@better-s3/server 3.1.1 → 3.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/README.md +70 -124
  2. package/dist/adapters/next.js +2 -2
  3. package/dist/adapters/next.js.map +1 -1
  4. package/dist/api.d.ts +5 -0
  5. package/dist/helpers/build-content-disposition.d.ts +13 -0
  6. package/dist/helpers/build-public-url.d.ts +11 -0
  7. package/dist/helpers/index.d.ts +3 -0
  8. package/dist/helpers/index.js +2 -0
  9. package/dist/helpers/index.js.map +1 -0
  10. package/dist/helpers/parse-file-name.d.ts +9 -0
  11. package/dist/helpers/server/index.d.ts +1 -0
  12. package/dist/helpers/server/index.js +3 -0
  13. package/dist/helpers/server/index.js.map +1 -0
  14. package/dist/helpers/server/resolve-object-acl.d.ts +9 -0
  15. package/dist/index.d.ts +2 -3
  16. package/dist/index.js +2 -2
  17. package/dist/index.js.map +1 -1
  18. package/dist/{helpers.d.ts → internal-helpers.d.ts} +0 -10
  19. package/dist/types.d.ts +57 -92
  20. package/package.json +12 -4
  21. /package/dist/{validate.d.ts → helpers/validate-file.d.ts} +0 -0
package/dist/helpers/server/index.js ADDED
@@ -0,0 +1,3 @@
1
+ import {GetObjectAclCommand}from'@aws-sdk/client-s3';async function c(t,r,s){try{return (await t.send(new GetObjectAclCommand({Bucket:r,Key:s}))).Grants?.some(e=>e.Grantee?.URI==="http://acs.amazonaws.com/groups/global/AllUsers"&&(e.Permission==="READ"||e.Permission==="FULL_CONTROL"))?"public-read":"private"}catch{return "private"}}
2
+ export{c as resolveObjectAcl};//# sourceMappingURL=index.js.map
3
+ //# sourceMappingURL=index.js.map
package/dist/helpers/server/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../src/helpers/server/resolve-object-acl.ts"],"names":["resolveObjectAcl","s3","bucket","key","GetObjectAclCommand","g"],"mappings":"qDASA,eAAsBA,EACpBC,CAAAA,CACAC,CAAAA,CACAC,EACoC,CACpC,GAAI,CASF,OAAA,CARe,MAAMF,EAAG,IAAA,CACtB,IAAIG,oBAAoB,CAAE,MAAA,CAAQF,EAAQ,GAAA,CAAKC,CAAI,CAAC,CACtD,CAAA,EACwB,QAAQ,IAAA,CAC7BE,CAAAA,EACCA,EAAE,OAAA,EAAS,GAAA,GAAQ,oDAClBA,CAAAA,CAAE,UAAA,GAAe,QAAUA,CAAAA,CAAE,UAAA,GAAe,eACjD,CAAA,CACkB,aAAA,CAAgB,SACpC,CAAA,KAAQ,CACN,OAAO,SACT,CACF","file":"index.js","sourcesContent":["import { GetObjectAclCommand, type S3Client } from \"@aws-sdk/client-s3\";\n\n/**\n * Determines the ACL of an S3 object by querying `GetObjectAcl`.\n *\n * Returns `\"public-read\"` when the `AllUsers` grantee has `READ` or\n * `FULL_CONTROL` permission; falls back to `\"private\"` when the provider\n * does not support the operation (e.g. Cloudflare R2).\n */\nexport async function resolveObjectAcl(\n s3: S3Client,\n bucket: string,\n key: string,\n): Promise<\"public-read\" | \"private\"> {\n try {\n const result = await s3.send(\n new GetObjectAclCommand({ Bucket: bucket, Key: key }),\n );\n const isPublic = result.Grants?.some(\n (g) =>\n g.Grantee?.URI === \"http://acs.amazonaws.com/groups/global/AllUsers\" &&\n (g.Permission === \"READ\" || g.Permission === \"FULL_CONTROL\"),\n );\n return isPublic ? \"public-read\" : \"private\";\n } catch {\n return \"private\";\n }\n}\n"]}
package/dist/helpers/server/resolve-object-acl.d.ts ADDED
@@ -0,0 +1,9 @@
1
+ import { type S3Client } from "@aws-sdk/client-s3";
2
+ /**
3
+ * Determines the ACL of an S3 object by querying `GetObjectAcl`.
4
+ *
5
+ * Returns `"public-read"` when the `AllUsers` grantee has `READ` or
6
+ * `FULL_CONTROL` permission; falls back to `"private"` when the provider
7
+ * does not support the operation (e.g. Cloudflare R2).
8
+ */
9
+ export declare function resolveObjectAcl(s3: S3Client, bucket: string, key: string): Promise<"public-read" | "private">;
package/dist/index.d.ts CHANGED
@@ -10,6 +10,5 @@ export { createMultipartCompleteHandler } from "./handlers/multipart/complete";
10
10
  export { createMultipartAbortHandler } from "./handlers/multipart/abort";
11
11
  export { createS3Api, type S3Api, type PresignResponse, type PresignedPostResponse, type MultipartInitResponse, type MultipartPartResponse, type UploadConfirmResponse, } from "./api";
12
12
  export { createS3Api as createPresignApi, type S3Api as PresignApi, } from "./api";
13
- export { validateFile } from "./validate";
14
- export type { S3HandlerConfig, S3RouteHandlerConfig, S3Handler, S3Handlers, S3ServerHooks, HookContext, UploadHookContext, UploadSuccessContext, UploadCompleteContext, DownloadHookContext, DownloadSuccessContext, DeleteHookContext, MultipartHookContext, MultipartInitSuccessContext, MultipartCompleteSuccessContext, } from "./types";
15
- export { parseBody, requireString, normalizeExpiresIn, withS3ErrorHandler, runHook, } from "./helpers";
13
+ export { validateFile } from "./helpers/validate-file";
14
+ export type { S3HandlerConfig, S3RouteHandlerConfig, S3Handler, S3Handlers, HookContext, UploadHookContext, UploadSuccessContext, UploadCompleteContext, DownloadHookContext, DownloadSuccessContext, DeleteHookContext, MultipartHookContext, MultipartInitSuccessContext, MultipartCompleteSuccessContext, } from "./types";
package/dist/index.js CHANGED
@@ -1,3 +1,3 @@
1
- import {createPresignedPost}from'@aws-sdk/s3-presigned-post';import {HeadObjectCommand,GetObjectCommand,DeleteObjectCommand,CreateMultipartUploadCommand,UploadPartCommand,CompleteMultipartUploadCommand,AbortMultipartUploadCommand}from'@aws-sdk/client-s3';import {getSignedUrl}from'@aws-sdk/s3-request-presigner';function R(e){let a=e.replace(/[^\x20-\x7E]/g,"_").replace(/["\\]/g,"_"),r=encodeURIComponent(e);return `attachment; filename="${a}"; filename*=UTF-8''${r}`}async function m(e){try{let a=await e.json();return a&&typeof a=="object"?a:null}catch{return null}}function d(e,a){let r=typeof e=="string"?e.trim():"";return r||Response.json({message:`${a} is required`},{status:400})}function k(e){let a=Number(e);return Number.isFinite(a)&&a>0?Math.floor(a):600}function l(e){return async a=>{try{return await e(a)}catch(r){let t=r instanceof Error?r.message:"Internal server error";return console.error("[S3 API]",t),Response.json({message:t},{status:500})}}}async function u(e,a){if(!e)return null;try{return await e(a),null}catch(r){let t=r instanceof Error?r.message:"Forbidden",n=typeof r?.status=="number"?r.status:403;return Response.json({message:t},{status:n})}}var U=5*1024*1024*1024;function x(e){return l(async a=>{let r=await m(a);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=d(r.key,"key");if(t instanceof Response)return t;let n=r.bucket?.trim()||e.defaultBucket,s=k(r.expiresIn),o=r.acl==="public-read"?"public-read":"private",i=r.contentType?.trim()||"application/octet-stream",p=typeof r.fileSize=="number"&&r.fileSize>0?Math.floor(r.fileSize):null;if(p!