Created
May 4, 2018 10:12
-
-
Save andybroomfield/2383c19171f0739b77e4b831e1e9ee61 to your computer and use it in GitHub Desktop.
Patching Codeigniter s3 library to work with AWS4-HMAC-SHA256
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php defined('BASEPATH') OR exit('No direct script access allowed'); | |
/** | |
* $Id: S3.php 47 2009-07-20 01:25:40Z don.schonknecht $ | |
* | |
* Copyright (c) 2008, Donovan Schönknecht. All rights reserved. | |
* | |
* Redistribution and use in source and binary forms, with or without | |
* modification, are permitted provided that the following conditions are met: | |
* | |
* - Redistributions of source code must retain the above copyright notice, | |
* this list of conditions and the following disclaimer. | |
* - Redistributions in binary form must reproduce the above copyright | |
* notice, this list of conditions and the following disclaimer in the | |
* documentation and/or other materials provided with the distribution. | |
* | |
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | |
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE | |
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | |
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |
* POSSIBILITY OF SUCH DAMAGE. | |
* | |
* Amazon S3 is a trademark of Amazon.com, Inc. or its affiliates. | |
*/ | |
/** | |
* Amazon S3 PHP class | |
* | |
* @link http://undesigned.org.za/2007/10/22/amazon-s3-php-class | |
* @version 0.4.0 | |
*/ | |
class S3 { | |
// ACL flags | |
const ACL_PRIVATE = 'private'; | |
const ACL_PUBLIC_READ = 'public-read'; | |
const ACL_PUBLIC_READ_WRITE = 'public-read-write'; | |
const ACL_AUTHENTICATED_READ = 'authenticated-read'; | |
// storage class flags | |
const STORAGE_CLASS_STANDARD = 'STANDARD'; | |
const STORAGE_CLASS_RRS = 'REDUCED_REDUNDANCY'; | |
// server-side encryption flags | |
const SSE_NONE = ''; | |
const SSE_AES256 = 'AES256'; | |
public static $use_ssl = false; | |
public static $verify_peer = true; | |
private static $__access_key = NULL; // AWS Access key | |
private static $__secret_key = NULL; // AWS Secret key | |
private static $region = ''; | |
function __construct($config = array()) | |
{ | |
if ( ! empty($config)) | |
{ | |
$this->initialize($config); | |
} | |
log_message('debug', 'S3 Class Initialized'); | |
} | |
// -------------------------------------------------------------------- | |
/** | |
* Initialize preferences | |
* | |
* @access public | |
* @param array | |
* @return void | |
*/ | |
function initialize($config = array()) | |
{ | |
extract($config); | |
if ( ! empty($access_key) AND ! empty($secret_key)) | |
{ | |
self::setAuth($access_key, $secret_key); | |
} | |
self::$use_ssl = $use_ssl; | |
self::$verify_peer = $verify_peer; | |
} | |
/** | |
* Set AWS access key and secret key | |
* | |
* @param string $accessKey Access key | |
* @param string $secretKey Secret key | |
* @return void | |
*/ | |
public static function setAuth($accessKey, $secretKey) | |
{ | |
self::$__access_key = $accessKey; | |
self::$__secret_key = $secretKey; | |
} | |
/** | |
* Set the service region | |
* | |
* @param string $region | |
* @return void | |
*/ | |
public function setRegion($region) | |
{ | |
self::$region = $region; | |
} | |
/** | |
* Get the service region | |
* | |
* @return string $region | |
* @static | |
*/ | |
public static function getRegion() | |
{ | |
$region = self::$region; | |
// parse region from endpoint if not specific | |
/*if (empty($region)) { | |
if (preg_match("/s3[.-](?:website-|dualstack\.)?(.+)\.amazonaws\.com/i",self::$endpoint,$match) !== 0 && strtolower($match[1]) !== "external-1") { | |
$region = $match[1]; | |
} | |
}*/ | |
return empty($region) ? 'eu-west-2' : $region; | |
} | |
/** | |
* Get a list of buckets | |
* | |
* @param boolean $detailed Returns detailed bucket list when true | |
* @return array | false | |
*/ | |
public static function listBuckets($detailed = false) | |
{ | |
$rest = new S3Request('GET', '', ''); | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::listBuckets(): [%s] %s", $rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
$results = array(); | |
if (!isset($rest->body->Buckets)) | |
return $results; | |
if ($detailed) | |
{ | |
if (isset($rest->body->Owner, $rest->body->Owner->ID, $rest->body->Owner->DisplayName)) | |
$results['owner'] = array( | |
'id' => (string) $rest->body->Owner->ID, 'name' => (string) $rest->body->Owner->ID | |
); | |
$results['buckets'] = array(); | |
foreach ($rest->body->Buckets->Bucket as $b) | |
$results['buckets'][] = array( | |
'name' => (string) $b->Name, 'time' => strtotime((string) $b->CreationDate) | |
); | |
} else | |
foreach ($rest->body->Buckets->Bucket as $b) | |
$results[] = (string) $b->Name; | |
return $results; | |
} | |
/* | |
* Get contents for a bucket | |
* | |
* If maxKeys is null this method will loop through truncated result sets | |
* | |
* @param string $bucket Bucket name | |
* @param string $prefix Prefix | |
* @param string $marker Marker (last file listed) | |
* @param string $maxKeys Max keys (maximum number of keys to return) | |
* @param string $delimiter Delimiter | |
* @param boolean $returnCommonPrefixes Set to true to return CommonPrefixes | |
* @return array | false | |
*/ | |
public static function getBucket($bucket, $prefix = null, $marker = null, $maxKeys = null, $delimiter = null, $returnCommonPrefixes = false) | |
{ | |
$rest = new S3Request('GET', $bucket, ''); | |
if ($prefix !== null && $prefix !== '') | |
$rest->setParameter('prefix', $prefix); | |
if ($marker !== null && $marker !== '') | |
$rest->setParameter('marker', $marker); | |
if ($maxKeys !== null && $maxKeys !== '') | |
$rest->setParameter('max-keys', $maxKeys); | |
if ($delimiter !== null && $delimiter !== '') | |
$rest->setParameter('delimiter', $delimiter); | |
$response = $rest->getResponse(); | |
if ($response->error === false && $response->code !== 200) | |
$response->error = array('code' => $response->code, 'message' => 'Unexpected HTTP status'); | |
if ($response->error !== false) | |
{ | |
trigger_error(sprintf("S3::getBucket(): [%s] %s", $response->error['code'], $response->error['message']), E_USER_WARNING); | |
return false; | |
} | |
$results = array(); | |
$nextMarker = null; | |
if (isset($response->body, $response->body->Contents)) | |
foreach ($response->body->Contents as $c) | |
{ | |
$results[(string) $c->Key] = array( | |
'name' => (string) $c->Key, | |
'time' => strtotime((string) $c->LastModified), | |
'size' => (int) $c->Size, | |
'hash' => substr((string) $c->ETag, 1, -1) | |
); | |
$nextMarker = (string) $c->Key; | |
} | |
if ($returnCommonPrefixes && isset($response->body, $response->body->CommonPrefixes)) | |
foreach ($response->body->CommonPrefixes as $c) | |
$results[(string) $c->Prefix] = array('prefix' => (string) $c->Prefix); | |
if (isset($response->body, $response->body->IsTruncated) && | |
(string) $response->body->IsTruncated == 'false') | |
