload, expectedCrc32) => { + mockMultipartUploadSuccess(); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: defaultKey, + data: twoPartsPayload, + options: { + checksumAlgorithm: CHECKSUM_ALGORITHM_CRC32, + }, + }, + byteLength(twoPartsPayload)!, + ); + await multipartUploadJob(); + + /** + * final crc32 calculation calls calculateContentCRC32 3 times + * 1 time for each of the 2 parts + * 1 time to combine the resulting hash for each of the two parts + * + * uploading each part calls calculateContentCRC32 1 time each + * + * 1 time for optionsHash + * + * these steps results in 6 calls in total + */ + expect(calculateContentCRC32).toHaveBeenCalledTimes(6); + expect(calculateContentMd5).not.toHaveBeenCalled(); + expect(mockUploadPart).toHaveBeenCalledTimes(2); + expect(mockUploadPart).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ ChecksumCRC32: expectedCrc32[0] }), + ); + expect(mockUploadPart).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ ChecksumCRC32: expectedCrc32[1] }), + ); + }, + ); + + it('should use md5 if no using crc32', async () => { + mockMultipartUploadSuccess(); + Amplify.libraryOptions = { + Storage: { + S3: { + isObjectLockEnabled: true, + }, + }, + }; + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: defaultKey, + data: new Uint8Array(8 * MB), + }, + 8 * MB, + ); + await multipartUploadJob(); + expect(calculateContentCRC32).toHaveBeenCalledTimes(1); // (final crc32 calculation = 1 undefined) + expect(calculateContentMd5).toHaveBeenCalledTimes(2); + expect(mockUploadPart).toHaveBeenCalledTimes(2); + }); + it('should throw if unsupported payload type is provided', async () => { mockMultipartUploadSuccess(); - const { multipartUploadJob } = getMultipartUploadHandlers({ - key: defaultKey, - data: 1 as any, - }); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: defaultKey, + data: 1 as any, + }, + 1, + ); await expect(multipartUploadJob()).rejects.toThrow( expect.objectContaining( validationErrorMap[StorageValidationErrorCode.InvalidUploadSource], @@ -244,6 +361,7 @@ describe('getMultipartUploadHandlers with key', () => { }); it('should upload a body that exceeds the size of default part size and parts count', async () => { + mockCalculateContentCRC32Mock(); let buffer: ArrayBuffer; const file = { __proto__: File.prototype, @@ -264,11 +382,14 @@ describe('getMultipartUploadHandlers with key', () => { { key: defaultKey, data: file, + options: { + checksumAlgorithm: CHECKSUM_ALGORITHM_CRC32, + }, }, file.size, ); await multipartUploadJob(); - expect(file.slice).toHaveBeenCalledTimes(10_000); // S3 limit of parts count + expect(file.slice).toHaveBeenCalledTimes(10_000 * 2); // S3 limit of parts count double for crc32 calculations expect(mockCreateMultipartUpload).toHaveBeenCalledTimes(1); expect(mockUploadPart).toHaveBeenCalledTimes(10_000); expect(mockCompleteMultipartUpload).toHaveBeenCalledTimes(1); @@ -309,10 +430,13 @@ describe('getMultipartUploadHandlers with key', () => { mockCreateMultipartUpload.mockReset(); mockCreateMultipartUpload.mockRejectedValueOnce(new Error('error')); - const { multipartUploadJob } = getMultipartUploadHandlers({ - key: defaultKey, - data: new ArrayBuffer(8 * MB), - }); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: defaultKey, + data: new ArrayBuffer(8 * MB), + }, + 8 * MB, + ); await expect(multipartUploadJob()).rejects.toThrow('error'); }); @@ -322,10 +446,13 @@ describe('getMultipartUploadHandlers with key', () => { mockCompleteMultipartUpload.mockReset(); mockCompleteMultipartUpload.mockRejectedValueOnce(new Error('error')); - const { multipartUploadJob } = getMultipartUploadHandlers({ - key: defaultKey, - data: new ArrayBuffer(8 * MB), - }); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: defaultKey, + data: new ArrayBuffer(8 * MB), + }, + 8 * MB, + ); await expect(multipartUploadJob()).rejects.toThrow('error'); }); @@ -340,10 +467,13 @@ describe('getMultipartUploadHandlers with key', () => { }); mockUploadPart.mockRejectedValueOnce(new Error('error')); - const { multipartUploadJob } = getMultipartUploadHandlers({ - key: defaultKey, - data: new ArrayBuffer(8 * MB), - }); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: defaultKey, + data: new ArrayBuffer(8 * MB), + }, + 8 * MB, + ); await expect(multipartUploadJob()).rejects.toThrow('error'); expect(mockUploadPart).toHaveBeenCalledTimes(2); expect(mockCompleteMultipartUpload).not.toHaveBeenCalled(); @@ -355,13 +485,16 @@ describe('getMultipartUploadHandlers with key', () => { const mockBucket = 'bucket-1'; const mockRegion = 'region-1'; mockMultipartUploadSuccess(); - const { multipartUploadJob } = getMultipartUploadHandlers({ - key: 'key', - data: mockData, - options: { - bucket: { bucketName: mockBucket, region: mockRegion }, + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: 'key', + data: mockData, + options: { + bucket: { bucketName: mockBucket, region: mockRegion }, + }, }, - }); + byteLength(mockData)!, + ); await multipartUploadJob(); await expect( mockCreateMultipartUpload, @@ -381,13 +514,16 @@ describe('getMultipartUploadHandlers with key', () => { it('should override bucket in putObject call when bucket as string', async () => { mockMultipartUploadSuccess(); - const { multipartUploadJob } = getMultipartUploadHandlers({ - key: 'key', - data: mockData, - options: { - bucket: 'default-bucket', + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: 'key', + data: mockData, + options: { + bucket: 'default-bucket', + }, }, - }); + byteLength(mockData)!, + ); await multipartUploadJob(); await expect( mockCreateMultipartUpload, @@ -405,6 +541,56 @@ describe('getMultipartUploadHandlers with key', () => { ); }); }); + + describe('cache validation', () => { + it.each([ + { + name: 'wrong part count', + parts: [{ PartNumber: 1 }, { PartNumber: 2 }, { PartNumber: 3 }], + }, + { + name: 'wrong part numbers', + parts: [{ PartNumber: 1 }, { PartNumber: 1 }], + }, + ])('should throw with $name', async ({ parts }) => { + mockMultipartUploadSuccess(); + + const mockDefaultStorage = defaultStorage as jest.Mocked< + typeof defaultStorage + >; + mockDefaultStorage.getItem.mockResolvedValue( + JSON.stringify({ + [defaultCacheKey]: { + uploadId: 'uploadId', + bucket, + key: defaultKey, + finalCrc32: 'mock-crc32', + }, + }), + ); + mockListParts.mockResolvedValue({ + Parts: parts, + $metadata: {}, + }); + + const onProgress = jest.fn(); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: defaultKey, + data: new ArrayBuffer(8 * MB), + options: { + onProgress, + resumableUploadsCache: mockDefaultStorage, + }, + }, + 8 * MB, + ); + await expect(multipartUploadJob()).rejects.toThrow({ + name: 'Unknown', + message: 'An unknown error has occurred.', + }); + }); + }); }); describe('upload caching', () => { @@ -416,6 +602,23 @@ describe('getMultipartUploadHandlers with key', () => { mockDefaultStorage.setItem.mockReset(); }); + it('should disable upload caching if resumableUploadsCache option is not set', async () => { + mockMultipartUploadSuccess(); + const size = 8 * MB; + const { multipartUploadJob } = getMultipartUploadHandlers( + { + key: defaultKey, + data: new ArrayBuffer(size), + }, + size, + ); + await multipartUploadJob(); + expect(mockDefaultStorage.getItem).not.toHaveBeenCalled(); + expect(mockDefaultStorage.setItem).not.toHaveBeenCalled(); + expect(mockCreateMultipartUpload).toHaveBeenCalledTimes(1); + expect(mockListParts).not.toHaveBeenCalled(); + }); + it('should send createMultipartUpload request if the upload task is not cached', async () => { mockMultipartUploadSuccess(); const size = 8 * MB; @@ -423,6 +626,9 @@ describe('getMultipartUploadHandlers with key', () => { { key: defaultKey, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -451,6 +657,9 @@ describe('getMultipartUploadHandlers with key', () => { { key: defaultKey, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -469,6 +678,9 @@ describe('getMultipartUploadHandlers with key', () => { { key: defaultKey, data: new File([new ArrayBuffer(size)], 'someName'), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -481,7 +693,7 @@ describe('getMultipartUploadHandlers with key', () => { expect(Object.keys(cacheValue)).toEqual([ expect.stringMatching( // \d{13} is the file lastModified property of a file - /someName_\d{13}_8388608_application\/octet-stream_bucket_public_key/, + /someName_\d{13}_Jz3O2w==_8388608_application\/octet-stream_bucket_public_key/, ), ]); }); @@ -504,6 +716,9 @@ describe('getMultipartUploadHandlers with key', () => { { key: defaultKey, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -522,6 +737,9 @@ describe('getMultipartUploadHandlers with key', () => { { key: defaultKey, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -549,6 +767,9 @@ describe('getMultipartUploadHandlers with key', () => { { key: defaultKey, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -571,6 +792,9 @@ describe('getMultipartUploadHandlers with key', () => { { key: defaultKey, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -588,10 +812,13 @@ describe('getMultipartUploadHandlers with key', () => { describe('cancel()', () => { it('should abort in-flight uploadPart requests and throw if upload is canceled', async () => { - const { multipartUploadJob, onCancel } = getMultipartUploadHandlers({ - key: defaultKey, - data: new ArrayBuffer(8 * MB), - }); + const { multipartUploadJob, onCancel } = getMultipartUploadHandlers( + { + key: defaultKey, + data: new ArrayBuffer(8 * MB), + }, + 8 * MB, + ); let partCount = 0; mockMultipartUploadCancellation(() => { partCount++; @@ -615,24 +842,41 @@ describe('getMultipartUploadHandlers with key', () => { describe('pause() & resume()', () => { it('should abort in-flight uploadPart requests if upload is paused', async () => { + let pausedOnce = false; + + let resumeTest: () => void; + const waitForPause = new Promise(resolve => { + resumeTest = () => { + resolve(); + }; + }); + const { multipartUploadJob, onPause, onResume } = - getMultipartUploadHandlers({ - key: defaultKey, - data: new ArrayBuffer(8 * MB), - }); + getMultipartUploadHandlers( + { + key: defaultKey, + data: new ArrayBuffer(8 * MB), + }, + 8 * MB, + ); let partCount = 0; mockMultipartUploadCancellation(() => { partCount++; - if (partCount === 2) { + if (partCount === 2 && !pausedOnce) { onPause(); // Pause upload at the the last uploadPart call + resumeTest(); + pausedOnce = true; } }); const uploadPromise = multipartUploadJob(); + await waitForPause; + await getZeroDelayTimeout(); onResume(); await uploadPromise; - expect(mockUploadPart).toHaveBeenCalledTimes(2); + expect(mockUploadPart).toHaveBeenCalledTimes(3); expect(mockUploadPart.mock.calls[0][0].abortSignal?.aborted).toBe(true); expect(mockUploadPart.mock.calls[1][0].abortSignal?.aborted).toBe(true); + expect(mockUploadPart.mock.calls[2][0].abortSignal?.aborted).toBe(false); }); }); @@ -673,9 +917,7 @@ describe('getMultipartUploadHandlers with key', () => { it('should send progress for cached upload parts', async () => { mockMultipartUploadSuccess(); - const mockDefaultStorage = defaultStorage as jest.Mocked< - typeof defaultStorage - >; + const mockDefaultStorage = jest.mocked(defaultStorage); mockDefaultStorage.getItem.mockResolvedValue( JSON.stringify({ [defaultCacheKey]: { @@ -697,6 +939,7 @@ describe('getMultipartUploadHandlers with key', () => { data: new ArrayBuffer(8 * MB), options: { onProgress, + resumableUploadsCache: mockDefaultStorage, }, }, 8 * MB, @@ -729,9 +972,10 @@ describe('getMultipartUploadHandlers with path', () => { }); }); - afterEach(() => { + beforeEach(() => { jest.clearAllMocks(); resetS3Mocks(); + mockCalculateContentCRC32Reset(); }); it('should return multipart upload handlers', async () => { @@ -773,10 +1017,13 @@ describe('getMultipartUploadHandlers with path', () => { `should upload a %s type body that splits into 2 parts to path ${expectedKey}`, async (_, twoPartsPayload) => { mockMultipartUploadSuccess(); - const { multipartUploadJob } = getMultipartUploadHandlers({ - path: inputPath, - data: twoPartsPayload, - }); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: inputPath, + data: twoPartsPayload, + }, + byteLength(twoPartsPayload)!, + ); const result = await multipartUploadJob(); await expect( mockCreateMultipartUpload, @@ -802,12 +1049,88 @@ describe('getMultipartUploadHandlers with path', () => { ); }); + it.each([ + [ + 'file', + new File([getBlob(8 * MB)], 'someName'), + ['JCnBsQ==', 'HELzGQ=='], + ], + ['blob', getBlob(8 * MB), ['JCnBsQ==', 'HELzGQ==']], + ['string', 'Ü'.repeat(4 * MB), ['DL735w==', 'Akga7g==']], + ['arrayBuffer', new ArrayBuffer(8 * MB), ['yTuzdQ==', 'eXJPxg==']], + ['arrayBufferView', new Uint8Array(8 * MB), ['yTuzdQ==', 'eXJPxg==']], + ])( + `should create crc32 for %s type body`, + async (_, twoPartsPayload, expectedCrc32) => { + mockMultipartUploadSuccess(); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: testPath, + data: twoPartsPayload, + options: { + checksumAlgorithm: CHECKSUM_ALGORITHM_CRC32, + }, + }, + byteLength(twoPartsPayload)!, + ); + await multipartUploadJob(); + + /** + * final crc32 calculation calls calculateContentCRC32 3 times + * 1 time for each of the 2 parts + * 1 time to combine the resulting hash for each of the two parts + * + * uploading each part calls calculateContentCRC32 1 time each + * + * 1 time for optionsHash + * + * these steps results in 6 calls in total + */ + expect(calculateContentCRC32).toHaveBeenCalledTimes(6); + expect(calculateContentMd5).not.toHaveBeenCalled(); + expect(mockUploadPart).toHaveBeenCalledTimes(2); + expect(mockUploadPart).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ ChecksumCRC32: expectedCrc32[0] }), + ); + expect(mockUploadPart).toHaveBeenCalledWith( + expect.anything(), + expect.objectContaining({ ChecksumCRC32: expectedCrc32[1] }), + ); + }, + ); + + it('should use md5 if no using crc32', async () => { + mockMultipartUploadSuccess(); + Amplify.libraryOptions = { + Storage: { + S3: { + isObjectLockEnabled: true, + }, + }, + }; + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: testPath, + data: new Uint8Array(8 * MB), + }, + 8 * MB, + ); + await multipartUploadJob(); + expect(calculateContentCRC32).toHaveBeenCalledTimes(1); // (final crc32 calculation = 1 undefined) + expect(calculateContentMd5).toHaveBeenCalledTimes(2); + expect(mockUploadPart).toHaveBeenCalledTimes(2); + }); + it('should throw if unsupported payload type is provided', async () => { mockMultipartUploadSuccess(); - const { multipartUploadJob } = getMultipartUploadHandlers({ - path: testPath, - data: 1 as any, - }); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: testPath, + data: 1 as any, + }, + 1, + ); await expect(multipartUploadJob()).rejects.toThrow( expect.objectContaining( validationErrorMap[StorageValidationErrorCode.InvalidUploadSource], @@ -816,6 +1139,7 @@ describe('getMultipartUploadHandlers with path', () => { }); it('should upload a body that exceeds the size of default part size and parts count', async () => { + mockCalculateContentCRC32Mock(); let buffer: ArrayBuffer; const file = { __proto__: File.prototype, @@ -836,11 +1160,14 @@ describe('getMultipartUploadHandlers with path', () => { { path: testPath, data: file, + options: { + checksumAlgorithm: CHECKSUM_ALGORITHM_CRC32, + }, }, file.size, ); await multipartUploadJob(); - expect(file.slice).toHaveBeenCalledTimes(10_000); // S3 limit of parts count + expect(file.slice).toHaveBeenCalledTimes(10_000 * 2); // S3 limit of parts count double for crc32 calculations expect(mockCreateMultipartUpload).toHaveBeenCalledTimes(1); expect(mockUploadPart).toHaveBeenCalledTimes(10_000); expect(mockCompleteMultipartUpload).toHaveBeenCalledTimes(1); @@ -881,10 +1208,13 @@ describe('getMultipartUploadHandlers with path', () => { mockCreateMultipartUpload.mockReset(); mockCreateMultipartUpload.mockRejectedValueOnce(new Error('error')); - const { multipartUploadJob } = getMultipartUploadHandlers({ - path: testPath, - data: new ArrayBuffer(8 * MB), - }); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: testPath, + data: new ArrayBuffer(8 * MB), + }, + 8 * MB, + ); await expect(multipartUploadJob()).rejects.toThrow('error'); }); @@ -894,10 +1224,13 @@ describe('getMultipartUploadHandlers with path', () => { mockCompleteMultipartUpload.mockReset(); mockCompleteMultipartUpload.mockRejectedValueOnce(new Error('error')); - const { multipartUploadJob } = getMultipartUploadHandlers({ - path: testPath, - data: new ArrayBuffer(8 * MB), - }); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: testPath, + data: new ArrayBuffer(8 * MB), + }, + 8 * MB, + ); await expect(multipartUploadJob()).rejects.toThrow('error'); }); @@ -912,28 +1245,63 @@ describe('getMultipartUploadHandlers with path', () => { }); mockUploadPart.mockRejectedValueOnce(new Error('error')); - const { multipartUploadJob } = getMultipartUploadHandlers({ - path: testPath, - data: new ArrayBuffer(8 * MB), - }); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: testPath, + data: new ArrayBuffer(8 * MB), + }, + 8 * MB, + ); await expect(multipartUploadJob()).rejects.toThrow('error'); expect(mockUploadPart).toHaveBeenCalledTimes(2); expect(mockCompleteMultipartUpload).not.toHaveBeenCalled(); }); + describe('overwrite prevention', () => { + it('should include if-none-match header in complete request', async () => { + expect.assertions(3); + mockMultipartUploadSuccess(); + + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: testPath, + data: new ArrayBuffer(8 * MB), + options: { preventOverwrite: true }, + }, + 8 * MB, + ); + await multipartUploadJob(); + + await expect( + mockCompleteMultipartUpload, + ).toBeLastCalledWithConfigAndInput( + expect.objectContaining({ + credentials, + region, + }), + expect.objectContaining({ + IfNoneMatch: '*', + }), + ); + }); + }); + describe('bucket passed in options', () => { const mockData = 'Ü'.repeat(4 * MB); it('should override bucket in putObject call when bucket as object', async () => { const mockBucket = 'bucket-1'; const mockRegion = 'region-1'; mockMultipartUploadSuccess(); - const { multipartUploadJob } = getMultipartUploadHandlers({ - path: 'path/', - data: mockData, - options: { - bucket: { bucketName: mockBucket, region: mockRegion }, + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: 'path/', + data: mockData, + options: { + bucket: { bucketName: mockBucket, region: mockRegion }, + }, }, - }); + byteLength(mockData)!, + ); await multipartUploadJob(); await expect( mockCreateMultipartUpload, @@ -955,13 +1323,16 @@ describe('getMultipartUploadHandlers with path', () => { }); it('should override bucket in putObject call when bucket as string', async () => { mockMultipartUploadSuccess(); - const { multipartUploadJob } = getMultipartUploadHandlers({ - path: 'path/', - data: mockData, - options: { - bucket: 'default-bucket', + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: 'path/', + data: mockData, + options: { + bucket: 'default-bucket', + }, }, - }); + byteLength(mockData)!, + ); await multipartUploadJob(); await expect( mockCreateMultipartUpload, @@ -982,6 +1353,56 @@ describe('getMultipartUploadHandlers with path', () => { expect(mockCompleteMultipartUpload).toHaveBeenCalledTimes(1); }); }); + + describe('cache validation', () => { + it.each([ + { + name: 'wrong part count', + parts: [{ PartNumber: 1 }, { PartNumber: 2 }, { PartNumber: 3 }], + }, + { + name: 'wrong part numbers', + parts: [{ PartNumber: 1 }, { PartNumber: 1 }], + }, + ])('should throw with $name', async ({ parts }) => { + mockMultipartUploadSuccess(); + + const mockDefaultStorage = defaultStorage as jest.Mocked< + typeof defaultStorage + >; + mockDefaultStorage.getItem.mockResolvedValue( + JSON.stringify({ + [testPathCacheKey]: { + uploadId: 'uploadId', + bucket, + key: defaultKey, + finalCrc32: 'mock-crc32', + }, + }), + ); + mockListParts.mockResolvedValue({ + Parts: parts, + $metadata: {}, + }); + + const onProgress = jest.fn(); + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: testPath, + data: new ArrayBuffer(8 * MB), + options: { + onProgress, + resumableUploadsCache: mockDefaultStorage, + }, + }, + 8 * MB, + ); + await expect(multipartUploadJob()).rejects.toThrow({ + name: 'Unknown', + message: 'An unknown error has occurred.', + }); + }); + }); }); describe('upload caching', () => { @@ -993,6 +1414,23 @@ describe('getMultipartUploadHandlers with path', () => { mockDefaultStorage.setItem.mockReset(); }); + it('should disable upload caching if resumableUploadsCache option is not set', async () => { + mockMultipartUploadSuccess(); + const size = 8 * MB; + const { multipartUploadJob } = getMultipartUploadHandlers( + { + path: testPath, + data: new ArrayBuffer(size), + }, + size, + ); + await multipartUploadJob(); + expect(mockDefaultStorage.getItem).not.toHaveBeenCalled(); + expect(mockDefaultStorage.setItem).not.toHaveBeenCalled(); + expect(mockCreateMultipartUpload).toHaveBeenCalledTimes(1); + expect(mockListParts).not.toHaveBeenCalled(); + }); + it('should send createMultipartUpload request if the upload task is not cached', async () => { mockMultipartUploadSuccess(); const size = 8 * MB; @@ -1000,6 +1438,9 @@ describe('getMultipartUploadHandlers with path', () => { { path: testPath, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -1028,6 +1469,9 @@ describe('getMultipartUploadHandlers with path', () => { { path: testPath, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -1046,6 +1490,9 @@ describe('getMultipartUploadHandlers with path', () => { { path: testPath, data: new File([new ArrayBuffer(size)], 'someName'), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -1056,12 +1503,10 @@ describe('getMultipartUploadHandlers with path', () => { mockDefaultStorage.setItem.mock.calls[0][1], ); - // \d{13} is the file lastModified property of a file - const lastModifiedRegex = /someName_\d{13}_/; - expect(Object.keys(cacheValue)).toEqual([ expect.stringMatching( - new RegExp(lastModifiedRegex.source + testPathCacheKey), + // \d{13} is the file lastModified property of a file + new RegExp('someName_\\d{13}_' + testPathCacheKey), ), ]); }); @@ -1084,6 +1529,9 @@ describe('getMultipartUploadHandlers with path', () => { { path: testPath, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -1102,6 +1550,9 @@ describe('getMultipartUploadHandlers with path', () => { { path: testPath, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -1127,6 +1578,9 @@ describe('getMultipartUploadHandlers with path', () => { { path: testPath, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -1149,6 +1603,9 @@ describe('getMultipartUploadHandlers with path', () => { { path: testPath, data: new ArrayBuffer(size), + options: { + resumableUploadsCache: mockDefaultStorage, + }, }, size, ); @@ -1166,10 +1623,13 @@ describe('getMultipartUploadHandlers with path', () => { describe('cancel()', () => { it('should abort in-flight uploadPart requests and throw if upload is canceled', async () => { - const { multipartUploadJob, onCancel } = getMultipartUploadHandlers({ - path: testPath, - data: new ArrayBuffer(8 * MB), - }); + const { multipartUploadJob, onCancel } = getMultipartUploadHandlers( + { + path: testPath, + data: new ArrayBuffer(8 * MB), + }, + 8 * MB, + ); let partCount = 0; mockMultipartUploadCancellation(() => { partCount++; @@ -1193,24 +1653,41 @@ describe('getMultipartUploadHandlers with path', () => { describe('pause() & resume()', () => { it('should abort in-flight uploadPart requests if upload is paused', async () => { + let pausedOnce = false; + let resumeTest: () => void; + const waitForPause = new Promise(resolve => { + resumeTest = () => { + resolve(); + }; + }); + const { multipartUploadJob, onPause, onResume } = - getMultipartUploadHandlers({ - path: testPath, - data: new ArrayBuffer(8 * MB), - }); + getMultipartUploadHandlers( + { + path: testPath, + data: new ArrayBuffer(8 * MB), + }, + 8 * MB, + ); let partCount = 0; mockMultipartUploadCancellation(() => { partCount++; - if (partCount === 2) { + if (partCount === 2 && !pausedOnce) { onPause(); // Pause upload at the the last uploadPart call + resumeTest(); + pausedOnce = true; } }); const uploadPromise = multipartUploadJob(); + await waitForPause; + await getZeroDelayTimeout(); + onResume(); await uploadPromise; - expect(mockUploadPart).toHaveBeenCalledTimes(2); + expect(mockUploadPart).toHaveBeenCalledTimes(3); expect(mockUploadPart.mock.calls[0][0].abortSignal?.aborted).toBe(true); expect(mockUploadPart.mock.calls[1][0].abortSignal?.aborted).toBe(true); + expect(mockUploadPart.mock.calls[2][0].abortSignal?.aborted).toBe(false); }); }); @@ -1251,9 +1728,8 @@ describe('getMultipartUploadHandlers with path', () => { it('should send progress for cached upload parts', async () => { mockMultipartUploadSuccess(); - const mockDefaultStorage = defaultStorage as jest.Mocked< - typeof defaultStorage - >; + const mockDefaultStorage = jest.mocked(defaultStorage); + mockDefaultStorage.getItem.mockResolvedValue( JSON.stringify({ [testPathCacheKey]: { @@ -1275,6 +1751,7 @@ describe('getMultipartUploadHandlers with path', () => { data: new ArrayBuffer(8 * MB), options: { onProgress, + resumableUploadsCache: mockDefaultStorage, }, }, 8 * MB, diff --git a/packages/storage/__tests__/providers/s3/apis/uploadData/putObjectJob.test.ts b/packages/storage/__tests__/providers/s3/apis/internal/uploadData/putObjectJob.test.ts similarity index 59% rename from packages/storage/__tests__/providers/s3/apis/uploadData/putObjectJob.test.ts rename to packages/storage/__tests__/providers/s3/apis/internal/uploadData/putObjectJob.test.ts index aa9cf2ff8cd..2665fdef227 100644 --- a/packages/storage/__tests__/providers/s3/apis/uploadData/putObjectJob.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/internal/uploadData/putObjectJob.test.ts @@ -4,14 +4,17 @@ import { AWSCredentials } from '@aws-amplify/core/internals/utils'; import { Amplify } from '@aws-amplify/core'; -import { putObject } from '../../../../../src/providers/s3/utils/client'; -import { calculateContentMd5 } from '../../../../../src/providers/s3/utils'; -import { putObjectJob } from '../../../../../src/providers/s3/apis/uploadData/putObjectJob'; +import { putObject } from '../../../../../../src/providers/s3/utils/client/s3data'; +import { calculateContentMd5 } from '../../../../../../src/providers/s3/utils'; +import * as CRC32 from '../../../../../../src/providers/s3/utils/crc32'; +import { putObjectJob } from '../../../../../../src/providers/s3/apis/internal/uploadData/putObjectJob'; import '../testUtils'; +import { UploadDataChecksumAlgorithm } from '../../../../../../src/providers/s3/types/options'; +import { CHECKSUM_ALGORITHM_CRC32 } from '../../../../../../src/providers/s3/utils/constants'; -jest.mock('../../../../../src/providers/s3/utils/client'); -jest.mock('../../../../../src/providers/s3/utils', () => { - const utils = jest.requireActual('../../../../../src/providers/s3/utils'); +jest.mock('../../../../../../src/providers/s3/utils/client/s3data'); +jest.mock('../../../../../../src/providers/s3/utils', () => { + const utils = jest.requireActual('../../../../../../src/providers/s3/utils'); return { ...utils, @@ -40,6 +43,8 @@ const mockFetchAuthSession = jest.mocked(Amplify.Auth.fetchAuthSession); const mockPutObject = jest.mocked(putObject); const bucket = 'bucket'; const region = 'region'; +const data = 'data'; +const dataLength = data.length; mockFetchAuthSession.mockResolvedValue({ credentials, @@ -64,67 +69,84 @@ mockPutObject.mockResolvedValue({ describe('putObjectJob with key', () => { beforeEach(() => { mockPutObject.mockClear(); + jest.spyOn(CRC32, 'calculateContentCRC32').mockRestore(); }); - it('should supply the correct parameters to putObject API handler', async () => { - const abortController = new AbortController(); - const inputKey = 'key'; - const data = 'data'; - const mockContentType = 'contentType'; - const contentDisposition = 'contentDisposition'; - const contentEncoding = 'contentEncoding'; - const mockMetadata = { key: 'value' }; - const onProgress = jest.fn(); - const useAccelerateEndpoint = true; + it.each<{ checksumAlgorithm: UploadDataChecksumAlgorithm | undefined }>([ + { checksumAlgorithm: CHECKSUM_ALGORITHM_CRC32 }, + { checksumAlgorithm: undefined }, + ])( + 'should supply the correct parameters to putObject API handler with checksumAlgorithm as $checksumAlgorithm', + async ({ checksumAlgorithm }) => { + const abortController = new AbortController(); + const inputKey = 'key'; + const mockContentType = 'contentType'; + const contentDisposition = 'contentDisposition'; + const contentEncoding = 'contentEncoding'; + const mockMetadata = { key: 'value' }; + const onProgress = jest.fn(); + const useAccelerateEndpoint = true; - const job = putObjectJob( - { + const job = putObjectJob( + { + key: inputKey, + data, + options: { + contentDisposition, + contentEncoding, + contentType: mockContentType, + metadata: mockMetadata, + onProgress, + useAccelerateEndpoint, + checksumAlgorithm, + }, + }, + abortController.signal, + dataLength, + ); + const result = await job(); + expect(result).toEqual({ key: inputKey, - data, - options: { - contentDisposition, - contentEncoding, - contentType: mockContentType, - metadata: mockMetadata, - onProgress, - useAccelerateEndpoint, + eTag: 'eTag', + versionId: 'versionId', + contentType: 'contentType', + metadata: { key: 'value' }, + size: dataLength, + }); + expect(mockPutObject).toHaveBeenCalledTimes(1); + await expect(mockPutObject).toBeLastCalledWithConfigAndInput( + { + credentials, + region, + abortSignal: abortController.signal, + onUploadProgress: expect.any(Function), + useAccelerateEndpoint: true, + userAgentValue: expect.any(String), }, - }, - abortController.signal, - ); - const result = await job(); - expect(result).toEqual({ - key: inputKey, - eTag: 'eTag', - versionId: 'versionId', - contentType: 'contentType', - metadata: { key: 'value' }, - size: undefined, - }); - expect(mockPutObject).toHaveBeenCalledTimes(1); - await expect(mockPutObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - abortSignal: abortController.signal, - onUploadProgress: expect.any(Function), - useAccelerateEndpoint: true, - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - Key: `public/${inputKey}`, - Body: data, - ContentType: mockContentType, - ContentDisposition: contentDisposition, - ContentEncoding: contentEncoding, - Metadata: mockMetadata, - ContentMD5: undefined, - }, - ); - }); + { + Bucket: bucket, + Key: `public/${inputKey}`, + Body: data, + ContentType: mockContentType, + ContentDisposition: contentDisposition, + ContentEncoding: contentEncoding, + Metadata: mockMetadata, + + // ChecksumCRC32 is set when putObjectJob() is called with checksumAlgorithm: 'crc-32' + ChecksumCRC32: + checksumAlgorithm === CHECKSUM_ALGORITHM_CRC32 + ? 'rfPzYw==' + : undefined, + }, + ); + }, + ); it('should set ContentMD5 if object lock is enabled', async () => { + jest + .spyOn(CRC32, 'calculateContentCRC32') + .mockResolvedValue(undefined as any); + Amplify.libraryOptions = { Storage: { S3: { @@ -138,6 +160,7 @@ describe('putObjectJob with key', () => { data: 'data', }, new AbortController().signal, + dataLength, ); await job(); expect(calculateContentMd5).toHaveBeenCalledWith('data'); @@ -146,7 +169,6 @@ describe('putObjectJob with key', () => { describe('bucket passed in options', () => { it('should override bucket in putObject call when bucket as object', async () => { const abortController = new AbortController(); - const data = 'data'; const bucketName = 'bucket-1'; const mockRegion = 'region-1'; @@ -162,6 +184,7 @@ describe('putObjectJob with key', () => { }, }, new AbortController().signal, + dataLength, ); await job(); @@ -183,7 +206,6 @@ describe('putObjectJob with key', () => { it('should override bucket in putObject call when bucket as string', async () => { const abortController = new AbortController(); - const data = 'data'; const job = putObjectJob( { key: 'key', @@ -193,6 +215,7 @@ describe('putObjectJob with key', () => { }, }, new AbortController().signal, + dataLength, ); await job(); @@ -217,22 +240,43 @@ describe('putObjectJob with key', () => { describe('putObjectJob with path', () => { beforeEach(() => { mockPutObject.mockClear(); + jest.spyOn(CRC32, 'calculateContentCRC32').mockRestore(); }); - test.each([ + it.each<{ checksumAlgorithm: UploadDataChecksumAlgorithm | undefined }>([ + { checksumAlgorithm: CHECKSUM_ALGORITHM_CRC32 }, + { checksumAlgorithm: undefined }, + ]); + + test.each<{ + path: string | (() => string); + expectedKey: string; + checksumAlgorithm: UploadDataChecksumAlgorithm | undefined; + }>([ + { + path: testPath, + expectedKey: testPath, + checksumAlgorithm: CHECKSUM_ALGORITHM_CRC32, + }, + { + path: () => testPath, + expectedKey: testPath, + checksumAlgorithm: CHECKSUM_ALGORITHM_CRC32, + }, { path: testPath, expectedKey: testPath, + checksumAlgorithm: undefined, }, { path: () => testPath, expectedKey: testPath, + checksumAlgorithm: undefined, }, ])( - 'should supply the correct parameters to putObject API handler when path is $path', - async ({ path: inputPath, expectedKey }) => { + 'should supply the correct parameters to putObject API handler when path is $path and checksumAlgorithm is $checksumAlgorithm', + async ({ path: inputPath, expectedKey, checksumAlgorithm }) => { const abortController = new AbortController(); - const data = 'data'; const mockContentType = 'contentType'; const contentDisposition = 'contentDisposition'; const contentEncoding = 'contentEncoding'; @@ -251,9 +295,11 @@ describe('putObjectJob with path', () => { metadata: mockMetadata, onProgress, useAccelerateEndpoint, + checksumAlgorithm, }, }, abortController.signal, + dataLength, ); const result = await job(); expect(result).toEqual({ @@ -262,7 +308,7 @@ describe('putObjectJob with path', () => { versionId: 'versionId', contentType: 'contentType', metadata: { key: 'value' }, - size: undefined, + size: dataLength, }); expect(mockPutObject).toHaveBeenCalledTimes(1); await expect(mockPutObject).toBeLastCalledWithConfigAndInput( @@ -282,13 +328,22 @@ describe('putObjectJob with path', () => { ContentDisposition: contentDisposition, ContentEncoding: contentEncoding, Metadata: mockMetadata, - ContentMD5: undefined, + + // ChecksumCRC32 is set when putObjectJob() is called with checksumAlgorithm: 'crc-32' + ChecksumCRC32: + checksumAlgorithm === CHECKSUM_ALGORITHM_CRC32 + ? 'rfPzYw==' + : undefined, }, ); }, ); it('should set ContentMD5 if object lock is enabled', async () => { + jest + .spyOn(CRC32, 'calculateContentCRC32') + .mockResolvedValue(undefined as any); + Amplify.libraryOptions = { Storage: { S3: { @@ -299,18 +354,40 @@ describe('putObjectJob with path', () => { const job = putObjectJob( { path: testPath, - data: 'data', + data, }, new AbortController().signal, + dataLength, ); await job(); expect(calculateContentMd5).toHaveBeenCalledWith('data'); }); + describe('overwrite prevention', () => { + it('should include if-none-match header', async () => { + const job = putObjectJob( + { + path: testPath, + data, + options: { preventOverwrite: true }, + }, + new AbortController().signal, + dataLength, + ); + await job(); + + await expect(mockPutObject).toBeLastCalledWithConfigAndInput( + expect.objectContaining({ credentials, region }), + expect.objectContaining({ + IfNoneMatch: '*', + }), + ); + }); + }); + describe('bucket passed in options', () => { it('should override bucket in putObject call when bucket as object', async () => { const abortController = new AbortController(); - const data = 'data'; const bucketName = 'bucket-1'; const mockRegion = 'region-1'; @@ -326,6 +403,7 @@ describe('putObjectJob with path', () => { }, }, new AbortController().signal, + dataLength, ); await job(); @@ -347,7 +425,6 @@ describe('putObjectJob with path', () => { it('should override bucket in putObject call when bucket as string', async () => { const abortController = new AbortController(); - const data = 'data'; const job = putObjectJob( { path: 'path/', @@ -357,6 +434,7 @@ describe('putObjectJob with path', () => { }, }, new AbortController().signal, + dataLength, ); await job(); diff --git a/packages/storage/__tests__/providers/s3/apis/list.test.ts b/packages/storage/__tests__/providers/s3/apis/list.test.ts index e01096a1113..578b74a971b 100644 --- a/packages/storage/__tests__/providers/s3/apis/list.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/list.test.ts @@ -1,860 +1,71 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { AWSCredentials } from '@aws-amplify/core/internals/utils'; -import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; +import { Amplify } from '@aws-amplify/core'; -import { listObjectsV2 } from '../../../../src/providers/s3/utils/client'; -import { list } from '../../../../src/providers/s3'; import { ListAllInput, - ListAllOutput, ListAllWithPathInput, - ListAllWithPathOutput, ListPaginateInput, - ListPaginateOutput, ListPaginateWithPathInput, - ListPaginateWithPathOutput, -} from '../../../../src/providers/s3/types'; -import './testUtils'; +} from '../../../../src'; +import { list } from '../../../../src/providers/s3/apis'; +import { list as internalListImpl } from '../../../../src/providers/s3/apis/internal/list'; -jest.mock('../../../../src/providers/s3/utils/client'); -jest.mock('@aws-amplify/core', () => ({ - ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { - return { debug: jest.fn() }; - }), - Amplify: { - getConfig: jest.fn(), - Auth: { - fetchAuthSession: jest.fn(), - }, - }, -})); -const mockFetchAuthSession = Amplify.Auth.fetchAuthSession as jest.Mock; -const mockGetConfig = jest.mocked(Amplify.getConfig); -const mockListObject = listObjectsV2 as jest.Mock; -const inputKey = 'path/itemsKey'; -const bucket = 'bucket'; -const region = 'region'; -const nextToken = 'nextToken'; -const targetIdentityId = 'targetIdentityId'; -const defaultIdentityId = 'defaultIdentityId'; -const etagValue = 'eTag'; -const lastModifiedValue = 'lastModified'; -const sizeValue = 'size'; -const credentials: AWSCredentials = { - accessKeyId: 'accessKeyId', - sessionToken: 'sessionToken', - secretAccessKey: 'secretAccessKey', -}; -const listObjectClientConfig = { - credentials, - region, - userAgentValue: expect.any(String), -}; -const listObjectClientBaseResultItem = { - ETag: etagValue, - LastModified: lastModifiedValue, - Size: sizeValue, -}; -const listResultItem = { - eTag: etagValue, - lastModified: lastModifiedValue, - size: sizeValue, -}; -const mockListObjectsV2ApiWithPages = (pages: number) => { - let methodCalls = 0; - mockListObject.mockClear(); - mockListObject.mockImplementation(async (_, input) => { - let token: string | undefined; - methodCalls++; - if (methodCalls > pages) { - fail(`listObjectsV2 calls are more than expected. Expected ${pages}`); - } - if (input.ContinuationToken === undefined || methodCalls < pages) { - token = nextToken; - } +jest.mock('../../../../src/providers/s3/apis/internal/list'); - return { - Contents: [{ ...listObjectClientBaseResultItem, Key: input.Prefix }], - NextContinuationToken: token, - }; - }); -}; +const mockInternalListImpl = jest.mocked(internalListImpl); -describe('list API', () => { - beforeAll(() => { - mockFetchAuthSession.mockResolvedValue({ - credentials, - identityId: defaultIdentityId, - }); - mockGetConfig.mockReturnValue({ - Storage: { - S3: { - bucket, - region, - buckets: { 'default-bucket': { bucketName: bucket, region } }, - }, - }, - }); +describe('client-side list', () => { + beforeEach(() => { + jest.clearAllMocks(); }); - describe('Prefix: Happy Cases:', () => { - const listAllWrapper = (input: ListAllInput): Promise => - list(input); - const listPaginatedWrapper = ( - input: ListPaginateInput, - ): Promise => list(input); - afterEach(() => { - jest.clearAllMocks(); - }); - - const accessLevelTests: { - prefix?: string; - expectedKey: string; - options?: { - accessLevel?: StorageAccessLevel; - targetIdentityId?: string; - }; - }[] = [ - { - expectedKey: `public/`, - }, - { - options: { accessLevel: 'guest' }, - expectedKey: `public/`, - }, - { - prefix: inputKey, - expectedKey: `public/${inputKey}`, - }, - { - prefix: inputKey, - options: { accessLevel: 'guest' }, - expectedKey: `public/${inputKey}`, - }, - { - prefix: inputKey, - options: { accessLevel: 'private' }, - expectedKey: `private/${defaultIdentityId}/${inputKey}`, - }, - { - prefix: inputKey, - options: { accessLevel: 'protected' }, - expectedKey: `protected/${defaultIdentityId}/${inputKey}`, - }, - { - prefix: inputKey, - options: { accessLevel: 'protected', targetIdentityId }, - expectedKey: `protected/${targetIdentityId}/${inputKey}`, - }, - ]; - - accessLevelTests.forEach(({ prefix, options, expectedKey }) => { - const pathMsg = prefix ? 'custom' : 'default'; - const accessLevelMsg = options?.accessLevel ?? 'default'; - const targetIdentityIdMsg = options?.targetIdentityId - ? `with targetIdentityId` - : ''; - it(`should list objects with pagination, default pageSize, ${pathMsg} path, ${accessLevelMsg} accessLevel ${targetIdentityIdMsg}`, async () => { - mockListObject.mockImplementationOnce(() => { - return { - Contents: [{ ...listObjectClientBaseResultItem, Key: expectedKey }], - NextContinuationToken: nextToken, - }; - }); - const response = await listPaginatedWrapper({ - prefix, - options, - }); - const { key, eTag, size, lastModified } = response.items[0]; - expect(response.items).toHaveLength(1); - expect({ key, eTag, size, lastModified }).toEqual({ - key: prefix ?? '', - ...listResultItem, - }); - expect(response.nextToken).toEqual(nextToken); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: expectedKey, - }, - ); - }); - }); - - accessLevelTests.forEach(({ prefix, options, expectedKey }) => { - const pathMsg = prefix ? 'custom' : 'default'; - const accessLevelMsg = options?.accessLevel ?? 'default'; - const targetIdentityIdMsg = options?.targetIdentityId - ? `with targetIdentityId` - : ''; - it(`should list objects with pagination using pageSize, nextToken, ${pathMsg} path, ${accessLevelMsg} accessLevel ${targetIdentityIdMsg}`, async () => { - mockListObject.mockImplementationOnce(() => { - return { - Contents: [{ ...listObjectClientBaseResultItem, Key: expectedKey }], - NextContinuationToken: nextToken, - }; - }); - const customPageSize = 5; - const response = await listPaginatedWrapper({ - prefix, - options: { - ...options, - pageSize: customPageSize, - nextToken, - }, - }); - const { key, eTag, size, lastModified } = response.items[0]; - expect(response.items).toHaveLength(1); - expect({ key, eTag, size, lastModified }).toEqual({ - key: prefix ?? '', - ...listResultItem, - }); - expect(response.nextToken).toEqual(nextToken); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - Prefix: expectedKey, - ContinuationToken: nextToken, - MaxKeys: customPageSize, - }, - ); - }); - }); - - accessLevelTests.forEach(({ prefix, options, expectedKey }) => { - const pathMsg = prefix ? 'custom' : 'default'; - const accessLevelMsg = options?.accessLevel ?? 'default'; - const targetIdentityIdMsg = options?.targetIdentityId - ? `with targetIdentityId` - : ''; - it(`should list objects with zero results with ${pathMsg} path, ${accessLevelMsg} accessLevel ${targetIdentityIdMsg}`, async () => { - mockListObject.mockImplementationOnce(() => { - return {}; - }); - const response = await listPaginatedWrapper({ - prefix, - options, - }); - expect(response.items).toEqual([]); - expect(response.nextToken).toEqual(undefined); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: expectedKey, - }, - ); - }); - }); - - accessLevelTests.forEach( - ({ prefix: inputPrefix, options, expectedKey }) => { - const pathMsg = inputPrefix ? 'custom' : 'default'; - const accessLevelMsg = options?.accessLevel ?? 'default'; - const targetIdentityIdMsg = options?.targetIdentityId - ? `with targetIdentityId` - : ''; - it(`should list all objects having three pages with ${pathMsg} path, ${accessLevelMsg} accessLevel ${targetIdentityIdMsg}`, async () => { - mockListObjectsV2ApiWithPages(3); - const result = await listAllWrapper({ - prefix: inputPrefix, - options: { ...options, listAll: true }, - }); - const { key, eTag, lastModified, size } = result.items[0]; - expect(result.items).toHaveLength(3); - expect({ key, eTag, lastModified, size }).toEqual({ - ...listResultItem, - key: inputPrefix ?? '', - }); - expect(result).not.toHaveProperty(nextToken); - - // listing three times for three pages - expect(listObjectsV2).toHaveBeenCalledTimes(3); - - // first input receives undefined as the Continuation Token - await expect(listObjectsV2).toHaveBeenNthCalledWithConfigAndInput( - 1, - listObjectClientConfig, - { - Bucket: bucket, - Prefix: expectedKey, - MaxKeys: 1000, - ContinuationToken: undefined, - }, - ); - // last input receives TEST_TOKEN as the Continuation Token - await expect(listObjectsV2).toHaveBeenNthCalledWithConfigAndInput( - 3, - listObjectClientConfig, - { - Bucket: bucket, - Prefix: expectedKey, - MaxKeys: 1000, - ContinuationToken: nextToken, - }, - ); - }); - }, - ); - - describe('bucket passed in options', () => { - it('should override bucket in listObject call when bucket is object', async () => { - mockListObject.mockImplementationOnce(() => { - return { - Contents: [ - { - ...listObjectClientBaseResultItem, - Key: inputKey, - }, - ], - NextContinuationToken: nextToken, - }; - }); - const mockBucketName = 'bucket-1'; - const mockRegion = 'region-1'; - await listPaginatedWrapper({ - prefix: inputKey, - options: { - bucket: { bucketName: mockBucketName, region: mockRegion }, - }, - }); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - { - credentials, - region: mockRegion, - userAgentValue: expect.any(String), - }, - { - Bucket: mockBucketName, - MaxKeys: 1000, - Prefix: `public/${inputKey}`, - }, - ); - }); - - it('should override bucket in listObject call when bucket is string', async () => { - mockListObject.mockImplementationOnce(() => { - return { - Contents: [ - { - ...listObjectClientBaseResultItem, - Key: inputKey, - }, - ], - NextContinuationToken: nextToken, - }; - }); - await listPaginatedWrapper({ - prefix: inputKey, - options: { - bucket: 'default-bucket', - }, - }); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: `public/${inputKey}`, - }, - ); - }); - }); + it('should pass through list all input with key and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalListImpl.mockReturnValue(mockInternalResult); + const input: ListAllInput = { + prefix: 'source-key', + }; + expect(list(input)).toEqual(mockInternalResult); + expect(mockInternalListImpl).toBeCalledWith(Amplify, input); }); - describe('Path: Happy Cases:', () => { - const listAllWrapper = ( - input: ListAllWithPathInput, - ): Promise => list(input); - const listPaginatedWrapper = ( - input: ListPaginateWithPathInput, - ): Promise => list(input); - const resolvePath = ( - path: string | (({ identityId }: { identityId: string }) => string), - ) => - typeof path === 'string' ? path : path({ identityId: defaultIdentityId }); - afterEach(() => { - jest.clearAllMocks(); - mockListObject.mockClear(); - }); - const pathTestCases = [ - { - path: `public/${inputKey}`, + it('should pass through list paginate input with key and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalListImpl.mockReturnValue(mockInternalResult); + const input: ListPaginateInput = { + prefix: 'source-key', + options: { + nextToken: '123', + pageSize: 10, }, - { - path: ({ identityId }: { identityId: string }) => - `protected/${identityId}/${inputKey}`, - }, - ]; - - it.each(pathTestCases)( - 'should list objects with pagination, default pageSize, custom path', - async ({ path: inputPath }) => { - const resolvedPath = resolvePath(inputPath); - mockListObject.mockImplementationOnce(() => { - return { - Contents: [ - { - ...listObjectClientBaseResultItem, - Key: resolvePath(inputPath), - }, - ], - NextContinuationToken: nextToken, - }; - }); - const response = await listPaginatedWrapper({ - path: resolvedPath, - }); - const { path, eTag, lastModified, size } = response.items[0]; - expect(response.items).toHaveLength(1); - expect({ path, eTag, lastModified, size }).toEqual({ - ...listResultItem, - path: resolvedPath, - }); - expect(response.nextToken).toEqual(nextToken); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: resolvePath(inputPath), - }, - ); - }, - ); - - it.each(pathTestCases)( - 'should list objects with pagination using custom pageSize, nextToken and custom path: $path', - async ({ path: inputPath }) => { - const resolvedPath = resolvePath(inputPath); - mockListObject.mockImplementationOnce(() => { - return { - Contents: [ - { - ...listObjectClientBaseResultItem, - Key: resolvePath(inputPath), - }, - ], - NextContinuationToken: nextToken, - }; - }); - const customPageSize = 5; - const response = await listPaginatedWrapper({ - path: resolvedPath, - options: { - pageSize: customPageSize, - nextToken, - }, - }); - const { path, eTag, lastModified, size } = response.items[0]; - expect(response.items).toHaveLength(1); - expect({ path, eTag, lastModified, size }).toEqual({ - ...listResultItem, - path: resolvedPath, - }); - expect(response.nextToken).toEqual(nextToken); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - Prefix: resolvePath(inputPath), - ContinuationToken: nextToken, - MaxKeys: customPageSize, - }, - ); - }, - ); - - it.each(pathTestCases)( - 'should list objects with zero results with custom path: $path', - async ({ path }) => { - mockListObject.mockImplementationOnce(() => { - return {}; - }); - const response = await listPaginatedWrapper({ - path: resolvePath(path), - }); - expect(response.items).toEqual([]); - - expect(response.nextToken).toEqual(undefined); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: resolvePath(path), - }, - ); - }, - ); - - it.each(pathTestCases)( - 'should list objects with CommonPrefix and nextToken in results with custom path: $path', - async ({ path }) => { - mockListObject.mockImplementationOnce(() => { - return { - CommonPrefixes: [ - { Prefix: 'photos/2023/' }, - { Prefix: 'photos/2024/' }, - { Prefix: 'photos/2025/' }, - { Prefix: 'photos/2026/' }, - { Prefix: 'photos/2027/' }, - { Prefix: 'photos/time-traveling/' }, - ], - NextContinuationToken: 'yup_there_is_more', - }; - }); - const response = await listPaginatedWrapper({ - path: resolvePath(path), - }); - expect(response.excludedSubpaths).toEqual([ - 'photos/2023/', - 'photos/2024/', - 'photos/2025/', - 'photos/2026/', - 'photos/2027/', - 'photos/time-traveling/', - ]); - - expect(response.nextToken).toEqual('yup_there_is_more'); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: resolvePath(path), - }, - ); - }, - ); - - it.each(pathTestCases)( - 'should list all objects having three pages with custom path: $path', - async ({ path: inputPath }) => { - const resolvedPath = resolvePath(inputPath); - mockListObjectsV2ApiWithPages(3); - const result = await listAllWrapper({ - path: resolvedPath, - options: { listAll: true }, - }); - - const listResult = { - path: resolvedPath, - ...listResultItem, - }; - const { path, lastModified, eTag, size } = result.items[0]; - expect(result.items).toHaveLength(3); - expect({ path, lastModified, eTag, size }).toEqual(listResult); - expect(result.items).toEqual([listResult, listResult, listResult]); - expect(result).not.toHaveProperty(nextToken); - - // listing three times for three pages - expect(listObjectsV2).toHaveBeenCalledTimes(3); - - // first input receives undefined as the Continuation Token - await expect(listObjectsV2).toHaveBeenNthCalledWithConfigAndInput( - 1, - listObjectClientConfig, - { - Bucket: bucket, - Prefix: resolvedPath, - MaxKeys: 1000, - ContinuationToken: undefined, - }, - ); - // last input receives TEST_TOKEN as the Continuation Token - await expect(listObjectsV2).toHaveBeenNthCalledWithConfigAndInput( - 3, - listObjectClientConfig, - { - Bucket: bucket, - Prefix: resolvedPath, - MaxKeys: 1000, - ContinuationToken: nextToken, - }, - ); - }, - ); - - describe('bucket passed in options', () => { - it('should override bucket in listObject call when bucket is object', async () => { - mockListObject.mockImplementationOnce(() => { - return { - Contents: [ - { - ...listObjectClientBaseResultItem, - Key: 'path/', - }, - ], - NextContinuationToken: nextToken, - }; - }); - const mockBucketName = 'bucket-1'; - const mockRegion = 'region-1'; - await listPaginatedWrapper({ - path: 'path/', - options: { - bucket: { bucketName: mockBucketName, region: mockRegion }, - }, - }); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - { - credentials, - region: mockRegion, - userAgentValue: expect.any(String), - }, - { - Bucket: mockBucketName, - MaxKeys: 1000, - Prefix: 'path/', - }, - ); - }); - - it('should override bucket in listObject call when bucket is string', async () => { - mockListObject.mockImplementationOnce(() => { - return { - Contents: [ - { - ...listObjectClientBaseResultItem, - Key: 'path/', - }, - ], - NextContinuationToken: nextToken, - }; - }); - await listPaginatedWrapper({ - path: 'path/', - options: { - bucket: 'default-bucket', - }, - }); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: 'path/', - }, - ); - }); - }); + }; + expect(list(input)).toEqual(mockInternalResult); + expect(mockInternalListImpl).toBeCalledWith(Amplify, input); }); - describe('Error Cases:', () => { - afterEach(() => { - jest.clearAllMocks(); - }); - it('should return a not found error', async () => { - mockListObject.mockRejectedValueOnce( - Object.assign(new Error(), { - $metadata: { httpStatusCode: 404 }, - name: 'NotFound', - }), - ); - try { - await list({}); - } catch (error: any) { - expect.assertions(3); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: 'public/', - }, - ); - expect(error.