==null&&e.maxFileSize&&p>e.maxFileSize)return Response.json({message:`File size (${p} bytes) exceeds the maximum allowed size of ${e.maxFileSize} bytes`},{status:413});let c=await u(e.hooks?.upload?.guard,{request:a,key:t,bucket:n,contentType:r.contentType,fileSize:p??void 0,metadata:r.metadata,acl:o});if(c)return c;let g={acl:o,"Content-Type":i};if(r.fileName&&(g["Content-Disposition"]=R(r.fileName)),r.metadata)for(let[M,E]of Object.entries(r.metadata))g[`x-amz-meta-${M}`]=E;let S=p??1,y=p??e.maxFileSize??U,{url:b,fields:z}=await createPresignedPost(e.s3,{Bucket:n,Key:t,Conditions:[["content-length-range",S,y]],Fields:g,Expires:s});return await e.hooks?.upload?.onPresigned?.({request:a,key:t,bucket:n,contentType:r.contentType,metadata:r.metadata,acl:o,url:b,expiresIn:s}),Response.json({bucket:n,key:t,url:b,fields:z,expiresIn:s})})}function w(e){return l(async a=>{let r=await m(a);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=d(r.key,"key");if(t instanceof Response)return t;let n=r.bucket?.trim()||e.defaultBucket,s=await u(e.hooks?.upload?.guard,{request:a,key:t,bucket:n});if(s)return s;let o=await e.s3.send(new HeadObjectCommand({Bucket:n,Key:t})),i={request:a,key:t,bucket:n,contentType:o.ContentType,contentLength:o.ContentLength??0,eTag:o.ETag?.replace(/"/g,""),metadata:o.Metadata};return await e.hooks?.upload?.onUploaded?.(i),Response.json({key:t,bucket:n,contentType:i.contentType,contentLength:i.contentLength,eTag:i.eTag})})}function H(e){return l(async a=>{let{searchParams:r}=new URL(a.url),t=r.get("key")?.trim();if(!t)return Response.json({message:"key query parameter is required"},{status:400});let n=r.get("bucket")?.trim()||e.defaultBucket,s=k(r.get("expiresIn")),o=r.get("fileName")?.trim(),i=await u(e.hooks?.download?.guard,{request:a,key:t,bucket:n,fileName:o||void 0});if(i)return i;try{await e.s3.send(new HeadObjectCommand({Bucket:n,Key:t}));}catch(c){let g=c?.name;if(g==="NoSuchKey"||g==="NotFound")return Response.json({message:"Object not found"},{status:404});throw c}let p=await getSignedUrl(e.s3,new GetObjectCommand({Bucket:n,Key:t,ResponseContentDisposition:o?`attachment; filename="${o}"`:"attachment"}),{expiresIn:s});return await e.hooks?.download?.onPresigned?.({request:a,key:t,bucket:n,fileName:o||void 0,url:p,expiresIn:s}),Response.json({bucket:n,key:t,url:p,expiresIn:s})})}function P(e){return l(async a=>{let{searchParams:r}=new URL(a.url),t=r.get("key")?.trim();if(!t)return Response.json({message:"key query parameter is required"},{status:400});let n=r.get("bucket")?.trim()||e.defaultBucket,s=await u(e.hooks?.delete?.guard,{request:a,key:t,bucket:n});if(s)return s;try{await e.s3.send(new HeadObjectCommand({Bucket:n,Key:t}));}catch{return Response.json({message:"Object not found"},{status:404})}return await e.s3.send(new DeleteObjectCommand({Bucket:n,Key:t})),await e.hooks?.delete?.onDeleted?.({request:a,key:t,bucket:n}),Response.json({success:!0,bucket:n,key:t})})}function h(e){return l(async a=>{let r=await m(a);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=d(r.key,"key");if(t instanceof Response)return t;let n=r.bucket?.trim()||e.defaultBucket,s=r.acl==="public-read"?"public-read":"private",o=typeof r.fileSize=="number"&&r.fileSize>0?Math.floor(r.fileSize):void 0;if(o!==void 0&&e.maxFileSize&&o>e.maxFileSize)return Response.json({message:`File size (${o} bytes) exceeds the maximum allowed size of ${e.maxFileSize} bytes`},{status:413});let i=await u(e.hooks?.multipart?.guard,{request:a,key:t,bucket:n,fileSize:o});if(i)return i;let{UploadId:p}=await e.s3.send(new CreateMultipartUploadCommand({Bucket:n,Key:t,ContentType:r.contentType,ContentDisposition:r.fileName?R(r.fileName):void 0,Metadata:r.metadata,ACL:s}));return await e.hooks?.multipart?.onInit?.({request:a,key:t,bucket:n,uploadId:p,contentType:r.contentType,fileSize:o,metadata:r.metadata,acl:s}),Response.json({bucket:n,key:t,uploadId:p},{status:201})})}function C(e){return l(async a=>{let r=await m(a);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=d(r.key,"key");if(t instanceof Response)return t;let n=d(r.uploadId,"uploadId");if(n instanceof Response)return n;let s=Number(r.partNumber);if(!Number.isInteger(s)||s<=0)return Response.json({message:"partNumber must be a positive integer"},{status:400});let o=r.bucket?.trim()||e.defaultBucket,i=k(r.expiresIn),p=await u(e.hooks?.multipart?.guard,{request:a,key:t,bucket:o});if(p)return p;let c=await getSignedUrl(e.s3,new UploadPartCommand({Bucket:o,Key:t,UploadId:n,PartNumber:s}),{expiresIn:i});return Response.json({presignedUrl:c,partNumber:s,uploadId:n,bucket:o,expiresIn:i})})}function I(e){return l(async a=>{let r=await m(a);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=d(r.key,"key");if(t instanceof Response)return t;let n=d(r.uploadId,"uploadId");if(n instanceof Response)return n;let s=(Array.isArray(r.parts)?r.parts:[]).map(({partNumber:y,eTag:b})=>({PartNumber:Number(y),ETag:String(b)})).filter(y=>Number.isInteger(y.PartNumber)&&y.ETag).sort((y,b)=>y.PartNumber-b.PartNumber);if(!s.length)return Response.json({message:"At least one valid part is required"},{status:400});let o=r.bucket?.trim()||e.defaultBucket,i=await u(e.hooks?.multipart?.guard,{request:a,key:t,bucket:o});if(i)return i;await e.s3.send(new CompleteMultipartUploadCommand({Bucket:o,Key:t,UploadId:n,MultipartUpload:{Parts:s}}));let p=await e.s3.send(new HeadObjectCommand({Bucket:o,Key:t})),c=p.ContentLength??0,g=p.ContentType,S=p.ETag?.replace(/"/g,"");return e.maxFileSize&&c>e.maxFileSize?