return $results; | |
if (isset($response->body, $response->body->NextMarker)) | |
$nextMarker = (string) $response->body->NextMarker; | |
// Loop through truncated results if maxKeys isn't specified | |
if ($maxKeys == null && $nextMarker !== null && (string) $response->body->IsTruncated == 'true') | |
do | |
{ | |
$rest = new S3Request('GET', $bucket, ''); | |
if ($prefix !== null && $prefix !== '') | |
$rest->setParameter('prefix', $prefix); | |
$rest->setParameter('marker', $nextMarker); | |
if ($delimiter !== null && $delimiter !== '') | |
$rest->setParameter('delimiter', $delimiter); | |
if (($response = $rest->getResponse(true)) == false || $response->code !== 200) | |
break; | |
if (isset($response->body, $response->body->Contents)) | |
foreach ($response->body->Contents as $c) | |
{ | |
$results[(string) $c->Key] = array( | |
'name' => (string) $c->Key, | |
'time' => strtotime((string) $c->LastModified), | |
'size' => (int) $c->Size, | |
'hash' => substr((string) $c->ETag, 1, -1) | |
); | |
$nextMarker = (string) $c->Key; | |
} | |
if ($returnCommonPrefixes && isset($response->body, $response->body->CommonPrefixes)) | |
foreach ($response->body->CommonPrefixes as $c) | |
$results[(string) $c->Prefix] = array('prefix' => (string) $c->Prefix); | |
if (isset($response->body, $response->body->NextMarker)) | |
$nextMarker = (string) $response->body->NextMarker; | |
} while ($response !== false && (string) $response->body->IsTruncated == 'true'); | |
return $results; | |
} | |
/** | |
* Put a bucket | |
* | |
* @param string $bucket Bucket name | |
* @param constant $acl ACL flag | |
* @param string $location Set as "EU" to create buckets hosted in Europe | |
* @return boolean | |
*/ | |
public static function putBucket($bucket, $acl = self::ACL_PRIVATE, $location = false) | |
{ | |
$rest = new S3Request('PUT', $bucket, ''); | |
$rest->setAmzHeader('x-amz-acl', $acl); | |
if ($location !== false) | |
{ | |
$dom = new DOMDocument; | |
$createBucketConfiguration = $dom->createElement('CreateBucketConfiguration'); | |
$locationConstraint = $dom->createElement('LocationConstraint', strtolower($location)); | |
$createBucketConfiguration->appendChild($locationConstraint); | |
$dom->appendChild($createBucketConfiguration); | |
$rest->data = $dom->saveXML(); | |
$rest->size = strlen($rest->data); | |
$rest->setHeader('Content-Type', 'application/xml'); | |
} | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::putBucket({$bucket}, {$acl}, {$location}): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return true; | |
} | |
/** | |
* Delete an empty bucket | |
* | |
* @param string $bucket Bucket name | |
* @return boolean | |
*/ | |
public static function deleteBucket($bucket) | |
{ | |
$rest = new S3Request('DELETE', $bucket); | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && $rest->code !== 204) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::deleteBucket({$bucket}): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return true; | |
} | |
/** | |
* Create input info array for putObject() | |
* | |
* @param string $file Input file | |
* @param mixed $md5sum Use MD5 hash (supply a string if you want to use your own) | |
* @return array | false | |
*/ | |
public static function inputFile($file, $md5sum = true) | |
{ | |
if (!file_exists($file) || !is_file($file) || !is_readable($file)) | |
{ | |
trigger_error('S3::inputFile(): Unable to open input file: ' . $file, E_USER_WARNING); | |
return false; | |
} | |
return array('file' => $file, 'size' => filesize($file), | |
'md5sum' => $md5sum !== false ? (is_string($md5sum) ? $md5sum : base64_encode(md5_file($file, true))) : '', | |
'sha256sum' => hash_file('sha256', $file)); | |
} | |
/** | |
* Create input array info for putObject() with a resource | |
* | |
* @param string $resource Input resource to read from | |
* @param integer $bufferSize Input byte size | |
* @param string $md5sum MD5 hash to send (optional) | |
* @return array | false | |
*/ | |
public static function inputResource(&$resource, $bufferSize, $md5sum = '') | |
{ | |
if (!is_resource($resource) || $bufferSize < 0) | |
{ | |
trigger_error('S3::inputResource(): Invalid resource or buffer size', E_USER_WARNING); | |
return false; | |
} | |
$input = array('size' => $bufferSize, 'md5sum' => $md5sum); | |
$input['fp'] = & $resource; | |
return $input; | |
} | |
/** | |
* Put an object | |
* | |
* @param mixed $input Input data | |
* @param string $bucket Bucket name | |
* @param string $uri Object URI | |
* @param constant $acl ACL constant | |
* @param array $metaHeaders Array of x-amz-meta-* headers | |
* @param array $requestHeaders Array of request headers or content type as a string | |
* @param constant $storageClass Storage class constant | |
* @param constant $serverSideEncryption Server-side encryption | |
* @return boolean | |
*/ | |
public static function putObject($input, $bucket, $uri, $acl = self::ACL_PUBLIC_READ, $metaHeaders = array(), $requestHeaders = array(), $storageClass = self::STORAGE_CLASS_STANDARD, $serverSideEncryption = self::SSE_NONE) | |
{ | |
if ($input === false) | |
return false; | |
$rest = new S3Request('PUT', $bucket, $uri); | |
if (is_string($input)) | |
$input = array( | |
'data' => $input, 'size' => strlen($input), | |
'md5sum' => base64_encode(md5($input, true)), | |
'sha256sum' => hash('sha256', $input) | |
); | |
// Data | |
if (isset($input['fp'])) | |
$rest->fp = & $input['fp']; | |
elseif (isset($input['file'])) | |
$rest->fp = @fopen($input['file'], 'rb'); | |
elseif (isset($input['data'])) | |
$rest->data = $input['data']; | |
// Content-Length (required) | |
if (isset($input['size']) && $input['size'] >= 0) | |
$rest->size = $input['size']; | |
else | |
{ | |
if (isset($input['file'])) | |
$rest->size = filesize($input['file']); | |
elseif (isset($input['data'])) | |
$rest->size = strlen($input['data']); | |
} | |
// Custom request headers (Content-Type, Content-Disposition, Content-Encoding) | |
if (is_array($requestHeaders)) | |
foreach ($requestHeaders as $h => $v) | |
$rest->setHeader($h, $v); | |
elseif (is_string($requestHeaders)) // Support for legacy contentType parameter | |
$input['type'] = $requestHeaders; | |
// Content-Type | |
if (!isset($input['type'])) | |
{ | |
if (isset($requestHeaders['Content-Type'])) | |
$input['type'] = & $requestHeaders['Content-Type']; | |
elseif (isset($input['file'])) | |
$input['type'] = self::__getMimeType($input['file']); | |
else | |
$input['type'] = 'application/octet-stream'; | |
} | |
if ($storageClass !== self::STORAGE_CLASS_STANDARD) // Storage class | |
$rest->setAmzHeader('x-amz-storage-class', $storageClass); | |
if ($serverSideEncryption !== self::SSE_NONE) // Server-side encryption | |
$rest->setAmzHeader('x-amz-server-side-encryption', $serverSideEncryption); | |
// We need to post with Content-Length and Content-Type, MD5 is optional | |
if ($rest->size >= 0 && ($rest->fp !== false || $rest->data !== false)) | |
{ | |