$metadata.httpStatusCode).toBe(404); - } - }); + it('should pass through list all input with path and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalListImpl.mockReturnValue(mockInternalResult); + const input: ListAllWithPathInput = { + path: 'abc', + }; + expect(list(input)).toEqual(mockInternalResult); + expect(mockInternalListImpl).toBeCalledWith(Amplify, input); }); - describe('with delimiter', () => { - const mockedContents = [ - { - Key: 'photos/', - ...listObjectClientBaseResultItem, - }, - { - Key: 'photos/2023.png', - ...listObjectClientBaseResultItem, + it('should pass through list paginate input with path and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalListImpl.mockReturnValue(mockInternalResult); + const input: ListPaginateWithPathInput = { + path: 'abc', + options: { + nextToken: '123', + pageSize: 10, }, - { - Key: 'photos/2024.png', - ...listObjectClientBaseResultItem, - }, - ]; - const mockedCommonPrefixes = [ - { Prefix: 'photos/2023/' }, - { Prefix: 'photos/2024/' }, - { Prefix: 'photos/2025/' }, - ]; - - const expectedExcludedSubpaths = mockedCommonPrefixes.map( - ({ Prefix }) => Prefix, - ); - - const mockedPath = 'photos/'; - - beforeEach(() => { - mockListObject.mockResolvedValueOnce({ - Contents: mockedContents, - CommonPrefixes: mockedCommonPrefixes, - }); - }); - afterEach(() => { - jest.clearAllMocks(); - mockListObject.mockClear(); - }); - - it('should return excludedSubpaths when "exclude" strategy is passed in the request', async () => { - const { items, excludedSubpaths } = await list({ - path: mockedPath, - options: { - subpathStrategy: { strategy: 'exclude' }, - }, - }); - expect(items).toHaveLength(3); - expect(excludedSubpaths).toEqual(expectedExcludedSubpaths); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: mockedPath, - Delimiter: '/', - }, - ); - }); - - it('should return excludedSubpaths when "exclude" strategy and listAll are passed in the request', async () => { - const { items, excludedSubpaths } = await list({ - path: mockedPath, - options: { - subpathStrategy: { strategy: 'exclude' }, - listAll: true, - }, - }); - expect(items).toHaveLength(3); - expect(excludedSubpaths).toEqual(expectedExcludedSubpaths); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: mockedPath, - Delimiter: '/', - }, - ); - }); - - it('should return excludedSubpaths when "exclude" strategy and pageSize are passed in the request', async () => { - const { items, excludedSubpaths } = await list({ - path: mockedPath, - options: { - subpathStrategy: { strategy: 'exclude' }, - pageSize: 3, - }, - }); - expect(items).toHaveLength(3); - expect(excludedSubpaths).toEqual(expectedExcludedSubpaths); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 3, - Prefix: mockedPath, - Delimiter: '/', - }, - ); - }); - - it('should listObjectsV2 contain a custom Delimiter when "exclude" with delimiter is passed', async () => { - await list({ - path: mockedPath, - options: { - subpathStrategy: { - strategy: 'exclude', - delimiter: '-', - }, - }, - }); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: mockedPath, - Delimiter: '-', - }, - ); - }); - - it('should listObjectsV2 contain an undefined Delimiter when "include" strategy is passed', async () => { - await list({ - path: mockedPath, - options: { - subpathStrategy: { - strategy: 'include', - }, - }, - }); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: mockedPath, - Delimiter: undefined, - }, - ); - }); - - it('should listObjectsV2 contain an undefined Delimiter when no options are passed', async () => { - await list({ - path: mockedPath, - }); - expect(listObjectsV2).toHaveBeenCalledTimes(1); - await expect(listObjectsV2).toBeLastCalledWithConfigAndInput( - listObjectClientConfig, - { - Bucket: bucket, - MaxKeys: 1000, - Prefix: mockedPath, - Delimiter: undefined, - }, - ); - }); + }; + expect(list(input)).toEqual(mockInternalResult); + expect(mockInternalListImpl).toBeCalledWith(Amplify, input); }); }); diff --git a/packages/storage/__tests__/providers/s3/apis/remove.test.ts b/packages/storage/__tests__/providers/s3/apis/remove.test.ts index eb3407eb610..8c42aec2f02 100644 --- a/packages/storage/__tests__/providers/s3/apis/remove.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/remove.test.ts @@ -1,292 +1,38 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { AWSCredentials } from '@aws-amplify/core/internals/utils'; -import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; +import { Amplify } from '@aws-amplify/core'; -import { deleteObject } from '../../../../src/providers/s3/utils/client'; +import { RemoveInput, RemoveWithPathInput } from '../../../../src'; import { remove } from '../../../../src/providers/s3/apis'; -import { StorageValidationErrorCode } from '../../../../src/errors/types/validation'; -import { - RemoveInput, - RemoveOutput, - RemoveWithPathInput, - RemoveWithPathOutput, -} from '../../../../src/providers/s3/types'; -import './testUtils'; +import { remove as internalRemoveImpl } from '../../../../src/providers/s3/apis/internal/remove'; -jest.mock('../../../../src/providers/s3/utils/client'); -jest.mock('@aws-amplify/core', () => ({ - ConsoleLogger: jest.fn().mockImplementation(function ConsoleLogger() { - return { debug: jest.fn() }; - }), - Amplify: { - getConfig: jest.fn(), - Auth: { - fetchAuthSession: jest.fn(), - }, - }, -})); -const mockDeleteObject = deleteObject as jest.Mock; -const mockFetchAuthSession = Amplify.Auth.fetchAuthSession as jest.Mock; -const mockGetConfig = jest.mocked(Amplify.getConfig); -const inputKey = 'key'; -const bucket = 'bucket'; -const region = 'region'; -const defaultIdentityId = 'defaultIdentityId'; -const credentials: AWSCredentials = { - accessKeyId: 'accessKeyId', - sessionToken: 'sessionToken', - secretAccessKey: 'secretAccessKey', -}; -const deleteObjectClientConfig = { - credentials, - region, - userAgentValue: expect.any(String), -}; +jest.mock('../../../../src/providers/s3/apis/internal/remove'); -describe('remove API', () => { - beforeAll(() => { - mockFetchAuthSession.mockResolvedValue({ - credentials, - identityId: defaultIdentityId, - }); - mockGetConfig.mockReturnValue({ - Storage: { - S3: { - bucket, - region, - buckets: { 'default-bucket': { bucketName: bucket, region } }, - }, - }, - }); - }); - describe('Happy Cases', () => { - describe('With Key', () => { - const removeWrapper = (input: RemoveInput): Promise => - remove(input); - - beforeEach(() => { - mockDeleteObject.mockImplementation(() => { - return { - Metadata: { key: 'value' }, - }; - }); - }); - afterEach(() => { - jest.clearAllMocks(); - }); - const testCases: { - expectedKey: string; - options?: { accessLevel?: StorageAccessLevel }; - }[] = [ - { - expectedKey: `public/${inputKey}`, - }, - { - options: { accessLevel: 'guest' }, - expectedKey: `public/${inputKey}`, - }, - { - options: { accessLevel: 'private' }, - expectedKey: `private/${defaultIdentityId}/${inputKey}`, - }, - { - options: { accessLevel: 'protected' }, - expectedKey: `protected/${defaultIdentityId}/${inputKey}`, - }, - ]; - - testCases.forEach(({ options, expectedKey }) => { - const accessLevel = options?.accessLevel ?? 'default'; +const mockInternalRemoveImpl = jest.mocked(internalRemoveImpl); - it(`should remove object with ${accessLevel} accessLevel`, async () => { - const { key } = await removeWrapper({ - key: inputKey, - options, - }); - expect(key).toEqual(inputKey); - expect(deleteObject).toHaveBeenCalledTimes(1); - await expect(deleteObject).toBeLastCalledWithConfigAndInput( - deleteObjectClientConfig, - { - Bucket: bucket, - Key: expectedKey, - }, - ); - }); - }); - - describe('bucket passed in options', () => { - it('should override bucket in deleteObject call when bucket is object', async () => { - const mockBucketName = 'bucket-1'; - const mockRegion = 'region-1'; - await removeWrapper({ - key: inputKey, - options: { - bucket: { bucketName: mockBucketName, region: mockRegion }, - }, - }); - expect(deleteObject).toHaveBeenCalledTimes(1); - await expect(deleteObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region: mockRegion, - userAgentValue: expect.any(String), - }, - { - Bucket: mockBucketName, - Key: `public/${inputKey}`, - }, - ); - }); - it('should override bucket in deleteObject call when bucket is string', async () => { - await removeWrapper({ - key: inputKey, - options: { - bucket: 'default-bucket', - }, - }); - expect(deleteObject).toHaveBeenCalledTimes(1); - await expect(deleteObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - Key: `public/${inputKey}`, - }, - ); - }); - }); - }); - describe('With Path', () => { - const removeWrapper = ( - input: RemoveWithPathInput, - ): Promise => remove(input); - beforeEach(() => { - mockDeleteObject.mockImplementation(() => { - return { - Metadata: { key: 'value' }, - }; - }); - }); - afterEach(() => { - jest.clearAllMocks(); - }); - [ - { - path: `public/${inputKey}`, - }, - { - path: ({ identityId }: { identityId?: string }) => - `protected/${identityId}/${inputKey}`, - }, - ].forEach(({ path: inputPath }) => { - const resolvedPath = - typeof inputPath === 'string' - ? inputPath - : inputPath({ identityId: defaultIdentityId }); - - it(`should remove object for the given path`, async () => { - const { path } = await removeWrapper({ path: inputPath }); - expect(path).toEqual(resolvedPath); - expect(deleteObject).toHaveBeenCalledTimes(1); - await expect(deleteObject).toBeLastCalledWithConfigAndInput( - deleteObjectClientConfig, - { - Bucket: bucket, - Key: resolvedPath, - }, - ); - }); - }); +describe('client-side remove', () => { + beforeEach(() => { + jest.clearAllMocks(); + }); - describe('bucket passed in options', () => { - it('should override bucket in deleteObject call when bucket is object', async () => { - const mockBucketName = 'bucket-1'; - const mockRegion = 'region-1'; - await removeWrapper({ - path: 'path/', - options: { - bucket: { bucketName: mockBucketName, region: mockRegion }, - }, - }); - expect(deleteObject).toHaveBeenCalledTimes(1); - await expect(deleteObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region: mockRegion, - userAgentValue: expect.any(String), - }, - { - Bucket: mockBucketName, - Key: 'path/', - }, - ); - }); - it('should override bucket in deleteObject call when bucket is string', async () => { - await removeWrapper({ - path: 'path/', - options: { - bucket: 'default-bucket', - }, - }); - expect(deleteObject).toHaveBeenCalledTimes(1); - await expect(deleteObject).toBeLastCalledWithConfigAndInput( - { - credentials, - region, - userAgentValue: expect.any(String), - }, - { - Bucket: bucket, - Key: 'path/', - }, - ); - }); - }); - }); + it('should pass through input with key and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalRemoveImpl.mockReturnValue(mockInternalResult); + const input: RemoveInput = { + key: 'source-key', + }; + expect(remove(input)).toEqual(mockInternalResult); + expect(mockInternalRemoveImpl).toBeCalledWith(Amplify, input); }); - describe('Error Cases:', () => { - afterEach(() => { - jest.clearAllMocks(); - }); - it('should return a not found error', async () => { - mockDeleteObject.mockRejectedValueOnce( - Object.assign(new Error(), { - $metadata: { httpStatusCode: 404 }, - name: 'NotFound', - }), - ); - expect.assertions(3); - const key = 'wrongKey'; - try { - await remove({ key }); - } catch (error: any) { - expect(deleteObject).toHaveBeenCalledTimes(1); - await expect(deleteObject).toBeLastCalledWithConfigAndInput( - deleteObjectClientConfig, - { - Bucket: bucket, - Key: `public/${key}`, - }, - ); - expect(error.$metadata.httpStatusCode).toBe(404); - } - }); - it('should throw InvalidStorageOperationInput error when the path is empty', async () => { - expect.assertions(1); - try { - await remove({ path: '' }); - } catch (error: any) { - expect(error.name).toBe( - StorageValidationErrorCode.InvalidStorageOperationInput, - ); - } - }); + it('should pass through input with path and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalRemoveImpl.mockReturnValue(mockInternalResult); + const input: RemoveWithPathInput = { + path: 'abc', + }; + expect(remove(input)).toEqual(mockInternalResult); + expect(mockInternalRemoveImpl).toBeCalledWith(Amplify, input); }); }); diff --git a/packages/storage/__tests__/providers/s3/apis/server/copy.test.ts b/packages/storage/__tests__/providers/s3/apis/server/copy.test.ts new file mode 100644 index 00000000000..06ce54b5b6b --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/server/copy.test.ts @@ -0,0 +1,54 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { getAmplifyServerContext } from '@aws-amplify/core/internals/adapter-core'; + +import { CopyInput, CopyWithPathInput } from '../../../../../src'; +import { copy } from '../../../../../src/providers/s3/apis/server'; +import { copy as internalCopyImpl } from '../../../../../src/providers/s3/apis/internal/copy'; + +jest.mock('../../../../../src/providers/s3/apis/internal/copy'); +jest.mock('@aws-amplify/core/internals/adapter-core'); + +const mockInternalCopyImpl = jest.mocked(internalCopyImpl); +const mockGetAmplifyServerContext = jest.mocked(getAmplifyServerContext); +const mockInternalResult = 'RESULT' as any; +const mockAmplifyClass = 'AMPLIFY_CLASS' as any; +const mockAmplifyContextSpec = { + token: { value: Symbol('123') }, +}; + +describe('server-side copy', () => { + beforeEach(() => { + mockGetAmplifyServerContext.mockReturnValue({ + amplify: mockAmplifyClass, + }); + mockInternalCopyImpl.mockReturnValue(mockInternalResult); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass through input with key and output to internal implementation', async () => { + const input: CopyInput = { + source: { + key: 'source-key', + }, + destination: { + key: 'destination-key', + }, + }; + expect(copy(mockAmplifyContextSpec, input)).toEqual(mockInternalResult); + expect(mockInternalCopyImpl).toBeCalledWith(mockAmplifyClass, input); + }); + + it('should pass through input with path and output to internal implementation', async () => { + const input: CopyWithPathInput = { + source: { path: 'abc' }, + destination: { path: 'abc' }, + }; + expect(copy(mockAmplifyContextSpec, input)).toEqual(mockInternalResult); + expect(mockInternalCopyImpl).toBeCalledWith(mockAmplifyClass, input); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/server/getProperties.test.ts b/packages/storage/__tests__/providers/s3/apis/server/getProperties.test.ts new file mode 100644 index 00000000000..9afd1403d55 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/server/getProperties.test.ts @@ -0,0 +1,61 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { getAmplifyServerContext } from '@aws-amplify/core/internals/adapter-core'; + +import { + GetPropertiesInput, + GetPropertiesWithPathInput, +} from '../../../../../src'; +import { getProperties } from '../../../../../src/providers/s3/apis/server'; +import { getProperties as internalGetPropertiesImpl } from '../../../../../src/providers/s3/apis/internal/getProperties'; + +jest.mock('../../../../../src/providers/s3/apis/internal/getProperties'); +jest.mock('@aws-amplify/core/internals/adapter-core'); + +const mockInternalGetPropertiesImpl = jest.mocked(internalGetPropertiesImpl); +const mockGetAmplifyServerContext = jest.mocked(getAmplifyServerContext); +const mockInternalResult = 'RESULT' as any; +const mockAmplifyClass = 'AMPLIFY_CLASS' as any; +const mockAmplifyContextSpec = { + token: { value: Symbol('123') }, +}; + +describe('server-side getProperties', () => { + beforeEach(() => { + mockGetAmplifyServerContext.mockReturnValue({ + amplify: mockAmplifyClass, + }); + mockInternalGetPropertiesImpl.mockReturnValue(mockInternalResult); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass through input with key and output to internal implementation', async () => { + const input: GetPropertiesInput = { + key: 'source-key', + }; + expect(getProperties(mockAmplifyContextSpec, input)).toEqual( + mockInternalResult, + ); + expect(mockInternalGetPropertiesImpl).toBeCalledWith( + mockAmplifyClass, + input, + ); + }); + + it('should pass through input with path and output to internal implementation', async () => { + const input: GetPropertiesWithPathInput = { + path: 'abc', + }; + expect(getProperties(mockAmplifyContextSpec, input)).toEqual( + mockInternalResult, + ); + expect(mockInternalGetPropertiesImpl).toBeCalledWith( + mockAmplifyClass, + input, + ); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/server/getUrl.test.ts b/packages/storage/__tests__/providers/s3/apis/server/getUrl.test.ts new file mode 100644 index 00000000000..3dfac7a58dc --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/server/getUrl.test.ts @@ -0,0 +1,59 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { getAmplifyServerContext } from '@aws-amplify/core/internals/adapter-core'; + +import { GetUrlInput, GetUrlWithPathInput } from '../../../../../src'; +import { getUrl } from '../../../../../src/providers/s3/apis/server'; +import { getUrl as internalGetUrlImpl } from '../../../../../src/providers/s3/apis/internal/getUrl'; + +jest.mock('../../../../../src/providers/s3/apis/internal/getUrl'); +jest.mock('@aws-amplify/core/internals/adapter-core'); + +const mockInternalGetUrlImpl = jest.mocked(internalGetUrlImpl); +const mockGetAmplifyServerContext = jest.mocked(getAmplifyServerContext); +const mockInternalResult = 'RESULT' as any; +const mockAmplifyClass = 'AMPLIFY_CLASS' as any; + +describe('server-side getUrl', () => { + beforeEach(() => { + mockGetAmplifyServerContext.mockReturnValue({ + amplify: mockAmplifyClass, + }); + mockInternalGetUrlImpl.mockReturnValue(mockInternalResult); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass through input with key and output to internal implementation', async () => { + const input: GetUrlInput = { + key: 'source-key', + }; + expect( + getUrl( + { + token: { value: Symbol('123') }, + }, + input, + ), + ).toEqual(mockInternalResult); + expect(mockInternalGetUrlImpl).toBeCalledWith(mockAmplifyClass, input); + }); + + it('should pass through input with path and output to internal implementation', async () => { + const input: GetUrlWithPathInput = { + path: 'abc', + }; + expect( + getUrl( + { + token: { value: Symbol('123') }, + }, + input, + ), + ).toEqual(mockInternalResult); + expect(mockInternalGetUrlImpl).toBeCalledWith(mockAmplifyClass, input); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/server/list.test.ts b/packages/storage/__tests__/providers/s3/apis/server/list.test.ts new file mode 100644 index 00000000000..febd469afa3 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/server/list.test.ts @@ -0,0 +1,77 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { getAmplifyServerContext } from '@aws-amplify/core/internals/adapter-core'; + +import { + ListAllInput, + ListAllWithPathInput, + ListPaginateInput, + ListPaginateWithPathInput, +} from '../../../../../src'; +import { list } from '../../../../../src/providers/s3/apis/server'; +import { list as internalListImpl } from '../../../../../src/providers/s3/apis/internal/list'; + +jest.mock('../../../../../src/providers/s3/apis/internal/list'); +jest.mock('@aws-amplify/core/internals/adapter-core'); + +const mockInternalListImpl = jest.mocked(internalListImpl); +const mockGetAmplifyServerContext = jest.mocked(getAmplifyServerContext); +const mockInternalResult = 'RESULT' as any; +const mockAmplifyClass = 'AMPLIFY_CLASS' as any; +const mockAmplifyContextSpec = { + token: { value: Symbol('123') }, +}; + +describe('server-side list', () => { + beforeEach(() => { + mockGetAmplifyServerContext.mockReturnValue({ + amplify: mockAmplifyClass, + }); + mockInternalListImpl.mockReturnValue(mockInternalResult); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass through list all input with key and output to internal implementation', async () => { + const input: ListAllInput = { + prefix: 'source-key', + }; + expect(list(mockAmplifyContextSpec, input)).toEqual(mockInternalResult); + expect(mockInternalListImpl).toBeCalledWith(mockAmplifyClass, input); + }); + + it('should pass through list paginate input with key and output to internal implementation', async () => { + const input: ListPaginateInput = { + prefix: 'source-key', + options: { + nextToken: '123', + pageSize: 10, + }, + }; + expect(list(mockAmplifyContextSpec, input)).toEqual(mockInternalResult); + expect(mockInternalListImpl).toBeCalledWith(mockAmplifyClass, input); + }); + + it('should pass through list all input with path and output to internal implementation', async () => { + const input: ListAllWithPathInput = { + path: 'abc', + }; + expect(list(mockAmplifyContextSpec, input)).toEqual(mockInternalResult); + expect(mockInternalListImpl).toBeCalledWith(mockAmplifyClass, input); + }); + + it('should pass through list paginate input with path and output to internal implementation', async () => { + const input: ListPaginateWithPathInput = { + path: 'abc', + options: { + nextToken: '123', + pageSize: 10, + }, + }; + expect(list(mockAmplifyContextSpec, input)).toEqual(mockInternalResult); + expect(mockInternalListImpl).toBeCalledWith(mockAmplifyClass, input); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/server/remove.test.ts b/packages/storage/__tests__/providers/s3/apis/server/remove.test.ts new file mode 100644 index 00000000000..861c3ce0d24 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/server/remove.test.ts @@ -0,0 +1,48 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { getAmplifyServerContext } from '@aws-amplify/core/internals/adapter-core'; + +import { RemoveInput, RemoveWithPathInput } from '../../../../../src'; +import { remove } from '../../../../../src/providers/s3/apis/server'; +import { remove as internalRemoveImpl } from '../../../../../src/providers/s3/apis/internal/remove'; + +jest.mock('../../../../../src/providers/s3/apis/internal/remove'); +jest.mock('@aws-amplify/core/internals/adapter-core'); + +const mockInternalRemoveImpl = jest.mocked(internalRemoveImpl); +const mockGetAmplifyServerContext = jest.mocked(getAmplifyServerContext); +const mockInternalResult = 'RESULT' as any; +const mockAmplifyClass = 'AMPLIFY_CLASS' as any; +const mockAmplifyContextSpec = { + token: { value: Symbol('123') }, +}; + +describe('server-side remove', () => { + beforeEach(() => { + mockGetAmplifyServerContext.mockReturnValue({ + amplify: mockAmplifyClass, + }); + mockInternalRemoveImpl.mockReturnValue(mockInternalResult); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should pass through input with key and output to internal implementation', async () => { + const input: RemoveInput = { + key: 'source-key', + }; + expect(remove(mockAmplifyContextSpec, input)).toEqual(mockInternalResult); + expect(mockInternalRemoveImpl).toBeCalledWith(mockAmplifyClass, input); + }); + + it('should pass through input with path and output to internal implementation', async () => { + const input: RemoveWithPathInput = { + path: 'abc', + }; + expect(remove(mockAmplifyContextSpec, input)).toEqual(mockInternalResult); + expect(mockInternalRemoveImpl).toBeCalledWith(mockAmplifyClass, input); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/uploadData.test.ts b/packages/storage/__tests__/providers/s3/apis/uploadData.test.ts new file mode 100644 index 00000000000..c6477b83ae0 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/apis/uploadData.test.ts @@ -0,0 +1,57 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { defaultStorage } from '@aws-amplify/core'; + +import { uploadData } from '../../../../src/providers/s3/apis'; +import { uploadData as internalUploadDataImpl } from '../../../../src/providers/s3/apis/internal/uploadData'; + +jest.mock('../../../../src/providers/s3/apis/internal/uploadData'); + +const mockInternalUploadDataImpl = jest.mocked(internalUploadDataImpl); + +describe('client-side uploadData', () => { + beforeEach(() => { + jest.clearAllMocks(); + }); + + it('should pass through input with key and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalUploadDataImpl.mockReturnValue(mockInternalResult); + const input = { + key: 'key', + data: 'data', + options: { + accessLevel: 'protected' as const, + }, + }; + expect(uploadData(input)).toEqual(mockInternalResult); + expect(mockInternalUploadDataImpl).toBeCalledWith({ + ...input, + options: { + ...input.options, + resumableUploadsCache: defaultStorage, + }, + }); + }); + + it('should pass through input with path and output to internal implementation', async () => { + const mockInternalResult = 'RESULT' as any; + mockInternalUploadDataImpl.mockReturnValue(mockInternalResult); + const input = { + path: 'path', + data: 'data', + options: { + preventOverwrite: true, + }, + }; + expect(uploadData(input)).toEqual(mockInternalResult); + expect(mockInternalUploadDataImpl).toBeCalledWith({ + ...input, + options: { + ...input.options, + resumableUploadsCache: defaultStorage, + }, + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/apis/utils/resolveS3ConfigAndInput.test.ts b/packages/storage/__tests__/providers/s3/apis/utils/resolveS3ConfigAndInput.test.ts index 022c2f0c1fb..662640e3340 100644 --- a/packages/storage/__tests__/providers/s3/apis/utils/resolveS3ConfigAndInput.test.ts +++ b/packages/storage/__tests__/providers/s3/apis/utils/resolveS3ConfigAndInput.test.ts @@ -9,6 +9,11 @@ import { StorageValidationErrorCode, validationErrorMap, } from '../../../../../src/errors/types/validation'; +import { + CallbackPathStorageInput, + DeprecatedStorageInput, +} from '../../../../../src/providers/s3/utils/resolveS3ConfigAndInput'; +import { INVALID_STORAGE_INPUT } from '../../../../../src/errors/constants'; import { BucketInfo } from '../../../../../src/providers/s3/types/options'; import { StorageError } from '../../../../../src/errors/StorageError'; @@ -79,13 +84,11 @@ describe('resolveS3ConfigAndInput', () => { } }); - it('should throw if identityId is not available', async () => { + it('should not throw if identityId is not available', async () => { mockFetchAuthSession.mockResolvedValueOnce({ credentials, }); - await expect(resolveS3ConfigAndInput(Amplify, {})).rejects.toMatchObject( - validationErrorMap[StorageValidationErrorCode.NoIdentityId], - ); + expect(async () => resolveS3ConfigAndInput(Amplify, {})).not.toThrow(); }); it('should resolve bucket from S3 config', async () => { @@ -182,7 +185,7 @@ describe('resolveS3ConfigAndInput', () => { it('should resolve prefix with given access level', async () => { mockDefaultResolvePrefix.mockResolvedValueOnce('prefix'); const { keyPrefix } = await resolveS3ConfigAndInput(Amplify, { - accessLevel: 'someLevel' as any, + options: { accessLevel: 'someLevel' as any }, }); expect(mockDefaultResolvePrefix).toHaveBeenCalledWith({ accessLevel: 'someLevel', @@ -218,6 +221,95 @@ describe('resolveS3ConfigAndInput', () => { expect(keyPrefix).toEqual('prefix'); }); + describe('with locationCredentialsProvider', () => { + const mockLocationCredentialsProvider = jest + .fn() + .mockReturnValue({ credentials }); + it('should resolve credentials without Amplify singleton', async () => { + mockGetConfig.mockReturnValue({ + Storage: { + S3: { + bucket, + region, + }, + }, + }); + const { s3Config } = await resolveS3ConfigAndInput(Amplify, { + options: { + locationCredentialsProvider: mockLocationCredentialsProvider, + }, + }); + + if (typeof s3Config.credentials === 'function') { + const result = await s3Config.credentials({ forceRefresh: true }); + expect(mockLocationCredentialsProvider).toHaveBeenCalledWith({ + forceRefresh: true, + }); + expect(result).toEqual(credentials); + } else { + throw new Error('Expect credentials to be a function'); + } + }); + + it('should not throw when path is pass as a string', async () => { + const { s3Config } = await resolveS3ConfigAndInput(Amplify, { + path: 'my-path', + options: { + locationCredentialsProvider: mockLocationCredentialsProvider, + }, + }); + + if (typeof s3Config.credentials === 'function') { + const result = await s3Config.credentials(); + expect(mockLocationCredentialsProvider).toHaveBeenCalled(); + expect(result).toEqual(credentials); + } else { + throw new Error('Expect credentials to be a function'); + } + }); + + describe('with deprecated or callback paths as inputs', () => { + const key = 'mock-value'; + const prefix = 'mock-value'; + const path = () => 'path'; + const deprecatedInputs: DeprecatedStorageInput[] = [ + { prefix }, + { key }, + { + source: { key }, + destination: { key }, + }, + ]; + const callbackPathInputs: CallbackPathStorageInput[] = [ + { path }, + { + destination: { path }, + source: { path }, + }, + ]; + + const testCases = [...deprecatedInputs, ...callbackPathInputs]; + + it.each(testCases)('should throw when input is %s', async input => { + const { s3Config } = await resolveS3ConfigAndInput(Amplify, { + ...input, + options: { + locationCredentialsProvider: mockLocationCredentialsProvider, + }, + }); + if (typeof s3Config.credentials === 'function') { + await expect(s3Config.credentials()).rejects.toThrow( + expect.objectContaining({ + name: INVALID_STORAGE_INPUT, + }), + ); + } else { + throw new Error('Expect credentials to be a function'); + } + }); + }); + }); + it('should resolve bucket and region with overrides when bucket API option is passed', async () => { const bucketInfo: BucketInfo = { bucketName: 'bucket-2', @@ -228,7 +320,7 @@ describe('resolveS3ConfigAndInput', () => { bucket: resolvedBucket, s3Config: { region: resolvedRegion }, } = await resolveS3ConfigAndInput(Amplify, { - bucket: bucketInfo, + options: { bucket: bucketInfo }, }); expect(mockGetConfig).toHaveBeenCalled(); @@ -239,7 +331,7 @@ describe('resolveS3ConfigAndInput', () => { it('should throw when unable to lookup bucket from the config when bucket API option is passed', async () => { try { await resolveS3ConfigAndInput(Amplify, { - bucket: 'error-bucket', + options: { bucket: 'error-bucket' }, }); } catch (error: any) { expect(error).toBeInstanceOf(StorageError); diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/abortMultipartUpload.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/abortMultipartUpload.ts index 4628c433e51..5eba75535a6 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/abortMultipartUpload.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/abortMultipartUpload.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { abortMultipartUpload } from '../../../../../../../src/providers/s3/utils/client'; +import { abortMultipartUpload } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -42,4 +42,38 @@ const abortMultipartUploadHappyCase: ApiFunctionalTestCase< }, ]; -export default [abortMultipartUploadHappyCase]; +const abortMultipartUploadHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof abortMultipartUpload +> = [ + 'happy case', + 'abortMultipartUpload with custom endpoint', + abortMultipartUpload, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + forcePathStyle: true, + }, + { + Bucket: 'bucket', + Key: 'key', + UploadId: 'uploadId', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket/key?uploadId=uploadId', + }), + }), + { + status: 204, + headers: DEFAULT_RESPONSE_HEADERS, + body: '', + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + +export default [ + abortMultipartUploadHappyCase, + abortMultipartUploadHappyCaseCustomEndpoint, +]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/completeMultipartUpload.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/completeMultipartUpload.ts index 125cb505e4c..140267b751b 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/completeMultipartUpload.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/completeMultipartUpload.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { completeMultipartUpload } from '../../../../../../../src/providers/s3/utils/client'; +import { completeMultipartUpload } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -10,6 +10,30 @@ import { expectedMetadata, } from './shared'; +const defaultExpectedRequest = { + url: expect.objectContaining({ + href: 'https://bucket.s3.us-east-1.amazonaws.com/key?uploadId=uploadId', + }), + method: 'POST', + headers: expect.objectContaining({ + 'content-type': 'application/xml', + }), + body: + '' + + '' + + '' + + 'etag1' + + '1' + + 'test-checksum-1' + + '' + + '' + + 'etag2' + + '2' + + 'test-checksum-2' + + '' + + '', +}; + // API reference: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html const completeMultipartUploadHappyCase: ApiFunctionalTestCase< typeof completeMultipartUpload @@ -26,36 +50,18 @@ const completeMultipartUploadHappyCase: ApiFunctionalTestCase< { ETag: 'etag1', PartNumber: 1, + ChecksumCRC32: 'test-checksum-1', }, { ETag: 'etag2', PartNumber: 2, + ChecksumCRC32: 'test-checksum-2', }, ], }, UploadId: 'uploadId', }, - expect.objectContaining({ - url: expect.objectContaining({ - href: 'https://bucket.s3.us-east-1.amazonaws.com/key?uploadId=uploadId', - }), - method: 'POST', - headers: expect.objectContaining({ - 'content-type': 'application/xml', - }), - body: - '' + - '' + - '' + - 'etag1' + - '1' + - '' + - '' + - 'etag2' + - '2' + - '' + - '', - }), + expect.objectContaining(defaultExpectedRequest), { status: 200, headers: { ...DEFAULT_RESPONSE_HEADERS }, @@ -75,7 +81,68 @@ const completeMultipartUploadHappyCase: ApiFunctionalTestCase< }, ]; -// API reference: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html +const completeMultipartUploadHappyCaseIfNoneMatch: ApiFunctionalTestCase< + typeof completeMultipartUpload +> = [ + 'happy case', + 'completeMultipartUpload - if-none-match', + completeMultipartUpload, + defaultConfig, + { + ...completeMultipartUploadHappyCase[4], + IfNoneMatch: 'mock-if-none-match', + }, + expect.objectContaining({ + ...defaultExpectedRequest, + headers: { + 'content-type': 'application/xml', + 'If-None-Match': 'mock-if-none-match', + }, + }), + completeMultipartUploadHappyCase[6], + completeMultipartUploadHappyCase[7], +]; + +const completeMultipartUploadHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof completeMultipartUpload +> = [ + 'happy case', + 'completeMultipartUpload with custom endpoint', + completeMultipartUpload, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + forcePathStyle: true, + }, + { + Bucket: 'bucket', + Key: 'key', + MultipartUpload: { + Parts: [ + { + ETag: 'etag1', + PartNumber: 1, + ChecksumCRC32: 'test-checksum-1', + }, + ], + }, + UploadId: 'uploadId', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket/key?uploadId=uploadId', + }), + }), + { + status: 200, + headers: { ...DEFAULT_RESPONSE_HEADERS }, + body: '', + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + const completeMultipartUploadErrorCase: ApiFunctionalTestCase< typeof completeMultipartUpload > = [ @@ -109,7 +176,12 @@ const completeMultipartUploadErrorWith200CodeCase: ApiFunctionalTestCase< 'error case', 'completeMultipartUpload with 200 status', completeMultipartUpload, - { ...defaultConfig, retryDecider: async () => false }, // disable retry + { + ...defaultConfig, + retryDecider: async () => ({ + retryable: false, + }), + }, // disable retry completeMultipartUploadHappyCase[4], completeMultipartUploadHappyCase[5], { @@ -132,6 +204,8 @@ const completeMultipartUploadErrorWith200CodeCase: ApiFunctionalTestCase< export default [ completeMultipartUploadHappyCase, + completeMultipartUploadHappyCaseIfNoneMatch, + completeMultipartUploadHappyCaseCustomEndpoint, completeMultipartUploadErrorCase, completeMultipartUploadErrorWith200CodeCase, ]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/copyObject.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/copyObject.ts index 746ca373057..8938a2ce9c8 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/copyObject.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/copyObject.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { copyObject } from '../../../../../../../src/providers/s3/utils/client'; +import { copyObject } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -23,6 +23,8 @@ const copyObjectHappyCase: ApiFunctionalTestCase = [ CacheControl: 'cacheControl', ContentType: 'contentType', ACL: 'acl', + CopySourceIfMatch: 'eTag', + CopySourceIfUnmodifiedSince: new Date(0), }, expect.objectContaining({ url: expect.objectContaining({ @@ -34,6 +36,8 @@ const copyObjectHappyCase: ApiFunctionalTestCase = [ 'cache-control': 'cacheControl', 'content-type': 'contentType', 'x-amz-acl': 'acl', + 'x-amz-copy-source-if-match': 'eTag', + 'x-amz-copy-source-if-unmodified-since': 'Thu, 01 Jan 1970 00:00:00 GMT', }), }), { @@ -54,4 +58,34 @@ const copyObjectHappyCase: ApiFunctionalTestCase = [ }, ]; -export default [copyObjectHappyCase]; +const copyObjectHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof copyObject +> = [ + 'happy case', + 'getObject with custom endpoint', + copyObject, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + forcePathStyle: true, + }, + { + Bucket: 'bucket', + Key: 'key', + CopySource: 'sourceBucket/sourceKey', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket/key', + }), + }), + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: '', + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; +export default [copyObjectHappyCase, copyObjectHappyCaseCustomEndpoint]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/createMultipartUpload.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/createMultipartUpload.ts index df13908e715..b53ae0b48e8 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/createMultipartUpload.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/createMultipartUpload.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { createMultipartUpload } from '../../../../../../../src/providers/s3/utils/client'; +import { createMultipartUpload } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -42,4 +42,34 @@ const createMultiPartUploadHappyCase: ApiFunctionalTestCase< }, ]; -export default [createMultiPartUploadHappyCase]; +const createMultiPartUploadHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof createMultipartUpload +> = [ + 'happy case', + 'createMultipartUpload with custom endpoint', + createMultipartUpload, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + forcePathStyle: true, + }, + putObjectRequest, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket/key?uploads', + }), + }), + { + status: 200, + headers: { ...DEFAULT_RESPONSE_HEADERS }, + body: '', + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + +export default [ + createMultiPartUploadHappyCase, + createMultiPartUploadHappyCaseCustomEndpoint, +]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/deleteObject.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/deleteObject.ts index f0a4439e13f..0d591b6bfcc 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/deleteObject.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/deleteObject.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { deleteObject } from '../../../../../../../src/providers/s3/utils/client'; +import { deleteObject } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -36,4 +36,34 @@ const deleteObjectHappyCase: ApiFunctionalTestCase = [ }, ]; -export default [deleteObjectHappyCase]; +const deleteObjectHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof deleteObject +> = [ + 'happy case', + 'deleteObject with custom endpoint', + deleteObject, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + forcePathStyle: true, + }, + { + Bucket: 'bucket', + Key: 'key', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket/key', + }), + }), + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: '', + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + +export default [deleteObjectHappyCase, deleteObjectHappyCaseCustomEndpoint]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/getDataAccess.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/getDataAccess.ts new file mode 100644 index 00000000000..6e944a058a6 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/getDataAccess.ts @@ -0,0 +1,172 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { getDataAccess } from '../../../../../../../src/providers/s3/utils/client/s3control'; +import { ApiFunctionalTestCase } from '../../testUtils/types'; + +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from './shared'; + +const MOCK_ACCOUNT_ID = 'accountId'; +const MOCK_ACCESS_ID = 'accessId'; +const MOCK_SECRET_ACCESS_KEY = 'secretAccessKey'; +const MOCK_SESSION_TOKEN = 'sessionToken'; +const MOCK_EXPIRATION = '2013-09-17T18:07:53.000Z'; +const MOCK_EXPIRATION_DATE = new Date(MOCK_EXPIRATION); +const MOCK_GRANT_TARGET = 'matchedGrantTarget'; + +// API Reference: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetDataAccess.html +const getDataAccessHappyCase: ApiFunctionalTestCase = [ + 'happy case', + 'getDataAccess', + getDataAccess, + defaultConfig, + { + AccountId: MOCK_ACCOUNT_ID, + Target: 's3://my-bucket/path/to/object.md', + TargetType: 'Object', + DurationSeconds: 100, + Permission: 'READWRITE', + Privilege: 'Default', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://accountid.s3-control.us-east-1.amazonaws.com/v20180820/accessgrantsinstance/dataaccess?durationSeconds=100&permission=READWRITE&privilege=Default&target=s3%3A%2F%2Fmy-bucket%2Fpath%2Fto%2Fobject.md&targetType=Object', + }), + method: 'GET', + headers: expect.objectContaining({ + 'x-amz-account-id': MOCK_ACCOUNT_ID, + }), + }), + { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + }, + body: ` + + + + ${MOCK_ACCESS_ID} + ${MOCK_SECRET_ACCESS_KEY} + ${MOCK_SESSION_TOKEN} + ${MOCK_EXPIRATION} + + ${MOCK_GRANT_TARGET} + + `, + }, + { + $metadata: expect.objectContaining(expectedMetadata), + Credentials: { + AccessKeyId: MOCK_ACCESS_ID, + SecretAccessKey: MOCK_SECRET_ACCESS_KEY, + SessionToken: MOCK_SESSION_TOKEN, + Expiration: MOCK_EXPIRATION_DATE, + }, + MatchedGrantTarget: MOCK_GRANT_TARGET, + }, +]; + +const getDataAccessHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof getDataAccess +> = [ + 'happy case', + 'getDataAccess with custom endpoint', + getDataAccess, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + }, + { + AccountId: MOCK_ACCOUNT_ID, + Target: 's3://my-bucket/path/to/object.md', + Permission: 'READWRITE', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://accountid.custom.endpoint.com/v20180820/accessgrantsinstance/dataaccess?permission=READWRITE&target=s3%3A%2F%2Fmy-bucket%2Fpath%2Fto%2Fobject.md', + }), + }), + { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + }, + body: '', + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + +const getDataAccessErrorCase: ApiFunctionalTestCase = [ + 'error case', + 'getDataAccess', + getDataAccess, + defaultConfig, + getDataAccessHappyCase[4], + getDataAccessHappyCase[5], + { + status: 403, + headers: DEFAULT_RESPONSE_HEADERS, + body: ` + + + + AccessDenied + Access Denied + + 656c76696e6727732072657175657374 + Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== + + `, + }, + { + message: 'Access Denied', + name: 'AccessDenied', + }, +]; + +const getDataAccessErrorCaseInvalidCustomEndpoint: ApiFunctionalTestCase< + typeof getDataAccess +> = [ + 'error case', + 'getDataAccess with invalid custom endpoint', + getDataAccess, + { + ...defaultConfig, + customEndpoint: 'http://custom.endpoint.com', + }, + { + AccountId: MOCK_ACCOUNT_ID, + Target: 's3://my-bucket/path/to/object.md', + Permission: 'READWRITE', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://accountid.custom.endpoint.com/v20180820/accessgrantsinstance/dataaccess?permission=READWRITE&target=s3%3A%2F%2Fmy-bucket%2Fpath%2Fto%2Fobject.md', + }), + }), + { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + }, + body: '', + }, + { + message: 'Invalid S3 custom endpoint.', + name: 'InvalidCustomEndpoint', + }, +]; + +export default [ + getDataAccessHappyCase, + getDataAccessHappyCaseCustomEndpoint, + getDataAccessErrorCase, + getDataAccessErrorCaseInvalidCustomEndpoint, +]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/getObject.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/getObject.ts index c6b1e038926..2a2ddf98f68 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/getObject.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/getObject.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { getObject } from '../../../../../../../src/providers/s3/utils/client'; +import { getObject } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -143,14 +143,16 @@ const getObjectHappyCase: ApiFunctionalTestCase = [ }, ]; -const getObjectAccelerateEndpoint: ApiFunctionalTestCase = [ +const getObjectHappyCaseAccelerateEndpoint: ApiFunctionalTestCase< + typeof getObject +> = [ 'happy case', 'getObject with accelerate endpoint', getObject, { ...defaultConfig, useAccelerateEndpoint: true, - } as Parameters[0], + }, { Bucket: 'bucket', Key: 'key', @@ -170,15 +172,17 @@ const getObjectAccelerateEndpoint: ApiFunctionalTestCase = [ }) as any, ]; -const getObjectCustomEndpoint: ApiFunctionalTestCase = [ +const getObjectHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof getObject +> = [ 'happy case', 'getObject with custom endpoint', getObject, { ...defaultConfig, - customEndpoint: 'https://custom.endpoint.com', + customEndpoint: 'custom.endpoint.com', forcePathStyle: true, - } as Parameters[0], + }, { Bucket: 'bucket', Key: 'key', @@ -198,8 +202,100 @@ const getObjectCustomEndpoint: ApiFunctionalTestCase = [ }) as any, ]; +const getObjectErrorCaseAccelerateEndpoint: ApiFunctionalTestCase< + typeof getObject +> = [ + 'error case', + 'getObject with accelerate endpoint and forcePathStyle', + getObject, + { + ...defaultConfig, + useAccelerateEndpoint: true, + forcePathStyle: true, + }, + { + Bucket: 'bucket', + Key: 'key', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://bucket.s3-accelerate.amazonaws.com/key', + }), + }), + { + status: 400, + headers: DEFAULT_RESPONSE_HEADERS, + body: 'mockBody', + }, + { + message: 'Path style URLs are not supported with S3 Transfer Acceleration.', + name: 'ForcePathStyleEndpointNotSupported', + }, +]; + +const getObjectErrorCaseInvalidCustomEndpoint: ApiFunctionalTestCase< + typeof getObject +> = [ + 'error case', + 'getObject with invalid custom endpoint', + getObject, + { + ...defaultConfig, + customEndpoint: 'http://custom.endpoint.com', + forcePathStyle: true, + }, + { + Bucket: 'bucket', + Key: 'key', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket/key', + }), + }), + { + status: 400, + headers: DEFAULT_RESPONSE_HEADERS, + body: 'mockBody', + }, + { + message: 'Invalid S3 custom endpoint.', + name: 'InvalidCustomEndpoint', + }, +]; + +const getObjectErrorCaseInvalidBucketName: ApiFunctionalTestCase< + typeof getObject +> = [ + 'error case', + 'getObject with incompatible Dns bucket name', + getObject, + defaultConfig, + { + Bucket: 'incompatibleDnsCompatibleBucketName', + Key: 'key', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://incompatibleDnsCompatibleBucketName.s3.us-east-1.amazonaws.com/key', + }), + }), + { + status: 400, + headers: DEFAULT_RESPONSE_HEADERS, + body: 'mockBody', + }, + { + message: `The bucket name isn't DNS compatible.