(await e.s3.send(new DeleteObjectCommand({Bucket:o,Key:t})).catch(()=>{}),Response.json({message:`File size (${c} bytes) exceeds the maximum allowed size of ${e.maxFileSize} bytes`},{status:422})):(await e.hooks?.multipart?.onComplete?.({request:a,key:t,bucket:o,uploadId:n,contentLength:c,contentType:g,eTag:S}),Response.json({bucket:o,key:t,uploadId:n,contentLength:c,contentType:g,eTag:S}))})}function T(e){return l(async a=>{let r=await m(a);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=d(r.key,"key");if(t instanceof Response)return t;let n=d(r.uploadId,"uploadId");if(n instanceof Response)return n;let s=r.bucket?.trim()||e.defaultBucket,o=await u(e.hooks?.multipart?.guard,{request:a,key:t,bucket:s});return o||(await e.s3.send(new AbortMultipartUploadCommand({Bucket:s,Key:t,UploadId:n})),await e.hooks?.multipart?.onAbort?.({request:a,key:t,bucket:s,uploadId:n}),Response.json({bucket:s,key:t,uploadId:n,aborted:!0}))})}function N(e){return {presign:{upload:x(e),confirm:w(e),download:H(e)},multipart:{init:h(e),part:C(e),complete:I(e),abort:T(e)},delete:P(e)}}var f=()=>Response.json({message:"Not Found"},{status:404});function X(e){let a=N(e),r=e.basePath.replace(/\/$/,""),{features:t}=e;return async n=>{let s=await u(e.hooks?.guard,{request:n});if(s)return s;let i=new URL(n.url).pathname.slice(r.length).replace(/^\//,""),p=n.method;return p==="POST"&&i==="presign/upload"?t.upload?a.presign.upload(n):f():p==="POST"&&i==="presign/upload/confirm"?t.upload?a.presign.confirm(n):f():p==="GET"&&i==="presign/download"?t.download?a.presign.download(n):f():p==="DELETE"&&i==="delete"?t.delete?a.delete(n):f():p==="POST"&&i==="presign/multipart/init"?t.multipart?a.multipart.init(n):f():p==="POST"&&i==="presign/multipart/part"?t.multipart?a.multipart.part(n):f():p==="POST"&&i==="presign/multipart/complete"?t.multipart?a.multipart.complete(n):f():p==="POST"&&i==="presign/multipart/abort"?t.multipart?a.multipart.abort(n):f():Response.json({message:"Not Found"},{status:404})}}function j(e="/api/s3"){let a=e.replace(/\/$/,""),r=async(n,s)=>{let o=await fetch(n,s);if(!o.ok){let i=await o.json().catch(()=>({}));throw new Error(i.message??o.statusText)}return o.json()},t=(n,s)=>r(n,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(s)});return {upload(n){return t(`${a}/presign/upload`,n)},confirm(n){return t(`${a}/presign/upload/confirm`,n)},download(n,s){let o=new URLSearchParams({key:n});if(s?.fileName){let i=s.fileName.replace(/["\\\r\n]/g,"_");o.set("fileName",i);}return s?.bucket&&o.set("bucket",s.bucket),r(`${a}/presign/download?${o}`)},delete(n,s){let o=new URLSearchParams({key:n});return s?.bucket&&o.set("bucket",s.bucket),r(`${a}/delete?${o}`,{method:"DELETE"})},multipart:{init(n){return t(`${a}/presign/multipart/init`,n)},signPart(n){return t(`${a}/presign/multipart/part`,n)},complete(n){return t(`${a}/presign/multipart/complete`,n)},abort(n){return t(`${a}/presign/multipart/abort`,n)}}}}function Z(e,a){if(a.accept?.length&&!a.accept.some(t=>t.startsWith(".")?e.name.toLowerCase().endsWith(t.toLowerCase()):t.endsWith("/*")?e.type.startsWith(t.replace("/*","/")):e.type===t)){let t=e.name.includes(".")?e.name.split(".").pop():null;return `File type "${t?`.${t}`:e.type||"unknown"}" is not allowed`}return e.size===0?"File is empty":a.maxFileSize&&e.size>a.maxFileSize?`File size exceeds ${(a.maxFileSize/1048576).toFixed(1)} MB limit`:null}
2
- export{w as createConfirmHandler,P as createDeleteHandler,H as createDownloadHandler,N as createHandlers,T as createMultipartAbortHandler,I as createMultipartCompleteHandler,h as createMultipartInitHandler,C as createMultipartPartHandler,j as createPresignApi,X as createRouter,j as createS3Api,x as createUploadHandler,k as normalizeExpiresIn,m as parseBody,d as requireString,u as runHook,Z as validateFile,l as withS3ErrorHandler};//# sourceMappingURL=index.js.map
1
+ import {createPresignedPost}from'@aws-sdk/s3-presigned-post';import {HeadObjectCommand,GetObjectCommand,DeleteObjectCommand,CreateMultipartUploadCommand,UploadPartCommand,CompleteMultipartUploadCommand,AbortMultipartUploadCommand,GetObjectAclCommand}from'@aws-sdk/client-s3';import {getSignedUrl}from'@aws-sdk/s3-request-presigner';async function g(e){try{let n=await e.json();return n&&typeof n=="object"?n:null}catch{return null}}function m(e,n){let r=typeof e=="string"?e.trim():"";return r||Response.json({message:`${n} is required`},{status:400})}function k(e){let n=Number(e);return Number.isFinite(n)&&n>0?Math.floor(n):600}function l(e){return async n=>{try{return await e(n)}catch(r){let t=r instanceof Error?r.message:"Internal server error";return console.error("[S3 API]",t),Response.json({message:t},{status:500})}}}async function u(e,n){if(!e)return null;try{return await e(n),null}catch(r){let t=r instanceof Error?r.message:"Forbidden",a=typeof r?.status=="number"?r.status:403;return Response.json({message:t},{status:a})}}function b(e){let n=e.replace(/[^\x20-\x7E]/g,"_").replace(/["\\]/g,"_"),r=encodeURIComponent(e);return `attachment; filename="${n}"; filename*=UTF-8''${r}`}function w(e,n,r,t){return t!=="public-read"||!e?void 0:`${e(n).replace(/\/$/,"")}/${r}`}function P(e){if(!e)return;let n=e.match(/filename\*=UTF-8''([^;\s]+)/i);if(n)try{return decodeURIComponent(n[1])}catch{}return e.match(/filename="([^"]*)"/i)?.[1]}var B=5*1024*1024*1024;function I(e){return l(async n=>{let r=await g(n);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=m(r.key,"key");if(t instanceof Response)return t;let a=r.bucket?.trim()||e.defaultBucket,s=k(r.expiresIn),o=r.acl==="public-read"?"public-read":"private",i=r.contentType?.trim()||"application/octet-stream",p=typeof r.fileSize=="number"&&r.fileSize>0?Math.floor(r.fileSize):null;if(p!