$rest->setHeader('Content-Type', $input['type']); | |
if (isset($input['md5sum'])) | |
$rest->setHeader('Content-MD5', $input['md5sum']); | |
if (isset($input['sha256sum'])) | |
$rest->setAmzHeader('x-amz-content-sha256', $input['sha256sum']); | |
$rest->setAmzHeader('x-amz-acl', $acl); | |
foreach ($metaHeaders as $h => $v) | |
$rest->setAmzHeader('x-amz-meta-' . $h, $v); | |
$rest->getResponse(); | |
} else | |
$rest->response->error = array('code' => 0, 'message' => 'Missing input parameters'); | |
if ($rest->response->error === false && $rest->response->code !== 200) | |
$rest->response->error = array('code' => $rest->response->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->response->error !== false) | |
{ | |
trigger_error(sprintf("S3::putObject(): [%s] %s", $rest->response->error['code'], $rest->response->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return true; | |
} | |
/** | |
* Put an object from a file (legacy function) | |
* | |
* @param string $file Input file path | |
* @param string $bucket Bucket name | |
* @param string $uri Object URI | |
* @param constant $acl ACL constant | |
* @param array $metaHeaders Array of x-amz-meta-* headers | |
* @param string $contentType Content type | |
* @return boolean | |
*/ | |
public static function putObjectFile($file, $bucket, $uri, $acl = self::ACL_PRIVATE, $metaHeaders = array(), $contentType = null) | |
{ | |
return self::putObject(self::inputFile($file), $bucket, $uri, $acl, $metaHeaders, $contentType); | |
} | |
/** | |
* Put an object from a string (legacy function) | |
* | |
* @param string $string Input data | |
* @param string $bucket Bucket name | |
* @param string $uri Object URI | |
* @param constant $acl ACL constant | |
* @param array $metaHeaders Array of x-amz-meta-* headers | |
* @param string $contentType Content type | |
* @return boolean | |
*/ | |
public static function putObjectString($string, $bucket, $uri, $acl = self::ACL_PRIVATE, $metaHeaders = array(), $contentType = 'text/plain') | |
{ | |
return self::putObject($string, $bucket, $uri, $acl, $metaHeaders, $contentType); | |
} | |
/** | |
* Get an object | |
* | |
* @param string $bucket Bucket name | |
* @param string $uri Object URI | |
* @param mixed $saveTo Filename or resource to write to | |
* @return mixed | |
*/ | |
public static function getObject($bucket, $uri, $saveTo = false) | |
{ | |
$rest = new S3Request('GET', $bucket, $uri); | |
if ($saveTo !== false) | |
{ | |
if (is_resource($saveTo)) | |
$rest->fp = & $saveTo; | |
else | |
if (($rest->fp = @fopen($saveTo, 'wb')) !== false) | |
$rest->file = realpath($saveTo); | |
else | |
$rest->response->error = array('code' => 0, 'message' => 'Unable to open save file for writing: ' . $saveTo); | |
} | |
if ($rest->response->error === false) | |
$rest->getResponse(); | |
if ($rest->response->error === false && $rest->response->code !== 200) | |
$rest->response->error = array('code' => $rest->response->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->response->error !== false) | |
{ | |
trigger_error(sprintf("S3::getObject({$bucket}, {$uri}): [%s] %s", | |
$rest->response->error['code'], $rest->response->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return $rest->response; | |
} | |
/** | |
* Get object information | |
* | |
* @param string $bucket Bucket name | |
* @param string $uri Object URI | |
* @param boolean $returnInfo Return response information | |
* @return mixed | false | |
*/ | |
public static function getObjectInfo($bucket, $uri, $returnInfo = true) | |
{ | |
$rest = new S3Request('HEAD', $bucket, $uri); | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && ($rest->code !== 200 && $rest->code !== 404)) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::getObjectInfo({$bucket}, {$uri}): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return $rest->code == 200 ? $returnInfo ? $rest->headers : true : false; | |
} | |
/** | |
* Copy an object | |
* | |
* @param string $bucket Source bucket name | |
* @param string $uri Source object URI | |
* @param string $bucket Destination bucket name | |
* @param string $uri Destination object URI | |
* @param constant $acl ACL constant | |
* @param array $metaHeaders Optional array of x-amz-meta-* headers | |
* @param array $requestHeaders Optional array of request headers (content type, disposition, etc.) | |
* @param constant $storageClass Storage class constant | |
* @return mixed | false | |
*/ | |
public static function copyObject($srcBucket, $srcUri, $bucket, $uri, $acl = self::ACL_PRIVATE, $metaHeaders = array(), $requestHeaders = array(), $storageClass = self::STORAGE_CLASS_STANDARD) | |
{ | |
$rest = new S3Request('PUT', $bucket, $uri); | |
$rest->setHeader('Content-Length', 0); | |
foreach ($requestHeaders as $h => $v) | |
$rest->setHeader($h, $v); | |
foreach ($metaHeaders as $h => $v) | |
$rest->setAmzHeader('x-amz-meta-' . $h, $v); | |
if ($storageClass !== self::STORAGE_CLASS_STANDARD) // Storage class | |
$rest->setAmzHeader('x-amz-storage-class', $storageClass); | |
$rest->setAmzHeader('x-amz-acl', $acl); | |
$rest->setAmzHeader('x-amz-copy-source', sprintf('/%s/%s', $srcBucket, $srcUri)); | |
if (sizeof($requestHeaders) > 0 || sizeof($metaHeaders) > 0) | |
$rest->setAmzHeader('x-amz-metadata-directive', 'REPLACE'); | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::copyObject({$srcBucket}, {$srcUri}, {$bucket}, {$uri}): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return isset($rest->body->LastModified, $rest->body->ETag) ? array( | |
'time' => strtotime((string) $rest->body->LastModified), | |
'hash' => substr((string) $rest->body->ETag, 1, -1) | |
) : false; | |
} | |
/** | |
* Set logging for a bucket | |
* | |
* @param string $bucket Bucket name | |
* @param string $targetBucket Target bucket (where logs are stored) | |
* @param string $targetPrefix Log prefix (e,g; domain.com-) | |
* @return boolean | |
*/ | |
public static function setBucketLogging($bucket, $targetBucket, $targetPrefix = null) | |
{ | |
// The S3 log delivery group has to be added to the target bucket's ACP | |
if ($targetBucket !== null && ($acp = self::getAccessControlPolicy($targetBucket, '')) !== false) | |
{ | |
// Only add permissions to the target bucket when they do not exist | |
$aclWriteSet = false; | |
$aclReadSet = false; | |
foreach ($acp['acl'] as $acl) | |
if ($acl['type'] == 'Group' && $acl['uri'] == 'http://acs.amazonaws.com/groups/s3/LogDelivery') | |
{ | |
if ($acl['permission'] == 'WRITE') | |
$aclWriteSet = true; | |
elseif ($acl['permission'] == 'READ_ACP') | |
$aclReadSet = true; | |
} | |
if (!$aclWriteSet) | |
$acp['acl'][] = array( | |
'type' => 'Group', 'uri' => 'http://acs.amazonaws.com/groups/s3/LogDelivery', 'permission' => 'WRITE' | |
); | |
if (!$aclReadSet) | |
$acp['acl'][] = array( | |
'type' => 'Group', 'uri' => 'http://acs.amazonaws.com/groups/s3/LogDelivery', 'permission' => 'READ_ACP' | |
); | |
if (!$aclReadSet || !$aclWriteSet) | |
