(params: any, expiresIn = 3600)
| 94 | } |
| 95 | |
| 96 | export function generatePresignedUrl(params: any, expiresIn = 3600): string { |
| 97 | const date = new Date() |
| 98 | const amzDate = date.toISOString().replace(/[:-]|\.\d{3}/g, '') |
| 99 | const dateStamp = amzDate.slice(0, 8) |
| 100 | const encodedPath = encodeS3PathComponent(params.objectKey) |
| 101 | |
| 102 | const _expires = Math.floor(Date.now() / 1000) + expiresIn |
| 103 | |
| 104 | const method = 'GET' |
| 105 | const canonicalUri = `/${encodedPath}` |
| 106 | const canonicalQueryString = `X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=${encodeURIComponent(`${params.accessKeyId}/${dateStamp}/${params.region}/s3/aws4_request`)}&X-Amz-Date=${amzDate}&X-Amz-Expires=${expiresIn}&X-Amz-SignedHeaders=host` |
| 107 | const canonicalHeaders = `host:${params.bucketName}.s3.${params.region}.amazonaws.com\n` |
| 108 | const signedHeaders = 'host' |
| 109 | const payloadHash = 'UNSIGNED-PAYLOAD' |
| 110 | |
| 111 | const canonicalRequest = `${method}\n${canonicalUri}\n${canonicalQueryString}\n${canonicalHeaders}\n${signedHeaders}\n${payloadHash}` |
| 112 | |
| 113 | const algorithm = 'AWS4-HMAC-SHA256' |
| 114 | const credentialScope = `${dateStamp}/${params.region}/s3/aws4_request` |
| 115 | const stringToSign = `${algorithm}\n${amzDate}\n${credentialScope}\n${crypto.createHash('sha256').update(canonicalRequest).digest('hex')}` |
| 116 | |
| 117 | const signingKey = getSignatureKey(params.secretAccessKey, dateStamp, params.region, 's3') |
| 118 | const signature = crypto.createHmac('sha256', signingKey).update(stringToSign).digest('hex') |
| 119 | |
| 120 | return `https://${params.bucketName}.s3.${params.region}.amazonaws.com/${encodedPath}?${canonicalQueryString}&X-Amz-Signature=${signature}` |
| 121 | } |
no test coverage detected