==null&&e.maxFileSize&&p>e.maxFileSize)return Response.json({message:`File size (${p} bytes) exceeds the maximum allowed size of ${e.maxFileSize} bytes`},{status:413});let d=await u(e.upload?.guard,{request:n,key:t,bucket:a,contentType:r.contentType,fileSize:p??void 0,metadata:r.metadata,acl:o});if(d)return d;let c={acl:o,"Content-Type":i};if(r.fileName&&(c["Content-Disposition"]=b(r.fileName)),r.metadata)for(let[y,S]of Object.entries(r.metadata))c[`x-amz-meta-${y}`]=S;let H=p??1,R=p??e.maxFileSize??B,{url:x,fields:h}=await createPresignedPost(e.s3,{Bucket:a,Key:t,Conditions:[["content-length-range",H,R]],Fields:c,Expires:s});return await e.upload?.onPresigned?.({request:n,key:t,bucket:a,contentType:r.contentType,metadata:r.metadata,acl:o,url:x,expiresIn:s}),Response.json({bucket:a,key:t,url:x,fields:h,expiresIn:s})})}async function C(e,n,r){try{return (await e.send(new GetObjectAclCommand({Bucket:n,Key:r}))).Grants?.some(s=>s.Grantee?.URI==="http://acs.amazonaws.com/groups/global/AllUsers"&&(s.Permission==="READ"||s.Permission==="FULL_CONTROL"))?"public-read":"private"}catch{return "private"}}function T(e){return l(async n=>{let r=await g(n);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=m(r.key,"key");if(t instanceof Response)return t;let a=r.bucket?.trim()||e.defaultBucket,s=await u(e.upload?.guard,{request:n,key:t,bucket:a});if(s)return s;let o=await e.s3.send(new HeadObjectCommand({Bucket:a,Key:t})),i=await C(e.s3,a,t),p=w(e.resolvePublicUrl,a,t,i),d=P(o.ContentDisposition),c={request:n,key:t,bucket:a,contentType:o.ContentType,contentLength:o.ContentLength??0,eTag:o.ETag?.replace(/"/g,""),metadata:o.Metadata,acl:i,fileName:d,publicUrl:p};return await e.upload?.onUploaded?.(c),Response.json({key:t,bucket:a,contentType:c.contentType,contentLength:c.contentLength,eTag:c.eTag,acl:i,fileName:d,publicUrl:p})})}function N(e){return l(async n=>{let{searchParams:r}=new URL(n.url),t=r.get("key")?.trim();if(!t)return Response.json({message:"key query parameter is required"},{status:400});let a=r.get("bucket")?.trim()||e.defaultBucket,s=k(r.get("expiresIn")),o=r.get("fileName")?.trim(),i=await u(e.download?.guard,{request:n,key:t,bucket:a,fileName:o||void 0});if(i)return i;try{await e.s3.send(new HeadObjectCommand({Bucket:a,Key:t}));}catch(d){let c=d?.name;if(c==="NoSuchKey"||c==="NotFound")return Response.json({message:"Object not found"},{status:404});throw d}let p=await getSignedUrl(e.s3,new GetObjectCommand({Bucket:a,Key:t,ResponseContentDisposition:o?b(o):"attachment"}),{expiresIn:s});return await e.download?.onPresigned?.({request:n,key:t,bucket:a,fileName:o||void 0,url:p,expiresIn:s}),Response.json({bucket:a,key:t,url:p,expiresIn:s})})}function j(e){return l(async n=>{let{searchParams:r}=new URL(n.url),t=r.get("key")?.trim();if(!t)return Response.json({message:"key query parameter is required"},{status:400});let a=r.get("bucket")?.trim()||e.defaultBucket,s=await u(e.delete?.guard,{request:n,key:t,bucket:a});if(s)return s;try{await e.s3.send(new HeadObjectCommand({Bucket:a,Key:t}));}catch{return Response.json({message:"Object not found"},{status:404})}return await e.s3.send(new DeleteObjectCommand({Bucket:a,Key:t})),await e.delete?.onDeleted?.({request:n,key:t,bucket:a}),Response.json({success:!0,bucket:a,key:t})})}function U(e){return l(async n=>{let r=await g(n);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=m(r.key,"key");if(t instanceof Response)return t;let a=r.bucket?.trim()||e.defaultBucket,s=r.acl==="public-read"?"public-read":"private",o=typeof r.fileSize=="number"&&r.fileSize>0?Math.floor(r.fileSize):void 0;if(o!==void 0&&e.maxFileSize&&o>e.maxFileSize)return Response.json({message:`File size (${o} bytes) exceeds the maximum allowed size of ${e.maxFileSize} bytes`},{status:413});let i=await u(e.multipart?.guard,{request:n,key:t,bucket:a,fileSize:o});if(i)return i;let{UploadId:p}=await e.s3.send(new CreateMultipartUploadCommand({Bucket:a,Key:t,ContentType:r.contentType,ContentDisposition:r.fileName?b(r.fileName):void 0,Metadata:r.metadata,ACL:s}));return await e.multipart?.onInit?.({request:n,key:t,bucket:a,uploadId:p,contentType:r.contentType,fileSize:o,metadata:r.metadata,acl:s}),Response.json({bucket:a,key:t,uploadId:p},{status:201})})}function z(e){return l(async n=>{let r=await g(n);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=m(r.key,"key");if(t instanceof Response)return t;let a=m(r.uploadId,"uploadId");if(a instanceof Response)return a;let s=Number(r.partNumber);if(!Number.isInteger(s)||s<=0)return Response.json({message:"partNumber must be a positive integer"},{status:400});let o=r.bucket?.trim()||e.defaultBucket,i=k(r.expiresIn),p=await u(e.multipart?.guard,{request:n,key:t,bucket:o});if(p)return p;let d=await getSignedUrl(e.s3,new UploadPartCommand({Bucket:o,Key:t,UploadId:a,PartNumber:s}),{expiresIn:i});return Response.json({presignedUrl:d,partNumber:s,uploadId:a,bucket:o,expiresIn:i})})}function M(e){return l(async n=>{let r=await g(n);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=m(r.key,"key");if(t instanceof Response)return t;let a=m(r.uploadId,"uploadId");if(a instanceof Response)return a;let s=(Array.isArray(r.parts)?r.parts:[]).map(({partNumber:y,eTag:S})=>({PartNumber:Number(y),ETag:String(S)})).filter(y=>Number.isInteger(y.PartNumber)&&y.ETag).sort((y,S)=>y.PartNumber-S.PartNumber);if(!s.length)return Response.json({message:"At least one valid part is required"},{status:400});let o=r.bucket?.trim()||e.defaultBucket,i=await u(e.multipart?.guard,{request:n,key:t,bucket:o});if(i)return i;await e.s3.send(new CompleteMultipartUploadCommand({Bucket:o,Key:t,UploadId:a,MultipartUpload:{Parts:s}}));let p=await e.s3.send(new HeadObjectCommand({Bucket:o,Key:t})),d=p.ContentLength??0,c=p.ContentType,H=p.ETag?.replace(/"/g,""),R=await C(e.s3,o,t),x=w(e.resolvePublicUrl,o,t,R),h=P(p.ContentDisposition);return e.maxFileSize&&d>e.maxFileSize?