self::setAccessControlPolicy($targetBucket, '', $acp); | |
} | |
$dom = new DOMDocument; | |
$bucketLoggingStatus = $dom->createElement('BucketLoggingStatus'); | |
$bucketLoggingStatus->setAttribute('xmlns', 'http://s3.amazonaws.com/doc/2006-03-01/'); | |
if ($targetBucket !== null) | |
{ | |
if ($targetPrefix == null) | |
$targetPrefix = $bucket . '-'; | |
$loggingEnabled = $dom->createElement('LoggingEnabled'); | |
$loggingEnabled->appendChild($dom->createElement('TargetBucket', $targetBucket)); | |
$loggingEnabled->appendChild($dom->createElement('TargetPrefix', $targetPrefix)); | |
// TODO: Add TargetGrants? | |
$bucketLoggingStatus->appendChild($loggingEnabled); | |
} | |
$dom->appendChild($bucketLoggingStatus); | |
$rest = new S3Request('PUT', $bucket, ''); | |
$rest->setParameter('logging', null); | |
$rest->data = $dom->saveXML(); | |
$rest->size = strlen($rest->data); | |
$rest->setHeader('Content-Type', 'application/xml'); | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::setBucketLogging({$bucket}, {$uri}): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return true; | |
} | |
/** | |
* Get logging status for a bucket | |
* | |
* This will return false if logging is not enabled. | |
* Note: To enable logging, you also need to grant write access to the log group | |
* | |
* @param string $bucket Bucket name | |
* @return array | false | |
*/ | |
public static function getBucketLogging($bucket) | |
{ | |
$rest = new S3Request('GET', $bucket, ''); | |
$rest->setParameter('logging', null); | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::getBucketLogging({$bucket}): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
if (!isset($rest->body->LoggingEnabled)) | |
return false; // No logging | |
return array( | |
'targetBucket' => (string) $rest->body->LoggingEnabled->TargetBucket, | |
'targetPrefix' => (string) $rest->body->LoggingEnabled->TargetPrefix, | |
); | |
} | |
/** | |
* Disable bucket logging | |
* | |
* @param string $bucket Bucket name | |
* @return boolean | |
*/ | |
public static function disableBucketLogging($bucket) | |
{ | |
return self::setBucketLogging($bucket, null); | |
} | |
/** | |
* Get a bucket's location | |
* | |
* @param string $bucket Bucket name | |
* @return string | false | |
*/ | |
public static function getBucketLocation($bucket) | |
{ | |
$rest = new S3Request('GET', $bucket, ''); | |
$rest->setParameter('location', null); | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::getBucketLocation({$bucket}): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return (isset($rest->body[0]) && (string) $rest->body[0] !== '') ? (string) $rest->body[0] : 'US'; | |
} | |
/** | |
* Set object or bucket Access Control Policy | |
* | |
* @param string $bucket Bucket name | |
* @param string $uri Object URI | |
* @param array $acp Access Control Policy Data (same as the data returned from getAccessControlPolicy) | |
* @return boolean | |
*/ | |
public static function setAccessControlPolicy($bucket, $uri = '', $acp = array()) | |
{ | |
$dom = new DOMDocument; | |
$dom->formatOutput = true; | |
$accessControlPolicy = $dom->createElement('AccessControlPolicy'); | |
$accessControlList = $dom->createElement('AccessControlList'); | |
// It seems the owner has to be passed along too | |
$owner = $dom->createElement('Owner'); | |
$owner->appendChild($dom->createElement('ID', $acp['owner']['id'])); | |
$owner->appendChild($dom->createElement('DisplayName', $acp['owner']['name'])); | |
$accessControlPolicy->appendChild($owner); | |
foreach ($acp['acl'] as $g) | |
{ | |
$grant = $dom->createElement('Grant'); | |
$grantee = $dom->createElement('Grantee'); | |
$grantee->setAttribute('xmlns:xsi', 'http://www.w3.org/2001/XMLSchema-instance'); | |
if (isset($g['id'])) | |
{ // CanonicalUser (DisplayName is omitted) | |
$grantee->setAttribute('xsi:type', 'CanonicalUser'); | |
$grantee->appendChild($dom->createElement('ID', $g['id'])); | |
} | |
elseif (isset($g['email'])) | |
{ // AmazonCustomerByEmail | |
$grantee->setAttribute('xsi:type', 'AmazonCustomerByEmail'); | |
$grantee->appendChild($dom->createElement('EmailAddress', $g['email'])); | |
} | |
elseif ($g['type'] == 'Group') | |
{ // Group | |
$grantee->setAttribute('xsi:type', 'Group'); | |
$grantee->appendChild($dom->createElement('URI', $g['uri'])); | |
} | |
$grant->appendChild($grantee); | |
$grant->appendChild($dom->createElement('Permission', $g['permission'])); | |
$accessControlList->appendChild($grant); | |
} | |
$accessControlPolicy->appendChild($accessControlList); | |
$dom->appendChild($accessControlPolicy); | |
$rest = new S3Request('PUT', $bucket, $uri); | |
$rest->setParameter('acl', null); | |
$rest->data = $dom->saveXML(); | |
$rest->size = strlen($rest->data); | |
$rest->setHeader('Content-Type', 'application/xml'); | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::setAccessControlPolicy({$bucket}, {$uri}): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return true; | |
} | |
/** | |
* Get object or bucket Access Control Policy | |
* | |
* @param string $bucket Bucket name | |
* @param string $uri Object URI | |
* @return mixed | false | |
*/ | |
public static function getAccessControlPolicy($bucket, $uri = '') | |
{ | |
$rest = new S3Request('GET', $bucket, $uri); | |
$rest->setParameter('acl', null); | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::getAccessControlPolicy({$bucket}, {$uri}): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
$acp = array(); | |
if (isset($rest->body->Owner, $rest->body->Owner->ID, $rest->body->Owner->DisplayName)) | |
{ | |
$acp['owner'] = array( | |
'id' => (string) $rest->body->Owner->ID, 'name' => (string) $rest->body->Owner->DisplayName | |
); | |
} | |
if (isset($rest->body->AccessControlList)) | |
{ | |
$acp['acl'] = array(); | |
foreach ($rest->body->AccessControlList->Grant as $grant) | |
{ | |
foreach ($grant->Grantee as $grantee) | |
{ | |
if (isset($grantee->ID, $grantee->DisplayName)) // CanonicalUser | |
$acp['acl'][] = array( | |
'type' => 'CanonicalUser', | |
'id' => (string) $grantee->ID, | |
'name' => (string) $grantee->DisplayName, | |
'permission' => (string) $grant->Permission | |
); | |
elseif (isset($grantee->EmailAddress)) // AmazonCustomerByEmail | |
$acp['acl'][] = array( | |
'type' => 'AmazonCustomerByEmail', | |
'email' => (string) $grantee->EmailAddress, | |
'permission' => (string) $grant->Permission | |
); | |
elseif (isset($grantee->URI)) // Group | |
$acp['acl'][] = array( | |
'type' => 'Group', | |
'uri' => (string) $grantee->URI, | |
'permission' => (string) $grant->Permission | |
); | |
else | |
continue; | |
} | |
} | |
} | |
return $acp; | |
} | |
/** | |
* Delete an object | |
* | |
* @param string $bucket Bucket name | |
* @param string $uri Object URI | |
* @return boolean | |
*/ | |
public static function deleteObject($bucket, $uri) | |
{ | |
$rest = new S3Request('DELETE', $bucket, $uri); | |
$rest = $rest->getResponse(); | |