`, + name: 'DnsIncompatibleBucketName', + }, +]; + export default [ getObjectHappyCase, - getObjectAccelerateEndpoint, - getObjectCustomEndpoint, + getObjectHappyCaseAccelerateEndpoint, + getObjectHappyCaseCustomEndpoint, + getObjectErrorCaseAccelerateEndpoint, + getObjectErrorCaseInvalidCustomEndpoint, + getObjectErrorCaseInvalidBucketName, ]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/headObject.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/headObject.ts index 2275d7ac850..a392e121c8c 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/headObject.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/headObject.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { headObject } from '../../../../../../../src/providers/s3/utils/client'; +import { headObject } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -48,4 +48,34 @@ const headObjectHappyCase: ApiFunctionalTestCase = [ }, ]; -export default [headObjectHappyCase]; +const headObjectHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof headObject +> = [ + 'happy case', + 'headObject with custom endpoint', + headObject, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + forcePathStyle: true, + }, + { + Bucket: 'bucket', + Key: 'key', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket/key', + }), + }), + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: '', + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + +export default [headObjectHappyCase, headObjectHappyCaseCustomEndpoint]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/index.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/index.ts index 56a4e1719ae..b5688b18c78 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/index.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/index.ts @@ -12,6 +12,8 @@ import copyObjectCases from './copyObject'; import deleteObjectCases from './deleteObject'; import getObjectCases from './getObject'; import headObjectCases from './headObject'; +import getDataAccess from './getDataAccess'; +import listCallerAccessGrants from './listCallerAccessGrants'; export default [ ...listObjectsV2Cases, @@ -25,4 +27,6 @@ export default [ ...deleteObjectCases, ...getObjectCases, ...headObjectCases, + ...listCallerAccessGrants, + ...getDataAccess, ]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listCallerAccessGrants.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listCallerAccessGrants.ts new file mode 100644 index 00000000000..175e6d8b0da --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listCallerAccessGrants.ts @@ -0,0 +1,206 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { listCallerAccessGrants } from '../../../../../../../src/providers/s3/utils/client/s3control'; +import { ApiFunctionalTestCase } from '../../testUtils/types'; + +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from './shared'; + +const MOCK_ACCOUNT_ID = 'accountId'; +const MOCK_NEXT_TOKEN = 'nextToken'; +const MOCK_APP_ARN = 'appArn'; +const MOCK_GRANT_SCOPE = 's3://my-bucket/path/to/object.md'; +const MOCK_PERMISSION = 'READWRITE'; + +// API Reference: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessGrants.html +const listCallerAccessGrantsHappyCaseSingleGrant: ApiFunctionalTestCase< + typeof listCallerAccessGrants +> = [ + 'happy case', + 'listCallerAccessGrantsHappyCaseSingleGrant', + listCallerAccessGrants, + defaultConfig, + { + AccountId: MOCK_ACCOUNT_ID, + GrantScope: 's3://my-bucket/path/to/', + MaxResults: 50, + NextToken: 'mockToken', + AllowedByApplication: true, + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://accountid.s3-control.us-east-1.amazonaws.com/v20180820/accessgrantsinstance/caller/grants?grantscope=s3%3A%2F%2Fmy-bucket%2Fpath%2Fto%2F&maxResults=50&nextToken=mockToken&allowedByApplication=true', + }), + method: 'GET', + headers: expect.objectContaining({ + 'x-amz-account-id': MOCK_ACCOUNT_ID, + }), + }), + { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + }, + body: ` + + + ${MOCK_NEXT_TOKEN} + + + ${MOCK_APP_ARN} + ${MOCK_GRANT_SCOPE} + ${MOCK_PERMISSION} + + + + `, + }, + { + $metadata: expect.objectContaining(expectedMetadata), + CallerAccessGrantsList: [ + { + ApplicationArn: MOCK_APP_ARN, + GrantScope: MOCK_GRANT_SCOPE, + Permission: MOCK_PERMISSION, + }, + ], + NextToken: MOCK_NEXT_TOKEN, + }, +]; + +const listCallerAccessGrantsHappyCaseMultipleGrants: ApiFunctionalTestCase< + typeof listCallerAccessGrants +> = [ + 'happy case', + 'listCallerAccessGrantsHappyCaseMultipleGrants', + listCallerAccessGrants, + defaultConfig, + { + AccountId: MOCK_ACCOUNT_ID, + GrantScope: 's3://my-bucket/path/to/', + MaxResults: 50, + NextToken: 'mockToken', + AllowedByApplication: true, + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://accountid.s3-control.us-east-1.amazonaws.com/v20180820/accessgrantsinstance/caller/grants?grantscope=s3%3A%2F%2Fmy-bucket%2Fpath%2Fto%2F&maxResults=50&nextToken=mockToken&allowedByApplication=true', + }), + method: 'GET', + headers: expect.objectContaining({ + 'x-amz-account-id': MOCK_ACCOUNT_ID, + }), + }), + { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + }, + body: ` + + + ${MOCK_NEXT_TOKEN} + + + ${MOCK_APP_ARN} + ${MOCK_GRANT_SCOPE} + ${MOCK_PERMISSION} + + + ${MOCK_APP_ARN} + ${MOCK_GRANT_SCOPE} + ${MOCK_PERMISSION} + + + + `, + }, + { + $metadata: expect.objectContaining(expectedMetadata), + CallerAccessGrantsList: [ + { + ApplicationArn: MOCK_APP_ARN, + GrantScope: MOCK_GRANT_SCOPE, + Permission: MOCK_PERMISSION, + }, + { + ApplicationArn: MOCK_APP_ARN, + GrantScope: MOCK_GRANT_SCOPE, + Permission: MOCK_PERMISSION, + }, + ], + NextToken: MOCK_NEXT_TOKEN, + }, +]; + +const listCallerAccessGrantsHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof listCallerAccessGrants +> = [ + 'happy case', + 'listCallerAccessGrants with custom endpoint', + listCallerAccessGrants, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + }, + { + AccountId: MOCK_ACCOUNT_ID, + GrantScope: 's3://my-bucket/path/to/', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://accountid.custom.endpoint.com/v20180820/accessgrantsinstance/caller/grants?grantscope=s3%3A%2F%2Fmy-bucket%2Fpath%2Fto%2F', + }), + }), + { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + }, + body: '', + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + +const listCallerAccessGrantsErrorCase: ApiFunctionalTestCase< + typeof listCallerAccessGrants +> = [ + 'error case', + 'listCallerAccessGrants', + listCallerAccessGrants, + defaultConfig, + listCallerAccessGrantsHappyCaseSingleGrant[4], + listCallerAccessGrantsHappyCaseSingleGrant[5], + { + status: 403, + headers: DEFAULT_RESPONSE_HEADERS, + body: ` + + + + AccessDenied + Access Denied + + 656c76696e6727732072657175657374 + Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== + + `, + }, + { + message: 'Access Denied', + name: 'AccessDenied', + }, +]; + +export default [ + listCallerAccessGrantsHappyCaseSingleGrant, + listCallerAccessGrantsHappyCaseMultipleGrants, + listCallerAccessGrantsHappyCaseCustomEndpoint, + listCallerAccessGrantsErrorCase, +]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listObjectsV2.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listObjectsV2.ts index 7524a8daeb6..1a7ff38e323 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listObjectsV2.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listObjectsV2.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { listObjectsV2 } from '../../../../../../../src/providers/s3/utils/client'; +import { listObjectsV2 } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -11,9 +11,11 @@ import { } from './shared'; // API Reference: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html -const listObjectsV2HappyCase: ApiFunctionalTestCase = [ +const listObjectsV2HappyCaseTruncated: ApiFunctionalTestCase< + typeof listObjectsV2 +> = [ 'happy case', - 'listObjectsV2', + 'listObjectsV2 - truncated', listObjectsV2, defaultConfig, { @@ -45,10 +47,10 @@ const listObjectsV2HappyCase: ApiFunctionalTestCase = [ bucket - 205 + 4 ExampleGuide.pdf 1000 - false + true string 1ueGcxLPRx1Tr/XYExHnhbYLgveDs2J/wm36Hy4vbOwM= Next1ueGcxLPRx1Tr/XYExHnhbYLgveDs2J/wm36Hy4vbOwM= @@ -111,8 +113,8 @@ const listObjectsV2HappyCase: ApiFunctionalTestCase = [ ContinuationToken: '1ueGcxLPRx1Tr/XYExHnhbYLgveDs2J/wm36Hy4vbOwM=', Delimiter: 'string', EncodingType: 'string', - IsTruncated: false, - KeyCount: 205, + IsTruncated: true, + KeyCount: 4, MaxKeys: 1000, Name: 'bucket', NextContinuationToken: 'Next1ueGcxLPRx1Tr/XYExHnhbYLgveDs2J/wm36Hy4vbOwM=', @@ -122,13 +124,92 @@ const listObjectsV2HappyCase: ApiFunctionalTestCase = [ }, ]; -const listObjectsV2ErrorCase: ApiFunctionalTestCase = [ +const listObjectsV2HappyCaseComplete: ApiFunctionalTestCase< + typeof listObjectsV2 +> = [ + listObjectsV2HappyCaseTruncated[0], + 'listObjectsV2 - complete', + listObjectsV2HappyCaseTruncated[2], + listObjectsV2HappyCaseTruncated[3], + listObjectsV2HappyCaseTruncated[4], + listObjectsV2HappyCaseTruncated[5], + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: ` + + bucket + + 4 + + ExampleObject.txt + 2013-09-17T18:07:53.000Z + "599bab3ed2c697f1d26842727561fd94" + 857 + REDUCED_REDUNDANCY + + + my-image.jpg + 2009-10-12T17:50:30.000Z + "fba9dede5f27731c9771645a39863328" + 434234 + STANDARD + + 8a6925ce4a7f21c32aa379004fef + string + + + + photos/2006/February/ + + + photos/2006/January/ + + `, + }, + { + CommonPrefixes: [ + { + Prefix: 'photos/2006/February/', + }, + { + Prefix: 'photos/2006/January/', + }, + ], + Contents: [ + { + ETag: '"599bab3ed2c697f1d26842727561fd94"', + Key: 'ExampleObject.txt', + LastModified: new Date('2013-09-17T18:07:53.000Z'), + Size: 857, + StorageClass: 'REDUCED_REDUNDANCY', + }, + { + ETag: '"fba9dede5f27731c9771645a39863328"', + Key: 'my-image.jpg', + LastModified: new Date('2009-10-12T17:50:30.000Z'), + Size: 434234, + StorageClass: 'STANDARD', + Owner: { + ID: '8a6925ce4a7f21c32aa379004fef', + DisplayName: 'string', + }, + }, + ], + KeyCount: 4, + Name: 'bucket', + Prefix: '', + $metadata: expect.objectContaining(expectedMetadata), + }, +]; + +const listObjectsV2ErrorCase403: ApiFunctionalTestCase = [ 'error case', - 'listObjectsV2', + 'listObjectsV2 - 403', listObjectsV2, defaultConfig, - listObjectsV2HappyCase[4], - listObjectsV2HappyCase[5], + listObjectsV2HappyCaseTruncated[4], + listObjectsV2HappyCaseTruncated[5], { status: 403, headers: DEFAULT_RESPONSE_HEADERS, @@ -136,7 +217,7 @@ const listObjectsV2ErrorCase: ApiFunctionalTestCase = [ NoSuchKey The resource you requested does not exist - /mybucket/myfoto.jpg + /mybucket/myfoto.jpg 4442587FB7D0A2F9 `, }, @@ -146,4 +227,376 @@ const listObjectsV2ErrorCase: ApiFunctionalTestCase = [ }, ]; -export default [listObjectsV2HappyCase, listObjectsV2ErrorCase]; +const listObjectsV2ErrorCaseKeyCount: ApiFunctionalTestCase< + typeof listObjectsV2 +> = [ + listObjectsV2ErrorCase403[0], + 'listObjectsV2 - key count mismatch', + listObjectsV2ErrorCase403[2], + listObjectsV2ErrorCase403[3], + listObjectsV2ErrorCase403[4], + listObjectsV2ErrorCase403[5], + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: ` + + bucket + + 5 + + ExampleObject.txt + 2013-09-17T18:07:53.000Z + "599bab3ed2c697f1d26842727561fd94" + 857 + REDUCED_REDUNDANCY + + + my-image.jpg + 2009-10-12T17:50:30.000Z + "fba9dede5f27731c9771645a39863328" + 434234 + STANDARD + + 8a6925ce4a7f21c32aa379004fef + string + + + + photos/2006/February/ + + + photos/2006/January/ + + `, + }, + { + message: 'An unknown error has occurred.', + name: 'Unknown', + }, +]; + +const listObjectsV2ErrorCaseMissingToken: ApiFunctionalTestCase< + typeof listObjectsV2 +> = [ + listObjectsV2ErrorCase403[0], + 'listObjectsV2 - missing next continuation token', + listObjectsV2ErrorCase403[2], + listObjectsV2ErrorCase403[3], + listObjectsV2ErrorCase403[4], + listObjectsV2ErrorCase403[5], + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: ` + + bucket + + 5 + true + + ExampleObject.txt + 2013-09-17T18:07:53.000Z + "599bab3ed2c697f1d26842727561fd94" + 857 + REDUCED_REDUNDANCY + + + my-image.jpg + 2009-10-12T17:50:30.000Z + "fba9dede5f27731c9771645a39863328" + 434234 + STANDARD + + 8a6925ce4a7f21c32aa379004fef + string + + + + photos/2006/February/ + + + photos/2006/January/ + + `, + }, + { + message: 'An unknown error has occurred.', + name: 'Unknown', + }, +]; + +const listObjectsV2ErrorCaseMissingTruncated: ApiFunctionalTestCase< + typeof listObjectsV2 +> = [ + listObjectsV2ErrorCase403[0], + 'listObjectsV2 - missing truncated', + listObjectsV2ErrorCase403[2], + listObjectsV2ErrorCase403[3], + listObjectsV2ErrorCase403[4], + listObjectsV2ErrorCase403[5], + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: ` + + bucket + + 5 + Next1ueGcxLPRx1Tr/XYExHnhbYLgveDs2J/wm36Hy4vbOwM= + + ExampleObject.txt + 2013-09-17T18:07:53.000Z + "599bab3ed2c697f1d26842727561fd94" + 857 + REDUCED_REDUNDANCY + + + my-image.jpg + 2009-10-12T17:50:30.000Z + "fba9dede5f27731c9771645a39863328" + 434234 + STANDARD + + 8a6925ce4a7f21c32aa379004fef + string + + + + photos/2006/February/ + + + photos/2006/January/ + + `, + }, + { + message: 'An unknown error has occurred.', + name: 'Unknown', + }, +]; + +const listObjectsV2HappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof listObjectsV2 +> = [ + 'happy case', + 'listObjectsV2 with custom endpoint', + listObjectsV2, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + forcePathStyle: true, + }, + { + Bucket: 'bucket', + Prefix: 'Prefix', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket?list-type=2&prefix=Prefix', + }), + }), + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: ` + + bucket + + 1 + 1000 + false + + ExampleObject.txt + 2013-09-17T18:07:53.000Z + "599bab3ed2c697f1d26842727561fd94" + 857 + REDUCED_REDUNDANCY + + `, + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + +const listObjectsV2HappyCaseWithEncoding: ApiFunctionalTestCase< + typeof listObjectsV2 +> = [ + 'happy case', + 'listObjectsV2 unicode values with encoding', + listObjectsV2, + { + ...defaultConfig, + }, + { + Bucket: 'bucket', + Prefix: 'Prefix', + EncodingType: 'url', + }, + expect.any(Object), + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: ` + + bucket + some%20folder%20with%20%00%20unprintable%20unicode%2F + bad%08key + bad%01key + 6 + 101 + url + false + + public/bad%3Cdiv%3Ekey + 2024-11-05T18:13:11.000Z + "c0e066cc5238dd7937e464fe7572b71a" + 5455 + STANDARD + + + bad%00key + 2024-11-05T18:13:11.000Z + "c0e066cc5238dd7937e464fe7572b71a" + 5455 + STANDARD + + + public/bad%7Fkey + 2024-11-05T18:13:11.000Z + "c0e066cc5238dd7937e464fe7572b71a" + 5455 + STANDARD + + + public/some%20folder%20with%20spaces%2F + + + public/real%0A%0A%0A%0A%0A%0A%0A%0A%0Afunny%0A%0A%0A%0A%0A%0A%0A%0A%0Abiz%2F + + + public/some%20folder%20with%20%E3%81%8A%E3%81%AF%E3%82%88%E3%81%86%20multibyte%20unicode%2F + +`, + }, + expect.objectContaining({ + CommonPrefixes: [ + { + Prefix: 'public/some%20folder%20with%20spaces%2F', + }, + { + Prefix: + 'public/real%0A%0A%0A%0A%0A%0A%0A%0A%0Afunny%0A%0A%0A%0A%0A%0A%0A%0A%0Abiz%2F', + }, + { + Prefix: + 'public/some%20folder%20with%20%E3%81%8A%E3%81%AF%E3%82%88%E3%81%86%20multibyte%20unicode%2F', + }, + ], + Contents: [ + { + Key: 'public/bad%3Cdiv%3Ekey', + LastModified: new Date('2024-11-05T18:13:11.000Z'), + ETag: '"c0e066cc5238dd7937e464fe7572b71a"', + Size: 5455, + StorageClass: 'STANDARD', + }, + { + Key: 'bad%00key', + LastModified: new Date('2024-11-05T18:13:11.000Z'), + ETag: '"c0e066cc5238dd7937e464fe7572b71a"', + Size: 5455, + StorageClass: 'STANDARD', + }, + { + Key: 'public/bad%7Fkey', + LastModified: new Date('2024-11-05T18:13:11.000Z'), + ETag: '"c0e066cc5238dd7937e464fe7572b71a"', + Size: 5455, + StorageClass: 'STANDARD', + }, + ], + Prefix: 'some%20folder%20with%20%00%20unprintable%20unicode%2F', + Delimiter: 'bad%08key', + StartAfter: 'bad%01key', + EncodingType: 'url', + Name: 'bucket', + }) as any, +]; + +const listObjectsV2ErrorCaseNoEncoding: ApiFunctionalTestCase< + typeof listObjectsV2 +> = [ + 'error case', + 'listObjectsV2 unicode values without encoding', + listObjectsV2, + { + ...defaultConfig, + }, + { + Bucket: 'bucket', + Prefix: 'Prefix', + EncodingType: undefined, + }, + expect.any(Object), + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: ` + + badname + bad\x01key + 5 + 101 + bad\x08key + false + おはよう multibyte unicode + + public/bad
key + 2024-11-05T18:13:11.000Z + "c0e066cc5238dd7937e464fe7572b71a" + 5455 + STANDARD + + + bad\x00key + 2024-11-05T18:13:11.000Z + "c0e066cc5238dd7937e464fe7572b71a" + 5455 + STANDARD + + + public/bad\x7fkey + 2024-11-05T18:13:11.000Z + "c0e066cc5238dd7937e464fe7572b71a" + 5455 + STANDARD + + + public/some folder with spaces/ + + + public/some folder with \x00 unprintable unicode/ + +`, + }, + { + message: 'An unknown error has occurred.', + name: 'Unknown', + }, +]; + +export default [ + listObjectsV2HappyCaseTruncated, + listObjectsV2HappyCaseComplete, + listObjectsV2HappyCaseCustomEndpoint, + listObjectsV2ErrorCaseKeyCount, + listObjectsV2ErrorCaseMissingTruncated, + listObjectsV2ErrorCaseMissingToken, + listObjectsV2ErrorCase403, + listObjectsV2HappyCaseWithEncoding, + listObjectsV2ErrorCaseNoEncoding, +]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listParts.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listParts.ts index 3e809d12bdc..63f2a37e06c 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listParts.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/listParts.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { listParts } from '../../../../../../../src/providers/s3/utils/client'; +import { listParts } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -38,11 +38,13 @@ const listPartsHappyCase: ApiFunctionalTestCase = [ '1' + 'etag1' + '5242880' + + 'checksum1' + '' + '' + '2' + 'etag2' + '1024' + + 'checksum2' + '' + '', }, @@ -53,15 +55,46 @@ const listPartsHappyCase: ApiFunctionalTestCase = [ { PartNumber: 1, ETag: 'etag1', - Size: 5242880, + ChecksumCRC32: 'checksum1', }, { PartNumber: 2, ETag: 'etag2', - Size: 1024, + ChecksumCRC32: 'checksum2', }, ], }, ]; -export default [listPartsHappyCase]; +const listPartsHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof listParts +> = [ + 'happy case', + 'listParts with custom endpoint', + listParts, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + forcePathStyle: true, + }, + { + Bucket: 'bucket', + Key: 'key', + UploadId: 'uploadId', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket/key?uploadId=uploadId', + }), + }), + { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: '', + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + +export default [listPartsHappyCase, listPartsHappyCaseCustomEndpoint]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/putObject.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/putObject.ts index 930870a7c15..6ee6f1e62fa 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/putObject.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/putObject.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { putObject } from '../../../../../../../src/providers/s3/utils/client'; +import { putObject } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -68,7 +68,32 @@ const putObjectHappyCase: ApiFunctionalTestCase = [ }, ]; -const pubObjectDefaultContentType: ApiFunctionalTestCase = [ +const putObjectHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof putObject +> = [ + 'happy case', + 'putObject with custom endpoint', + putObject, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + forcePathStyle: true, + }, + putObjectRequest, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket/key', + }), + }), + putObjectSuccessResponse, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + +const pubObjectHappyCaseDefaultContentType: ApiFunctionalTestCase< + typeof putObject +> = [ 'happy case', 'putObject default content type', putObject, @@ -86,4 +111,8 @@ const pubObjectDefaultContentType: ApiFunctionalTestCase = [ expect.anything(), ]; -export default [putObjectHappyCase, pubObjectDefaultContentType]; +export default [ + putObjectHappyCase, + putObjectHappyCaseCustomEndpoint, + pubObjectHappyCaseDefaultContentType, +]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/uploadPart.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/uploadPart.ts index b4906b223c2..34d0d6f7f38 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/cases/uploadPart.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/cases/uploadPart.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { uploadPart } from '../../../../../../../src/providers/s3/utils/client'; +import { uploadPart } from '../../../../../../../src/providers/s3/utils/client/s3data'; import { ApiFunctionalTestCase } from '../../testUtils/types'; import { @@ -44,4 +44,36 @@ const uploadPartHappyCase: ApiFunctionalTestCase = [ }, ]; -export default [uploadPartHappyCase]; +const uploadPartHappyCaseCustomEndpoint: ApiFunctionalTestCase< + typeof uploadPart +> = [ + 'happy case', + 'uploadPart with custom endpoint', + uploadPart, + { + ...defaultConfig, + customEndpoint: 'custom.endpoint.com', + forcePathStyle: true, + }, + { + Bucket: 'bucket', + Key: 'key', + PartNumber: 1, + UploadId: 'uploadId', + }, + expect.objectContaining({ + url: expect.objectContaining({ + href: 'https://custom.endpoint.com/bucket/key?partNumber=1&uploadId=uploadId', + }), + }), + { + status: 200, + headers: { ...DEFAULT_RESPONSE_HEADERS, etag: 'etag' }, + body: '', + }, + expect.objectContaining({ + /** skip validating response */ + }) as any, +]; + +export default [uploadPartHappyCase, uploadPartHappyCaseCustomEndpoint]; diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/functional-apis.test.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/functional-apis.test.ts index 62b4aff0cf5..656f8d45ed7 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/functional-apis.test.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/functional-apis.test.ts @@ -68,11 +68,11 @@ describe('S3 APIs functional test', () => { expect.anything(), ); } else { - fail(`${name} ${caseType} should fail`); + throw new Error(`${name} ${caseType} should fail`); } } catch (e) { if (caseType === 'happy case') { - fail(`${name} ${caseType} should succeed: ${e}`); + throw new Error(`${name} ${caseType} should succeed: ${e}`); } else { expect(e).toBeInstanceOf(StorageError); expect(e).toEqual(expect.objectContaining(outputOrError)); diff --git a/packages/storage/__tests__/providers/s3/utils/client/S3/getPresignedGetObjectUrl.test.ts b/packages/storage/__tests__/providers/s3/utils/client/S3/getPresignedGetObjectUrl.test.ts index ab84fb03eb6..a208859a7c8 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/S3/getPresignedGetObjectUrl.test.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/S3/getPresignedGetObjectUrl.test.ts @@ -3,7 +3,7 @@ import { presignUrl } from '@aws-amplify/core/internals/aws-client-utils'; -import { getPresignedGetObjectUrl } from '../../../../../../src/providers/s3/utils/client'; +import { getPresignedGetObjectUrl } from '../../../../../../src/providers/s3/utils/client/s3data'; import { defaultConfigWithStaticCredentials } from './cases/shared'; diff --git a/packages/storage/__tests__/providers/s3/utils/client/s3Data/abortMutipartUpload.test.ts b/packages/storage/__tests__/providers/s3/utils/client/s3Data/abortMutipartUpload.test.ts new file mode 100644 index 00000000000..7f62097251c --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/s3Data/abortMutipartUpload.test.ts @@ -0,0 +1,93 @@ +import { HttpResponse } from '@aws-amplify/core/internals/aws-client-utils'; + +import { s3TransferHandler } from '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch'; +import { abortMultipartUpload } from '../../../../../../src/providers/s3/utils/client/s3data'; +import { validateObjectUrl } from '../../../../../../src/providers/s3/utils/validateObjectUrl'; +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from '../S3/cases/shared'; +import { IntegrityError } from '../../../../../../src/errors/IntegrityError'; + +jest.mock('../../../../../../src/providers/s3/utils/validateObjectUrl'); +jest.mock( + '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch', +); + +const mockS3TransferHandler = s3TransferHandler as jest.Mock; +const mockBinaryResponse = ({ + status, + headers, + body, +}: { + status: number; + headers: Record; + body: string; +}): HttpResponse => { + const responseBody = { + json: async (): Promise => { + throw new Error( + 'Parsing response to JSON is not implemented. Please use response.text() instead.', + ); + }, + blob: async () => new Blob([body], { type: 'plain/text' }), + text: async () => body, + } as HttpResponse['body']; + + return { + statusCode: status, + headers, + body: responseBody, + } as any; +}; + +const abortMultipartUploadSuccessResponse = { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + 'x-amz-version-id': 'versionId', + etag: 'etag', + }, + body: '', +}; + +describe('serializeAbortMultipartUploadRequest', () => { + const mockIsValidObjectUrl = jest.mocked(validateObjectUrl); + beforeEach(() => { + mockS3TransferHandler.mockReset(); + }); + + it('should pass when objectUrl is durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(abortMultipartUploadSuccessResponse as any), + ); + const output = await abortMultipartUpload(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + UploadId: 'upload-id', + }); + expect(output).toEqual({ + $metadata: expect.objectContaining(expectedMetadata), + }); + }); + + it('should fail when objectUrl is NOT durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(abortMultipartUploadSuccessResponse as any), + ); + const integrityError = new IntegrityError(); + mockIsValidObjectUrl.mockImplementationOnce(() => { + throw integrityError; + }); + expect( + abortMultipartUpload(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + UploadId: 'upload-id', + }), + ).rejects.toThrow(integrityError); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/client/s3Data/completeMultipartUpload.test.ts b/packages/storage/__tests__/providers/s3/utils/client/s3Data/completeMultipartUpload.test.ts new file mode 100644 index 00000000000..5036a9de6fb --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/s3Data/completeMultipartUpload.test.ts @@ -0,0 +1,143 @@ +import { HttpResponse } from '@aws-amplify/core/internals/aws-client-utils'; + +import { s3TransferHandler } from '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch'; +import { completeMultipartUpload } from '../../../../../../src/providers/s3/utils/client/s3data'; +import { validateObjectUrl } from '../../../../../../src/providers/s3/utils/validateObjectUrl'; +import { validateMultipartUploadXML } from '../../../../../../src/providers/s3/utils/validateMultipartUploadXML'; +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from '../S3/cases/shared'; +import { IntegrityError } from '../../../../../../src/errors/IntegrityError'; + +jest.mock('../../../../../../src/providers/s3/utils/validateObjectUrl'); +jest.mock( + '../../../../../../src/providers/s3/utils/validateMultipartUploadXML', +); +jest.mock( + '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch', +); + +const mockS3TransferHandler = s3TransferHandler as jest.Mock; +const mockBinaryResponse = ({ + status, + headers, + body, +}: { + status: number; + headers: Record; + body: string; +}): HttpResponse => { + const responseBody = { + json: async (): Promise => { + throw new Error( + 'Parsing response to JSON is not implemented. Please use response.text() instead.', + ); + }, + blob: async () => new Blob([body], { type: 'plain/text' }), + text: async () => body, + } as HttpResponse['body']; + + return { + statusCode: status, + headers, + body: responseBody, + } as any; +}; + +const completeMultipartUploadSuccessResponse = { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + 'x-amz-version-id': 'versionId', + etag: 'etag', + }, + body: '', +}; + +describe('completeMultipartUploadSerializer', () => { + const mockValidateObjectUrl = jest.mocked(validateObjectUrl); + const mockValidateMultipartUploadXML = jest.mocked( + validateMultipartUploadXML, + ); + beforeEach(() => { + mockS3TransferHandler.mockReset(); + }); + + it('should pass when objectUrl and multipartUploadXML is durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(completeMultipartUploadSuccessResponse as any), + ); + const output = await completeMultipartUpload(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + UploadId: 'uploadId', + MultipartUpload: { + Parts: [ + { + ETag: 'etag', + PartNumber: 1, + }, + ], + }, + }); + console.log(output); + expect(output).toEqual({ + $metadata: expect.objectContaining(expectedMetadata), + }); + }); + + it('should fail when objectUrl is NOT durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(completeMultipartUploadSuccessResponse as any), + ); + const integrityError = new IntegrityError(); + mockValidateObjectUrl.mockImplementationOnce(() => { + throw integrityError; + }); + expect( + completeMultipartUpload(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + UploadId: 'uploadId', + MultipartUpload: { + Parts: [ + { + ETag: 'etag', + PartNumber: 1, + }, + ], + }, + }), + ).rejects.toThrow(integrityError); + }); + + it('should fail when multipartUploadXML is NOT durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(completeMultipartUploadSuccessResponse as any), + ); + const integrityError = new IntegrityError(); + mockValidateMultipartUploadXML.mockImplementationOnce(() => { + throw integrityError; + }); + expect( + completeMultipartUpload(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + UploadId: 'uploadId', + MultipartUpload: { + Parts: [ + { + ETag: 'etag', + PartNumber: 1, + }, + ], + }, + }), + ).rejects.toThrow(integrityError); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/client/s3Data/copyObject.test.ts b/packages/storage/__tests__/providers/s3/utils/client/s3Data/copyObject.test.ts new file mode 100644 index 00000000000..01ce54eb16f --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/s3Data/copyObject.test.ts @@ -0,0 +1,193 @@ +import { HttpResponse } from '@aws-amplify/core/internals/aws-client-utils'; + +import { s3TransferHandler } from '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch'; +import { + copyObject, + validateCopyObjectHeaders, +} from '../../../../../../src/providers/s3/utils/client/s3data/copyObject'; +import { validateObjectUrl } from '../../../../../../src/providers/s3/utils/validateObjectUrl'; +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from '../S3/cases/shared'; +import { IntegrityError } from '../../../../../../src/errors/IntegrityError'; + +jest.mock('../../../../../../src/providers/s3/utils/validateObjectUrl'); +jest.mock( + '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch', +); + +const mockS3TransferHandler = s3TransferHandler as jest.Mock; +const mockBinaryResponse = ({ + status, + headers, + body, +}: { + status: number; + headers: Record; + body: string; +}): HttpResponse => { + const responseBody = { + json: async (): Promise => { + throw new Error( + 'Parsing response to JSON is not implemented. Please use response.text() instead.', + ); + }, + blob: async () => new Blob([body], { type: 'plain/text' }), + text: async () => body, + } as HttpResponse['body']; + + return { + statusCode: status, + headers, + body: responseBody, + } as any; +}; + +const copyObjectSuccessResponse: any = { + status: 200, + headers: DEFAULT_RESPONSE_HEADERS, + body: '', +}; + +describe('copyObjectSerializer', () => { + const mockIsValidObjectUrl = jest.mocked(validateObjectUrl); + beforeEach(() => { + mockS3TransferHandler.mockReset(); + }); + + it('should pass when objectUrl is valid', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(copyObjectSuccessResponse), + ); + const output = await copyObject(defaultConfig, { + CopySource: 'mock-source', + Bucket: 'bucket', + Key: 'key', + }); + expect(output).toEqual({ + $metadata: expect.objectContaining(expectedMetadata), + }); + }); + + it('should fail when objectUrl is NOT valid', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(copyObjectSuccessResponse), + ); + const integrityError = new IntegrityError(); + mockIsValidObjectUrl.mockImplementationOnce(() => { + throw integrityError; + }); + expect( + copyObject(defaultConfig, { + CopySource: 'mock-source', + Bucket: 'bucket', + Key: 'key', + }), + ).rejects.toThrow(integrityError); + }); +}); + +describe('validateCopyObjectHeaders', () => { + const baseRequest: any = { CopySource: 'mock-source' }; + const baseHeaders: any = { 'x-amz-copy-source': 'mock-source' }; + + [ + { + description: 'when only correct copy source is provided', + request: baseRequest, + headers: baseHeaders, + expectPass: true, + }, + { + description: 'when optional headers are provided correctly', + request: { + ...baseRequest, + MetadataDirective: 'mock-metadata', + CopySourceIfMatch: 'mock-etag', + CopySourceIfUnmodifiedSince: new Date(0), + }, + headers: { + ...baseHeaders, + 'x-amz-metadata-directive': 'mock-metadata', + 'x-amz-copy-source-if-match': 'mock-etag', + 'x-amz-copy-source-if-unmodified-since': + 'Thu, 01 Jan 1970 00:00:00 GMT', + }, + expectPass: true, + }, + { + description: 'when optional headers are added without request', + request: baseRequest, + headers: { + ...baseHeaders, + 'x-amz-metadata-directive': 'mock-metadata', + 'x-amz-copy-source-if-match': 'mock-etag', + 'x-amz-copy-source-if-unmodified-since': + 'Thu, 01 Jan 1970 00:00:00 GMT', + }, + expectPass: false, + }, + ...[null, undefined, 'wrong-metadata'].map(incorrectHeader => ({ + description: `when metadata is not mapped correctly: ${incorrectHeader}`, + request: { + ...baseRequest, + MetadataDirective: 'mock-metadata', + }, + headers: { + ...baseHeaders, + 'x-amz-metadata-directive': incorrectHeader, + }, + expectPass: false, + })), + ...[null, undefined, 'wrong-etag'].map(incorrectHeader => ({ + description: `when source etag is not mapped correctly: ${incorrectHeader}`, + request: { + ...baseRequest, + CopySourceIfMatch: 'mock-etag', + }, + headers: { + ...baseHeaders, + 'x-amz-copy-source-if-match': incorrectHeader, + }, + expectPass: false, + })), + ...[null, undefined, 'wrong-date'].map(incorrectHeader => ({ + description: `when unmodified since date is not mapped correctly: ${incorrectHeader}`, + request: { + ...baseRequest, + CopySourceIfUnmodifiedSince: new Date(0), + }, + headers: { + ...baseHeaders, + 'x-amz-copy-source-if-unmodified-since': incorrectHeader, + }, + expectPass: false, + })), + ].forEach(({ description, request, headers, expectPass }) => { + describe(description, () => { + if (expectPass) { + it('should pass validation', () => { + try { + validateCopyObjectHeaders(request, headers); + } catch (_) { + fail('test case should succeed'); + } + }); + } else { + it('should fail validation', () => { + expect.assertions(1); + try { + validateCopyObjectHeaders(request, headers); + fail('test case should fail'); + } catch (e: any) { + expect(e.name).toBe('Unknown'); + } + }); + } + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/client/s3Data/createMultipartUpload.test.ts b/packages/storage/__tests__/providers/s3/utils/client/s3Data/createMultipartUpload.test.ts new file mode 100644 index 00000000000..e705c86cde4 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/s3Data/createMultipartUpload.test.ts @@ -0,0 +1,92 @@ +import { HttpResponse } from '@aws-amplify/core/internals/aws-client-utils'; + +import { s3TransferHandler } from '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch'; +import { createMultipartUpload } from '../../../../../../src/providers/s3/utils/client/s3data'; +import { validateObjectUrl } from '../../../../../../src/providers/s3/utils/validateObjectUrl'; +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from '../S3/cases/shared'; +import { IntegrityError } from '../../../../../../src/errors/IntegrityError'; + +jest.mock('../../../../../../src/providers/s3/utils/validateObjectUrl'); +jest.mock( + '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch', +); + +const mockS3TransferHandler = s3TransferHandler as jest.Mock; +const mockBinaryResponse = ({ + status, + headers, + body, +}: { + status: number; + headers: Record; + body: string; +}): HttpResponse => { + const responseBody = { + json: async (): Promise => { + throw new Error( + 'Parsing response to JSON is not implemented. Please use response.text() instead.', + ); + }, + blob: async () => new Blob([body], { type: 'plain/text' }), + text: async () => body, + } as HttpResponse['body']; + + return { + statusCode: status, + headers, + body: responseBody, + } as any; +}; + +const createMultipartUploadSuccessResponse = { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + 'x-amz-version-id': 'versionId', + etag: 'etag', + }, + body: '', +}; + +describe('createMultipartUploadSerializer', () => { + const mockIsValidObjectUrl = jest.mocked(validateObjectUrl); + beforeEach(() => { + mockS3TransferHandler.mockReset(); + }); + + it('should pass when objectUrl is durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(createMultipartUploadSuccessResponse as any), + ); + const output = await createMultipartUpload(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + }); + console.log(output); + expect(output).toEqual({ + $metadata: expect.objectContaining(expectedMetadata), + }); + }); + + it('should fail when objectUrl is NOT durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(createMultipartUploadSuccessResponse as any), + ); + const integrityError = new IntegrityError(); + mockIsValidObjectUrl.mockImplementationOnce(() => { + throw integrityError; + }); + expect( + createMultipartUpload(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + }), + ).rejects.toThrow(integrityError); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/client/s3Data/deleteObject.test.ts b/packages/storage/__tests__/providers/s3/utils/client/s3Data/deleteObject.test.ts new file mode 100644 index 00000000000..7c111847ee7 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/s3Data/deleteObject.test.ts @@ -0,0 +1,92 @@ +import { HttpResponse } from '@aws-amplify/core/internals/aws-client-utils'; + +import { s3TransferHandler } from '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch'; +import { deleteObject } from '../../../../../../src/providers/s3/utils/client/s3data'; +import { validateObjectUrl } from '../../../../../../src/providers/s3/utils/validateObjectUrl'; +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from '../S3/cases/shared'; +import { IntegrityError } from '../../../../../../src/errors/IntegrityError'; + +jest.mock('../../../../../../src/providers/s3/utils/validateObjectUrl'); +jest.mock( + '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch', +); + +const mockS3TransferHandler = s3TransferHandler as jest.Mock; +const mockBinaryResponse = ({ + status, + headers, + body, +}: { + status: number; + headers: Record; + body: string; +}): HttpResponse => { + const responseBody = { + json: async (): Promise => { + throw new Error( + 'Parsing response to JSON is not implemented. Please use response.text() instead.', + ); + }, + blob: async () => new Blob([body], { type: 'plain/text' }), + text: async () => body, + } as HttpResponse['body']; + + return { + statusCode: status, + headers, + body: responseBody, + } as any; +}; + +const deleteObjectSuccessResponse = { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + 'x-amz-version-id': 'versionId', + etag: 'etag', + }, + body: '', +}; + +describe('serializeDeleteObjectRequest', () => { + const mockIsValidObjectUrl = jest.mocked(validateObjectUrl); + beforeEach(() => { + mockS3TransferHandler.mockReset(); + }); + + it('should pass when objectUrl is durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(deleteObjectSuccessResponse as any), + ); + const output = await deleteObject(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + }); + expect(output).toEqual({ + $metadata: expect.objectContaining(expectedMetadata), + VersionId: 'versionId', + }); + }); + + it('should fail when objectUrl is NOT durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(deleteObjectSuccessResponse as any), + ); + const integrityError = new IntegrityError(); + mockIsValidObjectUrl.mockImplementationOnce(() => { + throw integrityError; + }); + expect( + deleteObject(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + }), + ).rejects.toThrow(integrityError); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/client/s3Data/getObject.test.ts b/packages/storage/__tests__/providers/s3/utils/client/s3Data/getObject.test.ts new file mode 100644 index 00000000000..f66a507163c --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/s3Data/getObject.test.ts @@ -0,0 +1,98 @@ +import { HttpResponse } from '@aws-amplify/core/internals/aws-client-utils'; + +import { s3TransferHandler } from '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch'; +import { getObject } from '../../../../../../src/providers/s3/utils/client/s3data'; +import { validateObjectUrl } from '../../../../../../src/providers/s3/utils/validateObjectUrl'; +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from '../S3/cases/shared'; +import { IntegrityError } from '../../../../../../src/errors/IntegrityError'; + +jest.mock('../../../../../../src/providers/s3/utils/validateObjectUrl'); +jest.mock( + '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch', +); + +const mockS3TransferHandler = s3TransferHandler as jest.Mock; +const mockBinaryResponse = ({ + status, + headers, + body, +}: { + status: number; + headers: Record; + body: string; +}): HttpResponse => { + const responseBody = { + json: async (): Promise => { + throw new Error( + 'Parsing response to JSON is not implemented. Please use response.text() instead.', + ); + }, + blob: async () => new Blob([body], { type: 'plain/text' }), + text: async () => body, + } as HttpResponse['body']; + + return { + statusCode: status, + headers, + body: responseBody, + } as any; +}; + +const getObjectSuccessResponse = { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + 'x-amz-version-id': 'versionId', + etag: 'etag', + }, + body: '', +}; + +describe('serializeGetObjectRequest', () => { + const mockIsValidObjectUrl = jest.mocked(validateObjectUrl); + beforeEach(() => { + mockS3TransferHandler.mockReset(); + }); + + it('should pass when objectUrl is durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(getObjectSuccessResponse as any), + ); + const output = await getObject(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + }); + expect(output).toEqual({ + $metadata: expect.objectContaining(expectedMetadata), + ETag: 'etag', + VersionId: 'versionId', + Body: expect.objectContaining({ + text: expect.any(Function), + blob: expect.any(Function), + json: expect.any(Function), + }), + }); + }); + + it('should fail when objectUrl is NOT durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(getObjectSuccessResponse as any), + ); + const integrityError = new IntegrityError(); + mockIsValidObjectUrl.mockImplementationOnce(() => { + throw integrityError; + }); + expect( + getObject(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + }), + ).rejects.toThrow(integrityError); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/client/s3Data/headObject.test.ts b/packages/storage/__tests__/providers/s3/utils/client/s3Data/headObject.test.ts new file mode 100644 index 00000000000..94295bda943 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/s3Data/headObject.test.ts @@ -0,0 +1,93 @@ +import { HttpResponse } from '@aws-amplify/core/internals/aws-client-utils'; + +import { s3TransferHandler } from '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch'; +import { headObject } from '../../../../../../src/providers/s3/utils/client/s3data'; +import { validateObjectUrl } from '../../../../../../src/providers/s3/utils/validateObjectUrl'; +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from '../S3/cases/shared'; +import { IntegrityError } from '../../../../../../src/errors/IntegrityError'; + +jest.mock('../../../../../../src/providers/s3/utils/validateObjectUrl'); +jest.mock( + '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch', +); + +const mockS3TransferHandler = s3TransferHandler as jest.Mock; +const mockBinaryResponse = ({ + status, + headers, + body, +}: { + status: number; + headers: Record; + body: string; +}): HttpResponse => { + const responseBody = { + json: async (): Promise => { + throw new Error( + 'Parsing response to JSON is not implemented. Please use response.text() instead.', + ); + }, + blob: async () => new Blob([body], { type: 'plain/text' }), + text: async () => body, + } as HttpResponse['body']; + + return { + statusCode: status, + headers, + body: responseBody, + } as any; +}; + +const headObjectSuccessResponse = { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + 'x-amz-version-id': 'versionId', + etag: 'etag', + }, + body: '', +}; + +describe('serializeHeadObjectRequest', () => { + const mockIsValidObjectUrl = jest.mocked(validateObjectUrl); + beforeEach(() => { + mockS3TransferHandler.mockReset(); + }); + + it('should pass when objectUrl is durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(headObjectSuccessResponse as any), + ); + const output = await headObject(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + }); + expect(output).toEqual({ + $metadata: expect.objectContaining(expectedMetadata), + VersionId: 'versionId', + ETag: 'etag', + }); + }); + + it('should fail when objectUrl is NOT durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(headObjectSuccessResponse as any), + ); + const integrityError = new IntegrityError(); + mockIsValidObjectUrl.mockImplementationOnce(() => { + throw integrityError; + }); + expect( + headObject(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + }), + ).rejects.toThrow(integrityError); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/client/s3Data/putObject.test.ts b/packages/storage/__tests__/providers/s3/utils/client/s3Data/putObject.test.ts new file mode 100644 index 00000000000..cd28b8f562a --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/s3Data/putObject.test.ts @@ -0,0 +1,93 @@ +import { HttpResponse } from '@aws-amplify/core/internals/aws-client-utils'; + +import { s3TransferHandler } from '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch'; +import { putObject } from '../../../../../../src/providers/s3/utils/client/s3data'; +import { validateObjectUrl } from '../../../../../../src/providers/s3/utils/validateObjectUrl'; +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from '../S3/cases/shared'; +import { IntegrityError } from '../../../../../../src/errors/IntegrityError'; + +jest.mock('../../../../../../src/providers/s3/utils/validateObjectUrl'); +jest.mock( + '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch', +); + +const mockS3TransferHandler = s3TransferHandler as jest.Mock; +const mockBinaryResponse = ({ + status, + headers, + body, +}: { + status: number; + headers: Record; + body: string; +}): HttpResponse => { + const responseBody = { + json: async (): Promise => { + throw new Error( + 'Parsing response to JSON is not implemented. Please use response.text() instead.', + ); + }, + blob: async () => new Blob([body], { type: 'plain/text' }), + text: async () => body, + } as HttpResponse['body']; + + return { + statusCode: status, + headers, + body: responseBody, + } as any; +}; + +const putObjectSuccessResponse = { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + 'x-amz-version-id': 'versionId', + etag: 'etag', + }, + body: '', +}; + +describe('serializePutObjectRequest', () => { + const mockIsValidObjectUrl = jest.mocked(validateObjectUrl); + beforeEach(() => { + mockS3TransferHandler.mockReset(); + }); + + it('should pass when objectUrl is durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(putObjectSuccessResponse as any), + ); + const output = await putObject(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + }); + expect(output).toEqual({ + $metadata: expect.objectContaining(expectedMetadata), + ETag: 'etag', + VersionId: 'versionId', + }); + }); + + it('should fail when objectUrl is NOT durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(putObjectSuccessResponse as any), + ); + const integrityError = new IntegrityError(); + mockIsValidObjectUrl.mockImplementationOnce(() => { + throw integrityError; + }); + expect( + putObject(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + }), + ).rejects.toThrow(integrityError); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/client/s3Data/uploadPart.test.ts b/packages/storage/__tests__/providers/s3/utils/client/s3Data/uploadPart.test.ts new file mode 100644 index 00000000000..3be212c74bb --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/s3Data/uploadPart.test.ts @@ -0,0 +1,96 @@ +import { HttpResponse } from '@aws-amplify/core/internals/aws-client-utils'; + +import { s3TransferHandler } from '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch'; +import { uploadPart } from '../../../../../../src/providers/s3/utils/client/s3data'; +import { validateObjectUrl } from '../../../../../../src/providers/s3/utils/validateObjectUrl'; +import { + DEFAULT_RESPONSE_HEADERS, + defaultConfig, + expectedMetadata, +} from '../S3/cases/shared'; +import { IntegrityError } from '../../../../../../src/errors/IntegrityError'; + +jest.mock('../../../../../../src/providers/s3/utils/validateObjectUrl'); +jest.mock( + '../../../../../../src/providers/s3/utils/client/runtime/s3TransferHandler/fetch', +); + +const mockS3TransferHandler = s3TransferHandler as jest.Mock; +const mockBinaryResponse = ({ + status, + headers, + body, +}: { + status: number; + headers: Record; + body: string; +}): HttpResponse => { + const responseBody = { + json: async (): Promise => { + throw new Error( + 'Parsing response to JSON is not implemented. Please use response.text() instead.', + ); + }, + blob: async () => new Blob([body], { type: 'plain/text' }), + text: async () => body, + } as HttpResponse['body']; + + return { + statusCode: status, + headers, + body: responseBody, + } as any; +}; + +const uploadPartSuccessResponse = { + status: 200, + headers: { + ...DEFAULT_RESPONSE_HEADERS, + 'x-amz-version-id': 'versionId', + etag: 'etag', + }, + body: '', +}; + +describe('serializeUploadPartRequest', () => { + const mockIsValidObjectUrl = jest.mocked(validateObjectUrl); + beforeEach(() => { + mockS3TransferHandler.mockReset(); + }); + + it('should