(await e.s3.send(new DeleteObjectCommand({Bucket:o,Key:t})).catch(()=>{}),Response.json({message:`File size (${d} bytes) exceeds the maximum allowed size of ${e.maxFileSize} bytes`},{status:422})):(await e.multipart?.onComplete?.({request:n,key:t,bucket:o,uploadId:a,contentLength:d,contentType:c,eTag:H,acl:R,fileName:h,publicUrl:x}),Response.json({bucket:o,key:t,uploadId:a,contentLength:d,contentType:c,eTag:H,acl:R,fileName:h,publicUrl:x}))})}function F(e){return l(async n=>{let r=await g(n);if(!r)return Response.json({message:"Invalid JSON payload"},{status:400});let t=m(r.key,"key");if(t instanceof Response)return t;let a=m(r.uploadId,"uploadId");if(a instanceof Response)return a;let s=r.bucket?.trim()||e.defaultBucket,o=await u(e.multipart?.guard,{request:n,key:t,bucket:s});return o||(await e.s3.send(new AbortMultipartUploadCommand({Bucket:s,Key:t,UploadId:a})),await e.multipart?.onAbort?.({request:n,key:t,bucket:s,uploadId:a}),Response.json({bucket:s,key:t,uploadId:a,aborted:!0}))})}function E(e){return {presign:{upload:I(e),confirm:T(e),download:N(e)},multipart:{init:U(e),part:z(e),complete:M(e),abort:F(e)},delete:j(e)}}var f=()=>Response.json({message:"Not Found"},{status:404});function Y(e){let n=E(e),r=e.basePath.replace(/\/$/,"");return async t=>{let a=await u(e.guard,{request:t});if(a)return a;let o=new URL(t.url).pathname.slice(r.length).replace(/^\//,""),i=t.method;return i==="POST"&&o==="presign/upload"?e.upload?.enabled?n.presign.upload(t):f():i==="POST"&&o==="presign/upload/confirm"?e.upload?.enabled?n.presign.confirm(t):f():i==="GET"&&o==="presign/download"?e.download?.enabled?n.presign.download(t):f():i==="DELETE"&&o==="delete"?e.delete?.enabled?n.delete(t):f():i==="POST"&&o==="presign/multipart/init"?e.multipart?.enabled?n.multipart.init(t):f():i==="POST"&&o==="presign/multipart/part"?e.multipart?.enabled?n.multipart.part(t):f():i==="POST"&&o==="presign/multipart/complete"?e.multipart?.enabled?n.multipart.complete(t):f():i==="POST"&&o==="presign/multipart/abort"?e.multipart?.enabled?n.multipart.abort(t):f():Response.json({message:"Not Found"},{status:404})}}function O(e="/api/s3"){let n=e.replace(/\/$/,""),r=async(a,s)=>{let o=await fetch(a,s);if(!o.ok){let i=await o.json().catch(()=>({}));throw new Error(i.message??o.statusText)}return o.json()},t=(a,s)=>r(a,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(s)});return {upload(a){return t(`${n}/presign/upload`,a)},confirm(a){return t(`${n}/presign/upload/confirm`,a)},download(a,s){let o=new URLSearchParams({key:a});if(s?.fileName){let i=s.fileName.replace(/["\\\r\n]/g,"_");o.set("fileName",i);}return s?.bucket&&o.set("bucket",s.bucket),r(`${n}/presign/download?${o}`)},delete(a,s){let o=new URLSearchParams({key:a});return s?.bucket&&o.set("bucket",s.bucket),r(`${n}/delete?${o}`,{method:"DELETE"})},multipart:{init(a){return t(`${n}/presign/multipart/init`,a)},signPart(a){return t(`${n}/presign/multipart/part`,a)},complete(a){return t(`${n}/presign/multipart/complete`,a)},abort(a){return t(`${n}/presign/multipart/abort`,a)}}}}function ee(e,n){if(n.accept?.length&&!n.accept.some(t=>t.startsWith(".")?e.name.toLowerCase().endsWith(t.toLowerCase()):t.endsWith("/*")?e.type.startsWith(t.replace("/*","/")):e.type===t)){let t=e.name.includes(".")?e.name.split(".").pop():null;return `File type "${t?`.${t}`:e.type||"unknown"}" is not allowed`}return e.size===0?"File is empty":n.maxFileSize&&e.size>n.maxFileSize?`File size exceeds ${(n.maxFileSize/1048576).toFixed(1)} MB limit`:null}
2
+ export{T as createConfirmHandler,j as createDeleteHandler,N as createDownloadHandler,E as createHandlers,F as createMultipartAbortHandler,M as createMultipartCompleteHandler,U as createMultipartInitHandler,z as createMultipartPartHandler,O as createPresignApi,Y as createRouter,O as createS3Api,I as createUploadHandler,ee as validateFile};//# sourceMappingURL=index.js.map
3
3
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/helpers.ts","../src/handlers/presign/upload.ts","../src/handlers/presign/confirm.ts","../src/handlers/presign/download.ts","../src/handlers/delete.ts","../src/handlers/multipart/init.ts","../src/handlers/multipart/part.ts","../src/handlers/multipart/complete.ts","../src/handlers/multipart/abort.ts","../src/create-handlers.ts","../src/router.ts","../src/api.ts","../src/validate.ts"],"names":["buildContentDisposition","fileName","ascii","encoded","parseBody","request","body","requireString","value","name","trimmed","normalizeExpiresIn","n","withS3ErrorHandler","handler","err","message","runHook","hook","context","status","MAX_UPLOAD_SIZE","createUploadHandler","config","key","bucket","expiresIn","acl","contentType","fileSize","guardResult","fields","k","v","rangeMin","rangeMax","url","signedFields","createPresignedPost","createConfirmHandler","head","HeadObjectCommand","createDownloadHandler","searchParams","getSignedUrl","GetObjectCommand","createDeleteHandler","DeleteObjectCommand","createMultipartInitHandler","UploadId","CreateMultipartUploadCommand","createMultipartPartHandler","uploadId","partNumber","presignedUrl","UploadPartCommand","createMultipartCompleteHandler","parts","eTag","p","a","CompleteMultipartUploadCommand","contentLength","createMultipartAbortHandler","AbortMultipartUploadCommand","createHandlers","disabled","createRouter","handlers","base","features","subpath","method","createS3Api","basePath","json","init","res","post","payload","options","params","safe","validateFile","file","type","ext"],"mappings":"wTASO,SAASA,EAAwBC,CAAAA,CAA0B,CAChE,IAAMC,CAAAA,CAAQD,CAAAA,CAAS,OAAA,CAAQ,eAAA,CAAiB,GAAG,EAAE,OAAA,CAAQ,QAAA,CAAU,GAAG,CAAA,CACpEE,CAAAA,CAAU,kBAAA,CAAmBF,CAAQ,CAAA,CAC3C,OAAO,CAAA,sBAAA,EAAyBC,CAAK,CAAA,oBAAA,EAAuBC,CAAO,CAAA,CACrE,CAEA,eAAsBC,CAAAA,CACpBC,EACmB,CACnB,GAAI,CACF,IAAMC,CAAAA,CAAO,MAAMD,CAAAA,CAAQ,IAAA,GAC3B,OAAOC,CAAAA,EAAQ,OAAOA,CAAAA,EAAS,QAAA,CAAYA,CAAAA,CAAa,IAC1D,CAAA,KAAQ,CACN,OAAO,IACT,CACF,CAEO,SAASC,CAAAA,CAAcC,CAAAA,CAAgBC,CAAAA,CAAiC,CAC7E,IAAMC,CAAAA,CAAU,OAAOF,CAAAA,EAAU,QAAA,CAAWA,CAAAA,CAAM,IAAA,EAAK,CAAI,GAC3D,OAAKE,CAAAA,EACI,QAAA,CAAS,IAAA,CAAK,CAAE,OAAA,CAAS,CAAA,EAAGD,CAAI,cAAe,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,CAG5E,CAEO,SAASE,EAAmBH,CAAAA,CAAwB,CACzD,IAAMI,CAAAA,CAAI,MAAA,CAAOJ,CAAK,CAAA,CACtB,OAAO,OAAO,QAAA,CAASI,CAAC,CAAA,EAAKA,CAAAA,CAAI,CAAA,CAAI,IAAA,CAAK,KAAA,CAAMA,CAAC,EAAI,GACvD,CAEO,SAASC,CAAAA,CACdC,CAAAA,CACA,CACA,OAAO,MAAOT,GAAqB,CACjC,GAAI,CACF,OAAO,MAAMS,CAAAA,CAAQT,CAAO,CAC9B,OAASU,CAAAA,CAAK,CACZ,IAAMC,CAAAA,CACJD,CAAAA,YAAe,KAAA,CAAQA,CAAAA,CAAI,OAAA,CAAU,wBACvC,OAAA,OAAA,CAAQ,KAAA,CAAM,UAAA,CAAYC,CAAO,CAAA,CAC1B,QAAA,CAAS,IAAA,CAAK,CAAE,QAAAA,CAAQ,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,CACnD,CACF,CACF,CAMA,eAAsBC,CAAAA,CACpBC,CAAAA,CACAC,CAAAA,CAC0B,CAC1B,GAAI,CAACD,EAAM,OAAO,IAAA,CAClB,GAAI,CACF,OAAA,MAAMA,CAAAA,CAAKC,CAAO,CAAA,CACX,IACT,CAAA,MAASJ,CAAAA,CAAK,CACZ,IAAMC,CAAAA,CAAUD,CAAAA,YAAe,KAAA,CAAQA,CAAAA,CAAI,QAAU,WAAA,CAC/CK,CAAAA,CACJ,OAAQL,CAAAA,EAAiC,MAAA,EAAW,QAAA,CAC9CA,CAAAA,CAAgC,MAAA,CAClC,IACN,OAAO,QAAA,CAAS,IAAA,CAAK,CAAE,OAAA,CAAAC,CAAQ,CAAA,CAAG,CAAE,OAAAI,CAAO,CAAC,CAC9C,CACF,CC9DA,IAAMC,CAAAA,CAAkB,CAAA,CAAI,KAAO,IAAA,CAAO,IAAA,CAqBnC,SAASC,CAAAA,CAAoBC,CAAAA,CAAyB,CAC3D,OAAOV,CAAAA,CAAmB,MAAOR,CAAAA,EAAqB,CACpD,IAAMC,CAAAA,CAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,sBAAuB,EAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMkB,CAAAA,CAAMjB,CAAAA,CAAcD,EAAK,GAAA,CAAK,KAAK,CAAA,CACzC,GAAIkB,CAAAA,YAAe,QAAA,CAAU,OAAOA,CAAAA,CAEpC,IAAMC,CAAAA,CAASnB,CAAAA,CAAK,MAAA,EAAQ,IAAA,EAAK,EAAKiB,CAAAA,CAAO,aAAA,CACvCG,CAAAA,CAAYf,EAAmBL,CAAAA,CAAK,SAAS,CAAA,CAC7CqB,CAAAA,CAAMrB,CAAAA,CAAK,GAAA,GAAQ,aAAA,CAAgB,aAAA,CAAgB,UACnDsB,CAAAA,CAActB,CAAAA,CAAK,WAAA,EAAa,IAAA,EAAK,EAAK,0BAAA,CAC1CuB,CAAAA,CACJ,OAAOvB,EAAK,QAAA,EAAa,QAAA,EAAYA,CAAAA,CAAK,QAAA,CAAW,CAAA,CACjD,IAAA,CAAK,KAAA,CAAMA,CAAAA,CAAK,QAAQ,CAAA,CACxB,IAAA,CAEN,GACEuB,CAAAA,GAAa,IAAA,EACbN,CAAAA,CAAO,WAAA,EACPM,CAAAA,CAAWN,EAAO,WAAA,CAElB,OAAO,QAAA,CAAS,IAAA,CACd,CACE,OAAA,CAAS,CAAA,WAAA,EAAcM,CAAQ,+CAA+CN,CAAAA,CAAO,WAAW,CAAA,MAAA,CAClG,CAAA,CACA,CAAE,MAAA,CAAQ,GAAI,CAChB,EAGF,IAAMO,CAAAA,CAAc,MAAMb,CAAAA,CAAQM,CAAAA,CAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,CAAO,CAC7D,OAAA,CAAAlB,CAAAA,CACA,GAAA,CAAAmB,CAAAA,CACA,MAAA,CAAAC,CAAAA,CACA,WAAA,CAAanB,CAAAA,CAAK,YAClB,QAAA,CAAUuB,CAAAA,EAAY,KAAA,CAAA,CACtB,QAAA,CAAUvB,CAAAA,CAAK,QAAA,CACf,GAAA,CAAAqB,CACF,CAAC,CAAA,CACD,GAAIG,CAAAA,CAAa,OAAOA,CAAAA,CAIxB,IAAMC,CAAAA,CAAiC,CAAE,IAAAJ,CAAAA,CAAK,cAAA,CAAgBC,CAAY,CAAA,CAM1E,GAJItB,CAAAA,CAAK,QAAA,GACPyB,CAAAA,CAAO,qBAAqB,CAAA,CAAI/B,CAAAA,CAAwBM,CAAAA,CAAK,QAAQ,CAAA,CAAA,CAGnEA,CAAAA,CAAK,QAAA,CACP,IAAA,GAAW,CAAC0B,CAAAA,CAAGC,CAAC,CAAA,GAAK,MAAA,CAAO,OAAA,CAAQ3B,CAAAA,CAAK,QAAQ,CAAA,CAC/CyB,EAAO,CAAA,WAAA,EAAcC,CAAC,CAAA,CAAE,CAAA,CAAIC,CAAAA,CAUhC,IAAMC,CAAAA,CAAWL,CAAAA,EAAY,EACvBM,CAAAA,CAAWN,CAAAA,EAAYN,CAAAA,CAAO,WAAA,EAAeF,CAAAA,CAE7C,CAAE,GAAA,CAAAe,CAAAA,CAAK,OAAQC,CAAa,CAAA,CAAI,MAAMC,mBAAAA,CAAoBf,CAAAA,CAAO,EAAA,CAAI,CACzE,MAAA,CAAQE,EACR,GAAA,CAAKD,CAAAA,CACL,UAAA,CAAY,CAAC,CAAC,sBAAA,CAAwBU,CAAAA,CAAUC,CAAQ,CAAC,CAAA,CACzD,MAAA,CAAQJ,CAAAA,CACR,OAAA,CAASL,CACX,CAAC,CAAA,CAED,OAAA,MAAMH,EAAO,KAAA,EAAO,MAAA,EAAQ,WAAA,GAAc,CACxC,OAAA,CAAAlB,CAAAA,CACA,GAAA,CAAAmB,CAAAA,CACA,OAAAC,CAAAA,CACA,WAAA,CAAanB,CAAAA,CAAK,WAAA,CAClB,QAAA,CAAUA,CAAAA,CAAK,QAAA,CACf,GAAA,CAAAqB,EACA,GAAA,CAAAS,CAAAA,CACA,SAAA,CAAAV,CACF,CAAC,CAAA,CAEM,QAAA,CAAS,IAAA,CAAK,CAAE,MAAA,CAAAD,CAAAA,CAAQ,GAAA,CAAAD,CAAAA,CAAK,GAAA,CAAAY,CAAAA,CAAK,MAAA,CAAQC,CAAAA,CAAc,UAAAX,CAAU,CAAC,CAC5E,CAAC,CACH,CC7GO,SAASa,CAAAA,CAAqBhB,CAAAA,CAAyB,CAC5D,OAAOV,CAAAA,CAAmB,MAAOR,GAAqB,CACpD,IAAMC,CAAAA,CAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,sBAAuB,CAAA,CAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMkB,CAAAA,CAAMjB,CAAAA,CAAcD,CAAAA,CAAK,IAAK,KAAK,CAAA,CACzC,GAAIkB,CAAAA,YAAe,QAAA,CAAU,OAAOA,CAAAA,CAEpC,IAAMC,EAASnB,CAAAA,CAAK,MAAA,EAAQ,IAAA,EAAK,EAAKiB,CAAAA,CAAO,aAAA,CAEvCO,CAAAA,CAAc,MAAMb,EAAQM,CAAAA,CAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,CAAO,CAC7D,OAAA,CAAAlB,CAAAA,CACA,GAAA,CAAAmB,EACA,MAAA,CAAAC,CACF,CAAC,CAAA,CACD,GAAIK,CAAAA,CAAa,OAAOA,CAAAA,CAExB,IAAMU,CAAAA,CAAO,MAAMjB,CAAAA,CAAO,EAAA,CAAG,IAAA,CAC3B,IAAIkB,iBAAAA,CAAkB,CAAE,OAAQhB,CAAAA,CAAQ,GAAA,CAAKD,CAAI,CAAC,CACpD,CAAA,CAEML,CAAAA,CAAU,CACd,QAAAd,CAAAA,CACA,GAAA,CAAAmB,CAAAA,CACA,MAAA,CAAAC,CAAAA,CACA,WAAA,CAAae,CAAAA,CAAK,WAAA,CAClB,cAAeA,CAAAA,CAAK,aAAA,EAAiB,CAAA,CACrC,IAAA,CAAMA,CAAAA,CAAK,IAAA,EAAM,OAAA,CAAQ,IAAA,CAAM,EAAE,CAAA,CACjC,QAAA,CAAUA,CAAAA,CAAK,QACjB,CAAA,CAEA,OAAA,MAAMjB,CAAAA,CAAO,KAAA,EAAO,QAAQ,UAAA,GAAaJ,CAAO,CAAA,CAEzC,QAAA,CAAS,IAAA,CAAK,CACnB,GAAA,CAAAK,CAAAA,CACA,OAAAC,CAAAA,CACA,WAAA,CAAaN,CAAAA,CAAQ,WAAA,CACrB,aAAA,CAAeA,CAAAA,CAAQ,aAAA,CACvB,IAAA,CAAMA,EAAQ,IAChB,CAAC,CACH,CAAC,CACH,CCvDO,SAASuB,EAAsBnB,CAAAA,CAAyB,CAC7D,OAAOV,CAAAA,CAAmB,MAAOR,CAAAA,EAAqB,CACpD,GAAM,CAAE,YAAA,CAAAsC,CAAa,CAAA,CAAI,IAAI,GAAA,CAAItC,CAAAA,CAAQ,GAAG,CAAA,CACtCmB,EAAMmB,CAAAA,CAAa,GAAA,CAAI,KAAK,CAAA,EAAG,IAAA,EAAK,CAC1C,GAAI,CAACnB,EACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,iCAAkC,CAAA,CAC7C,CAAE,OAAQ,GAAI,CAChB,CAAA,CAGF,IAAMC,CAAAA,CAASkB,CAAAA,CAAa,GAAA,CAAI,QAAQ,GAAG,IAAA,EAAK,EAAKpB,CAAAA,CAAO,aAAA,CACtDG,CAAAA,CAAYf,CAAAA,CAAmBgC,CAAAA,CAAa,GAAA,CAAI,WAAW,CAAC,CAAA,CAC5D1C,CAAAA,CAAW0C,CAAAA,CAAa,GAAA,CAAI,UAAU,CAAA,EAAG,IAAA,GAEzCb,CAAAA,CAAc,MAAMb,CAAAA,CAAQM,CAAAA,CAAO,KAAA,EAAO,QAAA,EAAU,KAAA,CAAO,CAC/D,QAAAlB,CAAAA,CACA,GAAA,CAAAmB,CAAAA,CACA,MAAA,CAAAC,CAAAA,CACA,QAAA,CAAUxB,CAAAA,EAAY,KAAA,CACxB,CAAC,CAAA,CACD,GAAI6B,CAAAA,CAAa,OAAOA,CAAAA,CAExB,GAAI,CACF,MAAMP,EAAO,EAAA,CAAG,IAAA,CAAK,IAAIkB,iBAAAA,CAAkB,CAAE,MAAA,CAAQhB,CAAAA,CAAQ,GAAA,CAAKD,CAAI,CAAC,CAAC,EAC1E,CAAA,MAAST,CAAAA,CAAc,CACrB,IAAMN,CAAAA,CAAQM,GAA2B,IAAA,CACzC,GAAIN,CAAAA,GAAS,WAAA,EAAeA,CAAAA,GAAS,UAAA,CACnC,OAAO,QAAA,CAAS,KAAK,CAAE,OAAA,CAAS,kBAAmB,