if ($rest->error === false && $rest->code !== 204) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::deleteObject(): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return true; | |
} | |
/** | |
* Get a query string authenticated URL | |
* | |
* @param string $bucket Bucket name | |
* @param string $uri Object URI | |
* @param integer $lifetime Lifetime in seconds | |
* @param boolean $hostBucket Use the bucket name as the hostname | |
* @param boolean $https Use HTTPS ($hostBucket should be false for SSL verification) | |
* @return string | |
*/ | |
public static function getAuthenticatedURL($bucket, $uri, $lifetime, $hostBucket = false, $https = false) | |
{ | |
$expires = time() + $lifetime; | |
$uri = str_replace('%2F', '/', rawurlencode($uri)); // URI should be encoded (thanks Sean O'Dea) | |
return sprintf(($https ? 'https' : 'http') . '://%s/%s?AWSAccessKeyId=%s&Expires=%u&Signature=%s', | |
$hostBucket ? $bucket : $bucket . '.s3.amazonaws.com', $uri, self::$__access_key, $expires, | |
urlencode(self::__getHash("GET\n\n\n{$expires}\n/{$bucket}/{$uri}"))); | |
} | |
/** | |
* Get upload POST parameters for form uploads | |
* | |
* @param string $bucket Bucket name | |
* @param string $uriPrefix Object URI prefix | |
* @param constant $acl ACL constant | |
* @param integer $lifetime Lifetime in seconds | |
* @param integer $maxFileSize Maximum filesize in bytes (default 5MB) | |
* @param string $successRedirect Redirect URL or 200 / 201 status code | |
* @param array $amzHeaders Array of x-amz-meta-* headers | |
* @param array $headers Array of request headers or content type as a string | |
* @param boolean $flashVars Includes additional "Filename" variable posted by Flash | |
* @return object | |
*/ | |
public static function getHttpUploadPostParams($bucket, $uriPrefix = '', $acl = self::ACL_PRIVATE, $lifetime = 3600, $maxFileSize = 5242880, $successRedirect = "201", $amzHeaders = array(), $headers = array(), $flashVars = false) | |
{ | |
// Create policy object | |
$policy = new stdClass; | |
$policy->expiration = gmdate('Y-m-d\TH:i:s\Z', (time() + $lifetime)); | |
$policy->conditions = array(); | |
$obj = new stdClass; | |
$obj->bucket = $bucket; | |
array_push($policy->conditions, $obj); | |
$obj = new stdClass; | |
$obj->acl = $acl; | |
array_push($policy->conditions, $obj); | |
$obj = new stdClass; // 200 for non-redirect uploads | |
if (is_numeric($successRedirect) && in_array((int) $successRedirect, array(200, 201))) | |
$obj->success_action_status = (string) $successRedirect; | |
else // URL | |
$obj->success_action_redirect = $successRedirect; | |
array_push($policy->conditions, $obj); | |
array_push($policy->conditions, array('starts-with', '$key', $uriPrefix)); | |
if ($flashVars) | |
array_push($policy->conditions, array('starts-with', '$Filename', '')); | |
foreach (array_keys($headers) as $headerKey) | |
array_push($policy->conditions, array('starts-with', '$' . $headerKey, '')); | |
foreach ($amzHeaders as $headerKey => $headerVal) | |
{ | |
$obj = new stdClass; | |
$obj->{$headerKey} = (string) $headerVal; | |
array_push($policy->conditions, $obj); | |
} | |
array_push($policy->conditions, array('content-length-range', 0, $maxFileSize)); | |
$policy = base64_encode(str_replace('\/', '/', json_encode($policy))); | |
// Create parameters | |
$params = new stdClass; | |
$params->AWSAccessKeyId = self::$__access_key; | |
$params->key = $uriPrefix . '${filename}'; | |
$params->acl = $acl; | |
$params->policy = $policy; | |
unset($policy); | |
$params->signature = self::__getHash($params->policy); | |
if (is_numeric($successRedirect) && in_array((int) $successRedirect, array(200, 201))) | |
$params->success_action_status = (string) $successRedirect; | |
else | |
$params->success_action_redirect = $successRedirect; | |
foreach ($headers as $headerKey => $headerVal) | |
$params->{$headerKey} = (string) $headerVal; | |
foreach ($amzHeaders as $headerKey => $headerVal) | |
$params->{$headerKey} = (string) $headerVal; | |
return $params; | |
} | |
/** | |
* Create a CloudFront distribution | |
* | |
* @param string $bucket Bucket name | |
* @param boolean $enabled Enabled (true/false) | |
* @param array $cnames Array containing CNAME aliases | |
* @param string $comment Use the bucket name as the hostname | |
* @return array | false | |
*/ | |
public static function createDistribution($bucket, $enabled = true, $cnames = array(), $comment = '') | |
{ | |
self::$use_ssl = true; // CloudFront requires SSL | |
$rest = new S3Request('POST', '', '2008-06-30/distribution', 'cloudfront.amazonaws.com'); | |
$rest->data = self::__getCloudFrontDistributionConfigXML($bucket . '.s3.amazonaws.com', $enabled, $comment, (string) microtime(true), $cnames); | |
$rest->size = strlen($rest->data); | |
$rest->setHeader('Content-Type', 'application/xml'); | |
$rest = self::__getCloudFrontResponse($rest); | |
if ($rest->error === false && $rest->code !== 201) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::createDistribution({$bucket}, " . (int) $enabled . ", '$comment'): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
elseif ($rest->body instanceof SimpleXMLElement) | |
return self::__parseCloudFrontDistributionConfig($rest->body); | |
return false; | |
} | |
/** | |
* Get CloudFront distribution info | |
* | |
* @param string $distributionId Distribution ID from listDistributions() | |
* @return array | false | |
*/ | |
public static function getDistribution($distributionId) | |
{ | |
self::$use_ssl = true; // CloudFront requires SSL | |
$rest = new S3Request('GET', '', '2008-06-30/distribution/' . $distributionId, 'cloudfront.amazonaws.com'); | |
$rest = self::__getCloudFrontResponse($rest); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::getDistribution($distributionId): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
elseif ($rest->body instanceof SimpleXMLElement) | |
{ | |
$dist = self::__parseCloudFrontDistributionConfig($rest->body); | |
$dist['hash'] = $rest->headers['hash']; | |
return $dist; | |
} | |
return false; | |
} | |
/** | |
* Update a CloudFront distribution | |
* | |
* @param array $dist Distribution array info identical to output of getDistribution() | |
* @return array | false | |
*/ | |
public static function updateDistribution($dist) | |
{ | |
self::$use_ssl = true; // CloudFront requires SSL | |
$rest = new S3Request('PUT', '', '2008-06-30/distribution/' . $dist['id'] . '/config', 'cloudfront.amazonaws.com'); | |
$rest->data = self::__getCloudFrontDistributionConfigXML($dist['origin'], $dist['enabled'], $dist['comment'], $dist['callerReference'], $dist['cnames']); | |
$rest->size = strlen($rest->data); | |
$rest->setHeader('If-Match', $dist['hash']); | |
$rest = self::__getCloudFrontResponse($rest); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::updateDistribution({$dist['id']}, " . (int) $enabled . ", '$comment'): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
else | |
{ | |
$dist = self::__parseCloudFrontDistributionConfig($rest->body); | |