pass when objectUrl is durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(uploadPartSuccessResponse as any), + ); + const output = await uploadPart(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + PartNumber: 1, + UploadId: 'uploadId', + }); + expect(output).toEqual({ + $metadata: expect.objectContaining(expectedMetadata), + ETag: 'etag', + }); + }); + + it('should fail when objectUrl is NOT durable', async () => { + expect.assertions(1); + mockS3TransferHandler.mockResolvedValue( + mockBinaryResponse(uploadPartSuccessResponse as any), + ); + const integrityError = new IntegrityError(); + mockIsValidObjectUrl.mockImplementationOnce(() => { + throw integrityError; + }); + expect( + uploadPart(defaultConfig, { + Bucket: 'bucket', + Key: 'key', + PartNumber: 1, + UploadId: 'uploadId', + }), + ).rejects.toThrow(integrityError); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/client/testUtils/types.ts b/packages/storage/__tests__/providers/s3/utils/client/testUtils/types.ts index b47d2ec7695..a3754b41707 100644 --- a/packages/storage/__tests__/providers/s3/utils/client/testUtils/types.ts +++ b/packages/storage/__tests__/providers/s3/utils/client/testUtils/types.ts @@ -3,7 +3,7 @@ import { HttpRequest } from '@aws-amplify/core/internals/aws-client-utils'; -interface MockFetchResponse { +export interface MockFetchResponse { body: BodyInit; headers: HeadersInit; status: number; diff --git a/packages/storage/__tests__/providers/s3/utils/client/utils/createRetryDecider.test.ts b/packages/storage/__tests__/providers/s3/utils/client/utils/createRetryDecider.test.ts new file mode 100644 index 00000000000..935ec823794 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/utils/createRetryDecider.test.ts @@ -0,0 +1,103 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +import { + HttpResponse, + getRetryDecider as getDefaultRetryDecider, +} from '@aws-amplify/core/internals/aws-client-utils'; + +import { createRetryDecider } from '../../../../../../src/providers/s3/utils/client/utils'; + +jest.mock('@aws-amplify/core/internals/aws-client-utils'); + +const mockErrorParser = jest.fn(); + +describe('createRetryDecider', () => { + const mockHttpResponse: HttpResponse = { + statusCode: 200, + headers: {}, + body: 'body' as any, + }; + + beforeEach(() => { + jest.mocked(getDefaultRetryDecider).mockReturnValue(async () => { + return { retryable: false }; + }); + }); + + afterEach(() => { + jest.resetAllMocks(); + }); + + it('should invoke the default retry decider', async () => { + expect.assertions(3); + const retryDecider = createRetryDecider(mockErrorParser); + const { retryable, isCredentialsExpiredError } = await retryDecider( + mockHttpResponse, + undefined, + {}, + ); + expect(getDefaultRetryDecider).toHaveBeenCalledWith(mockErrorParser); + expect(retryable).toBe(false); + expect(isCredentialsExpiredError).toBeFalsy(); + }); + + describe('handling expired token errors', () => { + const mockErrorMessage = 'Token expired'; + it.each(['RequestExpired', 'ExpiredTokenException', 'ExpiredToken'])( + 'should retry if expired credentials error name %s', + async errorName => { + expect.assertions(2); + const parsedError = { + name: errorName, + message: mockErrorMessage, + $metadata: {}, + }; + mockErrorParser.mockResolvedValue(parsedError); + const retryDecider = createRetryDecider(mockErrorParser); + const { retryable, isCredentialsExpiredError } = await retryDecider( + { ...mockHttpResponse, statusCode: 400 }, + undefined, + {}, + ); + expect(retryable).toBe(true); + expect(isCredentialsExpiredError).toBe(true); + }, + ); + + it('should retry if error message indicates invalid credentials', async () => { + expect.assertions(2); + const parsedError = { + name: 'InvalidSignature', + message: 'Auth token in request is expired.', + $metadata: {}, + }; + mockErrorParser.mockResolvedValue(parsedError); + const retryDecider = createRetryDecider(mockErrorParser); + const { retryable, isCredentialsExpiredError } = await retryDecider( + { ...mockHttpResponse, statusCode: 400 }, + undefined, + {}, + ); + expect(retryable).toBe(true); + expect(isCredentialsExpiredError).toBe(true); + }); + + it('should not retry if invalid credentials error has been retried previously', async () => { + expect.assertions(2); + const parsedError = { + name: 'RequestExpired', + message: mockErrorMessage, + $metadata: {}, + }; + mockErrorParser.mockResolvedValue(parsedError); + const retryDecider = createRetryDecider(mockErrorParser); + const { retryable, isCredentialsExpiredError } = await retryDecider( + { ...mockHttpResponse, statusCode: 400 }, + undefined, + { isCredentialsExpired: true }, + ); + expect(retryable).toBe(false); + expect(isCredentialsExpiredError).toBe(true); + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/client/utils/integrityHelpers.test.ts b/packages/storage/__tests__/providers/s3/utils/client/utils/integrityHelpers.test.ts new file mode 100644 index 00000000000..84cc8cf10c7 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/client/utils/integrityHelpers.test.ts @@ -0,0 +1,71 @@ +import { + bothNilOrEqual, + isEqual, + isNil, + isObject, +} from '../../../../../../src/providers/s3/utils/client/utils/integrityHelpers'; + +describe('isNil', () => { + it.each([ + ['undefined', undefined, true], + ['null', null, true], + ['object', {}, false], + ['string', 'string', false], + ['empty string', '', false], + ['false', false, false], + ])('should correctly evaluate %s', (_, input, expected) => { + expect(isNil(input)).toBe(expected); + }); +}); + +describe('bothNilorEqual', () => { + it.each([ + ['both undefined', undefined, undefined, true], + ['both null', null, null, true], + ['null and undefined', null, undefined, true], + ['both equal', 'mock', 'mock', true], + ['undefined and falsy', undefined, '', false], + ['truthy and null', 'mock', null, false], + ['different strings', 'mock-1', 'mock-2', false], + ])( + 'should correctly compare %s', + (_, original: any, output: any, expected) => { + expect(bothNilOrEqual(original, output)).toBe(expected); + }, + ); +}); + +describe('Integrity Helpers Tests', () => { + describe('isObjectLike', () => { + // Generate all test cases for isObjectLike function here + test.each([ + [{}, true], + [{ a: 1 }, true], + [[1, 2, 3], false], + [null, false], + [undefined, false], + ['', false], + [1, false], + ])('isObjectLike(%p) = %p', (value, expected) => { + expect(isObject(value)).toBe(expected); + }); + }); + + describe('isEqual', () => { + test.each([ + [1, 1, true], + [1, 2, false], + [1, '1', false], + ['1', '1', true], + ['1', '2', false], + [{ a: 1 }, { a: 1 }, true], + [{ a: 1 }, { a: 2 }, false], + [{ a: 1 }, { b: 1 }, false], + [[1, 2], [1, 2], true], + [[1, 2], [2, 1], false], + [[1, 2], [1, 2, 3], false], + ])('isEqual(%p, %p) = %p', (a, b, expected) => { + expect(isEqual(a, b)).toBe(expected); + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/crc32.test.ts b/packages/storage/__tests__/providers/s3/utils/crc32.test.ts new file mode 100644 index 00000000000..28058a1fc1d --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/crc32.test.ts @@ -0,0 +1,131 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + TextDecoder as TextDecoderPolyfill, + TextEncoder as TextEncoderPolyfill, +} from 'node:util'; + +import { calculateContentCRC32 } from '../../../../src/providers/s3/utils/crc32'; + +global.TextEncoder = TextEncoderPolyfill as any; +global.TextDecoder = TextDecoderPolyfill as any; + +const MB = 1024 * 1024; +const getBlob = (size: number) => new Blob(['1'.repeat(size)]); +const encoder = new TextEncoder(); +const decoder = new TextDecoder(); + +describe('calculate crc32', () => { + describe.each([ + { + type: 'file', + size: '4B', + data: new File(['data'], 'someName'), + expected: { + checksum: 'rfPzYw==', + checksumArrayBuffer: new Uint8Array([173, 243, 243, 99]).buffer, + seed: 2918445923, + }, + }, + { + type: 'blob', + size: '4B', + data: new Blob(['data']), + expected: { + checksum: 'rfPzYw==', + checksumArrayBuffer: new Uint8Array([173, 243, 243, 99]).buffer, + seed: 2918445923, + }, + }, + { + type: 'string', + size: '4B', + data: 'data', + expected: { + checksum: 'rfPzYw==', + checksumArrayBuffer: new Uint8Array([173, 243, 243, 99]).buffer, + seed: 2918445923, + }, + }, + { + type: 'arrayBuffer', + size: '4B', + data: encoder.encode('data').buffer, + expected: { + checksum: 'rfPzYw==', + checksumArrayBuffer: new Uint8Array([173, 243, 243, 99]).buffer, + seed: 2918445923, + }, + }, + { + type: 'arrayBufferView', + size: '4B', + data: new DataView(encoder.encode('1234 data 5678').buffer, 5, 4), + expected: { + checksum: 'rfPzYw==', + checksumArrayBuffer: new Uint8Array([173, 243, 243, 99]).buffer, + seed: 2918445923, + }, + }, + { + type: 'file', + size: '8MB', + data: new File([getBlob(8 * MB)], 'someName'), + expected: { + checksum: '/YBlgg==', + checksumArrayBuffer: new Uint8Array([253, 128, 101, 130]).buffer, + seed: 4253050242, + }, + }, + { + type: 'blob', + size: '8MB', + data: getBlob(8 * MB), + expected: { + checksum: '/YBlgg==', + checksumArrayBuffer: new Uint8Array([253, 128, 101, 130]).buffer, + seed: 4253050242, + }, + }, + { + type: 'string', + size: '8MB', + data: '1'.repeat(8 * MB), + expected: { + checksum: '/YBlgg==', + checksumArrayBuffer: new Uint8Array([253, 128, 101, 130]).buffer, + seed: 4253050242, + }, + }, + { + type: 'arrayBuffer', + size: '8MB', + data: encoder.encode('1'.repeat(8 * MB)).buffer, + expected: { + checksum: '/YBlgg==', + checksumArrayBuffer: new Uint8Array([253, 128, 101, 130]).buffer, + seed: 4253050242, + }, + }, + { + type: 'arrayBufferView', + size: '8MB', + data: encoder.encode('1'.repeat(8 * MB)), + expected: { + checksum: '/YBlgg==', + checksumArrayBuffer: new Uint8Array([253, 128, 101, 130]).buffer, + seed: 4253050242, + }, + }, + ])('output for data type of $type with size $size', ({ data, expected }) => { + it('should match expected checksum results', async () => { + const result = (await calculateContentCRC32(data))!; + expect(result.checksum).toEqual(expected.checksum); + expect(result.seed).toEqual(expected.seed); + expect(decoder.decode(result.checksumArrayBuffer)).toEqual( + decoder.decode(expected.checksumArrayBuffer), + ); + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/getCombinedCrc32.native.test.ts b/packages/storage/__tests__/providers/s3/utils/getCombinedCrc32.native.test.ts new file mode 100644 index 00000000000..d0de37089b9 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/getCombinedCrc32.native.test.ts @@ -0,0 +1,108 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + TextDecoder as TextDecoderPolyfill, + TextEncoder as TextEncoderPolyfill, +} from 'node:util'; + +import { getCombinedCrc32 } from '../../../../src/providers/s3/utils/getCombinedCrc32.native'; +import { byteLength } from '../../../../src/providers/s3/apis/internal/uploadData/byteLength'; + +global.TextEncoder = TextEncoderPolyfill as any; +global.TextDecoder = TextDecoderPolyfill as any; + +const MB = 1024 * 1024; +const getBlob = (size: number) => new Blob(['1'.repeat(size)]); +const encoder = new TextEncoder(); + +describe('calculate crc32', () => { + describe.each([ + { + type: 'file', + size: '4B', + data: new File(['data'], 'someName'), + expected: { + checksum: 'wu1R0Q==-1', + }, + }, + { + type: 'blob', + size: '4B', + data: new Blob(['data']), + expected: { + checksum: 'wu1R0Q==-1', + }, + }, + { + type: 'string', + size: '4B', + data: 'data', + expected: { + checksum: 'wu1R0Q==-1', + }, + }, + { + type: 'arrayBuffer', + size: '4B', + data: new Uint8Array(encoder.encode('data')).buffer, + expected: { + checksum: 'wu1R0Q==-1', + }, + }, + { + type: 'arrayBufferView', + size: '4B', + data: new DataView(encoder.encode('1234 data 5678').buffer, 5, 4), + expected: { + checksum: 'wu1R0Q==-1', + }, + }, + { + type: 'file', + size: '8MB', + data: new File([getBlob(8 * MB)], 'someName'), + expected: { + checksum: 'hwOICA==-2', + }, + }, + { + type: 'blob', + size: '8MB', + data: getBlob(8 * MB), + expected: { + checksum: 'hwOICA==-2', + }, + }, + { + type: 'string', + size: '8MB', + data: '1'.repeat(8 * MB), + expected: { + checksum: 'hwOICA==-2', + }, + }, + { + type: 'arrayBuffer', + size: '8MB', + data: new Uint8Array(encoder.encode('1'.repeat(8 * MB))).buffer, + expected: { + checksum: 'hwOICA==-2', + }, + }, + { + type: 'arrayBufferView', + size: '8MB', + data: encoder.encode('1'.repeat(8 * MB)), + expected: { + checksum: 'hwOICA==-2', + }, + }, + ])('output for data type of $type with size $size', ({ data, expected }) => { + it('should match expected checksum results', async () => { + expect((await getCombinedCrc32(data, byteLength(data)))!).toEqual( + expected.checksum, + ); + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/getCombinedCrc32.test.ts b/packages/storage/__tests__/providers/s3/utils/getCombinedCrc32.test.ts new file mode 100644 index 00000000000..299bd8d90e5 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/getCombinedCrc32.test.ts @@ -0,0 +1,108 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + TextDecoder as TextDecoderPolyfill, + TextEncoder as TextEncoderPolyfill, +} from 'node:util'; + +import { getCombinedCrc32 } from '../../../../src/providers/s3/utils/getCombinedCrc32'; +import { byteLength } from '../../../../src/providers/s3/apis/internal/uploadData/byteLength'; + +global.TextEncoder = TextEncoderPolyfill as any; +global.TextDecoder = TextDecoderPolyfill as any; + +const MB = 1024 * 1024; +const getBlob = (size: number) => new Blob(['1'.repeat(size)]); +const encoder = new TextEncoder(); + +describe('calculate crc32', () => { + describe.each([ + { + type: 'file', + size: '4B', + data: new File(['data'], 'someName'), + expected: { + checksum: 'wu1R0Q==-1', + }, + }, + { + type: 'blob', + size: '4B', + data: new Blob(['data']), + expected: { + checksum: 'wu1R0Q==-1', + }, + }, + { + type: 'string', + size: '4B', + data: 'data', + expected: { + checksum: 'wu1R0Q==-1', + }, + }, + { + type: 'arrayBuffer', + size: '4B', + data: new Uint8Array(encoder.encode('data')).buffer, + expected: { + checksum: 'wu1R0Q==-1', + }, + }, + { + type: 'arrayBufferView', + size: '4B', + data: new DataView(encoder.encode('1234 data 5678').buffer, 5, 4), + expected: { + checksum: 'wu1R0Q==-1', + }, + }, + { + type: 'file', + size: '8MB', + data: new File([getBlob(8 * MB)], 'someName'), + expected: { + checksum: 'hwOICA==-2', + }, + }, + { + type: 'blob', + size: '8MB', + data: getBlob(8 * MB), + expected: { + checksum: 'hwOICA==-2', + }, + }, + { + type: 'string', + size: '8MB', + data: '1'.repeat(8 * MB), + expected: { + checksum: 'hwOICA==-2', + }, + }, + { + type: 'arrayBuffer', + size: '8MB', + data: new Uint8Array(encoder.encode('1'.repeat(8 * MB))).buffer, + expected: { + checksum: 'hwOICA==-2', + }, + }, + { + type: 'arrayBufferView', + size: '8MB', + data: encoder.encode('1'.repeat(8 * MB)), + expected: { + checksum: 'hwOICA==-2', + }, + }, + ])('output for data type of $type with size $size', ({ data, expected }) => { + it('should match expected checksum results', async () => { + expect((await getCombinedCrc32(data, byteLength(data)))!).toEqual( + expected.checksum, + ); + }); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/md5.native.test.ts b/packages/storage/__tests__/providers/s3/utils/md5.native.test.ts deleted file mode 100644 index ec70d0a8e14..00000000000 --- a/packages/storage/__tests__/providers/s3/utils/md5.native.test.ts +++ /dev/null @@ -1,131 +0,0 @@ -import { Buffer } from 'buffer'; - -import { Md5 } from '@smithy/md5-js'; - -import { calculateContentMd5 } from '../../../../src/providers/s3/utils/md5.native'; -import { toBase64 } from '../../../../src/providers/s3/utils/client/utils'; - -jest.mock('@smithy/md5-js'); -jest.mock('../../../../src/providers/s3/utils/client/utils'); -jest.mock('buffer'); - -interface MockFileReader { - error?: any; - result?: any; - onload?(): void; - onabort?(): void; - onerror?(): void; - readAsArrayBuffer?(): void; - readAsDataURL?(): void; -} - -// The FileReader in React Native 0.71 did not support `readAsArrayBuffer`. This native implementation accomodates this -// by attempting to use `readAsArrayBuffer` and changing the file reading strategy if it throws an error. -// TODO: This file should be removable when we drop support for React Native 0.71 -describe('calculateContentMd5 (native)', () => { - const stringContent = 'string-content'; - const base64data = 'base-64-data'; - const fileReaderResult = new ArrayBuffer(8); - const fileReaderBase64Result = `data:foo/bar;base64,${base64data}`; - const fileReaderError = new Error(); - // assert mocks - const mockBufferFrom = Buffer.from as jest.Mock; - const mockToBase64 = toBase64 as jest.Mock; - const mockMd5 = Md5 as jest.Mock; - // create mocks - const mockSuccessfulFileReader: MockFileReader = { - readAsArrayBuffer: jest.fn(() => { - mockSuccessfulFileReader.result = fileReaderResult; - mockSuccessfulFileReader.onload?.(); - }), - }; - const mockAbortedFileReader: MockFileReader = { - readAsArrayBuffer: jest.fn(() => { - mockAbortedFileReader.onabort?.(); - }), - }; - const mockFailedFileReader: MockFileReader = { - readAsArrayBuffer: jest.fn(() => { - mockFailedFileReader.error = fileReaderError; - mockFailedFileReader.onerror?.(); - }), - }; - const mockPartialFileReader: MockFileReader = { - readAsArrayBuffer: jest.fn(() => { - throw new Error('Not implemented'); - }), - readAsDataURL: jest.fn(() => { - mockPartialFileReader.result = fileReaderBase64Result; - mockPartialFileReader.onload?.(); - }), - }; - - beforeAll(() => { - mockBufferFrom.mockReturnValue(fileReaderResult); - }); - - afterEach(() => { - jest.clearAllMocks(); - mockMd5.mockReset(); - }); - - it.each([ - { type: 'string', content: stringContent }, - { type: 'ArrayBuffer view', content: new Uint8Array() }, - { type: 'ArrayBuffer', content: new ArrayBuffer(8) }, - ])('calculates MD5 for content type: $type', async ({ content }) => { - await calculateContentMd5(content); - const [mockMd5Instance] = mockMd5.mock.instances; - expect(mockMd5Instance.update.mock.calls[0][0]).toBe(content); - expect(mockToBase64).toHaveBeenCalled(); - }); - - it('calculates MD5 for content type: blob', async () => { - Object.defineProperty(global, 'FileReader', { - writable: true, - value: jest.fn(() => mockSuccessfulFileReader), - }); - await calculateContentMd5(new Blob([stringContent])); - const [mockMd5Instance] = mockMd5.mock.instances; - expect(mockMd5Instance.update.mock.calls[0][0]).toBe(fileReaderResult); - expect(mockSuccessfulFileReader.readAsArrayBuffer).toHaveBeenCalled(); - expect(mockToBase64).toHaveBeenCalled(); - }); - - it('rejects on file reader abort', async () => { - Object.defineProperty(global, 'FileReader', { - writable: true, - value: jest.fn(() => mockAbortedFileReader), - }); - await expect( - calculateContentMd5(new Blob([stringContent])), - ).rejects.toThrow('Read aborted'); - expect(mockAbortedFileReader.readAsArrayBuffer).toHaveBeenCalled(); - expect(mockToBase64).not.toHaveBeenCalled(); - }); - - it('rejects on file reader error', async () => { - Object.defineProperty(global, 'FileReader', { - writable: true, - value: jest.fn(() => mockFailedFileReader), - }); - await expect( - calculateContentMd5(new Blob([stringContent])), - ).rejects.toThrow(fileReaderError); - expect(mockFailedFileReader.readAsArrayBuffer).toHaveBeenCalled(); - expect(mockToBase64).not.toHaveBeenCalled(); - }); - - it('tries again using a different strategy if readAsArrayBuffer is unavailable', async () => { - Object.defineProperty(global, 'FileReader', { - writable: true, - value: jest.fn(() => mockPartialFileReader), - }); - await calculateContentMd5(new Blob([stringContent])); - const [mockMd5Instance] = mockMd5.mock.instances; - expect(mockMd5Instance.update.mock.calls[0][0]).toBe(fileReaderResult); - expect(mockPartialFileReader.readAsDataURL).toHaveBeenCalled(); - expect(mockBufferFrom).toHaveBeenCalledWith(base64data, 'base64'); - expect(mockToBase64).toHaveBeenCalled(); - }); -}); diff --git a/packages/storage/__tests__/providers/s3/utils/readFile.native.test.ts b/packages/storage/__tests__/providers/s3/utils/readFile.native.test.ts new file mode 100644 index 00000000000..cdd9aeff616 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/readFile.native.test.ts @@ -0,0 +1,119 @@ +import { Buffer } from 'buffer'; + +import { readFile } from '../../../../src/providers/s3/utils/readFile.native'; + +jest.mock('buffer', () => ({ + Buffer: { + from: jest.fn(() => new Uint8Array()), + }, +})); + +describe('readFile', () => { + let mockFileReader: any; + + beforeEach(() => { + mockFileReader = { + onload: null, + onabort: null, + onerror: null, + readAsArrayBuffer: jest.fn(), + readAsDataURL: jest.fn(), + result: null, + }; + + (global as any).FileReader = jest.fn(() => mockFileReader); + }); + + afterEach(() => { + jest.resetAllMocks(); + }); + + it('should read file as ArrayBuffer when supported', async () => { + const mockFile = new Blob(['test content']); + const mockArrayBuffer = new ArrayBuffer(8); + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + mockFileReader.result = mockArrayBuffer; + mockFileReader.onload(); + }); + + const result = await readFile(mockFile); + + expect(mockFileReader.readAsArrayBuffer).toHaveBeenCalledWith(mockFile); + expect(result).toBe(mockArrayBuffer); + }); + + it('should fallback to readAsDataURL when readAsArrayBuffer is not supported', async () => { + const mockFile = new Blob(['test content']); + const mockBase64Data = 'base64encodeddata'; + const mockDataURL = `data:application/octet-stream;base64,${mockBase64Data}`; + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + throw new Error('readAsArrayBuffer not supported'); + }); + + mockFileReader.readAsDataURL.mockImplementation(() => { + mockFileReader.result = mockDataURL; + mockFileReader.onload(); + }); + + await readFile(mockFile); + + expect(mockFileReader.readAsArrayBuffer).toHaveBeenCalledWith(mockFile); + expect(mockFileReader.readAsDataURL).toHaveBeenCalledWith(mockFile); + expect(Buffer.from).toHaveBeenCalledWith(mockBase64Data, 'base64'); + }); + + it('should reject when read is aborted', async () => { + const mockFile = new Blob(['test content']); + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + mockFileReader.onabort(); + }); + + await expect(readFile(mockFile)).rejects.toThrow('Read aborted'); + }); + + it('should reject when an error occurs during reading', async () => { + const mockFile = new Blob(['test content']); + const mockError = new Error('Read error'); + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + mockFileReader.error = mockError; + mockFileReader.onerror(); + }); + + await expect(readFile(mockFile)).rejects.toThrow(mockError); + }); + + it('should handle empty files', async () => { + const mockFile = new Blob([]); + const mockArrayBuffer = new ArrayBuffer(0); + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + mockFileReader.result = mockArrayBuffer; + mockFileReader.onload(); + }); + + const result = await readFile(mockFile); + + expect(result).toBeInstanceOf(ArrayBuffer); + expect(result.byteLength).toBe(0); + }); + + it('should handle large files', async () => { + const largeContent = 'a'.repeat(1024 * 1024 * 10); // 10MB of data + const mockFile = new Blob([largeContent]); + const mockArrayBuffer = new ArrayBuffer(1024 * 1024 * 10); + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + mockFileReader.result = mockArrayBuffer; + mockFileReader.onload(); + }); + + const result = await readFile(mockFile); + + expect(result).toBe(mockArrayBuffer); + expect(result.byteLength).toBe(1024 * 1024 * 10); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/readFile.test.ts b/packages/storage/__tests__/providers/s3/utils/readFile.test.ts new file mode 100644 index 00000000000..81baac510fc --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/readFile.test.ts @@ -0,0 +1,90 @@ +import { readFile } from '../../../../src/providers/s3/utils/readFile'; + +describe('readFile', () => { + let mockFileReader: any; + + beforeEach(() => { + mockFileReader = { + onload: null, + onabort: null, + onerror: null, + readAsArrayBuffer: jest.fn(), + readAsDataURL: jest.fn(), + result: null, + }; + + (global as any).FileReader = jest.fn(() => mockFileReader); + }); + + afterEach(() => { + jest.resetAllMocks(); + }); + + it('should read file as ArrayBuffer when supported', async () => { + const mockFile = new Blob(['test content']); + const mockArrayBuffer = new ArrayBuffer(8); + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + mockFileReader.result = mockArrayBuffer; + mockFileReader.onload(); + }); + + const result = await readFile(mockFile); + + expect(mockFileReader.readAsArrayBuffer).toHaveBeenCalledWith(mockFile); + expect(result).toBe(mockArrayBuffer); + }); + + it('should reject when read is aborted', async () => { + const mockFile = new Blob(['test content']); + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + mockFileReader.onabort(); + }); + + await expect(readFile(mockFile)).rejects.toThrow('Read aborted'); + }); + + it('should reject when an error occurs during reading', async () => { + const mockFile = new Blob(['test content']); + const mockError = new Error('Read error'); + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + mockFileReader.error = mockError; + mockFileReader.onerror(); + }); + + await expect(readFile(mockFile)).rejects.toThrow(mockError); + }); + + it('should handle empty files', async () => { + const mockFile = new Blob([]); + const mockArrayBuffer = new ArrayBuffer(0); + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + mockFileReader.result = mockArrayBuffer; + mockFileReader.onload(); + }); + + const result = await readFile(mockFile); + + expect(result).toBeInstanceOf(ArrayBuffer); + expect(result.byteLength).toBe(0); + }); + + it('should handle large files', async () => { + const largeContent = 'a'.repeat(1024 * 1024 * 10); // 10MB of data + const mockFile = new Blob([largeContent]); + const mockArrayBuffer = new ArrayBuffer(1024 * 1024 * 10); + + mockFileReader.readAsArrayBuffer.mockImplementation(() => { + mockFileReader.result = mockArrayBuffer; + mockFileReader.onload(); + }); + + const result = await readFile(mockFile); + + expect(result).toBe(mockArrayBuffer); + expect(result.byteLength).toBe(1024 * 1024 * 10); + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/validateMultipartUploadXML.test.ts b/packages/storage/__tests__/providers/s3/utils/validateMultipartUploadXML.test.ts new file mode 100644 index 00000000000..ae3c1cfa5b6 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/validateMultipartUploadXML.test.ts @@ -0,0 +1,186 @@ +import { IntegrityError } from '../../../../src/errors/IntegrityError'; +import { validateMultipartUploadXML } from '../../../../src/providers/s3/utils/validateMultipartUploadXML'; + +describe('validateMultipartUploadXML', () => { + test.each([ + { + description: 'should NOT throw an error 1 valid part', + xml: ` + + 1 + checksumValue + + `, + input: { + Parts: [{ PartNumber: 1, ChecksumCRC32: 'checksumValue' }], + }, + success: true, + }, + { + description: 'should NOT throw an error 2 valid parts', + xml: ` + + 1 + checksumValue + + + 2 + checksumValue + + `, + input: { + Parts: [ + { PartNumber: 1, ChecksumCRC32: 'checksumValue' }, + { PartNumber: 2, ChecksumCRC32: 'checksumValue' }, + ], + }, + success: true, + }, + { + description: 'should throw an error if the XML is not valid', + xml: '>InvalidXML/<', + input: {}, + success: false, + notIntegrityError: true, + }, + { + description: + 'should throw an integrity error if the XML does not contain Part', + xml: '', + input: {}, + success: false, + }, + { + description: + 'should throw an integrity error when we have more parts than sent', + xml: ` + + 1 + checksumValue + + + 2 + checksumValue + + `, + input: { + Parts: [{ PartNumber: 1, ChecksumCRC32: 'checksumValue' }], + }, + success: false, + }, + { + description: + 'should throw an integrity error when we have less parts than sent', + xml: ` + + 1 + checksumValue + + `, + input: { + Parts: [ + { PartNumber: 1, ChecksumCRC32: 'checksumValue' }, + { PartNumber: 2, ChecksumCRC32: 'checksumValue' }, + ], + }, + success: false, + }, + { + description: + 'should throw an integrity error with not matching PartNumber', + xml: ` + + 2 + notMatchingChecksum + + `, + input: { + Parts: [{ PartNumber: 1, ChecksumCRC32: 'checksumValue' }], + }, + success: false, + }, + { + description: 'should throw an integrity error with not matching ETag', + xml: ` + + 1 + notMatchingChecksum + + `, + input: { + Parts: [{ PartNumber: 1, ETag: 'checksumValue' }], + }, + success: false, + }, + { + description: + 'should throw an integrity error with not matching ChecksumCRC32', + xml: ` + + 1 + notMatchingChecksum + + `, + input: { + Parts: [{ PartNumber: 1, ChecksumCRC32: 'checksumValue' }], + }, + success: false, + }, + { + description: + 'should throw an integrity error with not matching ChecksumCRC32C', + xml: ` + + 1 + notMatchingChecksum + + `, + input: { + Parts: [{ PartNumber: 1, ChecksumCRC32C: 'checksumValue' }], + }, + success: false, + }, + { + description: + 'should throw an integrity error with not matching ChecksumSHA1', + xml: ` + + 1 + notMatchingChecksum + + `, + input: { + Parts: [{ PartNumber: 1, ChecksumSHA1: 'checksumValue' }], + }, + success: false, + }, + { + description: + 'should throw an integrity error with not matching ChecksumSHA256', + xml: ` + + 1 + notMatchingChecksum + + `, + input: { + Parts: [{ PartNumber: 1, ChecksumSHA256: 'checksumValue' }], + }, + success: false, + }, + ])(`$description`, ({ input, xml, success, notIntegrityError }) => { + if (success) { + expect(() => { + validateMultipartUploadXML(input, xml); + }).not.toThrow(); + } else if (notIntegrityError) { + expect(() => { + validateMultipartUploadXML(input, xml); + }).toThrow(); + } else { + expect(() => { + validateMultipartUploadXML(input, xml); + }).toThrow(IntegrityError); + } + }); +}); diff --git a/packages/storage/__tests__/providers/s3/utils/validateObjectUrl.test.ts b/packages/storage/__tests__/providers/s3/utils/validateObjectUrl.test.ts new file mode 100644 index 00000000000..5b751dd0ed1 --- /dev/null +++ b/packages/storage/__tests__/providers/s3/utils/validateObjectUrl.test.ts @@ -0,0 +1,174 @@ +import { validateObjectUrl } from '../../../../src/providers/s3/utils/validateObjectUrl'; + +describe('validateObjectUrl', () => { + const bucket = 'bucket'; + const key = 'key/eresa/rre'; + const bucketWithDots = 'bucket.with.dots'; + const objectContainingUrl = new URL( + `https://bucket.s3.amz.com/${key}?params=params`, + ); + const objectContainingUrlPathStyle = new URL( + `https://s3.amz.com/bucket/${key}?params=params`, + ); + const objectContainingUrlWithDots = new URL( + `https://s3.amz.com/bucket.with.dots/${key}?params=params`, + ); + + test.each([ + { + description: 'bucket without dots', + input: { + bucketName: bucket, + key, + objectContainingUrl, + }, + success: true, + }, + { + description: 'bucket without dots path style url', + input: { + bucketName: bucket, + key, + objectContainingUrl: objectContainingUrlPathStyle, + }, + success: true, + }, + { + description: 'bucket with dots', + input: { + bucketName: bucketWithDots, + key, + objectContainingUrl: objectContainingUrlWithDots, + }, + success: true, + }, + { + description: 'directory bucket', + input: { + bucketName: 'bucket--use1-az2--x-s3', + key, + objectContainingUrl: new URL( + `https://bucket--use1-az2--x-s3.s3.amz.com/${key}?params=params`, + ), + }, + success: true, + }, + { + description: 'bucket without dots, wrong presigned url', + input: { + bucketName: bucket, + key, + objectContainingUrl: objectContainingUrlWithDots, + }, + success: false, + }, + { + description: 'bucket with dots, wrong presigned url', + input: { + bucketName: bucketWithDots, + key, + objectContainingUrl, + }, + success: false, + }, + { + description: 'bucket and key equal', + input: { + bucketName: bucket, + key: bucket, + objectContainingUrl: new URL( + 'https://bucket.s3.amz.com/bucket?params=params', + ), + }, + success: true, + }, + { + description: 'bucket repeated in url', + input: { + bucketName: bucket, + key, + objectContainingUrl: new URL( + `https://bucketbucket.s3.amz.com/${key}?params=params`, + ), + }, + success: false, + }, + { + description: 'bucket uppercase and presigned lowercase', + input: { + bucketName: 'BUCKET', + key, + objectContainingUrl: new URL( + `https://bucket.s3.amz.com/${key}?params=params`, + ), + }, + success: false, + }, + { + description: 'bucket with dots uppercase and presigned lowercase', + input: { + bucketName: 'B.U.C.K.E.T', + key, + objectContainingUrl: new URL( + `https://s3.amz.com/b.u.c.k.e.t/${key}?params=params`, + ), + }, + success: false, + }, + { + description: 'key uppercase and presigned lowercase', + input: { + bucketName: bucket, + key: 'KEY', + objectContainingUrl: new URL( + 'https://bucket.s3.amz.com/bucket?params=params', + ), + }, + success: false, + }, + { + description: 'key lowercase and presigned uppercase', + input: { + bucketName: bucket, + key: 'key', + objectContainingUrl: new URL( + `https://bucket.s3.amz.com/${key.toUpperCase()}?params=params`, + ), + }, + success: false, + }, + { + description: 'missing bucket', + input: { key, objectContainingUrl }, + success: false, + }, + { + description: 'missing key', + input: { bucketName: bucket, objectContainingUrl }, + success: false, + }, + { + description: 'missing objectContainingUrl', + input: { bucketName: bucket, key, objectContainingUrl: undefined }, + success: false, + }, + ])(`$description`, ({ input, success }) => { + if (success) { + expect(() => { + validateObjectUrl({ + bucketName: input.bucketName, + key: input.key, + objectURL: input.objectContainingUrl, + }); + }).not.toThrow(); + } else { + expect(() => { + validateObjectUrl({ + bucketName: input.bucketName, + key: input.key, + objectURL: input.objectContainingUrl, + }); + }).toThrow('An unknown error has occurred.'); + } + }); +}); diff --git a/packages/storage/internals/package.json b/packages/storage/internals/package.json new file mode 100644 index 00000000000..169011166f3 --- /dev/null +++ b/packages/storage/internals/package.json @@ -0,0 +1,7 @@ +{ + "name": "@aws-amplify/storage/internals", + "types": "../dist/esm/internals/index.d.ts", + "main": "../dist/cjs/internals/index.js", + "module": "../dist/esm/internals/index.mjs", + "sideEffects": false +} diff --git a/packages/storage/package.json b/packages/storage/package.json index 2243eed63d1..d3bb078495b 100644 --- a/packages/storage/package.json +++ b/packages/storage/package.json @@ -40,6 +40,9 @@ "s3": [ "./dist/esm/providers/s3/index.d.ts" ], + "internals": [ + "./dist/esm/internals/index.d.ts" + ], "server": [ "./dist/esm/server.d.ts" ], @@ -61,6 +64,7 @@ "files": [ "dist/cjs", "dist/esm", + "internals", "src", "server", "s3" @@ -69,6 +73,7 @@ "@aws-sdk/types": "3.398.0", "@smithy/md5-js": "2.0.7", "buffer": "4.9.2", + "crc-32": "1.2.2", "fast-xml-parser": "^4.4.1", "tslib": "^2.5.0" }, @@ -79,6 +84,11 @@ "require": "./dist/cjs/index.js", "react-native": "./src/index.ts" }, + "./internals": { + "types": "./dist/esm/internals/index.d.ts", + "import": "./dist/esm/internals/index.mjs", + "require": "./dist/cjs/internals/index.js" + }, "./server": { "types": "./dist/esm/server.d.ts", "import": "./dist/esm/server.mjs", @@ -101,6 +111,7 @@ "@aws-amplify/core": "^6.1.0" }, "devDependencies": { + "@types/node": "20.14.12", "@aws-amplify/core": "6.5.3", "@aws-amplify/react-native": "1.1.6", "typescript": "5.0.2" diff --git a/packages/storage/src/errors/IntegrityError.ts b/packages/storage/src/errors/IntegrityError.ts new file mode 100644 index 00000000000..c3c973e0b73 --- /dev/null +++ b/packages/storage/src/errors/IntegrityError.ts @@ -0,0 +1,25 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +import { + AmplifyErrorCode, + AmplifyErrorParams, +} from '@aws-amplify/core/internals/utils'; + +import { StorageError } from './StorageError'; + +export class IntegrityError extends StorageError { + constructor( + params: AmplifyErrorParams = { + name: AmplifyErrorCode.Unknown, + message: 'An unknown error has occurred.', + recoverySuggestion: + 'This may be a bug. Please reach out to library authors.', + }, + ) { + super(params); + + // TODO: Delete the following 2 lines after we change the build target to >= es2015 + this.constructor = IntegrityError; + Object.setPrototypeOf(this, IntegrityError.prototype); + } +} diff --git a/packages/storage/src/errors/constants.ts b/packages/storage/src/errors/constants.ts new file mode 100644 index 00000000000..ca127c2e623 --- /dev/null +++ b/packages/storage/src/errors/constants.ts @@ -0,0 +1,4 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +export const INVALID_STORAGE_INPUT = 'InvalidStorageInput'; diff --git a/packages/storage/src/errors/types/validation.ts b/packages/storage/src/errors/types/validation.ts index 7fb1bd89765..a56662adec4 100644 --- a/packages/storage/src/errors/types/validation.ts +++ b/packages/storage/src/errors/types/validation.ts @@ -17,10 +17,17 @@ export enum StorageValidationErrorCode { InvalidCopyOperationStorageBucket = 'InvalidCopyOperationStorageBucket', InvalidStorageOperationPrefixInput = 'InvalidStorageOperationPrefixInput', InvalidStorageOperationInput = 'InvalidStorageOperationInput', + InvalidAWSAccountID = 'InvalidAWSAccountID', InvalidStoragePathInput = 'InvalidStoragePathInput', InvalidUploadSource = 'InvalidUploadSource', ObjectIsTooLarge = 'ObjectIsTooLarge', UrlExpirationMaxLimitExceed = 'UrlExpirationMaxLimitExceed', + InvalidLocationCredentialsCacheSize = 'InvalidLocationCredentialsCacheSize', + LocationCredentialsStoreDestroyed = 'LocationCredentialsStoreDestroyed', + InvalidS3Uri = 'InvalidS3Uri', + InvalidCustomEndpoint = 'InvalidCustomEndpoint', + ForcePathStyleEndpointNotSupported = 'ForcePathStyleEndpointNotSupported', + DnsIncompatibleBucketName = 'DnsIncompatibleBucketName', } export const validationErrorMap: AmplifyErrorMap = { @@ -66,12 +73,24 @@ export const validationErrorMap: AmplifyErrorMap = { message: 'Path or key parameter must be specified in the input. Both can not be specified at the same time.', }, + [StorageValidationErrorCode.InvalidAWSAccountID]: { + message: 'Invalid AWS account ID was provided.', + }, [StorageValidationErrorCode.InvalidStorageOperationPrefixInput]: { message: 'Both path and prefix can not be specified at the same time.', }, [StorageValidationErrorCode.InvalidStoragePathInput]: { message: 'Input `path` does not allow a leading slash (/).', }, + [StorageValidationErrorCode.InvalidLocationCredentialsCacheSize]: { + message: 'locationCredentialsCacheSize must be a positive integer.', + }, + [StorageValidationErrorCode.LocationCredentialsStoreDestroyed]: { + message: `Location-specific credentials store has been destroyed.`, + }, + [StorageValidationErrorCode.InvalidS3Uri]: { + message: 'Invalid S3 URI.', + }, [StorageValidationErrorCode.InvalidStorageBucket]: { message: 'Unable to lookup bucket from provided name in Amplify configuration.', @@ -79,4 +98,13 @@ export const validationErrorMap: AmplifyErrorMap = { [StorageValidationErrorCode.InvalidCopyOperationStorageBucket]: { message: 'Missing bucket option in either source or destination.', }, + [StorageValidationErrorCode.InvalidCustomEndpoint]: { + message: 'Invalid S3 custom endpoint.', + }, + [StorageValidationErrorCode.ForcePathStyleEndpointNotSupported]: { + message: 'Path style URLs are not supported with S3 Transfer Acceleration.', + }, + [StorageValidationErrorCode.DnsIncompatibleBucketName]: { + message: `The bucket name isn't DNS compatible.`, + }, }; diff --git a/packages/storage/src/index.ts b/packages/storage/src/index.ts index 45bf9734a66..a2f040d5766 100644 --- a/packages/storage/src/index.ts +++ b/packages/storage/src/index.ts @@ -53,3 +53,5 @@ export { TransferProgressEvent } from './types'; export { isCancelError } from './errors/CanceledError'; export { StorageError } from './errors/StorageError'; + +export { DEFAULT_PART_SIZE } from './providers/s3/utils/constants'; diff --git a/packages/storage/src/internals/apis/copy.ts b/packages/storage/src/internals/apis/copy.ts new file mode 100644 index 00000000000..3286ab99462 --- /dev/null +++ b/packages/storage/src/internals/apis/copy.ts @@ -0,0 +1,34 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { Amplify } from '@aws-amplify/core'; + +import { copy as copyInternal } from '../../providers/s3/apis/internal/copy'; +import { CopyInput } from '../types/inputs'; +import { CopyOutput } from '../types/outputs'; + +/** + * @internal + */ +export const copy = (input: CopyInput) => + copyInternal(Amplify, { + source: { + path: input.source.path, + bucket: input.source.bucket, + eTag: input.source.eTag, + notModifiedSince: input.source.notModifiedSince, + expectedBucketOwner: input.source.expectedBucketOwner, + }, + destination: { + path: input.destination.path, + bucket: input.destination.bucket, + expectedBucketOwner: input.destination.expectedBucketOwner, + }, + options: { + // Advanced options + locationCredentialsProvider: input.options?.locationCredentialsProvider, + customEndpoint: input?.options?.customEndpoint, + }, + // Type casting is necessary because `copyInternal` supports both Gen1 and Gen2 signatures, but here + // given in input can only be Gen2 signature, the return can only ben Gen2 signature. + }) as Promise; diff --git a/packages/storage/src/internals/apis/downloadData.ts b/packages/storage/src/internals/apis/downloadData.ts new file mode 100644 index 00000000000..bd862d9d9b4 --- /dev/null +++ b/packages/storage/src/internals/apis/downloadData.ts @@ -0,0 +1,25 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { downloadData as downloadDataInternal } from '../../providers/s3/apis/internal/downloadData'; +import { DownloadDataInput } from '../types/inputs'; +import { DownloadDataOutput } from '../types/outputs'; + +/** + * @internal + */ +export const downloadData = (input: DownloadDataInput): DownloadDataOutput => + downloadDataInternal({ + path: input.path, + options: { + useAccelerateEndpoint: input?.options?.useAccelerateEndpoint, + bucket: input?.options?.bucket, + locationCredentialsProvider: input?.options?.locationCredentialsProvider, + bytesRange: input?.options?.bytesRange, + onProgress: input?.options?.onProgress, + expectedBucketOwner: input?.options?.expectedBucketOwner, + customEndpoint: input?.options?.customEndpoint, + }, + // Type casting is necessary because `downloadDataInternal` supports both Gen1 and Gen2 signatures, but here + // given in input can only be Gen2 signature, the return can only ben Gen2 signature. + }) as DownloadDataOutput; diff --git a/packages/storage/src/internals/apis/getDataAccess.ts b/packages/storage/src/internals/apis/getDataAccess.ts new file mode 100644 index 00000000000..070bf617078 --- /dev/null +++ b/packages/storage/src/internals/apis/getDataAccess.ts @@ -0,0 +1,83 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + AmplifyErrorCode, + StorageAction, +} from '@aws-amplify/core/internals/utils'; +import { CredentialsProviderOptions } from '@aws-amplify/core/internals/aws-client-utils'; + +import { getStorageUserAgentValue } from '../../providers/s3/utils/userAgent'; +import { getDataAccess as getDataAccessClient } from '../../providers/s3/utils/client/s3control'; +import { StorageError } from '../../errors/StorageError'; +import { GetDataAccessInput } from '../types/inputs'; +import { GetDataAccessOutput } from '../types/outputs'; +import { logger } from '../../utils'; +import { DEFAULT_CRED_TTL } from '../utils/constants'; + +/** + * @internal + */ +export const getDataAccess = async ( + input: GetDataAccessInput, +): Promise => { + const targetType = input.scope.endsWith('*') ? undefined : 'Object'; + const clientCredentialsProvider = async ( + options?: CredentialsProviderOptions, + ) => { + const { credentials } = await input.credentialsProvider(options); + + return credentials; + }; + + const result = await getDataAccessClient( + { + credentials: clientCredentialsProvider, + customEndpoint: input.customEndpoint, + region: input.region, + userAgentValue: getStorageUserAgentValue(StorageAction.GetDataAccess), + }, + { + AccountId: input.accountId, + Target: input.scope, + Permission: input.permission, + TargetType: targetType, + DurationSeconds: DEFAULT_CRED_TTL, + }, + ); + + const grantCredentials = result.Credentials; + + // Ensure that S3 returned credentials (this shouldn't happen) + if ( + !grantCredentials || + !grantCredentials.AccessKeyId || + !grantCredentials.SecretAccessKey || + !grantCredentials.SessionToken || + !grantCredentials.Expiration + ) { + throw new StorageError({ + name: AmplifyErrorCode.Unknown, + message: 'Service did not return valid temporary credentials.', + }); + } else { + logger.debug(`Retrieved credentials for: ${result.MatchedGrantTarget}`); + } + + const { + AccessKeyId: accessKeyId, + SecretAccessKey: secretAccessKey, + SessionToken: sessionToken, + Expiration: expiration, + } = grantCredentials; + + return { + credentials: { + accessKeyId, + secretAccessKey, + sessionToken, + expiration, + }, + scope: result.MatchedGrantTarget, + }; +}; diff --git a/packages/storage/src/internals/apis/getProperties.ts b/packages/storage/src/internals/apis/getProperties.ts new file mode 100644 index 00000000000..213e184edae --- /dev/null +++ b/packages/storage/src/internals/apis/getProperties.ts @@ -0,0 +1,27 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { Amplify } from '@aws-amplify/core'; + +import { getProperties as getPropertiesInternal } from '../../providers/s3/apis/internal/getProperties'; +import { GetPropertiesInput } from '../types/inputs'; +import { GetPropertiesOutput } from '../types/outputs'; + +/** + * @internal + */ +export const getProperties = ( + input: GetPropertiesInput, +): Promise => + getPropertiesInternal(Amplify, { + path: input.path, + options: { + useAccelerateEndpoint: input?.options?.useAccelerateEndpoint, + bucket: input?.options?.bucket, + locationCredentialsProvider: input?.options?.locationCredentialsProvider, + expectedBucketOwner: input?.options?.expectedBucketOwner, + customEndpoint: input?.options?.customEndpoint, + }, + // Type casting is necessary because `getPropertiesInternal` supports both Gen1 and Gen2 signatures, but here + // given in input can only be Gen2 signature, the return can only ben Gen2 signature. + }) as Promise; diff --git a/packages/storage/src/internals/apis/getUrl.ts b/packages/storage/src/internals/apis/getUrl.ts new file mode 100644 index 00000000000..ef82f107c67 --- /dev/null +++ b/packages/storage/src/internals/apis/getUrl.ts @@ -0,0 +1,31 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { Amplify } from '@aws-amplify/core'; + +import { getUrl as getUrlInternal } from '../../providers/s3/apis/internal/getUrl'; +import { GetUrlInput } from '../types/inputs'; +import { GetUrlOutput } from '../types/outputs'; + +/** + * @internal + */ +export const getUrl = (input: GetUrlInput) => + getUrlInternal(Amplify, { + path: input.path, + options: { + useAccelerateEndpoint: input?.options?.useAccelerateEndpoint, + bucket: input?.options?.bucket, + validateObjectExistence: input?.options?.validateObjectExistence, + expiresIn: input?.options?.expiresIn, + contentDisposition: input?.options?.contentDisposition, + contentType: input?.options?.contentType, + expectedBucketOwner: input?.options?.expectedBucketOwner, + + // Advanced options + locationCredentialsProvider: input?.options?.locationCredentialsProvider, + customEndpoint: input?.options?.customEndpoint, + }, + // Type casting is necessary because `getPropertiesInternal` supports both Gen1 and Gen2 signatures, but here + // given in input can only be Gen2 signature, the return can only ben Gen2 signature. + }) as Promise; diff --git a/packages/storage/src/internals/apis/list.ts b/packages/storage/src/internals/apis/list.ts new file mode 100644 index 00000000000..60c9184bd7f --- /dev/null +++ b/packages/storage/src/internals/apis/list.ts @@ -0,0 +1,47 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { Amplify } from '@aws-amplify/core'; + +import { list as listInternal } from '../../providers/s3/apis/internal/list'; +import { ListAllInput, ListInput, ListPaginateInput } from '../types/inputs'; +import { + ListAllWithPathOutput, + ListPaginateWithPathOutput, +} from '../../providers/s3'; +import { ListOutput } from '../types/outputs'; + +/** + * @internal + */ +export function list(input: ListAllInput): Promise; +/** + * @internal + */ +export function list( + input: ListPaginateInput, +): Promise; +/** + * @internal + */ +export function list(input: ListInput): Promise { + return listInternal(Amplify, { + path: input.path, + options: { + bucket: input.options?.bucket, + subpathStrategy: input.options?.subpathStrategy, + useAccelerateEndpoint: input.options?.useAccelerateEndpoint, + listAll: input.options?.listAll, + expectedBucketOwner: input.options?.expectedBucketOwner, + + // Pagination options + nextToken: (input as ListPaginateInput).options?.nextToken, + pageSize: (input as ListPaginateInput).options?.pageSize, + // Advanced options + locationCredentialsProvider: input.options?.locationCredentialsProvider, + customEndpoint: input?.options?.customEndpoint, + }, + // Type casting is necessary because `listInternal` supports both Gen1 and Gen2 signatures, but here + // given in input can only be Gen2 signature, the return can only ben Gen2 signature. + } as ListInput) as Promise; +} diff --git a/packages/storage/src/internals/apis/listCallerAccessGrants.ts b/packages/storage/src/internals/apis/listCallerAccessGrants.ts new file mode 100644 index 00000000000..47fee1c051a --- /dev/null +++ b/packages/storage/src/internals/apis/listCallerAccessGrants.ts @@ -0,0 +1,104 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { StorageAction } from '@aws-amplify/core/internals/utils'; +import { CredentialsProviderOptions } from '@aws-amplify/core/internals/aws-client-utils'; + +import { logger } from '../../utils'; +import { listCallerAccessGrants as listCallerAccessGrantsClient } from '../../providers/s3/utils/client/s3control'; +import { StorageError } from '../../errors/StorageError'; +import { getStorageUserAgentValue } from '../../providers/s3/utils/userAgent'; +import { LocationType } from '../types/common'; +import { LocationAccess } from '../types/credentials'; +import { ListCallerAccessGrantsInput } from '../types/inputs'; +import { ListCallerAccessGrantsOutput } from '../types/outputs'; +import { MAX_PAGE_SIZE } from '../utils/constants'; + +/** + * @internal + */ +export const listCallerAccessGrants = async ( + input: ListCallerAccessGrantsInput, +): Promise => { + const { + credentialsProvider, + accountId, + region, + nextToken, + pageSize, + customEndpoint, + } = input; + + logger.debug(`listing available locations from account ${input.accountId}`); + + if (!!pageSize && pageSize > MAX_PAGE_SIZE) { + logger.debug(`defaulting pageSize to ${MAX_PAGE_SIZE}.