$dist['hash'] = $rest->headers['hash']; | |
return $dist; | |
} | |
return false; | |
} | |
/** | |
* Delete a CloudFront distribution | |
* | |
* @param array $dist Distribution array info identical to output of getDistribution() | |
* @return boolean | |
*/ | |
public static function deleteDistribution($dist) | |
{ | |
self::$use_ssl = true; // CloudFront requires SSL | |
$rest = new S3Request('DELETE', '', '2008-06-30/distribution/' . $dist['id'], 'cloudfront.amazonaws.com'); | |
$rest->setHeader('If-Match', $dist['hash']); | |
$rest = self::__getCloudFrontResponse($rest); | |
if ($rest->error === false && $rest->code !== 204) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::deleteDistribution({$dist['id']}): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
return true; | |
} | |
/** | |
* Get a list of CloudFront distributions | |
* | |
* @return array | |
*/ | |
public static function listDistributions() | |
{ | |
self::$use_ssl = true; // CloudFront requires SSL | |
$rest = new S3Request('GET', '', '2008-06-30/distribution', 'cloudfront.amazonaws.com'); | |
$rest = self::__getCloudFrontResponse($rest); | |
if ($rest->error === false && $rest->code !== 200) | |
$rest->error = array('code' => $rest->code, 'message' => 'Unexpected HTTP status'); | |
if ($rest->error !== false) | |
{ | |
trigger_error(sprintf("S3::listDistributions(): [%s] %s", | |
$rest->error['code'], $rest->error['message']), E_USER_WARNING); | |
return false; | |
} | |
elseif ($rest->body instanceof SimpleXMLElement && isset($rest->body->DistributionSummary)) | |
{ | |
$list = array(); | |
if (isset($rest->body->Marker, $rest->body->MaxItems, $rest->body->IsTruncated)) | |
{ | |
//$info['marker'] = (string)$rest->body->Marker; | |
//$info['maxItems'] = (int)$rest->body->MaxItems; | |
//$info['isTruncated'] = (string)$rest->body->IsTruncated == 'true' ? true : false; | |
} | |
foreach ($rest->body->DistributionSummary as $summary) | |
{ | |
$list[(string) $summary->Id] = self::__parseCloudFrontDistributionConfig($summary); | |
} | |
return $list; | |
} | |
return array(); | |
} | |
/** | |
* Get a DistributionConfig DOMDocument | |
* | |
* @internal Used to create XML in createDistribution() and updateDistribution() | |
* @param string $bucket Origin bucket | |
* @param boolean $enabled Enabled (true/false) | |
* @param string $comment Comment to append | |
* @param string $callerReference Caller reference | |
* @param array $cnames Array of CNAME aliases | |
* @return string | |
*/ | |
private static function __getCloudFrontDistributionConfigXML($bucket, $enabled, $comment, $callerReference = '0', $cnames = array()) | |
{ | |
$dom = new DOMDocument('1.0', 'UTF-8'); | |
$dom->formatOutput = true; | |
$distributionConfig = $dom->createElement('DistributionConfig'); | |
$distributionConfig->setAttribute('xmlns', 'http://cloudfront.amazonaws.com/doc/2008-06-30/'); | |
$distributionConfig->appendChild($dom->createElement('Origin', $bucket)); | |
$distributionConfig->appendChild($dom->createElement('CallerReference', $callerReference)); | |
foreach ($cnames as $cname) | |
$distributionConfig->appendChild($dom->createElement('CNAME', $cname)); | |
if ($comment !== '') | |
$distributionConfig->appendChild($dom->createElement('Comment', $comment)); | |
$distributionConfig->appendChild($dom->createElement('Enabled', $enabled ? 'true' : 'false')); | |
$dom->appendChild($distributionConfig); | |
return $dom->saveXML(); | |
} | |
/** | |
* Parse a CloudFront distribution config | |
* | |
* @internal Used to parse the CloudFront DistributionConfig node to an array | |
* @param object &$node DOMNode | |
* @return array | |
*/ | |
private static function __parseCloudFrontDistributionConfig(&$node) | |
{ | |
$dist = array(); | |
if (isset($node->Id, $node->Status, $node->LastModifiedTime, $node->DomainName)) | |
{ | |
$dist['id'] = (string) $node->Id; | |
$dist['status'] = (string) $node->Status; | |
$dist['time'] = strtotime((string) $node->LastModifiedTime); | |
$dist['domain'] = (string) $node->DomainName; | |
} | |
if (isset($node->CallerReference)) | |
$dist['callerReference'] = (string) $node->CallerReference; | |
if (isset($node->Comment)) | |
$dist['comment'] = (string) $node->Comment; | |
if (isset($node->Enabled, $node->Origin)) | |
{ | |
$dist['origin'] = (string) $node->Origin; | |
$dist['enabled'] = (string) $node->Enabled == 'true' ? true : false; | |
} | |
elseif (isset($node->DistributionConfig)) | |
{ | |
$dist = array_merge($dist, self::__parseCloudFrontDistributionConfig($node->DistributionConfig)); | |
} | |
if (isset($node->CNAME)) | |
{ | |
$dist['cnames'] = array(); | |
foreach ($node->CNAME as $cname) | |
$dist['cnames'][(string) $cname] = (string) $cname; | |
} | |
return $dist; | |
} | |
/** | |
* Grab CloudFront response | |
* | |
* @internal Used to parse the CloudFront S3Request::getResponse() output | |
* @param object &$rest S3Request instance | |
* @return object | |
*/ | |
private static function __getCloudFrontResponse(&$rest) | |
{ | |
$rest->getResponse(); | |
if ($rest->response->error === false && isset($rest->response->body) && | |
is_string($rest->response->body) && substr($rest->response->body, 0, 5) == '<?xml') | |
{ | |
$rest->response->body = simplexml_load_string($rest->response->body); | |
// Grab CloudFront errors | |
if (isset($rest->response->body->Error, $rest->response->body->Error->Code, | |
$rest->response->body->Error->Message)) | |
{ | |
$rest->response->error = array( | |
'code' => (string) $rest->response->body->Error->Code, | |
'message' => (string) $rest->response->body->Error->Message | |
); | |
unset($rest->response->body); | |
} | |
} | |
return $rest->response; | |
} | |
/** | |
* Get MIME type for file | |
* | |
* @internal Used to get mime types | |
* @param string &$file File path | |
* @return string | |
*/ | |
public static function __getMimeType(&$file) | |
{ | |
$type = false; | |
// Fileinfo documentation says fileinfo_open() will use the | |
// MAGIC env var for the magic file | |
if (extension_loaded('fileinfo') && isset($_ENV['MAGIC']) && | |
($finfo = finfo_open(FILEINFO_MIME, $_ENV['MAGIC'])) !== false) | |
{ | |
if (($type = finfo_file($finfo, $file)) !== false) | |
{ | |
// Remove the charset and grab the last content-type | |
$type = explode(' ', str_replace('; charset=', ';charset=', $type)); | |
$type = array_pop($type); | |
$type = explode(';', $type); | |
$type = trim(array_shift($type)); | |
} | |
finfo_close($finfo); | |
// If anyone is still using mime_content_type() | |
} | |
elseif (function_exists('mime_content_type')) | |
$type = trim(mime_content_type($file)); | |
if ($type !== false && strlen($type) > 0) | |
return $type; | |
// Otherwise do it the old fashioned way | |
static $exts = array( | |
'jpg' => 'image/jpeg', 'gif' => 'image/gif', 'png' => 'image/png', | |
'tif' => 'image/tiff', 'tiff' => 'image/tiff', 'ico' => 'image/x-icon', | |
'swf' => 'application/x-shockwave-flash', 'pdf' => 'application/pdf', | |
'zip' => 'application/zip', 'gz' => 'application/x-gzip', | |
'tar' => 'application/x-tar', 'bz' => 'application/x-bzip', | |
'bz2' => 'application/x-bzip2', 'txt' => 'text/plain', | |
'asc' => 'text/plain', 'htm' => 'text/html', 'html' => 'text/html', | |
'css' => 'text/css', 'js' => 'text/javascript', | |
'xml' => 'text/xml', 'xsl' => 'application/xsl+xml', | |
'ogg' => 'application/ogg', 'mp3' => 'audio/mpeg', 'wav' => 'audio/x-wav', | |
'avi' => 'video/x-msvideo', 'mpg' => 'video/mpeg', 'mpeg' => 'video/mpeg', | |
'mov' => 'video/quicktime', 'flv' => 'video/x-flv', 'php' => 'text/x-php' | |
); | |
$ext = strtolower(pathInfo($file, PATHINFO_EXTENSION)); | |
return isset($exts[$ext]) ? $exts[$ext] : 'application/octet-stream'; | |
} | |
/** | |
* Generate the auth string: "AWS AccessKey:Signature" | |
* | |
* @internal Used by S3Request::getResponse() | |
* @param string $string String to sign | |
* @return string | |
*/ | |
public static function __getSignature($string) | |
{ | |
return 'AWS ' . self::$__access_key . ':' . self::__getHash($string); | |
} | |
/** | |
* Creates a HMAC-SHA1 hash | |
* | |
* This uses the hash extension if loaded | |
* | |
* @internal Used by __getSignature() | |
* @param string $string String to sign | |
* @return string | |
*/ | |
private static function __getHash($string) | |
{ | |
return base64_encode(extension_loaded('hash') ? | |
hash_hmac('sha1', $string, self::$__secret_key, true) : pack('H*', sha1( | |
(str_pad(self::$__secret_key, 64, chr(0x00)) ^ (str_repeat(chr(0x5c), 64))) . | |
pack('H*', sha1((str_pad(self::$__secret_key, 64, chr(0x00)) ^ | |
(str_repeat(chr(0x36), 64))) . $string))))); | |
} | |
/** | |
* Generate the headers for AWS Signature V4 | |
* @internal Used by S3Request::getResponse() | |
* @param array $aheaders amzHeaders | |
* @param array $headers | |
* @param string $method | |
* @param string $uri | |
* @param string $data | |
* @return array $headers | |
*/ | |
public static function __getSignatureV4($aHeaders, $headers, $method='GET', $uri='', $data = '') | |
{ | |
$service = 's3'; | |
$region = S3::getRegion(); | |
$algorithm = 'AWS4-HMAC-SHA256'; | |
$amzHeaders = array(); | |
$amzRequests = array(); | |
$amzDate = gmdate( 'Ymd\THis\Z' ); | |
$amzDateStamp = gmdate( 'Ymd' ); | |
// amz-date ISO8601 format ? for aws request | |
$amzHeaders['x-amz-date'] = $amzDate; | |
// CanonicalHeaders | |
foreach ( $headers as $k => $v ) { | |
$amzHeaders[ strtolower( $k ) ] = trim( $v ); | |
} | |
foreach ( $aHeaders as $k => $v ) { | |
$amzHeaders[ strtolower( $k ) ] = trim( $v ); | |
} | |
uksort( $amzHeaders, 'strcmp' ); | |
// payload | |
$payloadHash = isset($amzHeaders['x-amz-content-sha256']) ? $amzHeaders['x-amz-content-sha256'] : hash('sha256', $data); | |
// parameters | |
$parameters = array(); | |
if (strpos($uri, '?')) { | |
list ($uri, $query_str) = @explode("?", $uri); | |
parse_str($query_str, $parameters); | |
} | |
// CanonicalRequests | |
$amzRequests[] = $method; | |
$uriQmPos = strpos($uri, '?'); | |
$amzRequests[] = ($uriQmPos === false ? $uri : substr($uri, 0, $uriQmPos)); | |
$amzRequests[] = http_build_query($parameters); | |
// add header as string to requests | |
foreach ( $amzHeaders as $k => $v ) { | |
$amzRequests[] = $k . ':' . $v; | |
} | |
// add a blank entry so we end up with an extra line break | |
$amzRequests[] = ''; | |
// SignedHeaders | |
$amzRequests[] = implode( ';', array_keys( $amzHeaders ) ); | |
// payload hash | |
$amzRequests[] = $payloadHash; | |
// request as string | |
$amzRequestStr = implode("\n", $amzRequests); | |
// CredentialScope | |
$credentialScope = array(); | |
$credentialScope[] = $amzDateStamp; | |
$credentialScope[] = $region; | |
$credentialScope[] = $service; | |
$credentialScope[] = 'aws4_request'; | |
// stringToSign | |
$stringToSign = array(); | |
$stringToSign[] = $algorithm; | |
$stringToSign[] = $amzDate; | |
$stringToSign[] = implode('/', $credentialScope); | |
$stringToSign[] = hash('sha256', $amzRequestStr); | |
// as string | |
$stringToSignStr = implode("\n", $stringToSign); | |
// Make Signature | |
$kSecret = 'AWS4' . self::$__secret_key; | |
$kDate = hash_hmac( 'sha256', $amzDateStamp, $kSecret, true ); | |
$kRegion = hash_hmac( 'sha256', $region, $kDate, true ); | |
$kService = hash_hmac( 'sha256', $service, $kRegion, true ); | |
$kSigning = hash_hmac( 'sha256', 'aws4_request', $kService, true ); | |
$signature = hash_hmac( 'sha256', $stringToSignStr, $kSigning ); | |
$authorization = array( | |
'Credential=' . self::$__access_key . '/' . implode( '/', $credentialScope ), | |
'SignedHeaders=' . implode( ';', array_keys( $amzHeaders ) ), | |
'Signature=' . $signature, | |
); | |
$authorizationStr = $algorithm . ' ' . implode( ',', $authorization ); | |
$resultHeaders = array( | |
'X-AMZ-DATE' => $amzDate, | |
'Authorization' => $authorizationStr | |
); | |
if (!isset($aHeaders['x-amz-content-sha256'])) $resultHeaders['x-amz-content-sha256'] = $payloadHash; | |
return $resultHeaders; | |
} | |
} | |
final class S3Request { | |
private $verb, $bucket, $uri, $resource = '', $parameters = array(), | |
$amzHeaders = array(), $headers = array( | |
'Host' => '', 'Date' => '', 'Content-MD5' => '', 'Content-Type' => '' | |
); | |
public $fp = false, $size = 0, $data = false, $response; | |
/** | |
* Constructor | |
* | |
* @param string $verb Verb | |
* @param string $bucket Bucket name | |
* @param string $uri Object URI | |
* @return mixed | |
*/ | |
function __construct($verb, $bucket = '', $uri = '', $defaultHost = 's3.amazonaws.com') | |
{ | |
$this->verb = $verb; | |
$this->bucket = strtolower($bucket); | |
$this->uri = $uri !== '' ? '/' . str_replace('%2F', '/', rawurlencode($uri)) : '/'; | |
if ($this->bucket !== '') | |
{ | |
$this->headers['Host'] = $this->bucket . '.' . $defaultHost; | |
$this->resource = '/' . $this->bucket . $this->uri; | |
} | |
else | |
{ | |
$this->headers['Host'] = $defaultHost; | |
//$this->resource = strlen($this->uri) > 1 ? '/'.$this->bucket.$this->uri : $this->uri; | |
$this->resource = $this->uri; | |
} | |
$this->headers['Date'] = gmdate('D, d M Y H:i:s T'); | |
$this->response = new STDClass; | |
$this->response->error = false; | |
} | |
/** | |
* Set request parameter | |
* | |
* @param string $key Key | |
* @param string $value Value | |
* @return void | |
*/ | |
public function setParameter($key, $value) | |
{ | |
$this->parameters[$key] = $value; | |
} | |
/** | |
* Set request header | |
* | |
* @param string $key Key | |
* @param string $value Value | |
* @return void | |
*/ | |
public function setHeader($key, $value) | |
{ | |
$this->headers[$key] = $value; | |
} | |
/** | |
* Set x-amz-meta-* header | |
* | |
* @param string $key Key | |
* @param string $value Value | |
* @return void | |
*/ | |
public function setAmzHeader($key, $value) | |
{ | |
$this->amzHeaders[$key] = $value; | |
} | |
/** | |
* Get the S3 response | |
* | |
* @return object | false | |
*/ | |
public function getResponse() | |
{ | |
$query = ''; | |
if (sizeof($this->parameters) > 0) | |
{ | |
$query = substr($this->uri, -1) !== '?' ? '?' : '&'; | |
foreach ($this->parameters as $var => $value) | |
if ($value == null || $value == '') | |
$query .= $var . '&'; | |
// Parameters should be encoded (thanks Sean O'Dea) | |
else | |
$query .= $var . '=' . rawurlencode($value) . '&'; | |
$query = substr($query, 0, -1); | |
$this->uri .= $query; | |
if (array_key_exists('acl', $this->parameters) || | |
array_key_exists('location', $this->parameters) || | |
array_key_exists('torrent', $this->parameters) || | |
array_key_exists('logging', $this->parameters)) | |
$this->resource .= $query; | |
} | |
$url = ((S3::$use_ssl && extension_loaded('openssl')) ? | |
'https://' : 'http://') . $this->headers['Host'] . $this->uri; | |
//var_dump($this->bucket, $this->uri, $this->resource, $url); | |
// Basic setup | |
$curl = curl_init(); | |
curl_setopt($curl, CURLOPT_USERAGENT, 'S3/php'); | |
if (S3::$use_ssl) | |
{ | |
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2); | |
if (S3::$verify_peer) | |
{ | |
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1); | |
} | |
else | |
{ | |
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE); | |
} | |
} | |
curl_setopt($curl, CURLOPT_URL, $url); | |
// Headers | |
$headers = array(); | |
$amz = array(); | |
foreach ($this->amzHeaders as $header => $value) | |
if (strlen($value) > 0) | |
$headers[] = $header . ': ' . $value; | |
foreach ($this->headers as $header => $value) | |
if (strlen($value) > 0) | |
$headers[] = $header . ': ' . $value; | |
// Collect AMZ headers for signature | |
foreach ($this->amzHeaders as $header => $value) | |
if (strlen($value) > 0) | |
$amz[] = strtolower($header) . ':' . $value; | |
// AMZ headers must be sorted | |
if (sizeof($amz) > 0) | |
{ | |
sort($amz); | |
$amz = "\n" . implode("\n", $amz); | |
} else | |
$amz = ''; | |
// Authorization string (CloudFront stringToSign should only contain a date) | |
/*$headers[] = 'Authorization: ' . S3::__getSignature( | |
$this->headers['Host'] == 'cloudfront.amazonaws.com' ? $this->headers['Date'] : | |
$this->verb . "\n" . $this->headers['Content-MD5'] . "\n" . | |
$this->headers['Content-Type'] . "\n" . $this->headers['Date'] . $amz . "\n" . $this->resource | |
);*/ | |
$amzHeaders = S3::__getSignatureV4( | |
$this->amzHeaders, | |
$this->headers, | |
$this->verb, | |
$this->uri, | |
$this->data | |
); | |
foreach ($amzHeaders as $k => $v) { | |
$headers[] = $k .': '. $v; | |
} | |
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers); | |
curl_setopt($curl, CURLOPT_HEADER, false); | |
curl_setopt($curl, CURLOPT_RETURNTRANSFER, false); | |
curl_setopt($curl, CURLOPT_WRITEFUNCTION, array(&$this, '__responseWriteCallback')); | |
curl_setopt($curl, CURLOPT_HEADERFUNCTION, array(&$this, '__responseHeaderCallback')); | |
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); | |
// Request types | |
switch ($this->verb) | |
{ | |
case 'GET': break; | |
case 'PUT': case 'POST': // POST only used for CloudFront | |
if ($this->fp !== false) | |
{ | |
curl_setopt($curl, CURLOPT_PUT, true); | |
curl_setopt($curl, CURLOPT_INFILE, $this->fp); | |
if ($this->size >= 0) | |
curl_setopt($curl, CURLOPT_INFILESIZE, $this->size); | |
} elseif ($this->data !== false) | |
{ | |
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $this->verb); | |
curl_setopt($curl, CURLOPT_POSTFIELDS, $this->data); | |
if ($this->size >= 0) | |
curl_setopt($curl, CURLOPT_BUFFERSIZE, $this->size); | |
} else | |
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $this->verb); | |
break; | |
case 'HEAD': | |
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'HEAD'); | |
curl_setopt($curl, CURLOPT_NOBODY, true); | |
break; | |
case 'DELETE': | |
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'DELETE'); | |
break; | |
default: break; | |
} | |
// Execute, grab errors | |
if (curl_exec($curl)) | |
$this->response->code = curl_getinfo($curl, CURLINFO_HTTP_CODE); | |
else | |
$this->response->error = array( | |
'code' => curl_errno($curl), | |
'message' => curl_error($curl), | |
'resource' => $this->resource | |
); | |
@curl_close($curl); | |
// Parse body | |
if ($this->response->error === false && isset($this->response->headers['type']) && isset($this->response->body)) | |
{ | |
if($this->response->headers['type'] == 'application/json') | |
{ | |
$this->response->body = json_decode($this->response->body); | |
}elseif($this->response->headers['type']== 'application/xml') | |
{ | |
$this->response->body = simplexml_load_string($this->response->body); | |
} | |
// Grab S3 errors | |
if (!in_array($this->response->code, array(200, 204)) && | |
isset($this->response->body->Code, $this->response->body->Message)) | |
{ | |
$this->response->error = array( | |
'code' => (string) $this->response->body->Code, | |
'message' => (string) $this->response->body->Message | |
); | |
if (isset($this->response->body->Resource)) | |
$this->response->error['resource'] = (string) $this->response->body->Resource; | |
unset($this->response->body); | |
} | |
} | |
// Clean up file resources | |
if ($this->fp !== false && is_resource($this->fp)) | |
fclose($this->fp); | |
return $this->response; | |
} | |
/** | |
* CURL write callback | |
* | |
* @param resource &$curl CURL resource | |
* @param string &$data Data | |
* @return integer | |
*/ | |
private function __responseWriteCallback(&$curl, &$data) | |
{ | |
if ($this->response->code == 200 && $this->fp !== false) | |
return fwrite($this->fp, $data); | |
else | |
if (isset($this->response->body)) | |
$this->response->body .= $data; | |
else | |
$this->response->body = $data; | |
return strlen($data); | |
} | |
/** | |
* CURL header callback | |
* | |
* @param resource &$curl CURL resource | |
* @param string &$data Data | |
* @return integer | |
*/ | |
private function __responseHeaderCallback(&$curl, &$data) | |
{ | |
if (($strlen = strlen($data)) <= 2) | |
return $strlen; | |
if (substr($data, 0, 4) == 'HTTP') | |
$this->response->code = (int) substr($data, 9, 3); | |
else | |
{ | |
list($header, $value) = explode(': ', trim($data), 2); | |
if ($header == 'Last-Modified') | |
$this->response->headers['time'] = strtotime($value); | |
elseif ($header == 'Content-Length') | |
$this->response->headers['size'] = (int) $value; | |
elseif ($header == 'Content-Type') | |
$this->response->headers['type'] = $value; | |
elseif ($header == 'ETag') | |
$this->response->headers['hash'] = $value{0} == '"' ? substr($value, 1, -1) : $value; | |
elseif (preg_match('/^x-amz-meta-.*$/', $header)) | |
$this->response->headers[$header] = is_numeric($value) ? (int) $value : $value; | |
} | |
return $strlen; | |
} | |
} |
Thanks!. Was stuck for a day.
Thanks.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Using the fix in tpyo/amazon-s3-php-class#128
applying it to
https://github.com/psugand/CodeIgniter-S3