`); + } + + const clientCredentialsProvider = async ( + options?: CredentialsProviderOptions, + ) => { + const { credentials } = await credentialsProvider(options); + + return credentials; + }; + + const { CallerAccessGrantsList, NextToken } = + await listCallerAccessGrantsClient( + { + credentials: clientCredentialsProvider, + customEndpoint, + region, + userAgentValue: getStorageUserAgentValue( + StorageAction.ListCallerAccessGrants, + ), + }, + { + AccountId: accountId, + NextToken: nextToken, + MaxResults: pageSize ?? MAX_PAGE_SIZE, + AllowedByApplication: true, + }, + ); + + const accessGrants: LocationAccess[] = + CallerAccessGrantsList?.map(grant => { + assertGrantScope(grant.GrantScope); + + return { + scope: grant.GrantScope, + permission: grant.Permission!, + type: parseGrantType(grant.GrantScope!), + }; + }) ?? []; + + return { + locations: accessGrants, + nextToken: NextToken, + }; +}; + +const parseGrantType = (grantScope: string): LocationType => { + const bucketScopeReg = /^s3:\/\/(.*)\/\*$/; + const possibleBucketName = grantScope.match(bucketScopeReg)?.[1]; + if (!grantScope.endsWith('*')) { + return 'OBJECT'; + } else if ( + grantScope.endsWith('/*') && + possibleBucketName && + possibleBucketName.indexOf('/') === -1 + ) { + return 'BUCKET'; + } else { + return 'PREFIX'; + } +}; + +function assertGrantScope(value: unknown): asserts value is string { + if (typeof value !== 'string' || !value.startsWith('s3://')) { + throw new StorageError({ + name: 'InvalidGrantScope', + message: `Expected a valid grant scope, got ${value}`, + }); + } +} diff --git a/packages/storage/src/internals/apis/listPaths/getHighestPrecedenceUserGroup.ts b/packages/storage/src/internals/apis/listPaths/getHighestPrecedenceUserGroup.ts new file mode 100644 index 00000000000..82303a9d0d8 --- /dev/null +++ b/packages/storage/src/internals/apis/listPaths/getHighestPrecedenceUserGroup.ts @@ -0,0 +1,42 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +export type UserGroupConfig = Record>[]; + +/** + * Given the Cognito user groups associated to current user session + * and all the user group configurations defined by backend. + * This function returns the user group with the highest precedence. + * Reference: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html#assigning-precedence-values-to-groups + * + * @param {UserGroupConfig} userGroupsFromConfig - User groups with their precedence values based on Amplify outputs. + * @param {string[]} currentUserGroups - The list of current user's groups. + * @returns {string | undefined} - The user group with the highest precedence (0), or undefined if no matching group is found. + */ +export const getHighestPrecedenceUserGroup = ( + userGroupsFromConfig?: UserGroupConfig, + currentUserGroups?: string[], +): string | undefined => { + if (userGroupsFromConfig && currentUserGroups) { + const precedenceMap = userGroupsFromConfig.reduce( + (acc, group) => { + Object.entries(group).forEach(([key, value]) => { + acc[key] = value.precedence; + }); + + return acc; + }, + {} as Record, + ); + + const sortedUserGroup = currentUserGroups + .filter(group => + Object.prototype.hasOwnProperty.call(precedenceMap, group), + ) + .sort((a, b) => precedenceMap[a] - precedenceMap[b]); + + return sortedUserGroup[0]; + } + + return undefined; +}; diff --git a/packages/storage/src/providers/s3/apis/uploadData/multipart/index.ts b/packages/storage/src/internals/apis/listPaths/index.ts similarity index 63% rename from packages/storage/src/providers/s3/apis/uploadData/multipart/index.ts rename to packages/storage/src/internals/apis/listPaths/index.ts index 1f7db0aabb3..cf04534bf0f 100644 --- a/packages/storage/src/providers/s3/apis/uploadData/multipart/index.ts +++ b/packages/storage/src/internals/apis/listPaths/index.ts @@ -1,4 +1,4 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -export { getMultipartUploadHandlers } from './uploadHandlers'; +export { listPaths } from './listPaths'; diff --git a/packages/storage/src/internals/apis/listPaths/listPaths.ts b/packages/storage/src/internals/apis/listPaths/listPaths.ts new file mode 100644 index 00000000000..2add687dfa4 --- /dev/null +++ b/packages/storage/src/internals/apis/listPaths/listPaths.ts @@ -0,0 +1,37 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { Amplify, fetchAuthSession } from '@aws-amplify/core'; + +import { ListPathsOutput } from '../../types/credentials'; + +import { resolveLocationsForCurrentSession } from './resolveLocationsForCurrentSession'; +import { getHighestPrecedenceUserGroup } from './getHighestPrecedenceUserGroup'; + +export const listPaths = async (): Promise => { + const { buckets } = Amplify.getConfig().Storage!.S3!; + const { groups } = Amplify.getConfig().Auth!.Cognito; + + if (!buckets) { + return { locations: [] }; + } + + const { tokens, identityId } = await fetchAuthSession(); + const currentUserGroups = tokens?.accessToken.payload['cognito:groups'] as + | string[] + | undefined; + + const userGroupToUse = getHighestPrecedenceUserGroup( + groups, + currentUserGroups, + ); + + const locations = resolveLocationsForCurrentSession({ + buckets, + isAuthenticated: !!tokens, + identityId, + userGroup: userGroupToUse, + }); + + return { locations }; +}; diff --git a/packages/storage/src/internals/apis/listPaths/resolveLocationsForCurrentSession.ts b/packages/storage/src/internals/apis/listPaths/resolveLocationsForCurrentSession.ts new file mode 100644 index 00000000000..49121692ef3 --- /dev/null +++ b/packages/storage/src/internals/apis/listPaths/resolveLocationsForCurrentSession.ts @@ -0,0 +1,80 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +import { PathAccess } from '../../types/credentials'; +import { BucketInfo } from '../../../providers/s3/types/options'; +import { ENTITY_IDENTITY_URL } from '../../utils/constants'; +import { StorageAccess } from '../../types/common'; + +const resolvePermissions = ( + accessRule: Record, + isAuthenticated: boolean, + groups?: string, +) => { + if (!isAuthenticated) { + return { + permission: accessRule.guest, + }; + } + if (groups) { + const selectedKey = Object.keys(accessRule).find(access => + access.includes(groups), + ); + + return { + permission: selectedKey ? accessRule[selectedKey] : undefined, + }; + } + + return { + permission: accessRule.authenticated, + }; +}; + +export const resolveLocationsForCurrentSession = ({ + buckets, + isAuthenticated, + identityId, + userGroup, +}: { + buckets: Record; + isAuthenticated: boolean; + identityId?: string; + userGroup?: string; +}): PathAccess[] => { + const locations: PathAccess[] = []; + + for (const [, bucketInfo] of Object.entries(buckets)) { + const { bucketName, paths } = bucketInfo; + if (!paths) { + continue; + } + + for (const [path, accessRules] of Object.entries(paths)) { + const shouldIncludeEntityIdPath = + !userGroup && + path.includes(ENTITY_IDENTITY_URL) && + isAuthenticated && + identityId; + + if (shouldIncludeEntityIdPath) { + locations.push({ + type: 'PREFIX', + permission: accessRules.entityidentity as StorageAccess[], + bucket: bucketName, + prefix: path.replace(ENTITY_IDENTITY_URL, identityId), + }); + } + + const location = { + type: 'PREFIX', + ...resolvePermissions(accessRules, isAuthenticated, userGroup), + bucket: bucketName, + prefix: path, + }; + + if (location.permission) locations.push(location as PathAccess); + } + } + + return locations; +}; diff --git a/packages/storage/src/internals/apis/remove.ts b/packages/storage/src/internals/apis/remove.ts new file mode 100644 index 00000000000..96530325e2c --- /dev/null +++ b/packages/storage/src/internals/apis/remove.ts @@ -0,0 +1,25 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { Amplify } from '@aws-amplify/core'; + +import { remove as removeInternal } from '../../providers/s3/apis/internal/remove'; +import { RemoveInput } from '../types/inputs'; +import { RemoveOutput } from '../types/outputs'; + +/** + * @internal + */ +export const remove = (input: RemoveInput): Promise => + removeInternal(Amplify, { + path: input.path, + options: { + useAccelerateEndpoint: input?.options?.useAccelerateEndpoint, + bucket: input?.options?.bucket, + expectedBucketOwner: input?.options?.expectedBucketOwner, + locationCredentialsProvider: input?.options?.locationCredentialsProvider, + customEndpoint: input?.options?.customEndpoint, + }, + // Type casting is necessary because `removeInternal` supports both Gen1 and Gen2 signatures, but here + // given in input can only be Gen2 signature, the return can only ben Gen2 signature. + }) as Promise; diff --git a/packages/storage/src/internals/apis/uploadData.ts b/packages/storage/src/internals/apis/uploadData.ts new file mode 100644 index 00000000000..44456edf510 --- /dev/null +++ b/packages/storage/src/internals/apis/uploadData.ts @@ -0,0 +1,36 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { UploadDataInput } from '../types/inputs'; +import { UploadDataOutput } from '../types/outputs'; +import { uploadData as uploadDataInternal } from '../../providers/s3/apis/internal/uploadData'; + +/** + * @internal + */ +export const uploadData = (input: UploadDataInput) => { + const { data, path, options } = input; + + return uploadDataInternal({ + path, + data, + options: { + useAccelerateEndpoint: options?.useAccelerateEndpoint, + bucket: options?.bucket, + onProgress: options?.onProgress, + contentDisposition: options?.contentDisposition, + contentEncoding: options?.contentEncoding, + contentType: options?.contentType, + metadata: options?.metadata, + preventOverwrite: options?.preventOverwrite, + expectedBucketOwner: options?.expectedBucketOwner, + checksumAlgorithm: options?.checksumAlgorithm, + + // Advanced options + locationCredentialsProvider: options?.locationCredentialsProvider, + customEndpoint: options?.customEndpoint, + }, + // Type casting is necessary because `uploadDataInternal` supports both Gen1 and Gen2 signatures, but here + // given in input can only be Gen2 signature, the return can only ben Gen2 signature. + }) as UploadDataOutput; +}; diff --git a/packages/storage/src/internals/index.ts b/packages/storage/src/internals/index.ts new file mode 100644 index 00000000000..197b899b424 --- /dev/null +++ b/packages/storage/src/internals/index.ts @@ -0,0 +1,79 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +export { StorageSubpathStrategy } from '../types/options'; + +export { Permission, LocationType, StorageAccess } from './types/common'; + +/* +Internal APIs +*/ +export { + GetDataAccessInput, + ListCallerAccessGrantsInput, + GetPropertiesInput, + GetUrlInput, + CopyInput, + ListInput, + ListAllInput, + ListPaginateInput, + RemoveInput, + UploadDataInput, + DownloadDataInput, +} from './types/inputs'; +export { + GetDataAccessOutput, + ListCallerAccessGrantsOutput, + GetPropertiesOutput, + GetUrlOutput, + RemoveOutput, + UploadDataOutput, + DownloadDataOutput, + ListOutput, + CopyOutput, +} from './types/outputs'; + +export { getDataAccess } from './apis/getDataAccess'; +export { listCallerAccessGrants } from './apis/listCallerAccessGrants'; +export { list } from './apis/list'; +export { getProperties } from './apis/getProperties'; +export { getUrl } from './apis/getUrl'; +export { remove } from './apis/remove'; +export { uploadData } from './apis/uploadData'; +export { downloadData } from './apis/downloadData'; +export { copy } from './apis/copy'; + +/** Default Auth exports */ +export { listPaths } from './apis/listPaths'; + +/* +CredentialsStore exports +*/ +export { + CredentialsLocation, + ListLocations, + LocationAccess, + LocationCredentials, + ListLocationsInput, + ListLocationsOutput, + CredentialsProvider, + ListPathsOutput, +} from './types/credentials'; + +export { + AWSTemporaryCredentials, + LocationCredentialsProvider, +} from '../providers/s3/types/options'; + +/** + * Internal util functions + */ +export { assertValidationError } from '../errors/utils/assertValidationError'; + +/** + * Utility types + */ +export { + StorageValidationErrorCode, + validationErrorMap, +} from '../errors/types/validation'; diff --git a/packages/storage/src/internals/types/common.ts b/packages/storage/src/internals/types/common.ts new file mode 100644 index 00000000000..32671db5660 --- /dev/null +++ b/packages/storage/src/internals/types/common.ts @@ -0,0 +1,27 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +/** + * @internal + */ +export type Permission = 'READ' | 'READWRITE' | 'WRITE'; + +/** + * @internal + */ +export type LocationType = 'BUCKET' | 'PREFIX' | 'OBJECT'; + +/** + * @internal + */ +export type Privilege = 'Default' | 'Minimal'; + +/** + * @internal + */ +export type PrefixType = 'Object'; + +/** + * @internal + */ +export type StorageAccess = 'read' | 'get' | 'list' | 'write' | 'delete'; diff --git a/packages/storage/src/internals/types/credentials.ts b/packages/storage/src/internals/types/credentials.ts new file mode 100644 index 00000000000..9b825650e62 --- /dev/null +++ b/packages/storage/src/internals/types/credentials.ts @@ -0,0 +1,102 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + AWSTemporaryCredentials, + LocationCredentialsProvider, +} from '../../providers/s3/types/options'; + +import { LocationType, Permission, StorageAccess } from './common'; + +/** + * @internal + */ +export type CredentialsProvider = LocationCredentialsProvider; + +export interface LocationCredentials extends Partial { + /** + * AWS credentials which can be used to access the specified location. + */ + readonly credentials: AWSTemporaryCredentials; +} + +/** + * @internal + */ +export interface ListLocationsInput { + pageSize?: number; + nextToken?: string; +} + +/** + * @internal + */ +export interface ListLocationsOutput { + locations: LocationAccess[]; + nextToken?: string; +} + +/** + * @internal + */ +export type ListLocations = ( + input?: ListLocationsInput, +) => Promise; + +/** + * @internal + */ +export interface LocationScope { + /** + * Scope of storage location. For S3 service, it's the S3 path of the data to + * which the access is granted. It can be in following formats: + * + * @example Bucket 's3:///*' + * @example Prefix 's3:///*' + * @example Object 's3:////' + */ + readonly scope: string; +} + +/** + * @internal + */ +export interface CredentialsLocation extends LocationScope { + /** + * The type of access granted to your Storage data. Can be either of READ, + * WRITE or READWRITE + */ + readonly permission: Permission; +} + +/** + * @internal + */ +export interface LocationAccess extends CredentialsLocation { + /** + * Parse location type parsed from scope format: + * * BUCKET: `'s3:///*'` + * * PREFIX: `'s3:///*'` + * * OBJECT: `'s3:////'` + */ + readonly type: LocationType; +} + +/** + * @internal + */ +export interface PathAccess { + /** The Amplify backend mandates that all paths conclude with '/*', + * which means the only applicable type in this context is 'PREFIX'. */ + type: 'PREFIX'; + permission: StorageAccess[]; + bucket: string; + prefix: string; +} + +/** + * @internal + */ +export interface ListPathsOutput { + locations: PathAccess[]; +} diff --git a/packages/storage/src/internals/types/inputs.ts b/packages/storage/src/internals/types/inputs.ts new file mode 100644 index 00000000000..a79d171ff08 --- /dev/null +++ b/packages/storage/src/internals/types/inputs.ts @@ -0,0 +1,142 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + StorageCopyInputWithPath, + StorageOperationInputWithPath, + StorageOperationOptionsInput, +} from '../../types/inputs'; +import { + CopyWithPathInput, + DownloadDataWithPathInput, + GetPropertiesWithPathInput, + GetUrlWithPathInput, + ListAllWithPathInput, + ListPaginateWithPathInput, + RemoveWithPathInput, + UploadDataWithPathInput, +} from '../../providers/s3'; + +import { CredentialsProvider, ListLocationsInput } from './credentials'; +import { Permission, PrefixType, Privilege } from './common'; + +/** + * @internal + */ +export interface ListCallerAccessGrantsInput extends ListLocationsInput { + accountId: string; + credentialsProvider: CredentialsProvider; + customEndpoint?: string; + region: string; +} + +/** + * @internal + */ +export interface GetDataAccessInput { + accountId: string; + credentialsProvider: CredentialsProvider; + customEndpoint?: string; + durationSeconds?: number; + permission: Permission; + prefixType?: PrefixType; + privilege?: Privilege; + region: string; + scope: string; +} + +export interface AdvancedOptions { + locationCredentialsProvider?: CredentialsProvider; + customEndpoint?: string; +} + +/** + * @internal + */ +export type ListAllInput = ExtendInputWithAdvancedOptions< + ListAllWithPathInput, + AdvancedOptions +>; + +/** + * @internal + */ +export type ListPaginateInput = ExtendInputWithAdvancedOptions< + ListPaginateWithPathInput, + AdvancedOptions +>; + +/** + * @internal + */ +export type ListInput = ListAllInput | ListPaginateInput; + +/** + * @internal + */ +export type RemoveInput = ExtendInputWithAdvancedOptions< + RemoveWithPathInput, + AdvancedOptions +>; + +/** + * @internal + */ +export type GetPropertiesInput = ExtendInputWithAdvancedOptions< + GetPropertiesWithPathInput, + AdvancedOptions +>; + +/** + * @internal + */ +export type GetUrlInput = ExtendInputWithAdvancedOptions< + GetUrlWithPathInput, + AdvancedOptions +>; + +/** + * @internal + */ +export type CopyInput = ExtendCopyInputWithAdvancedOptions< + CopyWithPathInput, + AdvancedOptions +>; + +export type UploadDataInput = ExtendInputWithAdvancedOptions< + UploadDataWithPathInput, + AdvancedOptions +>; + +/** + * @internal + */ +export type DownloadDataInput = ExtendInputWithAdvancedOptions< + DownloadDataWithPathInput, + AdvancedOptions +>; + +/** + * Generic types that extend the public non-copy API input types with extended + * options. This is a temporary solution to support advanced options from internal APIs. + */ +type ExtendInputWithAdvancedOptions = + InputType extends StorageOperationInputWithPath & + StorageOperationOptionsInput + ? InputType & { + options?: PublicInputOptionsType & ExtendedOptionsType; + } + : never; + +/** + * Generic types that extend the public copy API input type with extended options. + * This is a temporary solution to support advanced options from internal APIs. + */ +type ExtendCopyInputWithAdvancedOptions = + InputType extends StorageCopyInputWithPath + ? { + source: InputType['source']; + destination: InputType['destination']; + options?: ExtendedOptionsType; + } + : never; diff --git a/packages/storage/src/internals/types/options.ts b/packages/storage/src/internals/types/options.ts new file mode 100644 index 00000000000..cf1406c9425 --- /dev/null +++ b/packages/storage/src/internals/types/options.ts @@ -0,0 +1,2 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 diff --git a/packages/storage/src/internals/types/outputs.ts b/packages/storage/src/internals/types/outputs.ts new file mode 100644 index 00000000000..d4ac9cc915a --- /dev/null +++ b/packages/storage/src/internals/types/outputs.ts @@ -0,0 +1,60 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + CopyWithPathOutput, + DownloadDataWithPathOutput, + GetPropertiesWithPathOutput, + GetUrlWithPathOutput, + ListAllWithPathOutput, + ListPaginateWithPathOutput, + RemoveWithPathOutput, + UploadDataWithPathOutput, +} from '../../providers/s3/types'; + +import { ListLocationsOutput, LocationCredentials } from './credentials'; + +/** + * @internal + */ +export type CopyOutput = CopyWithPathOutput; + +/** + * @internal + */ +export type DownloadDataOutput = DownloadDataWithPathOutput; + +/** + * @internal + */ +export type GetDataAccessOutput = LocationCredentials; + +/** + * @internal + */ +export type GetPropertiesOutput = GetPropertiesWithPathOutput; + +/** + * @internal + */ +export type GetUrlOutput = GetUrlWithPathOutput; + +/** + * @internal + */ +export type RemoveOutput = RemoveWithPathOutput; + +/** + * @internal + */ +export type ListOutput = ListAllWithPathOutput | ListPaginateWithPathOutput; + +/** + * @internal + */ +export type UploadDataOutput = UploadDataWithPathOutput; + +/** + * @internal + */ +export type ListCallerAccessGrantsOutput = ListLocationsOutput; diff --git a/packages/storage/src/internals/utils/constants.ts b/packages/storage/src/internals/utils/constants.ts new file mode 100644 index 00000000000..1bc620efb95 --- /dev/null +++ b/packages/storage/src/internals/utils/constants.ts @@ -0,0 +1,8 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +export const DEFAULT_CRED_TTL = 15 * 60; // 15 minutes +export const MAX_PAGE_SIZE = 1000; + +// eslint-disable-next-line no-template-curly-in-string +export const ENTITY_IDENTITY_URL = '${cognito-identity.amazonaws.com:sub}'; diff --git a/packages/storage/src/providers/s3/apis/downloadData.ts b/packages/storage/src/providers/s3/apis/downloadData.ts index 7c98ee2b857..0eeca69899f 100644 --- a/packages/storage/src/providers/s3/apis/downloadData.ts +++ b/packages/storage/src/providers/s3/apis/downloadData.ts @@ -1,26 +1,14 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { Amplify } from '@aws-amplify/core'; -import { StorageAction } from '@aws-amplify/core/internals/utils'; - import { DownloadDataInput, DownloadDataOutput, DownloadDataWithPathInput, DownloadDataWithPathOutput, } from '../types'; -import { resolveS3ConfigAndInput } from '../utils/resolveS3ConfigAndInput'; -import { createDownloadTask, validateStorageOperationInput } from '../utils'; -import { getObject } from '../utils/client'; -import { getStorageUserAgentValue } from '../utils/userAgent'; -import { logger } from '../../../utils'; -import { - StorageDownloadDataOutput, - StorageItemWithKey, - StorageItemWithPath, -} from '../../../types'; -import { STORAGE_INPUT_KEY } from '../utils/constants'; + +import { downloadData as downloadDataInternal } from './internal/downloadData'; /** * Download S3 object data to memory @@ -89,77 +77,8 @@ export function downloadData( *``` */ export function downloadData(input: DownloadDataInput): DownloadDataOutput; - export function downloadData( input: DownloadDataInput | DownloadDataWithPathInput, ) { - const abortController = new AbortController(); - - const downloadTask = createDownloadTask({ - job: downloadDataJob(input, abortController.signal), - onCancel: (message?: string) => { - abortController.abort(message); - }, - }); - - return downloadTask; + return downloadDataInternal(input); } - -const downloadDataJob = - ( - downloadDataInput: DownloadDataInput | DownloadDataWithPathInput, - abortSignal: AbortSignal, - ) => - async (): Promise< - StorageDownloadDataOutput - > => { - const { options: downloadDataOptions } = downloadDataInput; - const { bucket, keyPrefix, s3Config, identityId } = - await resolveS3ConfigAndInput(Amplify, downloadDataOptions); - const { inputType, objectKey } = validateStorageOperationInput( - downloadDataInput, - identityId, - ); - const finalKey = - inputType === STORAGE_INPUT_KEY ? keyPrefix + objectKey : objectKey; - - logger.debug(`download ${objectKey} from ${finalKey}.`); - - const { - Body: body, - LastModified: lastModified, - ContentLength: size, - ETag: eTag, - Metadata: metadata, - VersionId: versionId, - ContentType: contentType, - } = await getObject( - { - ...s3Config, - abortSignal, - onDownloadProgress: downloadDataOptions?.onProgress, - userAgentValue: getStorageUserAgentValue(StorageAction.DownloadData), - }, - { - Bucket: bucket, - Key: finalKey, - ...(downloadDataOptions?.bytesRange && { - Range: `bytes=${downloadDataOptions.bytesRange.start}-${downloadDataOptions.bytesRange.end}`, - }), - }, - ); - - const result = { - body, - lastModified, - size, - contentType, - eTag, - metadata, - versionId, - }; - - return inputType === STORAGE_INPUT_KEY - ? { key: objectKey, ...result } - : { path: objectKey, ...result }; - }; diff --git a/packages/storage/src/providers/s3/apis/internal/copy.ts b/packages/storage/src/providers/s3/apis/internal/copy.ts index 5035f897017..85898ea228f 100644 --- a/packages/storage/src/providers/s3/apis/internal/copy.ts +++ b/packages/storage/src/providers/s3/apis/internal/copy.ts @@ -14,13 +14,16 @@ import { ResolvedS3Config, StorageBucket } from '../../types/options'; import { isInputWithPath, resolveS3ConfigAndInput, + validateBucketOwnerID, validateStorageOperationInput, } from '../../utils'; import { StorageValidationErrorCode } from '../../../../errors/types/validation'; import { assertValidationError } from '../../../../errors/utils/assertValidationError'; -import { copyObject } from '../../utils/client'; +import { copyObject } from '../../utils/client/s3data'; import { getStorageUserAgentValue } from '../../utils/userAgent'; import { logger } from '../../../../utils'; +// TODO: Remove this interface when we move to public advanced APIs. +import { CopyInput as CopyWithPathInputWithAdvancedOptions } from '../../../../internals'; const isCopyInputWithPath = ( input: CopyInput | CopyWithPathInput, @@ -44,7 +47,7 @@ const storageBucketAssertion = ( export const copy = async ( amplify: AmplifyClassV6, - input: CopyInput | CopyWithPathInput, + input: CopyInput | CopyWithPathInputWithAdvancedOptions, ): Promise => { return isCopyInputWithPath(input) ? copyWithPath(amplify, input) @@ -53,21 +56,34 @@ export const copy = async ( const copyWithPath = async ( amplify: AmplifyClassV6, - input: CopyWithPathInput, + input: CopyWithPathInputWithAdvancedOptions, ): Promise => { const { source, destination } = input; storageBucketAssertion(source.bucket, destination.bucket); - const { bucket: sourceBucket, identityId } = await resolveS3ConfigAndInput( - amplify, - input.source, - ); + const { bucket: sourceBucket } = await resolveS3ConfigAndInput(amplify, { + path: input.source.path, + options: { + locationCredentialsProvider: input.options?.locationCredentialsProvider, + ...input.source, + }, + }); - const { s3Config, bucket: destBucket } = await resolveS3ConfigAndInput( - amplify, - input.destination, - ); // resolveS3ConfigAndInput does not make extra API calls or storage access if called repeatedly. + // The bucket, region, credentials of s3 client are resolved from destination. + // Whereas the source bucket and path are a input parameter of S3 copy operation. + const { + s3Config, + bucket: destBucket, + identityId, + } = await resolveS3ConfigAndInput(amplify, { + path: input.destination.path, + options: { + locationCredentialsProvider: input.options?.locationCredentialsProvider, + customEndpoint: input.options?.customEndpoint, + ...input.destination, + }, + }); // resolveS3ConfigAndInput does not make extra API calls or storage access if called repeatedly. assertValidationError(!!source.path, StorageValidationErrorCode.NoSourcePath); assertValidationError( @@ -83,7 +99,8 @@ const copyWithPath = async ( destination, identityId, ); - + validateBucketOwnerID(source.expectedBucketOwner); + validateBucketOwnerID(destination.expectedBucketOwner); const finalCopySource = `${sourceBucket}/${sourcePath}`; const finalCopyDestination = destinationPath; logger.debug(`copying "${finalCopySource}" to "${finalCopyDestination}".`); @@ -93,6 +110,10 @@ const copyWithPath = async ( destination: finalCopyDestination, bucket: destBucket, s3Config, + notModifiedSince: input.source.notModifiedSince, + eTag: input.source.eTag, + expectedSourceBucketOwner: input.source?.expectedBucketOwner, + expectedBucketOwner: input.destination?.expectedBucketOwner, }); return { path: finalCopyDestination }; @@ -112,15 +133,35 @@ export const copyWithKey = async ( !!destination.key, StorageValidationErrorCode.NoDestinationKey, ); + validateBucketOwnerID(source.expectedBucketOwner); + validateBucketOwnerID(destination.expectedBucketOwner); const { bucket: sourceBucket, keyPrefix: sourceKeyPrefix } = - await resolveS3ConfigAndInput(amplify, source); - + await resolveS3ConfigAndInput(amplify, { + ...input, + options: { + // @ts-expect-error: 'options' does not exist on type 'CopyInput'. In case of JS users set the location + // credentials provider option, resolveS3ConfigAndInput will throw validation error. + locationCredentialsProvider: input.options?.locationCredentialsProvider, + ...input.source, + }, + }); + + // The bucket, region, credentials of s3 client are resolved from destination. + // Whereas the source bucket and path are a input parameter of S3 copy operation. const { s3Config, bucket: destBucket, keyPrefix: destinationKeyPrefix, - } = await resolveS3ConfigAndInput(amplify, destination); // resolveS3ConfigAndInput does not make extra API calls or storage access if called repeatedly. + } = await resolveS3ConfigAndInput(amplify, { + ...input, + options: { + // @ts-expect-error: 'options' does not exist on type 'CopyInput'. In case of JS users set the location + // credentials provider option, resolveS3ConfigAndInput will throw validation error. + locationCredentialsProvider: input.options?.locationCredentialsProvider, + ...input.destination, + }, + }); // resolveS3ConfigAndInput does not make extra API calls or storage access if called repeatedly. // TODO(ashwinkumar6) V6-logger: warn `You may copy files from another user if the source level is "protected", currently it's ${srcLevel}` const finalCopySource = `${sourceBucket}/${sourceKeyPrefix}${source.key}`; @@ -132,6 +173,10 @@ export const copyWithKey = async ( destination: finalCopyDestination, bucket: destBucket, s3Config, + notModifiedSince: input.source.notModifiedSince, + eTag: input.source.eTag, + expectedSourceBucketOwner: input.source?.expectedBucketOwner, + expectedBucketOwner: input.destination?.expectedBucketOwner, }); return { @@ -144,11 +189,19 @@ const serviceCopy = async ({ destination, bucket, s3Config, + notModifiedSince, + eTag, + expectedSourceBucketOwner, + expectedBucketOwner, }: { source: string; destination: string; bucket: string; s3Config: ResolvedS3Config; + notModifiedSince?: Date; + eTag?: string; + expectedSourceBucketOwner?: string; + expectedBucketOwner?: string; }) => { await copyObject( { @@ -160,6 +213,10 @@ const serviceCopy = async ({ CopySource: source, Key: destination, MetadataDirective: 'COPY', // Copies over metadata like contentType as well + CopySourceIfMatch: eTag, + CopySourceIfUnmodifiedSince: notModifiedSince, + ExpectedSourceBucketOwner: expectedSourceBucketOwner, + ExpectedBucketOwner: expectedBucketOwner, }, ); }; diff --git a/packages/storage/src/providers/s3/apis/internal/downloadData.ts b/packages/storage/src/providers/s3/apis/internal/downloadData.ts new file mode 100644 index 00000000000..f1d804b323d --- /dev/null +++ b/packages/storage/src/providers/s3/apis/internal/downloadData.ts @@ -0,0 +1,96 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { Amplify } from '@aws-amplify/core'; +import { StorageAction } from '@aws-amplify/core/internals/utils'; + +import { resolveS3ConfigAndInput } from '../../utils/resolveS3ConfigAndInput'; +import { + createDownloadTask, + validateBucketOwnerID, + validateStorageOperationInput, +} from '../../utils'; +import { getObject } from '../../utils/client/s3data'; +import { getStorageUserAgentValue } from '../../utils/userAgent'; +import { logger } from '../../../../utils'; +import { DownloadDataInput, DownloadDataWithPathInput } from '../../types'; +import { STORAGE_INPUT_KEY } from '../../utils/constants'; +import { + StorageDownloadDataOutput, + StorageItemWithKey, + StorageItemWithPath, +} from '../../../../types'; +// TODO: Remove this interface when we move to public advanced APIs. +import { DownloadDataInput as DownloadDataWithPathInputWithAdvancedOptions } from '../../../../internals/types/inputs'; + +export const downloadData = ( + input: DownloadDataInput | DownloadDataWithPathInputWithAdvancedOptions, +) => { + const abortController = new AbortController(); + const downloadTask = createDownloadTask({ + job: downloadDataJob(input, abortController.signal), + onCancel: (message?: string) => { + abortController.abort(message); + }, + }); + + return downloadTask; +}; + +const downloadDataJob = + ( + downloadDataInput: DownloadDataInput | DownloadDataWithPathInput, + abortSignal: AbortSignal, + ) => + async (): Promise< + StorageDownloadDataOutput + > => { + const { options: downloadDataOptions } = downloadDataInput; + const { bucket, keyPrefix, s3Config, identityId } = + await resolveS3ConfigAndInput(Amplify, downloadDataInput); + const { inputType, objectKey } = validateStorageOperationInput( + downloadDataInput, + identityId, + ); + validateBucketOwnerID(downloadDataOptions?.expectedBucketOwner); + const finalKey = + inputType === STORAGE_INPUT_KEY ? keyPrefix + objectKey : objectKey; + logger.debug(`download ${objectKey} from ${finalKey}.`); + const { + Body: body, + LastModified: lastModified, + ContentLength: size, + ETag: eTag, + Metadata: metadata, + VersionId: versionId, + ContentType: contentType, + } = await getObject( + { + ...s3Config, + abortSignal, + onDownloadProgress: downloadDataOptions?.onProgress, + userAgentValue: getStorageUserAgentValue(StorageAction.DownloadData), + }, + { + Bucket: bucket, + Key: finalKey, + ...(downloadDataOptions?.bytesRange && { + Range: `bytes=${downloadDataOptions.bytesRange.start}-${downloadDataOptions.bytesRange.end}`, + }), + ExpectedBucketOwner: downloadDataOptions?.expectedBucketOwner, + }, + ); + const result = { + body, + lastModified, + size, + contentType, + eTag, + metadata, + versionId, + }; + + return inputType === STORAGE_INPUT_KEY + ? { key: objectKey, ...result } + : { path: objectKey, ...result }; + }; diff --git a/packages/storage/src/providers/s3/apis/internal/getProperties.ts b/packages/storage/src/providers/s3/apis/internal/getProperties.ts index 3b61460d89b..981c32cb827 100644 --- a/packages/storage/src/providers/s3/apis/internal/getProperties.ts +++ b/packages/storage/src/providers/s3/apis/internal/getProperties.ts @@ -7,30 +7,34 @@ import { StorageAction } from '@aws-amplify/core/internals/utils'; import { GetPropertiesInput, GetPropertiesOutput, - GetPropertiesWithPathInput, GetPropertiesWithPathOutput, } from '../../types'; import { resolveS3ConfigAndInput, + validateBucketOwnerID, validateStorageOperationInput, } from '../../utils'; -import { headObject } from '../../utils/client'; +import { headObject } from '../../utils/client/s3data'; import { getStorageUserAgentValue } from '../../utils/userAgent'; import { logger } from '../../../../utils'; import { STORAGE_INPUT_KEY } from '../../utils/constants'; +// TODO: Remove this interface when we move to public advanced APIs. +import { GetPropertiesInput as GetPropertiesWithPathInputWithAdvancedOptions } from '../../../../internals'; export const getProperties = async ( amplify: AmplifyClassV6, - input: GetPropertiesInput | GetPropertiesWithPathInput, + input: GetPropertiesInput | GetPropertiesWithPathInputWithAdvancedOptions, action?: StorageAction, ): Promise => { - const { options: getPropertiesOptions } = input; const { s3Config, bucket, keyPrefix, identityId } = - await resolveS3ConfigAndInput(amplify, getPropertiesOptions); + await resolveS3ConfigAndInput(amplify, input); const { inputType, objectKey } = validateStorageOperationInput( input, identityId, ); + + validateBucketOwnerID(input.options?.expectedBucketOwner); + const finalKey = inputType === STORAGE_INPUT_KEY ? keyPrefix + objectKey : objectKey; @@ -45,6 +49,7 @@ export const getProperties = async ( { Bucket: bucket, Key: finalKey, + ExpectedBucketOwner: input.options?.expectedBucketOwner, }, ); diff --git a/packages/storage/src/providers/s3/apis/internal/getUrl.ts b/packages/storage/src/providers/s3/apis/internal/getUrl.ts index a5c319a1389..db2315ddb78 100644 --- a/packages/storage/src/providers/s3/apis/internal/getUrl.ts +++ b/packages/storage/src/providers/s3/apis/internal/getUrl.ts @@ -4,16 +4,12 @@ import { AmplifyClassV6 } from '@aws-amplify/core'; import { StorageAction } from '@aws-amplify/core/internals/utils'; -import { - GetUrlInput, - GetUrlOutput, - GetUrlWithPathInput, - GetUrlWithPathOutput, -} from '../../types'; +import { GetUrlInput, GetUrlOutput, GetUrlWithPathOutput } from '../../types'; import { StorageValidationErrorCode } from '../../../../errors/types/validation'; -import { getPresignedGetObjectUrl } from '../../utils/client'; +import { getPresignedGetObjectUrl } from '../../utils/client/s3data'; import { resolveS3ConfigAndInput, + validateBucketOwnerID, validateStorageOperationInput, } from '../../utils'; import { assertValidationError } from '../../../../errors/utils/assertValidationError'; @@ -23,20 +19,23 @@ import { STORAGE_INPUT_KEY, } from '../../utils/constants'; import { constructContentDisposition } from '../../utils/constructContentDisposition'; +// TODO: Remove this interface when we move to public advanced APIs. +import { GetUrlInput as GetUrlWithPathInputWithAdvancedOptions } from '../../../../internals'; import { getProperties } from './getProperties'; export const getUrl = async ( amplify: AmplifyClassV6, - input: GetUrlInput | GetUrlWithPathInput, + input: GetUrlInput | GetUrlWithPathInputWithAdvancedOptions, ): Promise => { const { options: getUrlOptions } = input; const { s3Config, keyPrefix, bucket, identityId } = - await resolveS3ConfigAndInput(amplify, getUrlOptions); + await resolveS3ConfigAndInput(amplify, input); const { inputType, objectKey } = validateStorageOperationInput( input, identityId, ); + validateBucketOwnerID(getUrlOptions?.expectedBucketOwner); const finalKey = inputType === STORAGE_INPUT_KEY ? keyPrefix + objectKey : objectKey; @@ -83,6 +82,7 @@ export const getUrl = async ( ...(getUrlOptions?.contentType && { ResponseContentType: getUrlOptions.contentType, }), + ExpectedBucketOwner: getUrlOptions?.expectedBucketOwner, }, ), expiresAt: new Date(Date.now() + urlExpirationInSec * 1000), diff --git a/packages/storage/src/providers/s3/apis/internal/list.ts b/packages/storage/src/providers/s3/apis/internal/list.ts index 5b41b1f3a23..ef8d277b48d 100644 --- a/packages/storage/src/providers/s3/apis/internal/list.ts +++ b/packages/storage/src/providers/s3/apis/internal/list.ts @@ -5,19 +5,17 @@ import { AmplifyClassV6 } from '@aws-amplify/core'; import { StorageAction } from '@aws-amplify/core/internals/utils'; import { - ListAllInput, ListAllOutput, - ListAllWithPathInput, ListAllWithPathOutput, ListOutputItem, ListOutputItemWithPath, - ListPaginateInput, ListPaginateOutput, - ListPaginateWithPathInput, ListPaginateWithPathOutput, } from '../../types'; import { resolveS3ConfigAndInput, + urlDecode, + validateBucketOwnerID, validateStorageOperationInputWithPrefix, } from '../../utils'; import { @@ -29,11 +27,15 @@ import { ListObjectsV2Input, ListObjectsV2Output, listObjectsV2, -} from '../../utils/client'; +} from '../../utils/client/s3data'; import { getStorageUserAgentValue } from '../../utils/userAgent'; import { logger } from '../../../../utils'; import { DEFAULT_DELIMITER, STORAGE_INPUT_PREFIX } from '../../utils/constants'; -import { CommonPrefix } from '../../utils/client/types'; +import { CommonPrefix } from '../../utils/client/s3data/types'; +import { IntegrityError } from '../../../../errors/IntegrityError'; +import { ListAllInput, ListPaginateInput } from '../../types/inputs'; +// TODO: Remove this interface when we move to public advanced APIs. +import { ListInput as ListWithPathInputAndAdvancedOptions } from '../../../../internals/types/inputs'; const MAX_PAGE_SIZE = 1000; @@ -45,11 +47,7 @@ interface ListInputArgs { export const list = async ( amplify: AmplifyClassV6, - input: - | ListAllInput - | ListPaginateInput - | ListAllWithPathInput - | ListPaginateWithPathInput, + input: ListAllInput | ListPaginateInput | ListWithPathInputAndAdvancedOptions, ): Promise< | ListAllOutput | ListPaginateOutput @@ -62,12 +60,13 @@ export const list = async ( bucket, keyPrefix: generatedPrefix, identityId, - } = await resolveS3ConfigAndInput(amplify, options); + } = await resolveS3ConfigAndInput(amplify, input); const { inputType, objectKey } = validateStorageOperationInputWithPrefix( input, identityId, ); + validateBucketOwnerID(options.expectedBucketOwner); const isInputWithPrefix = inputType === STORAGE_INPUT_PREFIX; // @ts-expect-error pageSize and nextToken should not coexist with listAll @@ -86,6 +85,8 @@ export const list = async ( MaxKeys: options?.listAll ? undefined : options?.pageSize, ContinuationToken: options?.listAll ? undefined : options?.nextToken, Delimiter: getDelimiter(options), + ExpectedBucketOwner: options?.expectedBucketOwner, + EncodingType: 'url', }; logger.debug(`listing items from "${listParams.Prefix}"`); @@ -160,14 +161,18 @@ const _listWithPrefix = async ({ listParamsClone, ); - if (!response?.Contents) { + const listOutput = decodeEncodedElements(response); + + validateEchoedElements(listParamsClone, listOutput); + + if (!listOutput?.Contents) { return { items: [], }; } return { - items: response.Contents.map(item => ({ + items: listOutput.Contents.map(item => ({ key: generatedPrefix ? item.Key!.substring(generatedPrefix.length) : item.Key!, @@ -175,7 +180,7 @@ const _listWithPrefix = async ({ lastModified: item.LastModified, size: item.Size, })), - nextToken: response.NextContinuationToken, + nextToken: listOutput.NextContinuationToken, }; }; @@ -220,11 +225,7 @@ const _listWithPath = async ({ listParamsClone.MaxKeys = MAX_PAGE_SIZE; } - const { - Contents: contents, - NextContinuationToken: nextContinuationToken, - CommonPrefixes: commonPrefixes, - }: ListObjectsV2Output = await listObjectsV2( + const response = await listObjectsV2( { ...s3Config, userAgentValue: getStorageUserAgentValue(StorageAction.List), @@ -232,6 +233,16 @@ const _listWithPath = async ({ listParamsClone, ); + const listOutput = decodeEncodedElements(response); + + validateEchoedElements(listParamsClone, listOutput); + + const { + Contents: contents, + NextContinuationToken: nextContinuationToken, + CommonPrefixes: commonPrefixes, + }: ListObjectsV2Output = listOutput; + const excludedSubpaths = commonPrefixes && mapCommonPrefixesToExcludedSubpaths(commonPrefixes); @@ -274,3 +285,61 @@ const getDelimiter = ( return options?.subpathStrategy?.delimiter ?? DEFAULT_DELIMITER; } }; + +const validateEchoedElements = ( + listInput: ListObjectsV2Input, + listOutput: ListObjectsV2Output, +) => { + const validEchoedParameters = + listInput.Bucket === listOutput.Name && + listInput.Delimiter === listOutput.Delimiter && + listInput.MaxKeys === listOutput.MaxKeys && + listInput.Prefix === listOutput.Prefix && + listInput.ContinuationToken === listOutput.ContinuationToken; + + if (!validEchoedParameters) { + throw new IntegrityError(); + } +}; + +/** + * Decodes URL-encoded elements in the S3 `ListObjectsV2Output` response when `EncodingType` is `'url'`. + * Applies to values for 'Delimiter', 'Prefix', 'StartAfter' and 'Key' in the response. + */ +const decodeEncodedElements = ( + listOutput: ListObjectsV2Output, +): ListObjectsV2Output => { + if (listOutput.EncodingType !== 'url') { + return listOutput; + } + + const decodedListOutput = { ...listOutput }; + + // Decode top-level properties + (['Delimiter', 'Prefix', 'StartAfter'] as const).forEach(prop => { + const value = listOutput[prop]; + if (typeof value === 'string') { + decodedListOutput[prop] = urlDecode(value); + } + }); + + // Decode 'Key' in each item of 'Contents', if it exists + if (listOutput.Contents) { + decodedListOutput.Contents = listOutput.Contents.map(content => ({ + ...content, + Key: content.Key ? urlDecode(content.Key) : content.Key, + })); + } + + // Decode 'Prefix' in each item of 'CommonPrefixes', if it exists + if (listOutput.CommonPrefixes) { + decodedListOutput.CommonPrefixes = listOutput.CommonPrefixes.map( + content => ({ + ...content, + Prefix: content.Prefix ? urlDecode(content.Prefix) : content.Prefix, + }), + ); + } + + return decodedListOutput; +}; diff --git a/packages/storage/src/providers/s3/apis/internal/remove.ts b/packages/storage/src/providers/s3/apis/internal/remove.ts index bc0fa4a2ade..e751b6bbb61 100644 --- a/packages/storage/src/providers/s3/apis/internal/remove.ts +++ b/packages/storage/src/providers/s3/apis/internal/remove.ts @@ -4,33 +4,31 @@ import { AmplifyClassV6 } from '@aws-amplify/core'; import { StorageAction } from '@aws-amplify/core/internals/utils'; -import { - RemoveInput, - RemoveOutput, - RemoveWithPathInput, - RemoveWithPathOutput, -} from '../../types'; +import { RemoveInput, RemoveOutput, RemoveWithPathOutput } from '../../types'; import { resolveS3ConfigAndInput, + validateBucketOwnerID, validateStorageOperationInput, } from '../../utils'; -import { deleteObject } from '../../utils/client'; +import { deleteObject } from '../../utils/client/s3data'; import { getStorageUserAgentValue } from '../../utils/userAgent'; import { logger } from '../../../../utils'; import { STORAGE_INPUT_KEY } from '../../utils/constants'; +// TODO: Remove this interface when we move to public advanced APIs. +import { RemoveInput as RemoveWithPathInputWithAdvancedOptions } from '../../../../internals'; export const remove = async ( amplify: AmplifyClassV6, - input: RemoveInput | RemoveWithPathInput, + input: RemoveInput | RemoveWithPathInputWithAdvancedOptions, ): Promise => { - const { options = {} } = input ?? {}; const { s3Config, keyPrefix, bucket, identityId } = - await resolveS3ConfigAndInput(amplify, options); + await resolveS3ConfigAndInput(amplify, input); const { inputType, objectKey } = validateStorageOperationInput( input, identityId, ); + validateBucketOwnerID(input.options?.expectedBucketOwner); let finalKey; if (inputType === STORAGE_INPUT_KEY) { @@ -49,6 +47,7 @@ export const remove = async ( { Bucket: bucket, Key: finalKey, + ExpectedBucketOwner: input.options?.expectedBucketOwner, }, ); diff --git a/packages/storage/src/providers/s3/apis/uploadData/byteLength.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/byteLength.ts similarity index 65% rename from packages/storage/src/providers/s3/apis/uploadData/byteLength.ts rename to packages/storage/src/providers/s3/apis/internal/uploadData/byteLength.ts index 9b6ea87e42f..4caeb3c1973 100644 --- a/packages/storage/src/providers/s3/apis/uploadData/byteLength.ts +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/byteLength.ts @@ -8,16 +8,9 @@ export const byteLength = (input?: any): number | undefined => { if (input === null || input === undefined) return 0; if (typeof input === 'string') { - let len = input.length; + const blob = new Blob([input]); - for (let i = len - 1; i >= 0; i--) { - const code = input.charCodeAt(i); - if (code > 0x7f && code <= 0x7ff) len++; - else if (code > 0x7ff && code <= 0xffff) len += 2; - if (code >= 0xdc00 && code <= 0xdfff) i--; // trail surrogate - } - - return len; + return blob.size; } else if (typeof input.byteLength === 'number') { // handles Uint8Array, ArrayBuffer, Buffer, and ArrayBufferView return input.byteLength; @@ -26,6 +19,5 @@ export const byteLength = (input?: any): number | undefined => { return input.size; } - // TODO: support Node.js stream size when Node.js runtime is supported out-of-box. return undefined; }; diff --git a/packages/storage/src/providers/s3/apis/internal/uploadData/index.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/index.ts new file mode 100644 index 00000000000..fca640f4b44 --- /dev/null +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/index.ts @@ -0,0 +1,59 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { createUploadTask } from '../../../utils'; +import { assertValidationError } from '../../../../../errors/utils/assertValidationError'; +import { StorageValidationErrorCode } from '../../../../../errors/types/validation'; +import { DEFAULT_PART_SIZE, MAX_OBJECT_SIZE } from '../../../utils/constants'; + +import { byteLength } from './byteLength'; +import { SinglePartUploadDataInput, putObjectJob } from './putObjectJob'; +import { + MultipartUploadDataInput, + getMultipartUploadHandlers, +} from './multipart'; + +export const uploadData = ( + input: SinglePartUploadDataInput | MultipartUploadDataInput, +) => { + const { data } = input; + + const dataByteLength = byteLength(data); + // Using InvalidUploadSource error code because the input data must NOT be any + // of permitted Blob, string, ArrayBuffer(View) if byteLength could not be determined. + assertValidationError( + dataByteLength !== undefined, + StorageValidationErrorCode.InvalidUploadSource, + ); + assertValidationError( + dataByteLength <= MAX_OBJECT_SIZE, + StorageValidationErrorCode.ObjectIsTooLarge, + ); + + if (dataByteLength <= DEFAULT_PART_SIZE) { + // Single part upload + const abortController = new AbortController(); + + return createUploadTask({ + isMultipartUpload: false, + job: putObjectJob(input, abortController.signal, dataByteLength), + onCancel: (message?: string) => { + abortController.abort(message); + }, + }); + } else { + // Multipart upload + const { multipartUploadJob, onPause, onResume, onCancel } = + getMultipartUploadHandlers(input, dataByteLength); + + return createUploadTask({ + isMultipartUpload: true, + job: multipartUploadJob, + onCancel: (message?: string) => { + onCancel(message); + }, + onPause, + onResume, + }); + } +}; diff --git a/packages/storage/src/providers/s3/apis/uploadData/multipart/calculatePartSize.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/calculatePartSize.ts similarity index 83% rename from packages/storage/src/providers/s3/apis/uploadData/multipart/calculatePartSize.ts rename to packages/storage/src/providers/s3/apis/internal/uploadData/multipart/calculatePartSize.ts index 8089038d6e1..1d5d5c98ac7 100644 --- a/packages/storage/src/providers/s3/apis/uploadData/multipart/calculatePartSize.ts +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/calculatePartSize.ts @@ -1,7 +1,10 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { DEFAULT_PART_SIZE, MAX_PARTS_COUNT } from '../../../utils/constants'; +import { + DEFAULT_PART_SIZE, + MAX_PARTS_COUNT, +} from '../../../../utils/constants'; export const calculatePartSize = (totalSize?: number): number => { if (!totalSize) { diff --git a/packages/storage/src/providers/s3/apis/uploadData/multipart/getDataChunker.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/getDataChunker.ts similarity index 90% rename from packages/storage/src/providers/s3/apis/uploadData/multipart/getDataChunker.ts rename to packages/storage/src/providers/s3/apis/internal/uploadData/multipart/getDataChunker.ts index aab240be148..ff9270c8e74 100644 --- a/packages/storage/src/providers/s3/apis/uploadData/multipart/getDataChunker.ts +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/getDataChunker.ts @@ -1,12 +1,12 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { StorageUploadDataPayload } from '../../../../../types'; +import { StorageUploadDataPayload } from '../../../../../../types'; import { StorageValidationErrorCode, validationErrorMap, -} from '../../../../../errors/types/validation'; -import { StorageError } from '../../../../../errors/StorageError'; +} from '../../../../../../errors/types/validation'; +import { StorageError } from '../../../../../../errors/StorageError'; import { calculatePartSize } from './calculatePartSize'; diff --git a/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/index.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/index.ts new file mode 100644 index 00000000000..576f715dd79 --- /dev/null +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/index.ts @@ -0,0 +1,7 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +export { + getMultipartUploadHandlers, + MultipartUploadDataInput, +} from './uploadHandlers'; diff --git a/packages/storage/src/providers/s3/apis/uploadData/multipart/initialUpload.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/initialUpload.ts similarity index 56% rename from packages/storage/src/providers/s3/apis/uploadData/multipart/initialUpload.ts rename to packages/storage/src/providers/s3/apis/internal/uploadData/multipart/initialUpload.ts index 25338b2003f..2437cf0d4b7 100644 --- a/packages/storage/src/providers/s3/apis/uploadData/multipart/initialUpload.ts +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/initialUpload.ts @@ -1,13 +1,22 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { StorageAccessLevel } from '@aws-amplify/core'; +import { + KeyValueStorageInterface, + StorageAccessLevel, +} from '@aws-amplify/core'; -import { ContentDisposition, ResolvedS3Config } from '../../../types/options'; -import { StorageUploadDataPayload } from '../../../../../types'; -import { Part, createMultipartUpload } from '../../../utils/client'; -import { logger } from '../../../../../utils'; -import { constructContentDisposition } from '../../../utils/constructContentDisposition'; +import { + ContentDisposition, + ResolvedS3Config, + UploadDataChecksumAlgorithm, +} from '../../../../types/options'; +import { StorageUploadDataPayload } from '../../../../../../types'; +import { Part, createMultipartUpload } from '../../../../utils/client/s3data'; +import { logger } from '../../../../../../utils'; +import { constructContentDisposition } from '../../../../utils/constructContentDisposition'; +import { CHECKSUM_ALGORITHM_CRC32 } from '../../../../utils/constants'; +import { getCombinedCrc32 } from '../../../../utils/getCombinedCrc32.native'; import { cacheMultipartUpload, @@ -19,6 +28,7 @@ interface LoadOrCreateMultipartUploadOptions { s3Config: ResolvedS3Config; data: StorageUploadDataPayload; bucket: string; + size: number; accessLevel?: StorageAccessLevel; keyPrefix?: string; key: string; @@ -26,13 +36,17 @@ interface LoadOrCreateMultipartUploadOptions { contentDisposition?: string | ContentDisposition; contentEncoding?: string; metadata?: Record; - size?: number; abortSignal?: AbortSignal; + checksumAlgorithm?: UploadDataChecksumAlgorithm; + optionsHash: string; + resumableUploadsCache?: KeyValueStorageInterface; + expectedBucketOwner?: string; } interface LoadOrCreateMultipartUploadResult { uploadId: string; cachedParts: Part[]; + finalCrc32?: string; } /** @@ -54,6 +68,10 @@ export const loadOrCreateMultipartUpload = async ({ contentEncoding, metadata, abortSignal, + checksumAlgorithm, + optionsHash, + resumableUploadsCache, + expectedBucketOwner, }: LoadOrCreateMultipartUploadOptions): Promise => { const finalKey = keyPrefix !== undefined ? keyPrefix + key : key; @@ -62,10 +80,14 @@ export const loadOrCreateMultipartUpload = async ({ parts: Part[]; uploadId: string; uploadCacheKey: string; + finalCrc32?: string; } | undefined; - if (size === undefined) { - logger.debug('uploaded data size cannot be determined, skipping cache.'); + + if (!resumableUploadsCache) { + logger.debug( + 'uploaded cache instance cannot be determined, skipping cache.', + ); cachedUpload = undefined; } else { const uploadCacheKey = getUploadsCacheKey({ @@ -75,6 +97,7 @@ export const loadOrCreateMultipartUpload = async ({ bucket, accessLevel, key, + optionsHash, }); const cachedUploadParts = await findCachedUploadParts({ @@ -82,6 +105,7 @@ export const loadOrCreateMultipartUpload = async ({ cacheKey: uploadCacheKey, bucket, finalKey, + resumableUploadsCache, }); cachedUpload = cachedUploadParts ? { ...cachedUploadParts, uploadCacheKey } @@ -92,8 +116,14 @@ export const loadOrCreateMultipartUpload = async ({ return { uploadId: cachedUpload.uploadId, cachedParts: cachedUpload.parts, + finalCrc32: cachedUpload.finalCrc32, }; } else { + const finalCrc32 = + checksumAlgorithm === CHECKSUM_ALGORITHM_CRC32 + ? await getCombinedCrc32(data, size) + : undefined; + const { UploadId } = await createMultipartUpload( { ...s3Config, @@ -106,34 +136,34 @@ export const loadOrCreateMultipartUpload = async ({ ContentDisposition: constructContentDisposition(contentDisposition), ContentEncoding: contentEncoding, Metadata: metadata, + ChecksumAlgorithm: finalCrc32 ? 'CRC32' : undefined, + ExpectedBucketOwner: expectedBucketOwner, }, ); - if (size === undefined) { - logger.debug('uploaded data size cannot be determined, skipping cache.'); - return { + if (resumableUploadsCache) { + const uploadCacheKey = getUploadsCacheKey({ + size, + contentType, + file: data instanceof File ? data : undefined, + bucket, + accessLevel, + key, + optionsHash, + }); + await cacheMultipartUpload(resumableUploadsCache, uploadCacheKey, { uploadId: UploadId!, - cachedParts: [], - }; + bucket, + key, + finalCrc32, + fileName: data instanceof File ? data.name : '', + }); } - const uploadCacheKey = getUploadsCacheKey({ - size, - contentType, - file: data instanceof File ? data : undefined, - bucket, - accessLevel, - key, - }); - await cacheMultipartUpload(uploadCacheKey, { - uploadId: UploadId!, - bucket, - key, - fileName: data instanceof File ? data.name : '', - }); return { uploadId: UploadId!, cachedParts: [], + finalCrc32, }; } }; diff --git a/packages/storage/src/providers/s3/apis/uploadData/multipart/progressTracker.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/progressTracker.ts similarity index 94% rename from packages/storage/src/providers/s3/apis/uploadData/multipart/progressTracker.ts rename to packages/storage/src/providers/s3/apis/internal/uploadData/multipart/progressTracker.ts index 0347d76dfcd..92edaf7a748 100644 --- a/packages/storage/src/providers/s3/apis/uploadData/multipart/progressTracker.ts +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/progressTracker.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { TransferProgressEvent } from '../../../../../types'; +import { TransferProgressEvent } from '../../../../../../types'; interface ConcurrentUploadsProgressTrackerOptions { size?: number; diff --git a/packages/storage/src/providers/s3/apis/uploadData/multipart/uploadCache.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/uploadCache.ts similarity index 70% rename from packages/storage/src/providers/s3/apis/uploadData/multipart/uploadCache.ts rename to packages/storage/src/providers/s3/apis/internal/uploadData/multipart/uploadCache.ts index e5619655f3b..22f80e741a7 100644 --- a/packages/storage/src/providers/s3/apis/uploadData/multipart/uploadCache.ts +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/uploadCache.ts @@ -4,13 +4,12 @@ import { KeyValueStorageInterface, StorageAccessLevel, - defaultStorage, } from '@aws-amplify/core'; -import { UPLOADS_STORAGE_KEY } from '../../../utils/constants'; -import { ResolvedS3Config } from '../../../types/options'; -import { Part, listParts } from '../../../utils/client'; -import { logger } from '../../../../../utils'; +import { UPLOADS_STORAGE_KEY } from '../../../../utils/constants'; +import { ResolvedS3Config } from '../../../../types/options'; +import { Part, listParts } from '../../../../utils/client/s3data'; +import { logger } from '../../../../../../utils'; const ONE_HOUR = 1000 * 60 * 60; @@ -19,6 +18,7 @@ interface FindCachedUploadPartsOptions { s3Config: ResolvedS3Config; bucket: string; finalKey: string; + resumableUploadsCache: KeyValueStorageInterface; } /** @@ -26,6 +26,7 @@ interface FindCachedUploadPartsOptions { * with ListParts API. If the cached upload is expired(1 hour), return null. */ export const findCachedUploadParts = async ({ + resumableUploadsCache, cacheKey, s3Config, bucket, @@ -33,8 +34,9 @@ export const findCachedUploadParts = async ({ }: FindCachedUploadPartsOptions): Promise<{ parts: Part[]; uploadId: string; + finalCrc32?: string; } | null> => { - const cachedUploads = await listCachedUploadTasks(defaultStorage); + const cachedUploads = await listCachedUploadTasks(resumableUploadsCache); if ( !cachedUploads[cacheKey] || cachedUploads[cacheKey].lastTouched < Date.now() - ONE_HOUR // Uploads are cached for 1 hour @@ -45,7 +47,7 @@ export const findCachedUploadParts = async ({ const cachedUpload = cachedUploads[cacheKey]; cachedUpload.lastTouched = Date.now(); - await defaultStorage.setItem( + await resumableUploadsCache.setItem( UPLOADS_STORAGE_KEY, JSON.stringify(cachedUploads), ); @@ -60,10 +62,11 @@ export const findCachedUploadParts = async ({ return { parts: Parts, uploadId: cachedUpload.uploadId, + finalCrc32: cachedUpload.finalCrc32, }; } catch (e) { logger.debug('failed to list cached parts, removing cached upload.'); - await removeCachedUpload(cacheKey); + await removeCachedUpload(resumableUploadsCache, cacheKey); return null; } @@ -74,15 +77,18 @@ interface FileMetadata { fileName: string; key: string; uploadId: string; + finalCrc32?: string; // Unix timestamp in ms lastTouched: number; } const listCachedUploadTasks = async ( - kvStorage: KeyValueStorageInterface, + resumableUploadsCache: KeyValueStorageInterface, ): Promise> => { try { - return JSON.parse((await kvStorage.getItem(UPLOADS_STORAGE_KEY)) ?? '{}'); + return JSON.parse( + (await resumableUploadsCache.getItem(UPLOADS_STORAGE_KEY)) ?? '{}', + ); } catch (e) { logger.debug('failed to parse cached uploads record.'); @@ -97,6 +103,7 @@ interface UploadsCacheKeyOptions { accessLevel?: StorageAccessLevel; key: string; file?: File; + optionsHash: string; } /** @@ -111,6 +118,7 @@ export const getUploadsCacheKey = ({ bucket, accessLevel, key, + optionsHash, }: UploadsCacheKeyOptions) => { let levelStr; const resolvedContentType = @@ -123,7 +131,7 @@ export const getUploadsCacheKey = ({ levelStr = accessLevel === 'guest' ? 'public' : accessLevel; } - const baseId = `${size}_${resolvedContentType}_${bucket}_${levelStr}_${key}`; + const baseId = `${optionsHash}_${size}_${resolvedContentType}_${bucket}_${levelStr}_${key}`; if (file) { return `${file.name}_${file.lastModified}_${baseId}`; @@ -133,24 +141,28 @@ export const getUploadsCacheKey = ({ }; export const cacheMultipartUpload = async ( + resumableUploadsCache: KeyValueStorageInterface, cacheKey: string, fileMetadata: Omit, ): Promise => { - const cachedUploads = await listCachedUploadTasks(defaultStorage); + const cachedUploads = await listCachedUploadTasks(resumableUploadsCache); cachedUploads[cacheKey] = { ...fileMetadata, lastTouched: Date.now(), }; - await defaultStorage.setItem( + await resumableUploadsCache.setItem( UPLOADS_STORAGE_KEY, JSON.stringify(cachedUploads), ); }; -export const removeCachedUpload = async (cacheKey: string): Promise => { - const cachedUploads = await listCachedUploadTasks(defaultStorage); +export const removeCachedUpload = async ( + resumableUploadsCache: KeyValueStorageInterface, + cacheKey: string, +): Promise => { + const cachedUploads = await listCachedUploadTasks(resumableUploadsCache); delete cachedUploads[cacheKey]; - await defaultStorage.setItem( + await resumableUploadsCache.setItem( UPLOADS_STORAGE_KEY, JSON.stringify(cachedUploads), ); diff --git a/packages/storage/src/providers/s3/apis/uploadData/multipart/uploadHandlers.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/uploadHandlers.ts similarity index 60% rename from packages/storage/src/providers/s3/apis/uploadData/multipart/uploadHandlers.ts rename to packages/storage/src/providers/s3/apis/internal/uploadData/multipart/uploadHandlers.ts index 8d002df37db..c9f52314f8a 100644 --- a/packages/storage/src/providers/s3/apis/uploadData/multipart/uploadHandlers.ts +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/uploadHandlers.ts @@ -1,40 +1,78 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { Amplify, StorageAccessLevel } from '@aws-amplify/core'; +import { + Amplify, + KeyValueStorageInterface, + StorageAccessLevel, +} from '@aws-amplify/core'; import { StorageAction } from '@aws-amplify/core/internals/utils'; -import { UploadDataInput, UploadDataWithPathInput } from '../../../types'; +import { UploadDataInput } from '../../../../types'; +// TODO: Remove this interface when we move to public advanced APIs. +import { UploadDataInput as UploadDataWithPathInputWithAdvancedOptions } from '../../../../../../internals/types/inputs'; import { resolveS3ConfigAndInput, validateStorageOperationInput, -} from '../../../utils'; -import { ItemWithKey, ItemWithPath } from '../../../types/outputs'; +} from '../../../../utils'; +import { ItemWithKey, ItemWithPath } from '../../../../types/outputs'; import { DEFAULT_ACCESS_LEVEL, DEFAULT_QUEUE_SIZE, STORAGE_INPUT_KEY, -} from '../../../utils/constants'; +} from '../../../../utils/constants'; import { ResolvedS3Config, UploadDataWithKeyOptions, -} from '../../../types/options'; -import { StorageError } from '../../../../../errors/StorageError'; -import { CanceledError } from '../../../../../errors/CanceledError'; +} from '../../../../types/options'; +import { StorageError } from '../../../../../../errors/StorageError'; +import { CanceledError } from '../../../../../../errors/CanceledError'; import { Part, abortMultipartUpload, completeMultipartUpload, headObject, -} from '../../../utils/client'; -import { getStorageUserAgentValue } from '../../../utils/userAgent'; -import { logger } from '../../../../../utils'; +} from '../../../../utils/client/s3data'; +import { getStorageUserAgentValue } from '../../../../utils/userAgent'; +import { logger } from '../../../../../../utils'; +import { calculateContentCRC32 } from '../../../../utils/crc32'; +import { StorageOperationOptionsInput } from '../../../../../../types/inputs'; +import { IntegrityError } from '../../../../../../errors/IntegrityError'; import { uploadPartExecutor } from './uploadPartExecutor'; import { getUploadsCacheKey, removeCachedUpload } from './uploadCache'; import { getConcurrentUploadsProgressTracker } from './progressTracker'; import { loadOrCreateMultipartUpload } from './initialUpload'; import { getDataChunker } from './getDataChunker'; +import { calculatePartSize } from './calculatePartSize'; + +type WithResumableCacheConfig> = + Input & { + options?: Input['options'] & { + /** + * The cache instance to store the in-progress multipart uploads so they can be resumed + * after page refresh. By default the library caches the uploaded file name, + * last modified, final checksum, size, bucket, key, and corresponded in-progress + * multipart upload ID from S3. If the library detects the same input corresponds to a + * previously in-progress upload from within 1 hour ago, it will continue + * the upload from where it left. + * + * By default, this option is not set. The upload caching is disabled. + */ + resumableUploadsCache?: KeyValueStorageInterface; + }; + }; + +/** + * The input interface for UploadData API with the options needed for multi-part upload. + * It supports both legacy Gen 1 input with key and Gen2 input with path. It also support additional + * advanced options for StorageBrowser. + * + * @internal + */ +export type MultipartUploadDataInput = WithResumableCacheConfig< + UploadDataInput | UploadDataWithPathInputWithAdvancedOptions +>; /** * Create closure hiding the multipart upload implementation details and expose the upload job and control functions( @@ -43,8 +81,8 @@ import { getDataChunker } from './getDataChunker'; * @internal */ export const getMultipartUploadHandlers = ( - uploadDataInput: UploadDataInput | UploadDataWithPathInput, - size?: number, + uploadDataInput: MultipartUploadDataInput, + size: number, ) => { let resolveCallback: | ((value: ItemWithKey | ItemWithPath) => void) @@ -54,6 +92,7 @@ export const getMultipartUploadHandlers = ( | { uploadId: string; completedParts: Part[]; + finalCrc32?: string; } | undefined; let resolvedS3Config: ResolvedS3Config | undefined; @@ -64,16 +103,19 @@ export const getMultipartUploadHandlers = ( let resolvedIdentityId: string | undefined; let uploadCacheKey: string | undefined; let finalKey: string; + let expectedBucketOwner: string | undefined; // Special flag that differentiates HTTP requests abort error caused by pause() from ones caused by cancel(). // The former one should NOT cause the upload job to throw, but cancels any pending HTTP requests. // This should be replaced by a special abort reason. However,the support of this API is lagged behind. let isAbortSignalFromPause = false; + const { resumableUploadsCache } = uploadDataInput.options ?? {}; + const startUpload = async (): Promise => { const { options: uploadDataOptions, data } = uploadDataInput; const resolvedS3Options = await resolveS3ConfigAndInput( Amplify, - uploadDataOptions, + uploadDataInput, ); abortController = new AbortController(); @@ -81,6 +123,7 @@ export const getMultipartUploadHandlers = ( resolvedS3Config = resolvedS3Options.s3Config; resolvedBucket = resolvedS3Options.bucket; resolvedIdentityId = resolvedS3Options.identityId; + expectedBucketOwner = uploadDataOptions?.expectedBucketOwner; const { inputType, objectKey } = validateStorageOperationInput( uploadDataInput, @@ -92,6 +135,7 @@ export const getMultipartUploadHandlers = ( contentEncoding, contentType = 'application/octet-stream', metadata, + preventOverwrite, onProgress, } = uploadDataOptions ?? {}; @@ -107,24 +151,34 @@ export const getMultipartUploadHandlers = ( resolvedAccessLevel = resolveAccessLevel(accessLevel); } + const optionsHash = ( + await calculateContentCRC32(JSON.stringify(uploadDataOptions)) + ).checksum; + if (!inProgressUpload) { - const { uploadId, cachedParts } = await loadOrCreateMultipartUpload({ - s3Config: resolvedS3Config, - accessLevel: resolvedAccessLevel, - bucket: resolvedBucket, - keyPrefix: resolvedKeyPrefix, - key: objectKey, - contentType, - contentDisposition, - contentEncoding, - metadata, - data, - size, - abortSignal: abortController.signal, - }); + const { uploadId, cachedParts, finalCrc32 } = + await loadOrCreateMultipartUpload({ + s3Config: resolvedS3Config, + accessLevel: resolvedAccessLevel, + bucket: resolvedBucket, + keyPrefix: resolvedKeyPrefix, + key: objectKey, + contentType, + contentDisposition, + contentEncoding, + metadata, + data, + size, + abortSignal: abortController.signal, + checksumAlgorithm: uploadDataOptions?.checksumAlgorithm, + optionsHash, + resumableUploadsCache, + expectedBucketOwner, + }); inProgressUpload = { uploadId, completedParts: cachedParts, + finalCrc32, }; } @@ -136,6 +190,7 @@ export const getMultipartUploadHandlers = ( bucket: resolvedBucket!, size, key: objectKey, + optionsHash, }) : undefined; @@ -143,10 +198,16 @@ export const getMultipartUploadHandlers = ( const completedPartNumberSet = new Set( inProgressUpload.completedParts.map(({ PartNumber }) => PartNumber!), ); - const onPartUploadCompletion = (partNumber: number, eTag: string) => { + const onPartUploadCompletion = ( + partNumber: number, + eTag: string, + crc32: string | undefined, + ) => { inProgressUpload?.completedParts.push({ PartNumber: partNumber, ETag: eTag, + // TODO: crc32 can always be added once RN also has an implementation + ...(crc32 ? { ChecksumCRC32: crc32 } : {}), }); }; const concurrentUploadsProgressTracker = @@ -169,12 +230,16 @@ export const getMultipartUploadHandlers = ( onPartUploadCompletion, onProgress: concurrentUploadsProgressTracker.getOnProgressListener(), isObjectLockEnabled: resolvedS3Options.isObjectLockEnabled, + useCRC32Checksum: Boolean(inProgressUpload.finalCrc32), + expectedBucketOwner, }), ); } await Promise.all(concurrentUploadPartExecutors); + validateCompletedParts(inProgressUpload.completedParts, size); + const { ETag: eTag } = await completeMultipartUpload( { ...resolvedS3Config, @@ -185,11 +250,12 @@ export const getMultipartUploadHandlers = ( Bucket: resolvedBucket, Key: finalKey, UploadId: inProgressUpload.uploadId, + ChecksumCRC32: inProgressUpload.finalCrc32, + IfNoneMatch: preventOverwrite ? '*' : undefined, MultipartUpload: { - Parts: inProgressUpload.completedParts.sort( - (partA, partB) => partA.PartNumber! - partB.PartNumber!, - ), + Parts: sortUploadParts(inProgressUpload.completedParts), }, + ExpectedBucketOwner: expectedBucketOwner, }, ); @@ -199,6 +265,7 @@ export const getMultipartUploadHandlers = ( { Bucket: resolvedBucket, Key: finalKey, + ExpectedBucketOwner: expectedBucketOwner, }, ); if (uploadedObjectSize && uploadedObjectSize !== size) { @@ -209,8 +276,8 @@ export const getMultipartUploadHandlers = ( } } - if (uploadCacheKey) { - await removeCachedUpload(uploadCacheKey); + if (resumableUploadsCache && uploadCacheKey) { + await removeCachedUpload(resumableUploadsCache, uploadCacheKey); } const result = { @@ -256,14 +323,15 @@ export const getMultipartUploadHandlers = ( const cancelUpload = async () => { // 2. clear upload cache. - if (uploadCacheKey) { - await removeCachedUpload(uploadCacheKey); + if (uploadCacheKey && resumableUploadsCache) { + await removeCachedUpload(resumableUploadsCache, uploadCacheKey); } // 3. clear multipart upload on server side. await abortMultipartUpload(resolvedS3Config!, { Bucket: resolvedBucket, Key: finalKey, UploadId: inProgressUpload?.uploadId, + ExpectedBucketOwner: expectedBucketOwner, }); }; cancelUpload().catch(e => { @@ -289,3 +357,23 @@ const resolveAccessLevel = (accessLevel?: StorageAccessLevel) => accessLevel ?? Amplify.libraryOptions.Storage?.S3?.defaultAccessLevel ?? DEFAULT_ACCESS_LEVEL; + +const validateCompletedParts = (completedParts: Part[], size: number) => { + const partsExpected = Math.ceil(size / calculatePartSize(size)); + const validPartCount = completedParts.length === partsExpected; + + const sorted = sortUploadParts(completedParts); + const validPartNumbers = sorted.every( + (part, index) => part.PartNumber === index + 1, + ); + + if (!validPartCount || !validPartNumbers) { + throw new IntegrityError(); + } +}; + +const sortUploadParts = (parts: Part[]) => { + return [...parts].sort( + (partA, partB) => partA.PartNumber! - partB.PartNumber!, + ); +}; diff --git a/packages/storage/src/providers/s3/apis/uploadData/multipart/uploadPartExecutor.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/uploadPartExecutor.ts similarity index 61% rename from packages/storage/src/providers/s3/apis/uploadData/multipart/uploadPartExecutor.ts rename to packages/storage/src/providers/s3/apis/internal/uploadData/multipart/uploadPartExecutor.ts index c93d791aad3..34a6a8d1ae0 100644 --- a/packages/storage/src/providers/s3/apis/uploadData/multipart/uploadPartExecutor.ts +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/multipart/uploadPartExecutor.ts @@ -1,11 +1,12 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { TransferProgressEvent } from '../../../../../types'; -import { ResolvedS3Config } from '../../../types/options'; -import { calculateContentMd5 } from '../../../utils'; -import { uploadPart } from '../../../utils/client'; -import { logger } from '../../../../../utils'; +import { TransferProgressEvent } from '../../../../../../types'; +import { ResolvedS3Config } from '../../../../types/options'; +import { uploadPart } from '../../../../utils/client/s3data'; +import { logger } from '../../../../../../utils'; +import { CRC32Checksum, calculateContentCRC32 } from '../../../../utils/crc32'; +import { calculateContentMd5 } from '../../../../utils'; import { PartToUpload } from './getDataChunker'; @@ -18,8 +19,14 @@ interface UploadPartExecutorOptions { finalKey: string; uploadId: string; isObjectLockEnabled?: boolean; - onPartUploadCompletion(partNumber: number, eTag: string): void; + useCRC32Checksum?: boolean; + onPartUploadCompletion( + partNumber: number, + eTag: string, + crc32: string | undefined, + ): void; onProgress?(event: TransferProgressEvent): void; + expectedBucketOwner?: string; } export const uploadPartExecutor = async ({ @@ -33,6 +40,8 @@ export const uploadPartExecutor = async ({ onPartUploadCompletion, onProgress, isObjectLockEnabled, + useCRC32Checksum, + expectedBucketOwner, }: UploadPartExecutorOptions) => { let transferredBytes = 0; for (const { data, partNumber, size } of dataChunkerGenerator) { @@ -49,6 +58,16 @@ export const uploadPartExecutor = async ({ }); } else { // handle cancel error + let checksumCRC32: CRC32Checksum | undefined; + if (useCRC32Checksum) { + checksumCRC32 = await calculateContentCRC32(data); + } + const contentMD5 = + // check if checksum exists. ex: should not exist in react native + !checksumCRC32 && isObjectLockEnabled + ? await calculateContentMd5(data) + : undefined; + const { ETag: eTag } = await uploadPart( { ...s3Config, @@ -66,14 +85,14 @@ export const uploadPartExecutor = async ({ UploadId: uploadId, Body: data, PartNumber: partNumber, - ContentMD5: isObjectLockEnabled - ? await calculateContentMd5(data) - : undefined, + ChecksumCRC32: checksumCRC32?.checksum, + ContentMD5: contentMD5, + ExpectedBucketOwner: expectedBucketOwner, }, ); transferredBytes += size; // eTag will always be set even the S3 model interface marks it as optional. - onPartUploadCompletion(partNumber, eTag!); + onPartUploadCompletion(partNumber, eTag!, checksumCRC32?.checksum); } } }; diff --git a/packages/storage/src/providers/s3/apis/internal/uploadData/putObjectJob.ts b/packages/storage/src/providers/s3/apis/internal/uploadData/putObjectJob.ts new file mode 100644 index 00000000000..340cd5d610a --- /dev/null +++ b/packages/storage/src/providers/s3/apis/internal/uploadData/putObjectJob.ts @@ -0,0 +1,115 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { Amplify } from '@aws-amplify/core'; +import { StorageAction } from '@aws-amplify/core/internals/utils'; + +import { UploadDataInput } from '../../../types'; +// TODO: Remove this interface when we move to public advanced APIs. +import { UploadDataInput as UploadDataWithPathInputWithAdvancedOptions } from '../../../../../internals/types/inputs'; +import { + calculateContentMd5, + resolveS3ConfigAndInput, + validateBucketOwnerID, + validateStorageOperationInput, +} from '../../../utils'; +import { ItemWithKey, ItemWithPath } from '../../../types/outputs'; +import { putObject } from '../../../utils/client/s3data'; +import { getStorageUserAgentValue } from '../../../utils/userAgent'; +import { + CHECKSUM_ALGORITHM_CRC32, + STORAGE_INPUT_KEY, +} from '../../../utils/constants'; +import { calculateContentCRC32 } from '../../../utils/crc32'; +import { constructContentDisposition } from '../../../utils/constructContentDisposition'; + +/** + * The input interface for UploadData API with only the options needed for single part upload. + * It supports both legacy Gen 1 input with key and Gen2 input with path. It also support additional + * advanced options for StorageBrowser. + * + * @internal + */ +export type SinglePartUploadDataInput = + | UploadDataInput + | UploadDataWithPathInputWithAdvancedOptions; + +/** + * Get a function the returns a promise to call putObject API to S3. + * + * @internal + */ +export const putObjectJob = + ( + uploadDataInput: SinglePartUploadDataInput, + abortSignal: AbortSignal, + totalLength: number, + ) => + async (): Promise => { + const { options: uploadDataOptions, data } = uploadDataInput; + const { bucket, keyPrefix, s3Config, isObjectLockEnabled, identityId } = + await resolveS3ConfigAndInput(Amplify, uploadDataInput); + const { inputType, objectKey } = validateStorageOperationInput( + uploadDataInput, + identityId, + ); + validateBucketOwnerID(uploadDataOptions?.expectedBucketOwner); + + const finalKey = + inputType === STORAGE_INPUT_KEY ? keyPrefix + objectKey : objectKey; + const { + contentDisposition, + contentEncoding, + contentType = 'application/octet-stream', + preventOverwrite, + metadata, + checksumAlgorithm, + onProgress, + expectedBucketOwner, + } = uploadDataOptions ?? {}; + + const checksumCRC32 = + checksumAlgorithm === CHECKSUM_ALGORITHM_CRC32 + ? await calculateContentCRC32(data) + : undefined; + + const contentMD5 = + // check if checksum exists. ex: should not exist in react native + !checksumCRC32 && isObjectLockEnabled + ? await calculateContentMd5(data) + : undefined; + + const { ETag: eTag, VersionId: versionId } = await putObject( + { + ...s3Config, + abortSignal, + onUploadProgress: onProgress, + userAgentValue: getStorageUserAgentValue(StorageAction.UploadData), + }, + { + Bucket: bucket, + Key: finalKey, + Body: data, + ContentType: contentType, + ContentDisposition: constructContentDisposition(contentDisposition), + ContentEncoding: contentEncoding, + Metadata: metadata, + ContentMD5: contentMD5, + ChecksumCRC32: checksumCRC32?.checksum, + ExpectedBucketOwner: expectedBucketOwner, + IfNoneMatch: preventOverwrite ? '*' : undefined, + }, + ); + + const result = { + eTag, + versionId, + contentType, + metadata, + size: totalLength, + }; + + return inputType === STORAGE_INPUT_KEY + ? { key: objectKey, ...result } + : { path: objectKey, ...result }; + }; diff --git a/packages/storage/src/providers/s3/apis/uploadData/index.ts b/packages/storage/src/providers/s3/apis/uploadData.ts similarity index 71% rename from packages/storage/src/providers/s3/apis/uploadData/index.ts rename to packages/storage/src/providers/s3/apis/uploadData.ts index 39ccdac89a9..b6173d3777e 100644 --- a/packages/storage/src/providers/s3/apis/uploadData/index.ts +++ b/packages/storage/src/providers/s3/apis/uploadData.ts @@ -1,20 +1,16 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 +import { defaultStorage } from '@aws-amplify/core'; + import { UploadDataInput, UploadDataOutput, UploadDataWithPathInput, UploadDataWithPathOutput, -} from '../../types'; -import { createUploadTask } from '../../utils'; -import { assertValidationError } from '../../../../errors/utils/assertValidationError'; -import { StorageValidationErrorCode } from '../../../../errors/types/validation'; -import { DEFAULT_PART_SIZE, MAX_OBJECT_SIZE } from '../../utils/constants'; +} from '../types'; -import { byteLength } from './byteLength'; -import { putObjectJob } from './putObjectJob'; -import { getMultipartUploadHandlers } from './multipart'; +import { uploadData as uploadDataInternal } from './internal/uploadData'; /** * Upload data to the specified S3 object path. By default uses single PUT operation to upload if the payload is less than 5MB. @@ -127,38 +123,13 @@ export function uploadData( export function uploadData(input: UploadDataInput): UploadDataOutput; export function uploadData(input: UploadDataInput | UploadDataWithPathInput) { - const { data } = input; - - const dataByteLength = byteLength(data); - assertValidationError( - dataByteLength === undefined || dataByteLength <= MAX_OBJECT_SIZE, - StorageValidationErrorCode.ObjectIsTooLarge, - ); - - if (dataByteLength !== undefined && dataByteLength <= DEFAULT_PART_SIZE) { - // Single part upload - const abortController = new AbortController(); - - return createUploadTask({ - isMultipartUpload: false, - job: putObjectJob(input, abortController.signal, dataByteLength), - onCancel: (message?: string) => { - abortController.abort(message); - }, - }); - } else { - // Multipart upload - const { multipartUploadJob, onPause, onResume, onCancel } = - getMultipartUploadHandlers(input, dataByteLength); - - return createUploadTask({ - isMultipartUpload: true, - job: multipartUploadJob, - onCancel: (message?: string) => { - onCancel(message); - }, - onPause, - onResume, - }); - } + return uploadDataInternal({ + ...input, + options: { + ...input?.options, + // This option enables caching in-progress multipart uploads. + // It's ONLY needed for client-side API. + resumableUploadsCache: defaultStorage, + }, + }); } diff --git a/packages/storage/src/providers/s3/apis/uploadData/putObjectJob.ts b/packages/storage/src/providers/s3/apis/uploadData/putObjectJob.ts deleted file mode 100644 index 262a046ac71..00000000000 --- a/packages/storage/src/providers/s3/apis/uploadData/putObjectJob.ts +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -import { Amplify } from '@aws-amplify/core'; -import { StorageAction } from '@aws-amplify/core/internals/utils'; - -import { UploadDataInput, UploadDataWithPathInput } from '../../types'; -import { - calculateContentMd5, - resolveS3ConfigAndInput, - validateStorageOperationInput, -} from '../../utils'; -import { ItemWithKey, ItemWithPath } from '../../types/outputs'; -import { putObject } from '../../utils/client'; -import { getStorageUserAgentValue } from '../../utils/userAgent'; -import { STORAGE_INPUT_KEY } from '../../utils/constants'; -import { constructContentDisposition } from '../../utils/constructContentDisposition'; - -/** - * Get a function the returns a promise to call putObject API to S3. - * - * @internal - */ -export const putObjectJob = - ( - uploadDataInput: UploadDataInput | UploadDataWithPathInput, - abortSignal: AbortSignal, - totalLength?: number, - ) => - async (): Promise => { - const { options: uploadDataOptions, data } = uploadDataInput; - const { bucket, keyPrefix, s3Config, isObjectLockEnabled, identityId } = - await resolveS3ConfigAndInput(Amplify, uploadDataOptions); - const { inputType, objectKey } = validateStorageOperationInput( - uploadDataInput, - identityId, - ); - - const finalKey = - inputType === STORAGE_INPUT_KEY ? keyPrefix + objectKey : objectKey; - const { - contentDisposition, - contentEncoding, - contentType = 'application/octet-stream', - metadata, - onProgress, - } = uploadDataOptions ?? {}; - - const { ETag: eTag, VersionId: versionId } = await putObject( - { - ...s3Config, - abortSignal, - onUploadProgress: onProgress, - userAgentValue: getStorageUserAgentValue(StorageAction.UploadData), - }, - { - Bucket: bucket, - Key: finalKey, - Body: data, - ContentType: contentType, - ContentDisposition: constructContentDisposition(contentDisposition), - ContentEncoding: contentEncoding, - Metadata: metadata, - ContentMD5: isObjectLockEnabled - ? await calculateContentMd5(data) - : undefined, - }, - ); - - const result = { - eTag, - versionId, - contentType, - metadata, - size: totalLength, - }; - - return inputType === STORAGE_INPUT_KEY - ? { key: objectKey, ...result } - : { path: objectKey, ...result }; - }; diff --git a/packages/storage/src/providers/s3/index.ts b/packages/storage/src/providers/s3/index.ts index 2ec8bb61527..41023940aac 100644 --- a/packages/storage/src/providers/s3/index.ts +++ b/packages/storage/src/providers/s3/index.ts @@ -48,3 +48,5 @@ export { GetUrlOutput, GetUrlWithPathOutput, } from './types/outputs'; + +export { DEFAULT_PART_SIZE } from './utils/constants'; diff --git a/packages/storage/src/providers/s3/types/options.ts b/packages/storage/src/providers/s3/types/options.ts index 9a608c6dd2b..39891185185 100644 --- a/packages/storage/src/providers/s3/types/options.ts +++ b/packages/storage/src/providers/s3/types/options.ts @@ -2,7 +2,11 @@ // SPDX-License-Identifier: Apache-2.0 import { StorageAccessLevel } from '@aws-amplify/core'; -import { SigningOptions } from '@aws-amplify/core/internals/aws-client-utils'; +import { + CredentialsProviderOptions, + SigningOptions, +} from '@aws-amplify/core/internals/aws-client-utils'; +import { AWSCredentials } from '@aws-amplify/core/internals/utils'; import { TransferProgressEvent } from '../../../types'; import { @@ -11,9 +15,32 @@ import { StorageSubpathStrategy, } from '../../../types/options'; +/** + * @internal + */ +export type AWSTemporaryCredentials = Required< + Pick< + AWSCredentials, + 'accessKeyId' | 'secretAccessKey' | 'sessionToken' | 'expiration' + > +>; + +/** + * Async function returning AWS credentials for an API call. This function + * is invoked with S3 locations(bucket and path). + * If omitted, the global credentials configured in Amplify Auth + * would be used. + * + * @internal + */ +export type LocationCredentialsProvider = ( + options?: CredentialsProviderOptions, +) => Promise<{ credentials: AWSTemporaryCredentials }>; + export interface BucketInfo { bucketName: string; region: string; + paths?: Record>; } export type StorageBucket = string | BucketInfo; @@ -23,7 +50,13 @@ interface CommonOptions { * @default false */ useAccelerateEndpoint?: boolean; + bucket?: StorageBucket; + + /** + * The expected owner of the target bucket. + */ + expectedBucketOwner?: string; } /** @@ -165,6 +198,8 @@ export type DownloadDataOptions = CommonOptions & export type DownloadDataWithKeyOptions = ReadOptions & DownloadDataOptions; export type DownloadDataWithPathOptions = DownloadDataOptions; +export type UploadDataChecksumAlgorithm = 'crc-32'; + export type UploadDataOptions = CommonOptions & TransferOptions & { /** @@ -190,6 +225,17 @@ export type UploadDataOptions = CommonOptions & * @see https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingMetadata.html#UserMetadata */ metadata?: Record; + /** + * Enforces target key does not already exist in S3 before committing upload. + * @default false + */ + preventOverwrite?: boolean; + /** + * The algorithm used to compute a checksum for the object. Used to verify that the data received by S3 + * matches what was originally sent. Disabled by default. + * @default undefined + */ + checksumAlgorithm?: UploadDataChecksumAlgorithm; }; /** @deprecated Use {@link UploadDataWithPathOptions} instead. */ @@ -201,6 +247,9 @@ export type CopySourceWithKeyOptions = ReadOptions & { /** @deprecated This may be removed in the next major version. */ key: string; bucket?: StorageBucket; + notModifiedSince?: Date; + eTag?: string; + expectedBucketOwner?: string; }; /** @deprecated This may be removed in the next major version. */ @@ -208,13 +257,19 @@ export type CopyDestinationWithKeyOptions = WriteOptions & { /** @deprecated This may be removed in the next major version. */ key: string; bucket?: StorageBucket; + expectedBucketOwner?: string; }; export interface CopyWithPathSourceOptions { bucket?: StorageBucket; + notModifiedSince?: Date; + eTag?: string; + expectedBucketOwner?: string; } + export interface CopyWithPathDestinationOptions { bucket?: StorageBucket; + expectedBucketOwner?: string; } /** diff --git a/packages/storage/src/providers/s3/utils/client/s3control/base.ts b/packages/storage/src/providers/s3/utils/client/s3control/base.ts new file mode 100644 index 00000000000..721ec7e3b9a --- /dev/null +++ b/packages/storage/src/providers/s3/utils/client/s3control/base.ts @@ -0,0 +1,112 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + AmplifyUrl, + getAmplifyUserAgent, +} from '@aws-amplify/core/internals/utils'; +import { + EndpointResolverOptions, + getDnsSuffix, + jitteredBackoff, +} from '@aws-amplify/core/internals/aws-client-utils'; + +import { createRetryDecider, createXmlErrorParser } from '../utils'; +import { assertValidationError } from '../../../../../errors/utils/assertValidationError'; +import { StorageValidationErrorCode } from '../../../../../errors/types/validation'; + +/** + * The service name used to sign requests if the API requires authentication. + */ +export const SERVICE_NAME = 's3'; + +/** + * Options for endpoint resolver. + * + * @internal + */ +export type S3EndpointResolverOptions = EndpointResolverOptions & { + /** + * Fully qualified custom endpoint for S3. If this is set, this endpoint will be used regardless of region. + * + * A fully qualified custom endpoint for S3. If set, this endpoint will override + * the default S3 control endpoint and be used regardless of the specified region configuration. + * + * Refer to AWS documentation for more details on available endpoints: + * https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_region + * + * @example + * ```ts + * // Examples of S3 custom endpoints + * const endpoint1 = "s3-control.us-east-2.amazonaws.com"; + * const endpoint2 = "s3-control.dualstack.us-east-2.amazonaws.com"; + * const endpoint3 = "s3-control-fips.dualstack.us-east-2.amazonaws.com"; + * ``` + */ + customEndpoint?: string; +}; + +/** + * The endpoint resolver function that returns the endpoint URL for a given region, and input parameters. + */ +const endpointResolver = ( + options: S3EndpointResolverOptions, + apiInput: { AccountId: string }, +) => { + const { region, customEndpoint } = options; + const { AccountId: accountId } = apiInput; + let endpoint: URL; + + if (customEndpoint) { + assertValidationError( + !customEndpoint.includes('://'), + StorageValidationErrorCode.InvalidCustomEndpoint, + ); + endpoint = new AmplifyUrl(`https://${accountId}.${customEndpoint}`); + } else { + endpoint = new AmplifyUrl( + `https://${accountId}.s3-control.${region}.${getDnsSuffix(region)}`, + ); + } + + return { url: endpoint }; +}; + +/** + * Error parser for the XML payload of S3 control plane error response. The + * error's `Code` and `Message` locates at the nested `Error` element instead of + * the XML root element. + * + * @example + * ``` + * + * + * + * AccessDenied + * Access Denied + * + * 656c76696e6727732072657175657374 + * Uuag1LuByRx9e6j5Onimru9pO4ZVKnJ2Qz7/C1NPcfTWAtRPfTaOFg== + * + * ``` + * + * @internal + */ +export const parseXmlError = createXmlErrorParser(); + +/** + * @internal + */ +export const retryDecider = createRetryDecider(parseXmlError); + +/** + * @internal + */ +export const defaultConfig = { + service: SERVICE_NAME, + endpointResolver, + retryDecider, + computeDelay: jitteredBackoff, + userAgentValue: getAmplifyUserAgent(), + uriEscapePath: false, // Required by S3. See https://github.com/aws/aws-sdk-js-v3/blob/9ba012dfa3a3429aa2db0f90b3b0b3a7a31f9bc3/packages/signature-v4/src/SignatureV4.ts#L76-L83 +}; diff --git a/packages/storage/src/providers/s3/utils/client/s3control/getDataAccess.ts b/packages/storage/src/providers/s3/utils/client/s3control/getDataAccess.ts new file mode 100644 index 00000000000..84adb14e8aa --- /dev/null +++ b/packages/storage/src/providers/s3/utils/client/s3control/getDataAccess.ts @@ -0,0 +1,96 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + Endpoint, + HttpRequest, + HttpResponse, + parseMetadata, +} from '@aws-amplify/core/internals/aws-client-utils'; +import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; +import { + AmplifyUrl, + AmplifyUrlSearchParams, +} from '@aws-amplify/core/internals/utils'; + +import { + assignStringVariables, + buildStorageServiceError, + deserializeTimestamp, + map, + parseXmlBody, + s3TransferHandler, +} from '../utils'; + +import type { + GetDataAccessCommandInput, + GetDataAccessCommandOutput, +} from './types'; +import { defaultConfig, parseXmlError } from './base'; + +export type GetDataAccessInput = GetDataAccessCommandInput; + +export type GetDataAccessOutput = GetDataAccessCommandOutput; + +const getDataAccessSerializer = ( + input: GetDataAccessInput, + endpoint: Endpoint, +): HttpRequest => { + const headers = assignStringVariables({ + 'x-amz-account-id': input.AccountId, + }); + const query = assignStringVariables({ + durationSeconds: input.DurationSeconds, + permission: input.Permission, + privilege: input.Privilege, + target: input.Target, + targetType: input.TargetType, + }); + const url = new AmplifyUrl(endpoint.url.toString()); + url.search = new AmplifyUrlSearchParams(query).toString(); + + // Ref: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetDataAccess.html + url.pathname = '/v20180820/accessgrantsinstance/dataaccess'; + + return { + method: 'GET', + headers, + url, + }; +}; + +const getDataAccessDeserializer = async ( + response: HttpResponse, +): Promise => { + if (response.statusCode >= 300) { + // error is always set when statusCode >= 300 + const error = (await parseXmlError(response)) as Error; + throw buildStorageServiceError(error, response.statusCode); + } else { + const parsed = await parseXmlBody(response); + const contents = map(parsed, { + Credentials: ['Credentials', deserializeCredentials], + MatchedGrantTarget: 'MatchedGrantTarget', + }); + + return { + $metadata: parseMetadata(response), + ...contents, + }; + } +}; + +const deserializeCredentials = (output: any) => + map(output, { + AccessKeyId: 'AccessKeyId', + Expiration: ['Expiration', deserializeTimestamp], + SecretAccessKey: 'SecretAccessKey', + SessionToken: 'SessionToken', + }); + +export const getDataAccess = composeServiceApi( + s3TransferHandler, + getDataAccessSerializer, + getDataAccessDeserializer, + { ...defaultConfig, responseType: 'text' }, +); diff --git a/packages/storage/src/providers/s3/utils/client/s3control/index.ts b/packages/storage/src/providers/s3/utils/client/s3control/index.ts new file mode 100644 index 00000000000..b9ae5230334 --- /dev/null +++ b/packages/storage/src/providers/s3/utils/client/s3control/index.ts @@ -0,0 +1,13 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +export { + getDataAccess, + GetDataAccessInput, + GetDataAccessOutput, +} from '../s3control/getDataAccess'; +export { + listCallerAccessGrants, + ListCallerAccessGrantsInput, + ListCallerAccessGrantsOutput, +} from '../s3control/listCallerAccessGrants'; diff --git a/packages/storage/src/providers/s3/utils/client/s3control/listCallerAccessGrants.ts b/packages/storage/src/providers/s3/utils/client/s3control/listCallerAccessGrants.ts new file mode 100644 index 00000000000..5c4b3b71d8c --- /dev/null +++ b/packages/storage/src/providers/s3/utils/client/s3control/listCallerAccessGrants.ts @@ -0,0 +1,115 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { + Endpoint, + HttpRequest, + HttpResponse, + parseMetadata, +} from '@aws-amplify/core/internals/aws-client-utils'; +import { + AmplifyUrl, + AmplifyUrlSearchParams, +} from '@aws-amplify/core/internals/utils'; +import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; + +import { + assignStringVariables, + buildStorageServiceError, + emptyArrayGuard, + map, + parseXmlBody, + s3TransferHandler, +} from '../utils'; +import { createStringEnumDeserializer } from '../utils/deserializeHelpers'; + +import type { + ListCallerAccessGrantsCommandInput, + ListCallerAccessGrantsCommandOutput, +} from './types'; +import { defaultConfig, parseXmlError } from './base'; + +export type ListCallerAccessGrantsInput = Pick< + ListCallerAccessGrantsCommandInput, + | 'AccountId' + | 'AllowedByApplication' + | 'GrantScope' + | 'NextToken' + | 'MaxResults' +>; + +export type ListCallerAccessGrantsOutput = ListCallerAccessGrantsCommandOutput; + +const listCallerAccessGrantsSerializer = ( + input: ListCallerAccessGrantsInput, + endpoint: Endpoint, +): HttpRequest => { + const headers = assignStringVariables({ + 'x-amz-account-id': input.AccountId, + }); + const query = assignStringVariables({ + grantscope: input.GrantScope, + maxResults: input.MaxResults, + nextToken: input.NextToken, + allowedByApplication: input.AllowedByApplication, + }); + const url = new AmplifyUrl(endpoint.url.toString()); + url.search = new AmplifyUrlSearchParams(query).toString(); + + // Ref: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListCallerAccessGrants.html + url.pathname = '/v20180820/accessgrantsinstance/caller/grants'; + + return { + method: 'GET', + headers, + url, + }; +}; + +const listCallerAccessGrantsDeserializer = async ( + response: HttpResponse, +): Promise => { + if (response.statusCode >= 300) { + // error is always set when statusCode >= 300 + const error = (await parseXmlError(response)) as Error; + throw buildStorageServiceError(error, response.statusCode); + } else { + const parsed = await parseXmlBody(response); + const contents = map(parsed, { + CallerAccessGrantsList: [ + 'CallerAccessGrantsList', + value => + emptyArrayGuard(value.AccessGrant, deserializeAccessGrantsList), + ], + NextToken: 'NextToken', + }); + + return { + $metadata: parseMetadata(response), + ...contents, + }; + } +}; + +const deserializeAccessGrantsList = (output: any[]) => + output.map(deserializeCallerAccessGrant); + +const deserializeCallerAccessGrant = (output: any) => + map(output, { + ApplicationArn: 'ApplicationArn', + GrantScope: 'GrantScope', + Permission: [ + 'Permission', + createStringEnumDeserializer( + ['READ', 'READWRITE', 'WRITE'] as const, + 'Permission', + ), + ], + }); + +export const listCallerAccessGrants = composeServiceApi( + s3TransferHandler, + listCallerAccessGrantsSerializer, + listCallerAccessGrantsDeserializer, + { ...defaultConfig, responseType: 'text' }, +); diff --git a/packages/storage/src/providers/s3/utils/client/s3control/types.ts b/packages/storage/src/providers/s3/utils/client/s3control/types.ts new file mode 100644 index 00000000000..612875980e4 --- /dev/null +++ b/packages/storage/src/providers/s3/utils/client/s3control/types.ts @@ -0,0 +1,246 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +/** + * Generated by scripts/dts-bundler/README.md + */ + +import { MetadataBearer as __MetadataBearer } from '@aws-sdk/types'; + +declare const Permission: { + readonly READ: 'READ'; + readonly READWRITE: 'READWRITE'; + readonly WRITE: 'WRITE'; +}; +declare const Privilege: { + readonly Default: 'Default'; + readonly Minimal: 'Minimal'; +}; +declare const S3PrefixType: { + readonly Object: 'Object'; +}; + +/** + *

The Amazon Web Services Security Token Service temporary credential that S3 Access Grants vends to grantees and client applications.

+ * @public + */ +export interface Credentials { + /** + *

The unique access key ID of the Amazon Web Services STS temporary credential that S3 Access Grants vends to grantees and client applications.

+ * @public + */ + AccessKeyId?: string; + /** + *

The secret access key of the Amazon Web Services STS temporary credential that S3 Access Grants vends to grantees and client applications.

+ * @public + */ + SecretAccessKey?: string; + /** + *

The Amazon Web Services STS temporary credential that S3 Access Grants vends to grantees and client applications.

+ * @public + */ + SessionToken?: string; + /** + *

The expiration date and time of the temporary credential that S3 Access Grants vends to grantees and client applications.

+ * @public + */ + Expiration?: Date; +} +/** + * @public + * + * The input for {@link GetDataAccessCommand}. + */ +export interface GetDataAccessCommandInput extends GetDataAccessRequest {} +/** + * @public + * + * The output of {@link GetDataAccessCommand}. + */ +export interface GetDataAccessCommandOutput + extends GetDataAccessResult, + __MetadataBearer {} +/** + * @public + */ +export interface GetDataAccessRequest { + /** + *

The Amazon Web Services account ID of the S3 Access Grants instance.

+ * @public + */ + AccountId?: string; + /** + *

The S3 URI path of the data to which you are requesting temporary access credentials. If the requesting account has an access grant for this data, S3 Access Grants vends temporary access credentials in the response.

+ * @public + */ + Target: string | undefined; + /** + *

The type of permission granted to your S3 data, which can be set to one of the following values:

+ *
    + *
  • + *

    + * READ – Grant read-only access to the S3 data.

    + *
  • + *
  • + *

    + * WRITE – Grant write-only access to the S3 data.

    + *
  • + *
  • + *

    + * READWRITE – Grant both read and write access to the S3 data.

    + *
  • + *
+ * @public + */ + Permission: Permission | undefined; + /** + *

The session duration, in seconds, of the temporary access credential that S3 Access Grants vends to the grantee or client application. The default value is 1 hour, but the grantee can specify a range from 900 seconds (15 minutes) up to 43200 seconds (12 hours). If the grantee requests a value higher than this maximum, the operation fails.

+ * @public + */ + DurationSeconds?: number; + /** + *

The scope of the temporary access credential that S3 Access Grants vends to the grantee or client application.

+ *
    + *
  • + *

    + * Default – The scope of the returned temporary access token is the scope of the grant that is closest to the target scope.

    + *
  • + *
  • + *

    + * Minimal – The scope of the returned temporary access token is the same as the requested target scope as long as the requested scope is the same as or a subset of the grant scope.

    + *
  • + *
+ * @public + */ + Privilege?: Privilege; + /** + *

The type of Target. The only possible value is Object. Pass this value if the target data that you would like to access is a path to an object. Do not pass this value if the target data is a bucket or a bucket and a prefix.

+ * @public + */ + TargetType?: S3PrefixType; +} +/** + * @public + */ +export interface GetDataAccessResult { + /** + *

The temporary credential token that S3 Access Grants vends.

+ * @public + */ + Credentials?: Credentials; + /** + *

The S3 URI path of the data to which you are being granted temporary access credentials.

+ * @public + */ + MatchedGrantTarget?: string; +} +/** + * @public + * + * The input for {@link ListCallerAccessGrantsCommand}. + */ +export interface ListCallerAccessGrantsCommandInput + extends ListCallerAccessGrantsRequest {} +/** + * @public + * + * The output of {@link ListCallerAccessGrantsCommand}. + */ +export interface ListCallerAccessGrantsCommandOutput + extends ListCallerAccessGrantsResult, + __MetadataBearer {} +/** + *

Part of ListCallerAccessGrantsResult. Each entry includes the + * permission level (READ, WRITE, or READWRITE) and the grant scope of the access grant. If the grant also includes an application ARN, the grantee can only access the S3 data through this application.

+ * @public + */ +export interface ListCallerAccessGrantsEntry { + /** + *

The type of permission granted, which can be one of the following values:

+ *
    + *
  • + *

    + * READ - Grants read-only access to the S3 data.

    + *
  • + *
  • + *

    + * WRITE - Grants write-only access to the S3 data.

    + *
  • + *
  • + *

    + * READWRITE - Grants both read and write access to the S3 data.

    + *
  • + *
+ * @public + */ + Permission?: Permission; + /** + *

The S3 path of the data to which you have been granted access.

+ * @public + */ + GrantScope?: string; + /** + *

The Amazon Resource Name (ARN) of an Amazon Web Services IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.

+ * @public + */ + ApplicationArn?: string; +} +/** + * @public + */ +export interface ListCallerAccessGrantsRequest { + /** + *

The Amazon Web Services account ID of the S3 Access Grants instance.

+ * @public + */ + AccountId?: string; + /** + *

The S3 path of the data that you would like to access. Must start with s3://. You can optionally pass only the beginning characters of a path, and S3 Access Grants will search for all applicable grants for the path fragment.

+ * @public + */ + GrantScope?: string; + /** + *

A pagination token to request the next page of results. Pass this value into a subsequent List Caller Access Grants request in order to retrieve the next page of results.

+ * @public + */ + NextToken?: string; + /** + *

The maximum number of access grants that you would like returned in the List Caller Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.

+ * @public + */ + MaxResults?: number; + /** + *

If this optional parameter is passed in the request, a filter is applied to the results. The results will include only the access grants for the caller's Identity Center application or for any other applications (ALL).

+ * @public + */ + AllowedByApplication?: boolean; +} +/** + * @public + */ +export interface ListCallerAccessGrantsResult { + /** + *

A pagination token that you can use to request the next page of results. Pass this value into a subsequent List Caller Access Grants request in order to retrieve the next page of results.

+ * @public + */ + NextToken?: string; + /** + *

A list of the caller's access grants that were created using S3 Access Grants and that grant the caller access to the S3 data of the Amazon Web Services account ID that was specified in the request.

+ * @public + */ + CallerAccessGrantsList?: ListCallerAccessGrantsEntry[]; +} +/** + * @public + */ +export type Permission = (typeof Permission)[keyof typeof Permission]; +/** + * @public + */ +export type Privilege = (typeof Privilege)[keyof typeof Privilege]; +/** + * @public + */ +export type S3PrefixType = (typeof S3PrefixType)[keyof typeof S3PrefixType]; + +export {}; diff --git a/packages/storage/src/providers/s3/utils/client/abortMultipartUpload.ts b/packages/storage/src/providers/s3/utils/client/s3data/abortMultipartUpload.ts similarity index 80% rename from packages/storage/src/providers/s3/utils/client/abortMultipartUpload.ts rename to packages/storage/src/providers/s3/utils/client/s3data/abortMultipartUpload.ts index bddaf570d0e..83221ab22e9 100644 --- a/packages/storage/src/providers/s3/utils/client/abortMultipartUpload.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/abortMultipartUpload.ts @@ -14,19 +14,21 @@ import { } from '@aws-amplify/core/internals/utils'; import { MetadataBearer } from '@aws-sdk/types'; -import type { AbortMultipartUploadCommandInput } from './types'; -import { defaultConfig } from './base'; import { + assignStringVariables, buildStorageServiceError, - parseXmlError, s3TransferHandler, serializePathnameObjectKey, validateS3RequiredParameter, -} from './utils'; +} from '../utils'; +import { validateObjectUrl } from '../../validateObjectUrl'; + +import type { AbortMultipartUploadCommandInput } from './types'; +import { defaultConfig, parseXmlError } from './base'; export type AbortMultipartUploadInput = Pick< AbortMultipartUploadCommandInput, - 'Bucket' | 'Key' | 'UploadId' + 'Bucket' | 'Key' | 'UploadId' | 'ExpectedBucketOwner' >; export type AbortMultipartUploadOutput = MetadataBearer; @@ -42,10 +44,20 @@ const abortMultipartUploadSerializer = ( url.search = new AmplifyUrlSearchParams({ uploadId: input.UploadId, }).toString(); + validateObjectUrl({ + bucketName: input.Bucket, + key: input.Key, + objectURL: url, + }); + const headers = { + ...assignStringVariables({ + 'x-amz-expected-bucket-owner': input.ExpectedBucketOwner, + }), + }; return { method: 'DELETE', - headers: {}, + headers, url, }; }; diff --git a/packages/storage/src/providers/s3/utils/client/base.ts b/packages/storage/src/providers/s3/utils/client/s3data/base.ts similarity index 57% rename from packages/storage/src/providers/s3/utils/client/base.ts rename to packages/storage/src/providers/s3/utils/client/s3data/base.ts index 96f0e5958ef..fdf6160d077 100644 --- a/packages/storage/src/providers/s3/utils/client/base.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/base.ts @@ -8,11 +8,13 @@ import { import { EndpointResolverOptions, getDnsSuffix, - getRetryDecider, jitteredBackoff, } from '@aws-amplify/core/internals/aws-client-utils'; -import { parseXmlError } from './utils'; +import { createRetryDecider, createXmlErrorParser } from '../utils'; +import { LOCAL_TESTING_S3_ENDPOINT } from '../../constants'; +import { assertValidationError } from '../../../../../errors/utils/assertValidationError'; +import { StorageValidationErrorCode } from '../../../../../errors/types/validation'; const DOMAIN_PATTERN = /^[a-z0-9][a-z0-9.-]{1,61}[a-z0-9]$/; const IP_ADDRESS_PATTERN = /(\d+\.){3}\d+/; @@ -34,12 +36,22 @@ export type S3EndpointResolverOptions = EndpointResolverOptions & { */ useAccelerateEndpoint?: boolean; /** - * Fully qualified custom endpoint for S3. If this is set, this endpoint will be used regardless of region or - * useAccelerateEndpoint config. - * The path of this endpoint + * A fully qualified custom endpoint for S3. If set, this endpoint will override + * the default S3 endpoint and be used regardless of the specified region or + * `useAccelerateEndpoint` configuration. + * + * Refer to AWS documentation for more details on available endpoints: + * https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_region + * + * @example + * ```ts + * // Examples of S3 custom endpoints + * const endpoint1 = "s3.us-east-2.amazonaws.com"; + * const endpoint2 = "s3.dualstack.us-east-2.amazonaws.com"; + * const endpoint3 = "s3-fips.dualstack.us-east-2.amazonaws.com"; + * ``` */ customEndpoint?: string; - /** * Whether to force path style URLs for S3 objects (e.g., https://s3.amazonaws.com// instead of * https://.s3.amazonaws.com/ @@ -60,22 +72,31 @@ const endpointResolver = ( let endpoint: URL; // 1. get base endpoint if (customEndpoint) { - endpoint = new AmplifyUrl(customEndpoint); - } else if (useAccelerateEndpoint) { - if (forcePathStyle) { - throw new Error( - 'Path style URLs are not supported with S3 Transfer Acceleration.', - ); + if (customEndpoint === LOCAL_TESTING_S3_ENDPOINT) { + endpoint = new AmplifyUrl(customEndpoint); } + assertValidationError( + !customEndpoint.includes('://'), + StorageValidationErrorCode.InvalidCustomEndpoint, + ); + endpoint = new AmplifyUrl(`https://${customEndpoint}`); + } else if (useAccelerateEndpoint) { + // this ErrorCode isn't expose yet since forcePathStyle param isn't publicly exposed + assertValidationError( + !forcePathStyle, + StorageValidationErrorCode.ForcePathStyleEndpointNotSupported, + ); endpoint = new AmplifyUrl(`https://s3-accelerate.${getDnsSuffix(region)}`); } else { endpoint = new AmplifyUrl(`https://s3.${region}.${getDnsSuffix(region)}`); } // 2. inject bucket name if (apiInput?.Bucket) { - if (!isDnsCompatibleBucketName(apiInput.Bucket)) { - throw new Error(`Invalid bucket name: "${apiInput.Bucket}".`); - } + assertValidationError( + isDnsCompatibleBucketName(apiInput.Bucket), + StorageValidationErrorCode.DnsIncompatibleBucketName, + ); + if (forcePathStyle || apiInput.Bucket.includes('.')) { endpoint.pathname = `/${apiInput.Bucket}`; } else { @@ -100,13 +121,37 @@ export const isDnsCompatibleBucketName = (bucketName: string): boolean => !IP_ADDRESS_PATTERN.test(bucketName) && !DOTS_PATTERN.test(bucketName); +/** + * Error parser for the XML payload of S3 data plane error response. The error's + * `Code` and `Message` locates directly at the XML root element. + * + * @example + * ``` + * + * + * NoSuchKey + * The resource you requested does not exist + * /mybucket/myfoto.jpg + * 4442587FB7D0A2F9 + * + * ``` + * + * @internal + */ +export const parseXmlError = createXmlErrorParser({ noErrorWrapping: true }); + +/** + * @internal + */ +export const retryDecider = createRetryDecider(parseXmlError); + /** * @internal */ export const defaultConfig = { service: SERVICE_NAME, endpointResolver, - retryDecider: getRetryDecider(parseXmlError), + retryDecider, computeDelay: jitteredBackoff, userAgentValue: getAmplifyUserAgent(), useAccelerateEndpoint: false, diff --git a/packages/storage/src/providers/s3/utils/client/completeMultipartUpload.ts b/packages/storage/src/providers/s3/utils/client/s3data/completeMultipartUpload.ts similarity index 75% rename from packages/storage/src/providers/s3/utils/client/completeMultipartUpload.ts rename to packages/storage/src/providers/s3/utils/client/s3data/completeMultipartUpload.ts index 36dd9f59a52..e7c4c516157 100644 --- a/packages/storage/src/providers/s3/utils/client/completeMultipartUpload.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/completeMultipartUpload.ts @@ -5,6 +5,8 @@ import { Endpoint, HttpRequest, HttpResponse, + MiddlewareContext, + RetryDeciderOutput, parseMetadata, } from '@aws-amplify/core/internals/aws-client-utils'; import { @@ -13,29 +15,38 @@ import { } from '@aws-amplify/core/internals/utils'; import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; -import type { - CompleteMultipartUploadCommandInput, - CompleteMultipartUploadCommandOutput, - CompletedMultipartUpload, - CompletedPart, -} from './types'; -import { defaultConfig } from './base'; import { + assignStringVariables, buildStorageServiceError, map, parseXmlBody, - parseXmlError, s3TransferHandler, serializePathnameObjectKey, validateS3RequiredParameter, -} from './utils'; +} from '../utils'; +import { validateObjectUrl } from '../../validateObjectUrl'; +import { validateMultipartUploadXML } from '../../validateMultipartUploadXML'; + +import { defaultConfig, parseXmlError, retryDecider } from './base'; +import type { + CompleteMultipartUploadCommandInput, + CompleteMultipartUploadCommandOutput, + CompletedMultipartUpload, + CompletedPart, +} from './types'; const INVALID_PARAMETER_ERROR_MSG = 'Invalid parameter for ComplteMultipartUpload API'; export type CompleteMultipartUploadInput = Pick< CompleteMultipartUploadCommandInput, - 'Bucket' | 'Key' | 'UploadId' | 'MultipartUpload' + | 'Bucket' + | 'Key' + | 'UploadId' + | 'MultipartUpload' + | 'ChecksumCRC32' + | 'ExpectedBucketOwner' + | 'IfNoneMatch' >; export type CompleteMultipartUploadOutput = Pick< @@ -49,6 +60,11 @@ const completeMultipartUploadSerializer = async ( ): Promise => { const headers = { 'content-type': 'application/xml', + ...assignStringVariables({ + 'x-amz-checksum-crc32': input.ChecksumCRC32, + 'x-amz-expected-bucket-owner': input.ExpectedBucketOwner, + 'If-None-Match': input.IfNoneMatch, + }), }; const url = new AmplifyUrl(endpoint.url.toString()); validateS3RequiredParameter(!!input.Key, 'Key'); @@ -58,14 +74,20 @@ const completeMultipartUploadSerializer = async ( uploadId: input.UploadId, }).toString(); validateS3RequiredParameter(!!input.MultipartUpload, 'MultipartUpload'); + validateObjectUrl({ + bucketName: input.Bucket, + key: input.Key, + objectURL: url, + }); + + const xml = serializeCompletedMultipartUpload(input.MultipartUpload); + validateMultipartUploadXML(input.MultipartUpload, xml); return { method: 'POST', headers, url, - body: - '' + - serializeCompletedMultipartUpload(input.MultipartUpload), + body: '' + xml, }; }; @@ -86,7 +108,13 @@ const serializeCompletedPartList = (input: CompletedPart): string => { throw new Error(`${INVALID_PARAMETER_ERROR_MSG}: ${input}`); } - return `${input.ETag}${input.PartNumber}`; + const eTag = `${input.ETag}`; + const partNumber = `${input.PartNumber}`; + const checksumCRC32 = input.ChecksumCRC32 + ? `${input.ChecksumCRC32}` + : ''; + + return `${eTag}${partNumber}${checksumCRC32}`; }; /** @@ -135,25 +163,24 @@ const completeMultipartUploadDeserializer = async ( const retryWhenErrorWith200StatusCode = async ( response?: HttpResponse, error?: unknown, -): Promise => { + middlewareContext?: MiddlewareContext, +): Promise => { if (!response) { - return false; + return { retryable: false }; } if (response.statusCode === 200) { if (!response.body) { - return true; + return { retryable: true }; } const parsed = await parseXmlBody(response); if (parsed.Code !== undefined && parsed.Message !== undefined) { - return true; + return { retryable: true }; } - return false; + return { retryable: false }; } - const defaultRetryDecider = defaultConfig.retryDecider; - - return defaultRetryDecider(response, error); + return retryDecider(response, error, middlewareContext); }; export const completeMultipartUpload = composeServiceApi( diff --git a/packages/storage/src/providers/s3/utils/client/copyObject.ts b/packages/storage/src/providers/s3/utils/client/s3data/copyObject.ts similarity index 59% rename from packages/storage/src/providers/s3/utils/client/copyObject.ts rename to packages/storage/src/providers/s3/utils/client/s3data/copyObject.ts index a08301d9f7e..f1dd2784d13 100644 --- a/packages/storage/src/providers/s3/utils/client/copyObject.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/copyObject.ts @@ -10,18 +10,21 @@ import { import { AmplifyUrl } from '@aws-amplify/core/internals/utils'; import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; -import type { CopyObjectCommandInput, CopyObjectCommandOutput } from './types'; -import { defaultConfig } from './base'; import { assignStringVariables, + bothNilOrEqual, buildStorageServiceError, parseXmlBody, - parseXmlError, s3TransferHandler, serializeObjectConfigsToHeaders, serializePathnameObjectKey, validateS3RequiredParameter, -} from './utils'; +} from '../utils'; +import { IntegrityError } from '../../../../../errors/IntegrityError'; +import { validateObjectUrl } from '../../validateObjectUrl'; + +import type { CopyObjectCommandInput, CopyObjectCommandOutput } from './types'; +import { defaultConfig, parseXmlError } from './base'; export type CopyObjectInput = Pick< CopyObjectCommandInput, @@ -37,6 +40,10 @@ export type CopyObjectInput = Pick< | 'ACL' | 'Tagging' | 'Metadata' + | 'CopySourceIfUnmodifiedSince' + | 'CopySourceIfMatch' + | 'ExpectedSourceBucketOwner' + | 'ExpectedBucketOwner' >; export type CopyObjectOutput = CopyObjectCommandOutput; @@ -50,11 +57,22 @@ const copyObjectSerializer = async ( ...assignStringVariables({ 'x-amz-copy-source': input.CopySource, 'x-amz-metadata-directive': input.MetadataDirective, + 'x-amz-copy-source-if-match': input.CopySourceIfMatch, + 'x-amz-copy-source-if-unmodified-since': + input.CopySourceIfUnmodifiedSince?.toUTCString(), + 'x-amz-source-expected-bucket-owner': input.ExpectedSourceBucketOwner, + 'x-amz-expected-bucket-owner': input.ExpectedBucketOwner, }), }; + validateCopyObjectHeaders(input, headers); const url = new AmplifyUrl(endpoint.url.toString()); validateS3RequiredParameter(!!input.Key, 'Key'); url.pathname = serializePathnameObjectKey(url, input.Key); + validateObjectUrl({ + bucketName: input.Bucket, + key: input.Key, + objectURL: url, + }); return { method: 'PUT', @@ -63,6 +81,31 @@ const copyObjectSerializer = async ( }; }; +export const validateCopyObjectHeaders = ( + input: CopyObjectInput, + headers: Record, +) => { + const validations: boolean[] = [ + headers['x-amz-copy-source'] === input.CopySource, + bothNilOrEqual( + input.MetadataDirective, + headers['x-amz-metadata-directive'], + ), + bothNilOrEqual( + input.CopySourceIfMatch, + headers['x-amz-copy-source-if-match'], + ), + bothNilOrEqual( + input.CopySourceIfUnmodifiedSince?.toUTCString(), + headers['x-amz-copy-source-if-unmodified-since'], + ), + ]; + + if (validations.some(validation => !validation)) { + throw new IntegrityError(); + } +}; + const copyObjectDeserializer = async ( response: HttpResponse, ): Promise => { diff --git a/packages/storage/src/providers/s3/utils/client/createMultipartUpload.ts b/packages/storage/src/providers/s3/utils/client/s3data/createMultipartUpload.ts similarity index 80% rename from packages/storage/src/providers/s3/utils/client/createMultipartUpload.ts rename to packages/storage/src/providers/s3/utils/client/s3data/createMultipartUpload.ts index 5a2b79a9635..86a9e5cb89a 100644 --- a/packages/storage/src/providers/s3/utils/client/createMultipartUpload.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/createMultipartUpload.ts @@ -10,22 +10,24 @@ import { import { AmplifyUrl } from '@aws-amplify/core/internals/utils'; import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; -import type { - CreateMultipartUploadCommandInput, - CreateMultipartUploadCommandOutput, -} from './types'; -import type { PutObjectInput } from './putObject'; -import { defaultConfig } from './base'; import { + assignStringVariables, buildStorageServiceError, map, parseXmlBody, - parseXmlError, s3TransferHandler, serializeObjectConfigsToHeaders, serializePathnameObjectKey, validateS3RequiredParameter, -} from './utils'; +} from '../utils'; +import { validateObjectUrl } from '../../validateObjectUrl'; + +import type { + CreateMultipartUploadCommandInput, + CreateMultipartUploadCommandOutput, +} from './types'; +import type { PutObjectInput } from './putObject'; +import { defaultConfig, parseXmlError } from './base'; export type CreateMultipartUploadInput = Extract< CreateMultipartUploadCommandInput, @@ -41,11 +43,22 @@ const createMultipartUploadSerializer = async ( input: CreateMultipartUploadInput, endpoint: Endpoint, ): Promise => { - const headers = await serializeObjectConfigsToHeaders(input); + const headers = { + ...(await serializeObjectConfigsToHeaders(input)), + ...assignStringVariables({ + 'x-amz-checksum-algorithm': input.ChecksumAlgorithm, + 'x-amz-expected-bucket-owner': input.ExpectedBucketOwner, + }), + }; const url = new AmplifyUrl(endpoint.url.toString()); validateS3RequiredParameter(!!input.Key, 'Key'); url.pathname = serializePathnameObjectKey(url, input.Key); url.search = 'uploads'; + validateObjectUrl({ + bucketName: input.Bucket, + key: input.Key, + objectURL: url, + }); return { method: 'POST', diff --git a/packages/storage/src/providers/s3/utils/client/deleteObject.ts b/packages/storage/src/providers/s3/utils/client/s3data/deleteObject.ts similarity index 81% rename from packages/storage/src/providers/s3/utils/client/deleteObject.ts rename to packages/storage/src/providers/s3/utils/client/s3data/deleteObject.ts index 290a3e5ebf0..ebbba829d94 100644 --- a/packages/storage/src/providers/s3/utils/client/deleteObject.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/deleteObject.ts @@ -10,24 +10,26 @@ import { import { AmplifyUrl } from '@aws-amplify/core/internals/utils'; import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; -import type { - DeleteObjectCommandInput, - DeleteObjectCommandOutput, -} from './types'; -import { defaultConfig } from './base'; import { + assignStringVariables, buildStorageServiceError, deserializeBoolean, map, - parseXmlError, s3TransferHandler, serializePathnameObjectKey, validateS3RequiredParameter, -} from './utils'; +} from '../utils'; +import { validateObjectUrl } from '../../validateObjectUrl'; + +import type { + DeleteObjectCommandInput, + DeleteObjectCommandOutput, +} from './types'; +import { defaultConfig, parseXmlError } from './base'; export type DeleteObjectInput = Pick< DeleteObjectCommandInput, - 'Bucket' | 'Key' + 'Bucket' | 'Key' | 'ExpectedBucketOwner' >; export type DeleteObjectOutput = DeleteObjectCommandOutput; @@ -39,10 +41,18 @@ const deleteObjectSerializer = ( const url = new AmplifyUrl(endpoint.url.toString()); validateS3RequiredParameter(!!input.Key, 'Key'); url.pathname = serializePathnameObjectKey(url, input.Key); + validateObjectUrl({ + bucketName: input.Bucket, + key: input.Key, + objectURL: url, + }); + const headers = assignStringVariables({ + 'x-amz-expected-bucket-owner': input.ExpectedBucketOwner, + }); return { method: 'DELETE', - headers: {}, + headers, url, }; }; diff --git a/packages/storage/src/providers/s3/utils/client/getObject.ts b/packages/storage/src/providers/s3/utils/client/s3data/getObject.ts similarity index 93% rename from packages/storage/src/providers/s3/utils/client/getObject.ts rename to packages/storage/src/providers/s3/utils/client/s3data/getObject.ts index 2b4153541cd..fca84d1b570 100644 --- a/packages/storage/src/providers/s3/utils/client/getObject.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/getObject.ts @@ -11,28 +11,34 @@ import { parseMetadata, presignUrl, } from '@aws-amplify/core/internals/aws-client-utils'; -import { AmplifyUrl } from '@aws-amplify/core/internals/utils'; import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; +import { AmplifyUrl } from '@aws-amplify/core/internals/utils'; -import { S3EndpointResolverOptions, defaultConfig } from './base'; -import type { - CompatibleHttpResponse, - GetObjectCommandInput, - GetObjectCommandOutput, -} from './types'; import { CONTENT_SHA256_HEADER, + assignStringVariables, buildStorageServiceError, deserializeBoolean, deserializeMetadata, deserializeNumber, deserializeTimestamp, map, - parseXmlError, s3TransferHandler, serializePathnameObjectKey, validateS3RequiredParameter, -} from './utils'; +} from '../utils'; +import { validateObjectUrl } from '../../validateObjectUrl'; + +import { + S3EndpointResolverOptions, + defaultConfig, + parseXmlError, +} from './base'; +import type { + CompatibleHttpResponse, + GetObjectCommandInput, + GetObjectCommandOutput, +} from './types'; const USER_AGENT_HEADER = 'x-amz-user-agent'; @@ -43,6 +49,7 @@ export type GetObjectInput = Pick< | 'Range' | 'ResponseContentDisposition' | 'ResponseContentType' + | 'ExpectedBucketOwner' >; export type GetObjectOutput = GetObjectCommandOutput; @@ -54,11 +61,19 @@ const getObjectSerializer = async ( const url = new AmplifyUrl(endpoint.url.toString()); validateS3RequiredParameter(!!input.Key, 'Key'); url.pathname = serializePathnameObjectKey(url, input.Key); + validateObjectUrl({ + bucketName: input.Bucket, + key: input.Key, + objectURL: url, + }); return { method: 'GET', headers: { ...(input.Range && { Range: input.Range }), + ...assignStringVariables({ + 'x-amz-expected-bucket-owner': input.ExpectedBucketOwner, + }), }, url, }; diff --git a/packages/storage/src/providers/s3/utils/client/headObject.ts b/packages/storage/src/providers/s3/utils/client/s3data/headObject.ts similarity index 81% rename from packages/storage/src/providers/s3/utils/client/headObject.ts rename to packages/storage/src/providers/s3/utils/client/s3data/headObject.ts index 109263def26..c3fc64fb425 100644 --- a/packages/storage/src/providers/s3/utils/client/headObject.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/headObject.ts @@ -10,21 +10,26 @@ import { import { AmplifyUrl } from '@aws-amplify/core/internals/utils'; import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; -import { defaultConfig } from './base'; -import type { HeadObjectCommandInput, HeadObjectCommandOutput } from './types'; import { + assignStringVariables, buildStorageServiceError, deserializeMetadata, deserializeNumber, deserializeTimestamp, map, - parseXmlError, s3TransferHandler, serializePathnameObjectKey, validateS3RequiredParameter, -} from './utils'; +} from '../utils'; +import { validateObjectUrl } from '../../validateObjectUrl'; + +import { defaultConfig, parseXmlError } from './base'; +import type { HeadObjectCommandInput, HeadObjectCommandOutput } from './types'; -export type HeadObjectInput = Pick; +export type HeadObjectInput = Pick< + HeadObjectCommandInput, + 'Bucket' | 'Key' | 'ExpectedBucketOwner' +>; export type HeadObjectOutput = Pick< HeadObjectCommandOutput, @@ -44,10 +49,18 @@ const headObjectSerializer = async ( const url = new AmplifyUrl(endpoint.url.toString()); validateS3RequiredParameter(!!input.Key, 'Key'); url.pathname = serializePathnameObjectKey(url, input.Key); + validateObjectUrl({ + bucketName: input.Bucket, + key: input.Key, + objectURL: url, + }); + const headers = assignStringVariables({ + 'x-amz-expected-bucket-owner': input.ExpectedBucketOwner, + }); return { method: 'HEAD', - headers: {}, + headers, url, }; }; diff --git a/packages/storage/src/providers/s3/utils/client/index.ts b/packages/storage/src/providers/s3/utils/client/s3data/index.ts similarity index 100% rename from packages/storage/src/providers/s3/utils/client/index.ts rename to packages/storage/src/providers/s3/utils/client/s3data/index.ts diff --git a/packages/storage/src/providers/s3/utils/client/listObjectsV2.ts b/packages/storage/src/providers/s3/utils/client/s3data/listObjectsV2.ts similarity index 83% rename from packages/storage/src/providers/s3/utils/client/listObjectsV2.ts rename to packages/storage/src/providers/s3/utils/client/s3data/listObjectsV2.ts index 232499931c5..6caa8a46a8e 100644 --- a/packages/storage/src/providers/s3/utils/client/listObjectsV2.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/listObjectsV2.ts @@ -13,11 +13,6 @@ import { } from '@aws-amplify/core/internals/utils'; import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; -import type { - ListObjectsV2CommandInput, - ListObjectsV2CommandOutput, -} from './types'; -import { defaultConfig } from './base'; import { assignStringVariables, buildStorageServiceError, @@ -27,9 +22,15 @@ import { emptyArrayGuard, map, parseXmlBody, - parseXmlError, s3TransferHandler, -} from './utils'; +} from '../utils'; +import { IntegrityError } from '../../../../../errors/IntegrityError'; + +import type { + ListObjectsV2CommandInput, + ListObjectsV2CommandOutput, +} from './types'; +import { defaultConfig, parseXmlError } from './base'; export type ListObjectsV2Input = ListObjectsV2CommandInput; @@ -93,10 +94,14 @@ const listObjectsV2Deserializer = async ( StartAfter: 'StartAfter', }); - return { + const output = { $metadata: parseMetadata(response), ...contents, }; + + validateCorroboratingElements(output); + + return output; } }; @@ -130,6 +135,27 @@ const deserializeChecksumAlgorithmList = (output: any[]) => const deserializeOwner = (output: any) => map(output, { DisplayName: 'DisplayName', ID: 'ID' }); +const validateCorroboratingElements = (response: ListObjectsV2Output) => { + const { + IsTruncated, + KeyCount, + Contents = [], + CommonPrefixes = [], + NextContinuationToken, + } = response; + + const validTruncation = + (IsTruncated && !!NextContinuationToken) || + (!IsTruncated && !NextContinuationToken); + + const validNumberOfKeysReturned = + KeyCount === Contents.length + CommonPrefixes.length; + + if (!validTruncation || !validNumberOfKeysReturned) { + throw new IntegrityError(); + } +}; + export const listObjectsV2 = composeServiceApi( s3TransferHandler, listObjectsV2Serializer, diff --git a/packages/storage/src/providers/s3/utils/client/listParts.ts b/packages/storage/src/providers/s3/utils/client/s3data/listParts.ts similarity index 82% rename from packages/storage/src/providers/s3/utils/client/listParts.ts rename to packages/storage/src/providers/s3/utils/client/s3data/listParts.ts index 86899ad4e9d..0affbf7a5f5 100644 --- a/packages/storage/src/providers/s3/utils/client/listParts.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/listParts.ts @@ -13,23 +13,19 @@ import { } from '@aws-amplify/core/internals/utils'; import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; -import type { - CompletedPart, - ListPartsCommandInput, - ListPartsCommandOutput, -} from './types'; -import { defaultConfig } from './base'; import { buildStorageServiceError, - deserializeNumber, + deserializeCompletedPartList, emptyArrayGuard, map, parseXmlBody, - parseXmlError, s3TransferHandler, serializePathnameObjectKey, validateS3RequiredParameter, -} from './utils'; +} from '../utils'; + +import type { ListPartsCommandInput, ListPartsCommandOutput } from './types'; +import { defaultConfig, parseXmlError } from './base'; export type ListPartsInput = Pick< ListPartsCommandInput, @@ -84,15 +80,6 @@ const listPartsDeserializer = async ( } }; -const deserializeCompletedPartList = (input: any[]): CompletedPart[] => - input.map(item => - map(item, { - PartNumber: ['PartNumber', deserializeNumber], - ETag: 'ETag', - Size: ['Size', deserializeNumber], - }), - ); - export const listParts = composeServiceApi( s3TransferHandler, listPartsSerializer, diff --git a/packages/storage/src/providers/s3/utils/client/putObject.ts b/packages/storage/src/providers/s3/utils/client/s3data/putObject.ts similarity index 81% rename from packages/storage/src/providers/s3/utils/client/putObject.ts rename to packages/storage/src/providers/s3/utils/client/s3data/putObject.ts index 86755f1c703..7b7f9c2a43e 100644 --- a/packages/storage/src/providers/s3/utils/client/putObject.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/putObject.ts @@ -10,18 +10,19 @@ import { import { AmplifyUrl } from '@aws-amplify/core/internals/utils'; import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; -import { defaultConfig } from './base'; -import type { PutObjectCommandInput, PutObjectCommandOutput } from './types'; import { assignStringVariables, buildStorageServiceError, map, - parseXmlError, s3TransferHandler, serializeObjectConfigsToHeaders, serializePathnameObjectKey, validateS3RequiredParameter, -} from './utils'; +} from '../utils'; +import { validateObjectUrl } from '../../validateObjectUrl'; + +import { defaultConfig, parseXmlError } from './base'; +import type { PutObjectCommandInput, PutObjectCommandOutput } from './types'; export type PutObjectInput = Pick< PutObjectCommandInput, @@ -37,6 +38,9 @@ export type PutObjectInput = Pick< | 'Expires' | 'Metadata' | 'Tagging' + | 'ChecksumCRC32' + | 'ExpectedBucketOwner' + | 'IfNoneMatch' >; export type PutObjectOutput = Pick< @@ -55,11 +59,21 @@ const putObjectSerializer = async ( ...input, ContentType: input.ContentType ?? 'application/octet-stream', })), - ...assignStringVariables({ 'content-md5': input.ContentMD5 }), + ...assignStringVariables({ + 'content-md5': input.ContentMD5, + 'x-amz-checksum-crc32': input.ChecksumCRC32, + 'x-amz-expected-bucket-owner': input.ExpectedBucketOwner, + 'If-None-Match': input.IfNoneMatch, + }), }; const url = new AmplifyUrl(endpoint.url.toString()); validateS3RequiredParameter(!!input.Key, 'Key'); url.pathname = serializePathnameObjectKey(url, input.Key); + validateObjectUrl({ + bucketName: input.Bucket, + key: input.Key, + objectURL: url, + }); return { method: 'PUT', diff --git a/packages/storage/src/providers/s3/utils/client/types.ts b/packages/storage/src/providers/s3/utils/client/s3data/types.ts similarity index 98% rename from packages/storage/src/providers/s3/utils/client/types.ts rename to packages/storage/src/providers/s3/utils/client/s3data/types.ts index d4ccf20c1cd..4a9fad263f3 100644 --- a/packages/storage/src/providers/s3/utils/client/types.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/types.ts @@ -367,6 +367,13 @@ export interface CompleteMultipartUploadRequest { * Amazon S3 User Guide.

*/ SSECustomerKeyMD5?: string; + /** + *

Uploads the object only if the object key name does not already exist in the bucket specified. Otherwise, Amazon S3 returns a 412 Precondition Failed error.

+ *

If a conflicting operation occurs during the upload S3 returns a 409 ConditionalRequestConflict response. On a 409 failure you should re-initiate the multipart upload with CreateMultipartUpload and re-upload each part.

+ *

Expects the '*' (asterisk) character.

+ *

For more information about conditional requests, see RFC 7232, or Conditional requests in the Amazon S3 User Guide.

+ */ + IfNoneMatch?: string; } /** * @public @@ -2534,6 +2541,13 @@ export interface PutObjectRequest { *

The account ID of the expected bucket owner. If the bucket is owned by a different account, the request fails with the HTTP status code 403 Forbidden (access denied).

*/ ExpectedBucketOwner?: string; + /** + *

Uploads the object only if the object key name does not already exist in the bucket specified. Otherwise, Amazon S3 returns a 412 Precondition Failed error.

+ *

If a conflicting operation occurs during the upload S3 returns a 409 ConditionalRequestConflict response. On a 409 failure you should retry the upload.

+ *

Expects the '*' (asterisk) character.

+ *

For more information about conditional requests, see RFC 7232, or Conditional requests in the Amazon S3 User Guide.

+ */ + IfNoneMatch?: string; } /** * This interface extends from `UploadPartRequest` interface. There are more parameters than `Body` defined in {@link UploadPartRequest} diff --git a/packages/storage/src/providers/s3/utils/client/uploadPart.ts b/packages/storage/src/providers/s3/utils/client/s3data/uploadPart.ts similarity index 78% rename from packages/storage/src/providers/s3/utils/client/uploadPart.ts rename to packages/storage/src/providers/s3/utils/client/s3data/uploadPart.ts index 3bcacc6236f..629f352e42d 100644 --- a/packages/storage/src/providers/s3/utils/client/uploadPart.ts +++ b/packages/storage/src/providers/s3/utils/client/s3data/uploadPart.ts @@ -13,23 +13,31 @@ import { } from '@aws-amplify/core/internals/utils'; import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers'; -import { defaultConfig } from './base'; -import type { UploadPartCommandInput, UploadPartCommandOutput } from './types'; import { assignStringVariables, buildStorageServiceError, map, - parseXmlError, s3TransferHandler, serializePathnameObjectKey, validateS3RequiredParameter, -} from './utils'; +} from '../utils'; +import { validateObjectUrl } from '../../validateObjectUrl'; + +import { defaultConfig, parseXmlError } from './base'; +import type { UploadPartCommandInput, UploadPartCommandOutput } from './types'; // Content-length is ignored here because it's forbidden header // and will be set by browser or fetch polyfill. export type UploadPartInput = Pick< UploadPartCommandInput, - 'PartNumber' | 'Body' | 'UploadId' | 'Bucket' | 'Key' | 'ContentMD5' + | 'PartNumber' + | 'Body' + | 'UploadId' + | 'Bucket' + | 'Key' + | 'ContentMD5' + | 'ChecksumCRC32' + | 'ExpectedBucketOwner' >; export type UploadPartOutput = Pick< @@ -42,9 +50,13 @@ const uploadPartSerializer = async ( endpoint: Endpoint, ): Promise => { const headers = { - ...assignStringVariables({ 'content-md5': input.ContentMD5 }), + ...assignStringVariables({ + 'x-amz-checksum-crc32': input.ChecksumCRC32, + 'content-md5': input.ContentMD5, + 'x-amz-expected-bucket-owner': input.ExpectedBucketOwner, + }), + 'content-type': 'application/octet-stream', }; - headers['content-type'] = 'application/octet-stream'; const url = new AmplifyUrl(endpoint.url.toString()); validateS3RequiredParameter(!!input.Key, 'Key'); url.pathname = serializePathnameObjectKey(url, input.Key); @@ -54,6 +66,11 @@ const uploadPartSerializer = async ( partNumber: input.PartNumber + '', uploadId: input.UploadId, }).toString(); + validateObjectUrl({ + bucketName: input.Bucket, + key: input.Key, + objectURL: url, + }); return { method: 'PUT', diff --git a/packages/storage/src/providers/s3/utils/client/utils/createRetryDecider.ts b/packages/storage/src/providers/s3/utils/client/utils/createRetryDecider.ts new file mode 100644 index 00000000000..bc9ce1c161c --- /dev/null +++ b/packages/storage/src/providers/s3/utils/client/utils/createRetryDecider.ts @@ -0,0 +1,96 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +import { + ErrorParser, + HttpResponse, + MiddlewareContext, + RetryDeciderOutput, + getRetryDecider, +} from '@aws-amplify/core/internals/aws-client-utils'; + +import { LocationCredentialsProvider } from '../../../types/options'; + +/** + * Function to decide if the S3 request should be retried. For S3 APIs, we support forceRefresh option + * for {@link LocationCredentialsProvider | LocationCredentialsProvider } option. It's set when S3 returns + * credentials expired error. In the retry decider, we detect this response and set flag to signify a retry + * attempt. The retry attempt would invoke the LocationCredentialsProvider with forceRefresh option set. + * + * @param response Optional response of the request. + * @param error Optional error thrown from previous attempts. + * @param middlewareContext Optional context object to store data between retries. + * @returns True if the request should be retried. + */ +export type RetryDecider = ( + response?: HttpResponse, + error?: unknown, + middlewareContext?: MiddlewareContext, +) => Promise; + +/** + * Factory of a {@link RetryDecider} function. + * + * @param errorParser function to parse HTTP response wth XML payload to JS + * Error instance. + * @returns A structure indicating if the response is retryable; And if it is a + * CredentialsExpiredError + */ +export const createRetryDecider = + (errorParser: ErrorParser): RetryDecider => + async ( + response?: HttpResponse, + error?: unknown, + middlewareContext?: MiddlewareContext, + ): Promise => { + const defaultRetryDecider = getRetryDecider(errorParser); + const defaultRetryDecision = await defaultRetryDecider(response, error); + if (!response) { + return { retryable: defaultRetryDecision.retryable }; + } + const parsedError = await errorParser(response); + const errorCode = parsedError?.name; + const errorMessage = parsedError?.message; + const isCredentialsExpired = isCredentialsExpiredError( + errorCode, + errorMessage, + ); + + return { + retryable: + defaultRetryDecision.retryable || + // If we know the previous retry attempt sets isCredentialsExpired in the + // middleware context, we don't want to retry anymore. + !!(isCredentialsExpired && !middlewareContext?.isCredentialsExpired), + isCredentialsExpiredError: isCredentialsExpired, + }; + }; + +// Ref: https://github.com/aws/aws-sdk-js/blob/54829e341181b41573c419bd870dd0e0f8f10632/lib/event_listeners.js#L522-L541 +const INVALID_TOKEN_ERROR_CODES = [ + 'RequestExpired', + 'ExpiredTokenException', + 'ExpiredToken', +]; + +/** + * Given an error code, returns true if it is related to invalid credentials. + * + * @param errorCode String representation of some error. + * @returns True if given error indicates the credentials used to authorize request + * are invalid. + */ +const isCredentialsExpiredError = ( + errorCode?: string, + errorMessage?: string, +) => { + const isExpiredTokenError = + !!errorCode && INVALID_TOKEN_ERROR_CODES.includes(errorCode); + // Ref: https://github.com/aws/aws-sdk-js/blob/54829e341181b41573c419bd870dd0e0f8f10632/lib/event_listeners.js#L536-L539 + const isExpiredSignatureError = + !!errorCode && + !!errorMessage && + errorCode.includes('Signature') && + errorMessage.includes('expired'); + + return isExpiredTokenError || isExpiredSignatureError; +}; diff --git a/packages/storage/src/providers/s3/utils/client/utils/deserializeHelpers.ts b/packages/storage/src/providers/s3/utils/client/utils/deserializeHelpers.ts index 0c06cbc60e7..0c2e3d2c7c0 100644 --- a/packages/storage/src/providers/s3/utils/client/utils/deserializeHelpers.ts +++ b/packages/storage/src/providers/s3/utils/client/utils/deserializeHelpers.ts @@ -5,6 +5,7 @@ import { Headers } from '@aws-amplify/core/internals/aws-client-utils'; import { ServiceError } from '@aws-amplify/core/internals/utils'; import { StorageError } from '../../../../../errors/StorageError'; +import { CompletedPart } from '../s3data'; type PropertyNameWithStringValue = string; type PropertyNameWithSubsequentDeserializer = [string, (arg: any) => T]; @@ -104,6 +105,47 @@ export const deserializeTimestamp = (value: string): Date | undefined => { return value ? new Date(value) : undefined; }; +/** + * Create a function deserializing a string to an enum value. If the string is not a valid enum value, it throws a + * StorageError. + * + * @example + * ```typescript + * const deserializeStringEnum = createStringEnumDeserializer(['a', 'b', 'c'] as const, 'FieldName'); + * const deserializedArray = ['a', 'b', 'c'].map(deserializeStringEnum); + * // deserializedArray = ['a', 'b', 'c'] + * + * const invalidValue = deserializeStringEnum('d'); + * // Throws InvalidFieldName: Invalid FieldName: d + * ``` + * + * @internal + */ +export const createStringEnumDeserializer = ( + enumValues: T, + fieldName: string, +) => { + const deserializeStringEnum = ( + value: any, + ): T extends (infer E)[] ? E : never => { + const parsedEnumValue = value + ? (enumValues.find(enumValue => enumValue === value) as any) + : undefined; + if (!parsedEnumValue) { + throw new StorageError({ + name: `Invalid${fieldName}`, + message: `Invalid ${fieldName}: ${value}`, + recoverySuggestion: + 'This is likely to be a bug. Please reach out to library authors.', + }); + } + + return parsedEnumValue; + }; + + return deserializeStringEnum; +}; + /** * Function that makes sure the deserializer receives non-empty array. * @@ -161,3 +203,17 @@ export const buildStorageServiceError = ( return storageError; }; + +/** + * Internal-only method used for deserializing the parts of a multipart upload. + * + * @internal + */ +export const deserializeCompletedPartList = (input: any[]): CompletedPart[] => + input.map(item => + map(item, { + PartNumber: ['PartNumber', deserializeNumber], + ETag: 'ETag', + ChecksumCRC32: 'ChecksumCRC32', + }), + ); diff --git a/packages/storage/src/providers/s3/utils/client/utils/index.ts b/packages/storage/src/providers/s3/utils/client/utils/index.ts index abfe9328d45..1dbf1b54d9d 100644 --- a/packages/storage/src/providers/s3/utils/client/utils/index.ts +++ b/packages/storage/src/providers/s3/utils/client/utils/index.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -export { parseXmlBody, parseXmlError } from './parsePayload'; +export { parseXmlBody, createXmlErrorParser } from './parsePayload'; export { SEND_DOWNLOAD_PROGRESS_EVENT, SEND_UPLOAD_PROGRESS_EVENT, @@ -13,6 +13,7 @@ export { export { buildStorageServiceError, deserializeBoolean, + deserializeCompletedPartList, deserializeMetadata, deserializeNumber, deserializeTimestamp, @@ -25,3 +26,5 @@ export { serializePathnameObjectKey, validateS3RequiredParameter, } from './serializeHelpers'; +export { createRetryDecider } from './createRetryDecider'; +export { bothNilOrEqual } from './integrityHelpers'; diff --git a/packages/storage/src/providers/s3/utils/client/utils/integrityHelpers.ts b/packages/storage/src/providers/s3/utils/client/utils/integrityHelpers.ts new file mode 100644 index 00000000000..783be7c810d --- /dev/null +++ b/packages/storage/src/providers/s3/utils/client/utils/integrityHelpers.ts @@ -0,0 +1,62 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +export const isNil = (value?: T) => { + return value === undefined || value === null; +}; + +export const bothNilOrEqual = (original?: string, output?: string): boolean => { + return (isNil(original) && isNil(output)) || original === output; +}; + +/** + * This function is used to determine if a value is an object. + * It excludes arrays and null values. + * + * @param value + * @returns + */ +export const isObject = (value?: T) => { + return value != null && typeof value === 'object' && !Array.isArray(value); +}; + +/** + * This function is used to compare two objects and determine if they are equal. + * It handles nested objects and arrays as well. + * Array order is not taken into account. + * + * @param object + * @param other + * @returns + */ +export const isEqual = (object: T, other: T): boolean => { + if (Array.isArray(object) && !Array.isArray(other)) { + return false; + } + if (!Array.isArray(object) && Array.isArray(other)) { + return false; + } + if (Array.isArray(object) && Array.isArray(other)) { + return ( + object.length === other.length && + object.every((val, ix) => isEqual(val, other[ix])) + ); + } + if (!isObject(object) || !isObject(other)) { + return object === other; + } + + const objectKeys = Object.keys(object as any); + const otherKeys = Object.keys(other as any); + + if (objectKeys.length !== otherKeys.length) { + return false; + } + + return objectKeys.every(key => { + return ( + otherKeys.includes(key) && + isEqual(object[key as keyof T] as any, other[key as keyof T] as any) + ); + }); +}; diff --git a/packages/storage/src/providers/s3/utils/client/utils/parsePayload.ts b/packages/storage/src/providers/s3/utils/client/utils/parsePayload.ts index 9da44dcbdd0..f0284d573d2 100644 --- a/packages/storage/src/providers/s3/utils/client/utils/parsePayload.ts +++ b/packages/storage/src/providers/s3/utils/client/utils/parsePayload.ts @@ -9,25 +9,43 @@ import { import { parser } from '../runtime'; -export const parseXmlError: ErrorParser = async (response?: HttpResponse) => { - if (!response || response.statusCode < 300) { - return; - } - const { statusCode } = response; - const body = await parseXmlBody(response); - const code = body?.Code - ? (body.Code as string) - : statusCode === 404 - ? 'NotFound' - : statusCode.toString(); - const message = body?.message ?? body?.Message ?? code; - const error = new Error(message); +/** + * Factory creating a parser that parses the JS Error object from the XML + * response payload. + * + * @param input Input object + * @param input.noErrorWrapping Whether the error code and message are located + * directly in the root XML element, or in a nested `` element. + * See: https://smithy.io/2.0/aws/protocols/aws-restxml-protocol.html#restxml-errors + * + * Default to false. + * + * @internal + */ +export const createXmlErrorParser = + ({ + noErrorWrapping = false, + }: { noErrorWrapping?: boolean } = {}): ErrorParser => + async (response?: HttpResponse) => { + if (!response || response.statusCode < 300) { + return; + } + const { statusCode } = response; + const body = await parseXmlBody(response); + const errorLocation = noErrorWrapping ? body : body.Error; + const code = errorLocation?.Code + ? (errorLocation.Code as string) + : statusCode === 404 + ? 'NotFound' + : statusCode.toString(); + const message = errorLocation?.message ?? errorLocation?.Message ?? code; + const error = new Error(message); - return Object.assign(error, { - name: code, - $metadata: parseMetadata(response), - }); -}; + return Object.assign(error, { + name: code, + $metadata: parseMetadata(response), + }); + }; export const parseXmlBody = async (response: HttpResponse): Promise => { if (!response.body) { diff --git a/packages/storage/src/providers/s3/utils/constants.ts b/packages/storage/src/providers/s3/utils/constants.ts index e96c83c8f3c..72a58b778de 100644 --- a/packages/storage/src/providers/s3/utils/constants.ts +++ b/packages/storage/src/providers/s3/utils/constants.ts @@ -13,6 +13,9 @@ const MiB = 1024 * 1024; const GiB = 1024 * MiB; const TiB = 1024 * GiB; +/** + * Default part size in MB that is used to determine if an upload task is single part or multi part. + */ export const DEFAULT_PART_SIZE = 5 * MiB; export const MAX_OBJECT_SIZE = 5 * TiB; export const MAX_PARTS_COUNT = 10000; @@ -25,3 +28,5 @@ export const STORAGE_INPUT_KEY = 'key'; export const STORAGE_INPUT_PATH = 'path'; export const DEFAULT_DELIMITER = '/'; + +export const CHECKSUM_ALGORITHM_CRC32 = 'crc-32'; diff --git a/packages/storage/src/providers/s3/utils/crc32.ts b/packages/storage/src/providers/s3/utils/crc32.ts new file mode 100644 index 00000000000..b11e97085ba --- /dev/null +++ b/packages/storage/src/providers/s3/utils/crc32.ts @@ -0,0 +1,72 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import crc32 from 'crc-32'; + +import { hexToArrayBuffer, hexToBase64 } from './hexUtils'; +import { readFile } from './readFile'; + +const CHUNK_SIZE = 1024 * 1024; // 1MB chunks + +export interface CRC32Checksum { + checksumArrayBuffer: ArrayBuffer; + checksum: string; + seed: number; +} + +export const calculateContentCRC32 = async ( + content: Blob | string | ArrayBuffer | ArrayBufferView, + seed = 0, +): Promise => { + let internalSeed = seed; + + if (content instanceof ArrayBuffer || ArrayBuffer.isView(content)) { + let uint8Array: Uint8Array; + + if (content instanceof ArrayBuffer) { + uint8Array = new Uint8Array(content); + } else { + uint8Array = new Uint8Array( + content.buffer, + content.byteOffset, + content.byteLength, + ); + } + + let offset = 0; + while (offset < uint8Array.length) { + const end = Math.min(offset + CHUNK_SIZE, uint8Array.length); + const chunk = uint8Array.slice(offset, end); + internalSeed = crc32.buf(chunk, internalSeed) >>> 0; + offset = end; + } + } else { + let blob: Blob; + + if (content instanceof Blob) { + blob = content; + } else { + blob = new Blob([content]); + } + + let offset = 0; + while (offset < blob.size) { + const end = Math.min(offset + CHUNK_SIZE, blob.size); + const chunk = blob.slice(offset, end); + const arrayBuffer = await readFile(chunk); + const uint8Array = new Uint8Array(arrayBuffer); + + internalSeed = crc32.buf(uint8Array, internalSeed) >>> 0; + + offset = end; + } + } + + const hex = internalSeed.toString(16).padStart(8, '0'); + + return { + checksumArrayBuffer: hexToArrayBuffer(hex), + checksum: hexToBase64(hex), + seed: internalSeed, + }; +}; diff --git a/packages/storage/src/providers/s3/utils/getCombinedCrc32.native.ts b/packages/storage/src/providers/s3/utils/getCombinedCrc32.native.ts new file mode 100644 index 00000000000..f15b4fec3a9 --- /dev/null +++ b/packages/storage/src/providers/s3/utils/getCombinedCrc32.native.ts @@ -0,0 +1,46 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { StorageUploadDataPayload } from '../../../types'; +import { getDataChunker } from '../apis/internal/uploadData/multipart/getDataChunker'; + +import { calculateContentCRC32 } from './crc32'; + +/** + * Calculates a combined CRC32 checksum for the given data. + * + * This function chunks the input data, calculates CRC32 for each chunk, + * and then combines these checksums into a single value. + * + * @async + * @param {StorageUploadDataPayload} data - The data to calculate the checksum for. + * @param {number | undefined} size - The size of each chunk. If undefined, a default chunk size will be used. + * @returns {Promise} A promise that resolves to a string containing the combined CRC32 checksum + * and the number of chunks, separated by a hyphen. + */ +export const getCombinedCrc32 = async ( + data: StorageUploadDataPayload, + size: number | undefined, +) => { + const crc32List: Uint8Array[] = []; + const dataChunker = getDataChunker(data, size); + + let totalLength = 0; + for (const { data: checkData } of dataChunker) { + const checksum = new Uint8Array( + (await calculateContentCRC32(checkData)).checksumArrayBuffer, + ); + totalLength += checksum.length; + crc32List.push(checksum); + } + + // Combine all Uint8Arrays into a single Uint8Array + const combinedArray = new Uint8Array(totalLength); + let offset = 0; + for (const crc32Hash of crc32List) { + combinedArray.set(crc32Hash, offset); + offset += crc32Hash.length; + } + + return `${(await calculateContentCRC32(combinedArray.buffer)).checksum}-${crc32List.length}`; +}; diff --git a/packages/storage/src/providers/s3/utils/getCombinedCrc32.ts b/packages/storage/src/providers/s3/utils/getCombinedCrc32.ts new file mode 100644 index 00000000000..91082038523 --- /dev/null +++ b/packages/storage/src/providers/s3/utils/getCombinedCrc32.ts @@ -0,0 +1,34 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { StorageUploadDataPayload } from '../../../types'; +import { getDataChunker } from '../apis/internal/uploadData/multipart/getDataChunker'; + +import { calculateContentCRC32 } from './crc32'; + +/** + * Calculates a combined CRC32 checksum for the given data. + * + * This function chunks the input data, calculates CRC32 for each chunk, + * and then combines these checksums into a single value. + * + * @async + * @param {StorageUploadDataPayload} data - The data to calculate the checksum for. + * @param {number | undefined} size - The size of each chunk. If undefined, a default chunk size will be used. + * @returns {Promise} A promise that resolves to a string containing the combined CRC32 checksum + * and the number of chunks, separated by a hyphen. + */ +export const getCombinedCrc32 = async ( + data: StorageUploadDataPayload, + size: number | undefined, +) => { + const crc32List: ArrayBuffer[] = []; + const dataChunker = getDataChunker(data, size); + for (const { data: checkData } of dataChunker) { + const { checksumArrayBuffer } = await calculateContentCRC32(checkData); + + crc32List.push(checksumArrayBuffer); + } + + return `${(await calculateContentCRC32(new Blob(crc32List))).checksum}-${crc32List.length}`; +}; diff --git a/packages/storage/src/providers/s3/utils/hexUtils.ts b/packages/storage/src/providers/s3/utils/hexUtils.ts new file mode 100644 index 00000000000..febb0d42e62 --- /dev/null +++ b/packages/storage/src/providers/s3/utils/hexUtils.ts @@ -0,0 +1,13 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { toBase64 } from './client/runtime'; + +export const hexToUint8Array = (hexString: string) => + new Uint8Array((hexString.match(/\w{2}/g)! ?? []).map(h => parseInt(h, 16))); + +export const hexToArrayBuffer = (hexString: string) => + hexToUint8Array(hexString).buffer; + +export const hexToBase64 = (hexString: string) => + toBase64(hexToUint8Array(hexString)); diff --git a/packages/storage/src/providers/s3/utils/index.ts b/packages/storage/src/providers/s3/utils/index.ts index cd6b9753019..a709e025988 100644 --- a/packages/storage/src/providers/s3/utils/index.ts +++ b/packages/storage/src/providers/s3/utils/index.ts @@ -4,6 +4,8 @@ export { calculateContentMd5 } from './md5'; export { resolveS3ConfigAndInput } from './resolveS3ConfigAndInput'; export { createDownloadTask, createUploadTask } from './transferTask'; +export { validateBucketOwnerID } from './validateBucketOwnerID'; export { validateStorageOperationInput } from './validateStorageOperationInput'; export { validateStorageOperationInputWithPrefix } from './validateStorageOperationInputWithPrefix'; export { isInputWithPath } from './isInputWithPath'; +export { urlDecode } from './urlDecoder'; diff --git a/packages/storage/src/providers/s3/utils/md5.ts b/packages/storage/src/providers/s3/utils/md5.ts index 98e04fdaf99..05cb09a4a5b 100644 --- a/packages/storage/src/providers/s3/utils/md5.ts +++ b/packages/storage/src/providers/s3/utils/md5.ts @@ -4,6 +4,7 @@ import { Md5 } from '@smithy/md5-js'; import { toBase64 } from './client/utils'; +import { readFile } from './readFile'; export const calculateContentMd5 = async ( content: Blob | string | ArrayBuffer | ArrayBufferView, @@ -15,18 +16,3 @@ export const calculateContentMd5 = async ( return toBase64(digest); }; - -const readFile = (file: Blob): Promise => - new Promise((resolve, reject) => { - const reader = new FileReader(); - reader.onload = () => { - resolve(reader.result as ArrayBuffer); - }; - reader.onabort = () => { - reject(new Error('Read aborted')); - }; - reader.onerror = () => { - reject(reader.error); - }; - reader.readAsArrayBuffer(file); - }); diff --git a/packages/storage/src/providers/s3/utils/md5.native.ts b/packages/storage/src/providers/s3/utils/readFile.native.ts similarity index 68% rename from packages/storage/src/providers/s3/utils/md5.native.ts rename to packages/storage/src/providers/s3/utils/readFile.native.ts index a0c5a2365d8..29ccbfa5966 100644 --- a/packages/storage/src/providers/s3/utils/md5.native.ts +++ b/packages/storage/src/providers/s3/utils/readFile.native.ts @@ -3,25 +3,10 @@ import { Buffer } from 'buffer'; -import { Md5 } from '@smithy/md5-js'; - -import { toBase64 } from './client/utils'; - -// The FileReader in React Native 0.71 did not support `readAsArrayBuffer`. This native implementation accomodates this +// The FileReader in React Native 0.71 did not support `readAsArrayBuffer`. This native implementation accommodates this // by attempting to use `readAsArrayBuffer` and changing the file reading strategy if it throws an error. // TODO: This file should be removable when we drop support for React Native 0.71 -export const calculateContentMd5 = async ( - content: Blob | string | ArrayBuffer | ArrayBufferView, -): Promise => { - const hasher = new Md5(); - const buffer = content instanceof Blob ? await readFile(content) : content; - hasher.update(buffer); - const digest = await hasher.digest(); - - return toBase64(digest); -}; - -const readFile = (file: Blob): Promise => +export const readFile = (file: Blob): Promise => new Promise((resolve, reject) => { const reader = new FileReader(); reader.onload = () => { diff --git a/packages/storage/src/providers/s3/utils/readFile.ts b/packages/storage/src/providers/s3/utils/readFile.ts new file mode 100644 index 00000000000..5d3782569d2 --- /dev/null +++ b/packages/storage/src/providers/s3/utils/readFile.ts @@ -0,0 +1,17 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +export const readFile = (file: Blob): Promise => + new Promise((resolve, reject) => { + const reader = new FileReader(); + reader.onload = () => { + resolve(reader.result as ArrayBuffer); + }; + reader.onabort = () => { + reject(new Error('Read aborted')); + }; + reader.onerror = () => { + reject(reader.error); + }; + reader.readAsArrayBuffer(file); + }); diff --git a/packages/storage/src/providers/s3/utils/resolveIdentityId.ts b/packages/storage/src/providers/s3/utils/resolveIdentityId.ts new file mode 100644 index 00000000000..c4831ae88c4 --- /dev/null +++ b/packages/storage/src/providers/s3/utils/resolveIdentityId.ts @@ -0,0 +1,11 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { StorageValidationErrorCode } from '../../../errors/types/validation'; +import { assertValidationError } from '../../../errors/utils/assertValidationError'; + +export const resolveIdentityId = (identityId?: string): string => { + assertValidationError(!!identityId, StorageValidationErrorCode.NoIdentityId); + + return identityId; +}; diff --git a/packages/storage/src/providers/s3/utils/resolveS3ConfigAndInput.ts b/packages/storage/src/providers/s3/utils/resolveS3ConfigAndInput.ts index 1e731ec2a12..7cb4c55316e 100644 --- a/packages/storage/src/providers/s3/utils/resolveS3ConfigAndInput.ts +++ b/packages/storage/src/providers/s3/utils/resolveS3ConfigAndInput.ts @@ -2,11 +2,25 @@ // SPDX-License-Identifier: Apache-2.0 import { AmplifyClassV6, StorageAccessLevel } from '@aws-amplify/core'; +import { CredentialsProviderOptions } from '@aws-amplify/core/internals/aws-client-utils'; import { assertValidationError } from '../../../errors/utils/assertValidationError'; import { StorageValidationErrorCode } from '../../../errors/types/validation'; import { resolvePrefix as defaultPrefixResolver } from '../../../utils/resolvePrefix'; -import { BucketInfo, ResolvedS3Config, StorageBucket } from '../types/options'; +import { + StorageOperationInputWithKey, + StorageOperationInputWithPath, + StorageOperationInputWithPrefix, +} from '../../../types/inputs'; +import { StorageError } from '../../../errors/StorageError'; +import { CopyInput, CopyWithPathInput } from '../types'; +import { INVALID_STORAGE_INPUT } from '../../../errors/constants'; +import { + BucketInfo, + LocationCredentialsProvider, + ResolvedS3Config, + StorageBucket, +} from '../types/options'; import { DEFAULT_ACCESS_LEVEL, LOCAL_TESTING_S3_ENDPOINT } from './constants'; @@ -14,6 +28,8 @@ interface S3ApiOptions { accessLevel?: StorageAccessLevel; targetIdentityId?: string; useAccelerateEndpoint?: boolean; + locationCredentialsProvider?: LocationCredentialsProvider; + customEndpoint?: string; bucket?: StorageBucket; } @@ -24,6 +40,16 @@ interface ResolvedS3ConfigAndInput { isObjectLockEnabled?: boolean; identityId?: string; } +export type DeprecatedStorageInput = + | StorageOperationInputWithKey + | StorageOperationInputWithPrefix + | CopyInput; + +export type CallbackPathStorageInput = + | StorageOperationInputWithPath + | CopyWithPathInput; + +type StorageInput = DeprecatedStorageInput | CallbackPathStorageInput; /** * resolve the common input options for S3 API handlers from Amplify configuration and library options. @@ -38,23 +64,35 @@ interface ResolvedS3ConfigAndInput { */ export const resolveS3ConfigAndInput = async ( amplify: AmplifyClassV6, - apiOptions?: S3ApiOptions, + apiInput?: StorageInput & { options?: S3ApiOptions }, ): Promise => { + const { options: apiOptions } = apiInput ?? {}; /** * IdentityId is always cached in memory so we can safely make calls here. It * should be stable even for unauthenticated users, regardless of credentials. */ const { identityId } = await amplify.Auth.fetchAuthSession(); - assertValidationError(!!identityId, StorageValidationErrorCode.NoIdentityId); /** * A credentials provider function instead of a static credentials object is * used because the long-running tasks like multipart upload may span over the * credentials expiry. Auth.fetchAuthSession() automatically refreshes the * credentials if they are expired. + * + * The optional forceRefresh option is set when the S3 service returns expired + * tokens error in the previous API call attempt. */ - const credentialsProvider = async () => { - const { credentials } = await amplify.Auth.fetchAuthSession(); + const credentialsProvider = async (options?: CredentialsProviderOptions) => { + if (isLocationCredentialsProvider(apiOptions)) { + assertStorageInput(apiInput); + } + + // TODO: forceRefresh option of fetchAuthSession would refresh both tokens and + // AWS credentials. So we do not support forceRefreshing from the Auth until + // we support refreshing only the credentials. + const { credentials } = isLocationCredentialsProvider(apiOptions) + ? await apiOptions.locationCredentialsProvider(options) + : await amplify.Auth.fetchAuthSession(); assertValidationError( !!credentials, StorageValidationErrorCode.NoCredentials, @@ -82,21 +120,23 @@ export const resolveS3ConfigAndInput = async ( isObjectLockEnabled, } = amplify.libraryOptions?.Storage?.S3 ?? {}; - const keyPrefix = await prefixResolver({ - accessLevel: - apiOptions?.accessLevel ?? defaultAccessLevel ?? DEFAULT_ACCESS_LEVEL, - // use conditional assign to make tsc happy because StorageOptions is a union type that may not have targetIdentityId - targetIdentityId: - apiOptions?.accessLevel === 'protected' - ? (apiOptions?.targetIdentityId ?? identityId) - : identityId, - }); + const accessLevel = + apiOptions?.accessLevel ?? defaultAccessLevel ?? DEFAULT_ACCESS_LEVEL; + const targetIdentityId = + accessLevel === 'protected' + ? (apiOptions?.targetIdentityId ?? identityId) + : identityId; + + const keyPrefix = await prefixResolver({ accessLevel, targetIdentityId }); return { s3Config: { credentials: credentialsProvider, region, useAccelerateEndpoint: apiOptions?.useAccelerateEndpoint, + ...(apiOptions?.customEndpoint + ? { customEndpoint: apiOptions.customEndpoint } + : {}), ...(dangerouslyConnectToHttpEndpointForTesting ? { customEndpoint: LOCAL_TESTING_S3_ENDPOINT, @@ -111,6 +151,65 @@ export const resolveS3ConfigAndInput = async ( }; }; +const isLocationCredentialsProvider = ( + options?: S3ApiOptions, +): options is S3ApiOptions & { + locationCredentialsProvider: LocationCredentialsProvider; +} => { + return !!options?.locationCredentialsProvider; +}; + +const isInputWithCallbackPath = (input?: CallbackPathStorageInput) => { + return ( + ((input as StorageOperationInputWithPath)?.path && + typeof (input as StorageOperationInputWithPath).path === 'function') || + ((input as CopyWithPathInput)?.destination?.path && + typeof (input as CopyWithPathInput).destination?.path === 'function') || + ((input as CopyWithPathInput)?.source?.path && + typeof (input as CopyWithPathInput).source?.path === 'function') + ); +}; + +const isDeprecatedInput = ( + input?: StorageInput, +): input is DeprecatedStorageInput => { + return ( + isInputWithKey(input) || + isInputWithPrefix(input) || + isInputWithCopySourceOrDestination(input) + ); +}; +const assertStorageInput = (input?: StorageInput) => { + if (isDeprecatedInput(input) || isInputWithCallbackPath(input)) { + throw new StorageError({ + name: INVALID_STORAGE_INPUT, + message: 'The input needs to have a path as a string value.', + recoverySuggestion: + 'Please provide a valid path as a string value for the input.', + }); + } +}; + +const isInputWithKey = ( + input?: StorageInput, +): input is StorageOperationInputWithKey => { + return !!(typeof (input as StorageOperationInputWithKey).key === 'string'); +}; +const isInputWithPrefix = ( + input?: StorageInput, +): input is StorageOperationInputWithPrefix => { + return !!( + typeof (input as StorageOperationInputWithPrefix).prefix === 'string' + ); +}; +const isInputWithCopySourceOrDestination = ( + input?: StorageInput, +): input is CopyInput => { + return !!( + typeof (input as CopyInput).source?.key === 'string' || + typeof (input as CopyInput).destination?.key === 'string' + ); +}; const resolveBucketConfig = ( apiOptions: S3ApiOptions, buckets: Record | undefined, diff --git a/packages/storage/src/providers/s3/utils/urlDecoder.ts b/packages/storage/src/providers/s3/utils/urlDecoder.ts new file mode 100644 index 00000000000..e812c8a23f4 --- /dev/null +++ b/packages/storage/src/providers/s3/utils/urlDecoder.ts @@ -0,0 +1,13 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +/** + * Decodes a URL-encoded string by replacing '+' characters with spaces and applying `decodeURIComponent`. + * Reference: + * https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/decodeURIComponent#decoding_query_parameters_from_a_url + * @param {string} value - The URL-encoded string to decode. + * @returns {string} The decoded string. + */ +export const urlDecode = (value: string): string => { + return decodeURIComponent(value.replace(/\+/g, ' ')); +}; diff --git a/packages/storage/src/providers/s3/utils/validateBucketOwnerID.ts b/packages/storage/src/providers/s3/utils/validateBucketOwnerID.ts new file mode 100644 index 00000000000..d43e91b5e17 --- /dev/null +++ b/packages/storage/src/providers/s3/utils/validateBucketOwnerID.ts @@ -0,0 +1,18 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { StorageValidationErrorCode } from '../../../errors/types/validation'; +import { assertValidationError } from '../../../errors/utils/assertValidationError'; + +const VALID_AWS_ACCOUNT_ID_PATTERN = /^\d{12}/; + +export const validateBucketOwnerID = (accountID?: string) => { + if (accountID === undefined) { + return; + } + + assertValidationError( + VALID_AWS_ACCOUNT_ID_PATTERN.test(accountID), + StorageValidationErrorCode.InvalidAWSAccountID, + ); +}; diff --git a/packages/storage/src/providers/s3/utils/validateMultipartUploadXML.ts b/packages/storage/src/providers/s3/utils/validateMultipartUploadXML.ts new file mode 100644 index 00000000000..0295ab511fc --- /dev/null +++ b/packages/storage/src/providers/s3/utils/validateMultipartUploadXML.ts @@ -0,0 +1,36 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { IntegrityError } from '../../../errors/IntegrityError'; + +import { parser } from './client/runtime'; +import { CompletedMultipartUpload } from './client/s3data/types'; +import { + deserializeCompletedPartList, + emptyArrayGuard, + map, +} from './client/utils'; +import { isEqual } from './client/utils/integrityHelpers'; + +export function validateMultipartUploadXML( + input: CompletedMultipartUpload, + xml: string, +) { + if (!input.Parts) { + throw new IntegrityError(); + } + const parsedXML = parser.parse(xml); + const mappedCompletedMultipartUpload: CompletedMultipartUpload = map( + parsedXML, + { + Parts: [ + 'Part', + value => emptyArrayGuard(value, deserializeCompletedPartList), + ], + }, + ); + + if (!isEqual(input, mappedCompletedMultipartUpload)) { + throw new IntegrityError(); + } +} diff --git a/packages/storage/src/providers/s3/utils/validateObjectUrl.ts b/packages/storage/src/providers/s3/utils/validateObjectUrl.ts new file mode 100644 index 00000000000..a50eb50daab --- /dev/null +++ b/packages/storage/src/providers/s3/utils/validateObjectUrl.ts @@ -0,0 +1,32 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { extendedEncodeURIComponent } from '@aws-amplify/core/internals/aws-client-utils'; + +import { IntegrityError } from '../../../errors/IntegrityError'; + +export function validateObjectUrl({ + bucketName, + key, + objectURL, +}: { + bucketName?: string; + key?: string; + objectURL?: URL; +}): void { + if (!bucketName || !key || !objectURL) { + throw new IntegrityError(); + } + const bucketWithDots = bucketName.includes('.'); + const encodedBucketName = extendedEncodeURIComponent(bucketName); + const encodedKey = key.split('/').map(extendedEncodeURIComponent).join('/'); + const isPathStyleUrl = + objectURL.pathname === `/${encodedBucketName}/${encodedKey}`; + const isSubdomainUrl = + objectURL.hostname.startsWith(`${encodedBucketName}.`) && + objectURL.pathname === `/${encodedKey}`; + + if (!(isPathStyleUrl || (!bucketWithDots && isSubdomainUrl))) { + throw new IntegrityError(); + } +} diff --git a/packages/storage/src/providers/s3/utils/validateStorageOperationInput.ts b/packages/storage/src/providers/s3/utils/validateStorageOperationInput.ts index 585701c81e9..fa423b45913 100644 --- a/packages/storage/src/providers/s3/utils/validateStorageOperationInput.ts +++ b/packages/storage/src/providers/s3/utils/validateStorageOperationInput.ts @@ -7,6 +7,7 @@ import { StorageValidationErrorCode } from '../../../errors/types/validation'; import { isInputWithPath } from './isInputWithPath'; import { STORAGE_INPUT_KEY, STORAGE_INPUT_PATH } from './constants'; +import { resolveIdentityId } from './resolveIdentityId'; export const validateStorageOperationInput = ( input: Input, @@ -22,7 +23,10 @@ export const validateStorageOperationInput = ( if (isInputWithPath(input)) { const { path } = input; - const objectKey = typeof path === 'string' ? path : path({ identityId }); + const objectKey = + typeof path === 'string' + ? path + : path({ identityId: resolveIdentityId(identityId) }); assertValidationError( !objectKey.startsWith('/'), diff --git a/packages/storage/src/providers/s3/utils/validateStorageOperationInputWithPrefix.ts b/packages/storage/src/providers/s3/utils/validateStorageOperationInputWithPrefix.ts index da1068af010..1c2efce19f7 100644 --- a/packages/storage/src/providers/s3/utils/validateStorageOperationInputWithPrefix.ts +++ b/packages/storage/src/providers/s3/utils/validateStorageOperationInputWithPrefix.ts @@ -9,6 +9,7 @@ import { assertValidationError } from '../../../errors/utils/assertValidationErr import { StorageValidationErrorCode } from '../../../errors/types/validation'; import { STORAGE_INPUT_PATH, STORAGE_INPUT_PREFIX } from './constants'; +import { resolveIdentityId } from './resolveIdentityId'; // Local assertion function with StorageOperationInputWithPrefixPath as Input const _isInputWithPath = ( @@ -28,7 +29,10 @@ export const validateStorageOperationInputWithPrefix = ( ); if (_isInputWithPath(input)) { const { path } = input; - const objectKey = typeof path === 'string' ? path : path({ identityId }); + const objectKey = + typeof path === 'string' + ? path + : path({ identityId: resolveIdentityId(identityId) }); // Assert on no leading slash in the path parameter assertValidationError( diff --git a/packages/storage/src/types/inputs.ts b/packages/storage/src/types/inputs.ts index 06c348b4b8f..7b8f8b10570 100644 --- a/packages/storage/src/types/inputs.ts +++ b/packages/storage/src/types/inputs.ts @@ -3,7 +3,10 @@ import { StrictUnion } from '@aws-amplify/core/internals/utils'; -import { StorageBucket } from '../providers/s3/types/options'; +import { + CopyWithPathDestinationOptions, + CopyWithPathSourceOptions, +} from '../providers/s3/types/options'; import { StorageListAllOptions, @@ -93,8 +96,8 @@ export interface StorageCopyInputWithKey< } export interface StorageCopyInputWithPath { - source: StorageOperationInputWithPath & { bucket?: StorageBucket }; - destination: StorageOperationInputWithPath & { bucket?: StorageBucket }; + source: StorageOperationInputWithPath & CopyWithPathSourceOptions; + destination: StorageOperationInputWithPath & CopyWithPathDestinationOptions; } /** diff --git a/scripts/dts-bundler/README.md b/scripts/dts-bundler/README.md index ce6b8459f27..7bd7938b2fa 100644 --- a/scripts/dts-bundler/README.md +++ b/scripts/dts-bundler/README.md @@ -1,10 +1,32 @@ -This project is used to rollup the TS types from the AWS SDK into the custom AWS clients. You can regenerate them -by running the `build` script in this project, and commit the generated file changes. +## What is this package? -To update the generated types files, you need to: +Amplify JS uses custom AWS API clients in limited scope. These API handlers' types are compatible with those of +AWS SDK, and trimmed to the parameters used by the Amplify library. -1. Update existing `*.d.ts` files in this folder or add new ones. -1. If new `*.d.ts` file is added, update the `dts-bundler.config.js` with additional entries. +This package is used to rollup the TS types from the AWS SDK into the custom AWS clients. You can regenerate them +by running the `build` script in this project, then review & commit the generated file changes. + +## How to update the custom AWS clients types? + +Since custom AWS clients are used in limited scope, in most cases you don't need to add any new services. Instead, you +may need to update the SDK versions or exporting additional types. Here's the steps: + +1. Make sure the `package.json` dev dependencies entry contains the AWS SDK service client you are working with and +more importantly the version is upgraded to that supports the feature you are working with. +1. Open the `*.d.ts` file for the AWS client you need to upgrade, and make sure the interfaces you need are exported. +1. Open the `dts-bundler.config.js` file and make sure the entry to the `*.d.ts` file you are working with exists and +the `outFile` path is expected. + * You need to update the `libraries.inlinedLibraries` to include the AWS SDK service client package to bundle + the TS interfaces there. 1. Run the generating script `yarn && yarn build`. The generated files will be shown in the console. -1. Inspect generated files and make sure headers are not changed. -1. Commit the changes + * If you only want to work with a single AWS service instead of changing all the definitions for all the services, + you can comment out other service entries from the `dts-bundler.config.js`. +1. Inspect the bundled TypeScript definition file in the `outFile` path. To better compare the diffs, you need to +re-format the generated code. + * You need to make sure any license headers and previous notes are not changed. + * The bundled TypeScript definition file may import more types transitive dependencies of AWS SDK package. In this + case you may need to tweak the `libraries.inlinedLibraries` config until all the necessary dependency types are + bundled. + * You need to make sure the imported packages of the bundle file(e.g. `@aws-sdk/types`) are also added to the + Amplify library's **runtime dependency**. + * You **must** make sure the documented manual changes are re-applied to the newly generated bundle file. diff --git a/scripts/dts-bundler/dts-bundler.config.js b/scripts/dts-bundler/dts-bundler.config.js index e4ac1a24d61..bc6fd3b44e5 100644 --- a/scripts/dts-bundler/dts-bundler.config.js +++ b/scripts/dts-bundler/dts-bundler.config.js @@ -76,12 +76,20 @@ const config = { }, { filePath: './s3.d.ts', - outFile: join(storagePackageSrcClientsPath, 'client', 'types.ts'), + outFile: join(storagePackageSrcClientsPath, 'client', 's3data', 'types.ts'), libraries: { inlinedLibraries: ['@aws-sdk/client-s3'], }, output: outputConfig, }, + { + filePath: './s3-control.d.ts', + outFile: join(storagePackageSrcClientsPath, 'client', 's3control', 'types.ts'), + libraries: { + inlinedLibraries: ['@aws-sdk/client-s3-control'], + }, + output: outputConfig, + }, { filePath: './cognito-identity-provider.d.ts', outFile: join( diff --git a/scripts/dts-bundler/package.json b/scripts/dts-bundler/package.json index 85aa0a9ea72..69e499bcd22 100644 --- a/scripts/dts-bundler/package.json +++ b/scripts/dts-bundler/package.json @@ -1,10 +1,12 @@ { "name": "api-extract-aws-clients", + "private": true, "devDependencies": { "@aws-sdk/client-pinpoint": "3.335.1", "@aws-sdk/client-cognito-identity": "3.335.0", "@aws-sdk/client-cognito-identity-provider": "3.386.0", - "@aws-sdk/client-s3": "3.335.0", + "@aws-sdk/client-s3": "3.673.0", + "@aws-sdk/client-s3-control": "3.670.0", "dts-bundle-generator": "^8.0.1" }, "scripts": { diff --git a/scripts/dts-bundler/s3-control.d.ts b/scripts/dts-bundler/s3-control.d.ts new file mode 100644 index 00000000000..e6d727c5fba --- /dev/null +++ b/scripts/dts-bundler/s3-control.d.ts @@ -0,0 +1,13 @@ +import { + ListCallerAccessGrantsCommandInput, + ListCallerAccessGrantsCommandOutput, + GetDataAccessCommandInput, + GetDataAccessCommandOutput, +} from '@aws-sdk/client-s3-control'; + +export { + ListCallerAccessGrantsCommandInput, + ListCallerAccessGrantsCommandOutput, + GetDataAccessCommandInput, + GetDataAccessCommandOutput, +}; diff --git a/tsconfig.json b/tsconfig.json index 7a38e92756a..53556e642d3 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -25,5 +25,5 @@ "module": "es2020", "types": ["node", "jest"] }, - "exclude": ["node_modules", "dist", ".eslintrc.js", "scripts"] + "exclude": ["node_modules", "dist", ".eslintrc.js"] } diff --git a/yarn.lock b/yarn.lock index e80146f785f..f36d58a9ef6 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5148,6 +5148,13 @@ resolved "https://registry.yarnpkg.com/@types/node/-/node-16.18.82.tgz#58d734b4acaa5be339864bbec9cd8024dd0b43d5" integrity sha512-pcDZtkx9z8XYV+ius2P3Ot2VVrcYOfXffBQUBuiszrlUzKSmoDYqo+mV+IoL8iIiIjjtOMvNSmH1hwJ+Q+f96Q== +"@types/node@20.14.12": + version "20.14.12" + resolved "https://registry.yarnpkg.com/@types/node/-/node-20.14.12.tgz#129d7c3a822cb49fc7ff661235f19cfefd422b49" + integrity sha512-r7wNXakLeSsGT0H1AU863vS2wa5wBOK4bWMjZz2wj+8nBx+m5PeIn0k8AloSLpRuiwdRQZwarZqHE4FNArPuJQ== + dependencies: + undici-types "~5.26.4" + "@types/node@^18.0.0": version "18.19.55" resolved "https://registry.yarnpkg.com/@types/node/-/node-18.19.55.tgz#29c3f8e1485a92ec96636957ddec55aabc6e856e" @@ -6961,6 +6968,11 @@ cosmiconfig@^9.0.0: js-yaml "^4.1.0" parse-json "^5.2.0" +crc-32@1.2.2: + version "1.2.2" + resolved "https://registry.yarnpkg.com/crc-32/-/crc-32-1.2.2.tgz#3cad35a934b8bf71f25ca524b6da51fb7eace2ff" + integrity sha512-ROmzCKrTnOwybPcJApAA6WBWij23HVfGVNKqqrZpuyZOHqK2CwHSvpGuyt/UNNvaIjEd8X5IFGp4Mh+Ie1IHJQ== + create-jest@^29.7.0: version "29.7.0" resolved "https://registry.yarnpkg.com/create-jest/-/create-jest-29.7.0.tgz#a355c5b3cb1e1af02ba177fe7afd7feee49a5320"