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,EAEvE,MAAMM,CACR,CAEA,IAAMqB,CAAAA,CAAM,MAAMQ,YAAAA,CAChBrB,CAAAA,CAAO,GACP,IAAIsB,gBAAAA,CAAiB,CACnB,MAAA,CAAQpB,CAAAA,CACR,GAAA,CAAKD,CAAAA,CACL,0BAAA,CAA4BvB,EACxB,CAAA,sBAAA,EAAyBA,CAAQ,CAAA,CAAA,CAAA,CACjC,YACN,CAAC,CAAA,CACD,CAAE,SAAA,CAAAyB,CAAU,CACd,CAAA,CAEA,OAAA,MAAMH,CAAAA,CAAO,KAAA,EAAO,QAAA,EAAU,WAAA,GAAc,CAC1C,QAAAlB,CAAAA,CACA,GAAA,CAAAmB,CAAAA,CACA,MAAA,CAAAC,CAAAA,CACA,QAAA,CAAUxB,CAAAA,EAAY,KAAA,CAAA,CACtB,IAAAmC,CAAAA,CACA,SAAA,CAAAV,CACF,CAAC,CAAA,CAEM,QAAA,CAAS,IAAA,CAAK,CAAE,OAAAD,CAAAA,CAAQ,GAAA,CAAAD,CAAAA,CAAK,GAAA,CAAAY,CAAAA,CAAK,SAAA,CAAAV,CAAU,CAAC,CACtD,CAAC,CACH,CCzDO,SAASoB,CAAAA,CAAoBvB,CAAAA,CAAyB,CAC3D,OAAOV,CAAAA,CAAmB,MAAOR,CAAAA,EAAqB,CACpD,GAAM,CAAE,YAAA,CAAAsC,CAAa,CAAA,CAAI,IAAI,GAAA,CAAItC,CAAAA,CAAQ,GAAG,CAAA,CACtCmB,CAAAA,CAAMmB,CAAAA,CAAa,GAAA,CAAI,KAAK,CAAA,EAAG,IAAA,EAAK,CAC1C,GAAI,CAACnB,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,iCAAkC,EAC7C,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMC,CAAAA,CAASkB,CAAAA,CAAa,IAAI,QAAQ,CAAA,EAAG,IAAA,EAAK,EAAKpB,CAAAA,CAAO,aAAA,CAEtDO,CAAAA,CAAc,MAAMb,EAAQM,CAAAA,CAAO,KAAA,EAAO,MAAA,EAAQ,KAAA,CAAO,CAC7D,OAAA,CAAAlB,CAAAA,CACA,GAAA,CAAAmB,EACA,MAAA,CAAAC,CACF,CAAC,CAAA,CACD,GAAIK,CAAAA,CAAa,OAAOA,CAAAA,CAExB,GAAI,CACF,MAAMP,CAAAA,CAAO,EAAA,CAAG,IAAA,CAAK,IAAIkB,iBAAAA,CAAkB,CAAE,OAAQhB,CAAAA,CAAQ,GAAA,CAAKD,CAAI,CAAC,CAAC,EAC1E,CAAA,KAAQ,CACN,OAAO,QAAA,CAAS,IAAA,CAAK,CAAE,OAAA,CAAS,kBAAmB,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,CACvE,CAEA,OAAA,MAAMD,CAAAA,CAAO,EAAA,CAAG,IAAA,CAAK,IAAIwB,oBAAoB,CAAE,MAAA,CAAQtB,CAAAA,CAAQ,GAAA,CAAKD,CAAI,CAAC,CAAC,CAAA,CAE1E,MAAMD,CAAAA,CAAO,KAAA,EAAO,MAAA,EAAQ,SAAA,GAAY,CAAE,OAAA,CAAAlB,CAAAA,CAAS,GAAA,CAAAmB,EAAK,MAAA,CAAAC,CAAO,CAAC,CAAA,CAEzD,QAAA,CAAS,IAAA,CAAK,CAAE,OAAA,CAAS,GAAM,MAAA,CAAAA,CAAAA,CAAQ,GAAA,CAAAD,CAAI,CAAC,CACrD,CAAC,CACH,CCdO,SAASwB,CAAAA,CAA2BzB,CAAAA,CAAyB,CAClE,OAAOV,CAAAA,CAAmB,MAAOR,CAAAA,EAAqB,CACpD,IAAMC,CAAAA,CAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,QAAS,sBAAuB,CAAA,CAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMkB,EAAMjB,CAAAA,CAAcD,CAAAA,CAAK,GAAA,CAAK,KAAK,CAAA,CACzC,GAAIkB,CAAAA,YAAe,QAAA,CAAU,OAAOA,CAAAA,CAEpC,IAAMC,CAAAA,CAASnB,CAAAA,CAAK,MAAA,EAAQ,IAAA,EAAK,EAAKiB,CAAAA,CAAO,cACvCI,CAAAA,CAAMrB,CAAAA,CAAK,GAAA,GAAQ,aAAA,CAAgB,aAAA,CAAgB,SAAA,CACnDuB,CAAAA,CACJ,OAAOvB,EAAK,QAAA,EAAa,QAAA,EAAYA,CAAAA,CAAK,QAAA,CAAW,CAAA,CACjD,IAAA,CAAK,KAAA,CAAMA,CAAAA,CAAK,QAAQ,CAAA,CACxB,KAAA,CAAA,CAEN,GACEuB,CAAAA,GAAa,KAAA,CAAA,EACbN,CAAAA,CAAO,WAAA,EACPM,CAAAA,CAAWN,EAAO,WAAA,CAElB,OAAO,QAAA,CAAS,IAAA,CACd,CACE,OAAA,CAAS,CAAA,WAAA,EAAcM,CAAQ,+CAA+CN,CAAAA,CAAO,WAAW,CAAA,MAAA,CAClG,CAAA,CACA,CAAE,MAAA,CAAQ,GAAI,CAChB,EAGF,IAAMO,CAAAA,CAAc,MAAMb,CAAAA,CAAQM,CAAAA,CAAO,KAAA,EAAO,SAAA,EAAW,KAAA,CAAO,CAChE,OAAA,CAAAlB,CAAAA,CACA,GAAA,CAAAmB,CAAAA,CACA,MAAA,CAAAC,CAAAA,CACA,QAAA,CAAAI,CACF,CAAC,CAAA,CACD,GAAIC,CAAAA,CAAa,OAAOA,CAAAA,CAExB,GAAM,CAAE,QAAA,CAAAmB,CAAS,CAAA,CAAI,MAAM1B,CAAAA,CAAO,EAAA,CAAG,IAAA,CACnC,IAAI2B,4BAAAA,CAA6B,CAC/B,OAAQzB,CAAAA,CACR,GAAA,CAAKD,CAAAA,CACL,WAAA,CAAalB,CAAAA,CAAK,WAAA,CAClB,kBAAA,CAAoBA,CAAAA,CAAK,SACrBN,CAAAA,CAAwBM,CAAAA,CAAK,QAAQ,CAAA,CACrC,KAAA,CAAA,CACJ,QAAA,CAAUA,CAAAA,CAAK,QAAA,CACf,IAAKqB,CACP,CAAC,CACH,CAAA,CAEA,OAAA,MAAMJ,CAAAA,CAAO,KAAA,EAAO,SAAA,EAAW,SAAS,CACtC,OAAA,CAAAlB,CAAAA,CACA,GAAA,CAAAmB,CAAAA,CACA,MAAA,CAAAC,CAAAA,CACA,QAAA,CAAUwB,EACV,WAAA,CAAa3C,CAAAA,CAAK,WAAA,CAClB,QAAA,CAAAuB,CAAAA,CACA,QAAA,CAAUvB,CAAAA,CAAK,QAAA,CACf,IAAAqB,CACF,CAAC,CAAA,CAEM,QAAA,CAAS,KAAK,CAAE,MAAA,CAAAF,CAAAA,CAAQ,GAAA,CAAAD,EAAK,QAAA,CAAUyB,CAAS,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,CAC3E,CAAC,CACH,CCtEO,SAASE,CAAAA,CAA2B5B,CAAAA,CAAyB,CAClE,OAAOV,CAAAA,CAAmB,MAAOR,GAAqB,CACpD,IAAMC,CAAAA,CAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,sBAAuB,CAAA,CAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMkB,CAAAA,CAAMjB,CAAAA,CAAcD,CAAAA,CAAK,IAAK,KAAK,CAAA,CACzC,GAAIkB,CAAAA,YAAe,QAAA,CAAU,OAAOA,CAAAA,CAEpC,IAAM4B,EAAW7C,CAAAA,CAAcD,CAAAA,CAAK,QAAA,CAAU,UAAU,CAAA,CACxD,GAAI8C,CAAAA,YAAoB,QAAA,CAAU,OAAOA,CAAAA,CAEzC,IAAMC,CAAAA,CAAa,MAAA,CAAO/C,CAAAA,CAAK,UAAU,CAAA,CACzC,GAAI,CAAC,MAAA,CAAO,SAAA,CAAU+C,CAAU,CAAA,EAAKA,CAAAA,EAAc,CAAA,CACjD,OAAO,QAAA,CAAS,KACd,CAAE,OAAA,CAAS,uCAAwC,CAAA,CACnD,CAAE,MAAA,CAAQ,GAAI,CAChB,EAGF,IAAM5B,CAAAA,CAASnB,CAAAA,CAAK,MAAA,EAAQ,IAAA,EAAK,EAAKiB,CAAAA,CAAO,aAAA,CACvCG,EAAYf,CAAAA,CAAmBL,CAAAA,CAAK,SAAS,CAAA,CAE7CwB,CAAAA,CAAc,MAAMb,CAAAA,CAAQM,CAAAA,CAAO,OAAO,SAAA,EAAW,KAAA,CAAO,CAChE,OAAA,CAAAlB,CAAAA,CACA,GAAA,CAAAmB,CAAAA,CACA,MAAA,CAAAC,CACF,CAAC,CAAA,CACD,GAAIK,CAAAA,CAAa,OAAOA,CAAAA,CAExB,IAAMwB,CAAAA,CAAe,MAAMV,YAAAA,CACzBrB,CAAAA,CAAO,EAAA,CACP,IAAIgC,iBAAAA,CAAkB,CACpB,MAAA,CAAQ9B,CAAAA,CACR,IAAKD,CAAAA,CACL,QAAA,CAAU4B,CAAAA,CACV,UAAA,CAAYC,CACd,CAAC,CAAA,CACD,CAAE,UAAA3B,CAAU,CACd,CAAA,CAEA,OAAO,QAAA,CAAS,IAAA,CAAK,CACnB,YAAA,CAAA4B,EACA,UAAA,CAAAD,CAAAA,CACA,QAAA,CAAAD,CAAAA,CACA,MAAA,CAAA3B,CAAAA,CACA,SAAA,CAAAC,CACF,CAAC,CACH,CAAC,CACH,CCnDO,SAAS8B,CAAAA,CAA+BjC,CAAAA,CAAyB,CACtE,OAAOV,EAAmB,MAAOR,CAAAA,EAAqB,CACpD,IAAMC,CAAAA,CAAO,MAAMF,CAAAA,CAAmBC,CAAO,EAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,sBAAuB,CAAA,CAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMkB,CAAAA,CAAMjB,EAAcD,CAAAA,CAAK,GAAA,CAAK,KAAK,CAAA,CACzC,GAAIkB,CAAAA,YAAe,QAAA,CAAU,OAAOA,EAEpC,IAAM4B,CAAAA,CAAW7C,CAAAA,CAAcD,CAAAA,CAAK,QAAA,CAAU,UAAU,CAAA,CACxD,GAAI8C,aAAoB,QAAA,CAAU,OAAOA,CAAAA,CAEzC,IAAMK,CAAAA,CAAAA,CAAS,KAAA,CAAM,OAAA,CAAQnD,CAAAA,CAAK,KAAK,CAAA,CAAIA,CAAAA,CAAK,KAAA,CAAQ,EAAC,EACtD,GAAA,CAAI,CAAC,CAAE,WAAA+C,CAAAA,CAAY,IAAA,CAAAK,CAAK,CAAA,IAAO,CAC9B,UAAA,CAAY,MAAA,CAAOL,CAAU,EAC7B,IAAA,CAAM,MAAA,CAAOK,CAAI,CACnB,CAAA,CAAE,CAAA,CACD,MAAA,CAAQC,CAAAA,EAAM,OAAO,SAAA,CAAUA,CAAAA,CAAE,UAAU,CAAA,EAAKA,CAAAA,CAAE,IAAI,CAAA,CACtD,IAAA,CAAK,CAACC,CAAAA,CAAG,CAAA,GAAMA,CAAAA,CAAE,UAAA,CAAa,CAAA,CAAE,UAAU,CAAA,CAE7C,GAAI,CAACH,CAAAA,CAAM,MAAA,CACT,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,qCAAsC,EACjD,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMhC,CAAAA,CAASnB,CAAAA,CAAK,QAAQ,IAAA,EAAK,EAAKiB,CAAAA,CAAO,aAAA,CAEvCO,CAAAA,CAAc,MAAMb,CAAAA,CAAQM,CAAAA,CAAO,OAAO,SAAA,EAAW,KAAA,CAAO,CAChE,OAAA,CAAAlB,CAAAA,CACA,GAAA,CAAAmB,CAAAA,CACA,MAAA,CAAAC,CACF,CAAC,CAAA,CACD,GAAIK,CAAAA,CAAa,OAAOA,CAAAA,CAExB,MAAMP,CAAAA,CAAO,GAAG,IAAA,CACd,IAAIsC,8BAAAA,CAA+B,CACjC,MAAA,CAAQpC,CAAAA,CACR,GAAA,CAAKD,CAAAA,CACL,SAAU4B,CAAAA,CACV,eAAA,CAAiB,CAAE,KAAA,CAAOK,CAAM,CAClC,CAAC,CACH,EAKA,IAAMjB,CAAAA,CAAO,MAAMjB,CAAAA,CAAO,EAAA,CAAG,IAAA,CAC3B,IAAIkB,iBAAAA,CAAkB,CAAE,MAAA,CAAQhB,CAAAA,CAAQ,GAAA,CAAKD,CAAI,CAAC,CACpD,CAAA,CACMsC,CAAAA,CAAgBtB,EAAK,aAAA,EAAiB,CAAA,CACtCZ,CAAAA,CAAcY,CAAAA,CAAK,WAAA,CACnBkB,CAAAA,CAAOlB,CAAAA,CAAK,IAAA,EAAM,QAAQ,IAAA,CAAM,EAAE,CAAA,CAExC,OAAIjB,CAAAA,CAAO,WAAA,EAAeuC,CAAAA,CAAgBvC,CAAAA,CAAO,aAG/C,MAAMA,CAAAA,CAAO,EAAA,CACV,IAAA,CAAK,IAAIwB,mBAAAA,CAAoB,CAAE,MAAA,CAAQtB,EAAQ,GAAA,CAAKD,CAAI,CAAC,CAAC,CAAA,CAC1D,KAAA,CAAM,IAAM,CAAC,CAAC,CAAA,CACV,QAAA,CAAS,IAAA,CACd,CACE,OAAA,CAAS,CAAA,WAAA,EAAcsC,CAAa,CAAA,4CAAA,EAA+CvC,EAAO,WAAW,CAAA,MAAA,CACvG,CAAA,CACA,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,GAGF,MAAMA,CAAAA,CAAO,KAAA,EAAO,SAAA,EAAW,UAAA,GAAa,CAC1C,OAAA,CAAAlB,CAAAA,CACA,GAAA,CAAAmB,EACA,MAAA,CAAAC,CAAAA,CACA,QAAA,CAAA2B,CAAAA,CACA,aAAA,CAAAU,CAAAA,CACA,WAAA,CAAAlC,CAAAA,CACA,KAAA8B,CACF,CAAC,CAAA,CAEM,QAAA,CAAS,IAAA,CAAK,CAAE,MAAA,CAAAjC,CAAAA,CAAQ,IAAAD,CAAAA,CAAK,QAAA,CAAA4B,CAAAA,CAAU,aAAA,CAAAU,CAAAA,CAAe,WAAA,CAAAlC,CAAAA,CAAa,IAAA,CAAA8B,CAAK,CAAC,CAAA,CAClF,CAAC,CACH,CC3FO,SAASK,CAAAA,CAA4BxC,CAAAA,CAAyB,CACnE,OAAOV,CAAAA,CAAmB,MAAOR,CAAAA,EAAqB,CACpD,IAAMC,CAAAA,CAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,EACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,sBAAuB,CAAA,CAClC,CAAE,OAAQ,GAAI,CAChB,CAAA,CAGF,IAAMkB,CAAAA,CAAMjB,CAAAA,CAAcD,CAAAA,CAAK,GAAA,CAAK,KAAK,CAAA,CACzC,GAAIkB,CAAAA,YAAe,QAAA,CAAU,OAAOA,CAAAA,CAEpC,IAAM4B,CAAAA,CAAW7C,EAAcD,CAAAA,CAAK,QAAA,CAAU,UAAU,CAAA,CACxD,GAAI8C,CAAAA,YAAoB,QAAA,CAAU,OAAOA,EAEzC,IAAM3B,CAAAA,CAASnB,CAAAA,CAAK,MAAA,EAAQ,IAAA,EAAK,EAAKiB,CAAAA,CAAO,aAAA,CAEvCO,EAAc,MAAMb,CAAAA,CAAQM,CAAAA,CAAO,KAAA,EAAO,SAAA,EAAW,KAAA,CAAO,CAChE,OAAA,CAAAlB,EACA,GAAA,CAAAmB,CAAAA,CACA,MAAA,CAAAC,CACF,CAAC,CAAA,CACD,OAAIK,CAAAA,GAEJ,MAAMP,CAAAA,CAAO,EAAA,CAAG,IAAA,CACd,IAAIyC,2BAAAA,CAA4B,CAC9B,MAAA,CAAQvC,CAAAA,CACR,IAAKD,CAAAA,CACL,QAAA,CAAU4B,CACZ,CAAC,CACH,CAAA,CAEA,MAAM7B,CAAAA,CAAO,OAAO,SAAA,EAAW,OAAA,GAAU,CACvC,OAAA,CAAAlB,CAAAA,CACA,GAAA,CAAAmB,CAAAA,CACA,MAAA,CAAAC,EACA,QAAA,CAAA2B,CACF,CAAC,CAAA,CAEM,QAAA,CAAS,IAAA,CAAK,CAAE,MAAA,CAAA3B,EAAQ,GAAA,CAAAD,CAAAA,CAAK,QAAA,CAAA4B,CAAAA,CAAU,OAAA,CAAS,CAAA,CAAK,CAAC,CAAA,CAC/D,CAAC,CACH,CC/CO,SAASa,CAAAA,CAAe1C,CAAAA,CAAqC,CAClE,OAAO,CACL,QAAS,CACP,MAAA,CAAQD,CAAAA,CAAoBC,CAAM,CAAA,CAClC,OAAA,CAASgB,CAAAA,CAAqBhB,CAAM,EACpC,QAAA,CAAUmB,CAAAA,CAAsBnB,CAAM,CACxC,CAAA,CACA,SAAA,CAAW,CACT,IAAA,CAAMyB,EAA2BzB,CAAM,CAAA,CACvC,IAAA,CAAM4B,CAAAA,CAA2B5B,CAAM,CAAA,CACvC,QAAA,CAAUiC,CAAAA,CAA+BjC,CAAM,CAAA,CAC/C,KAAA,CAAOwC,CAAAA,CAA4BxC,CAAM,CAC3C,CAAA,CACA,MAAA,CAAQuB,CAAAA,CAAoBvB,CAAM,CACpC,CACF,CCrBA,IAAM2C,CAAAA,CAAW,IAAM,QAAA,CAAS,IAAA,CAAK,CAAE,OAAA,CAAS,WAAY,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,CAAA,CAEvE,SAASC,CAAAA,CAAa5C,CAAAA,CAA8B,CACzD,IAAM6C,CAAAA,CAAWH,CAAAA,CAAe1C,CAAM,CAAA,CAChC8C,EAAO9C,CAAAA,CAAO,QAAA,CAAS,OAAA,CAAQ,KAAA,CAAO,EAAE,CAAA,CACxC,CAAE,QAAA,CAAA+C,CAAS,CAAA,CAAI/C,CAAAA,CAErB,OAAO,MAAOlB,CAAAA,EAAwC,CAEpD,IAAMyB,CAAAA,CAAc,MAAMb,CAAAA,CAAQM,CAAAA,CAAO,KAAA,EAAO,KAAA,CAAO,CAAE,OAAA,CAAAlB,CAAQ,CAAC,EAClE,GAAIyB,CAAAA,CAAa,OAAOA,CAAAA,CAGxB,IAAMyC,CAAAA,CADM,IAAI,GAAA,CAAIlE,EAAQ,GAAG,CAAA,CACX,QAAA,CAAS,KAAA,CAAMgE,CAAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,MAAO,EAAE,CAAA,CAC3DG,CAAAA,CAASnE,CAAAA,CAAQ,MAAA,CAEvB,OAAImE,CAAAA,GAAW,MAAA,EAAUD,IAAY,gBAAA,CAC5BD,CAAAA,CAAS,MAAA,CAASF,CAAAA,CAAS,OAAA,CAAQ,MAAA,CAAO/D,CAAO,CAAA,CAAI6D,GAAS,CACnEM,CAAAA,GAAW,MAAA,EAAUD,CAAAA,GAAY,wBAAA,CAC5BD,CAAAA,CAAS,MAAA,CAASF,CAAAA,CAAS,QAAQ,OAAA,CAAQ/D,CAAO,CAAA,CAAI6D,CAAAA,EAAS,CACpEM,CAAAA,GAAW,KAAA,EAASD,CAAAA,GAAY,mBAC3BD,CAAAA,CAAS,QAAA,CACZF,CAAAA,CAAS,OAAA,CAAQ,QAAA,CAAS/D,CAAO,CAAA,CACjC6D,CAAAA,GACFM,CAAAA,GAAW,QAAA,EAAYD,CAAAA,GAAY,QAAA,CAC9BD,CAAAA,CAAS,MAAA,CAASF,CAAAA,CAAS,MAAA,CAAO/D,CAAO,CAAA,CAAI6D,CAAAA,EAAS,CAC3DM,CAAAA,GAAW,MAAA,EAAUD,CAAAA,GAAY,wBAAA,CAC5BD,CAAAA,CAAS,UAAYF,CAAAA,CAAS,SAAA,CAAU,IAAA,CAAK/D,CAAO,CAAA,CAAI6D,CAAAA,EAAS,CACtEM,CAAAA,GAAW,QAAUD,CAAAA,GAAY,wBAAA,CAC5BD,CAAAA,CAAS,SAAA,CAAYF,CAAAA,CAAS,SAAA,CAAU,IAAA,CAAK/D,CAAO,EAAI6D,CAAAA,EAAS,CACtEM,CAAAA,GAAW,MAAA,EAAUD,CAAAA,GAAY,4BAAA,CAC5BD,CAAAA,CAAS,SAAA,CACZF,EAAS,SAAA,CAAU,QAAA,CAAS/D,CAAO,CAAA,CACnC6D,CAAAA,EAAS,CACXM,CAAAA,GAAW,MAAA,EAAUD,IAAY,yBAAA,CAC5BD,CAAAA,CAAS,SAAA,CACZF,CAAAA,CAAS,SAAA,CAAU,KAAA,CAAM/D,CAAO,CAAA,CAChC6D,GAAS,CAER,QAAA,CAAS,IAAA,CAAK,CAAE,OAAA,CAAS,WAAY,CAAA,CAAG,CAAE,OAAQ,GAAI,CAAC,CAChE,CACF,CC2DO,SAASO,CAAAA,CAAYC,CAAAA,CAAW,UAAkB,CACvD,IAAML,CAAAA,CAAOK,CAAAA,CAAS,OAAA,CAAQ,KAAA,CAAO,EAAE,CAAA,CAEjCC,EAAO,MAAUvC,CAAAA,CAAawC,CAAAA,GAAmC,CACrE,IAAMC,CAAAA,CAAM,MAAM,KAAA,CAAMzC,EAAKwC,CAAI,CAAA,CACjC,GAAI,CAACC,CAAAA,CAAI,EAAA,CAAI,CACX,IAAMvE,EAAO,MAAMuE,CAAAA,CAAI,IAAA,EAAK,CAAE,KAAA,CAAM,KAAO,EAAC,CAAE,EAC9C,MAAM,IAAI,KAAA,CAAOvE,CAAAA,CAA8B,OAAA,EAAWuE,CAAAA,CAAI,UAAU,CAC1E,CACA,OAAOA,CAAAA,CAAI,IAAA,EACb,CAAA,CAEMC,CAAAA,CAAO,CAAI1C,CAAAA,CAAa9B,IAC5BqE,CAAAA,CAAQvC,CAAAA,CAAK,CACX,MAAA,CAAQ,MAAA,CACR,OAAA,CAAS,CAAE,cAAA,CAAgB,kBAAmB,CAAA,CAC9C,IAAA,CAAM,IAAA,CAAK,SAAA,CAAU9B,CAAI,CAC3B,CAAC,CAAA,CAEH,OAAO,CACL,MAAA,CAAOyE,CAAAA,CAAS,CACd,OAAOD,CAAAA,CAA4B,CAAA,EAAGT,CAAI,kBAAmBU,CAAO,CACtE,CAAA,CAEA,OAAA,CAAQA,CAAAA,CAAS,CACf,OAAOD,CAAAA,CACL,GAAGT,CAAI,CAAA,uBAAA,CAAA,CACPU,CACF,CACF,CAAA,CAEA,QAAA,CAASvD,CAAAA,CAAKwD,CAAAA,CAAU,CACtB,IAAMC,CAAAA,CAAS,IAAI,eAAA,CAAgB,CAAE,GAAA,CAAAzD,CAAI,CAAC,EAC1C,GAAIwD,CAAAA,EAAS,QAAA,CAAU,CACrB,IAAME,CAAAA,CAAOF,CAAAA,CAAQ,QAAA,CAAS,QAAQ,YAAA,CAAc,GAAG,CAAA,CACvDC,CAAAA,CAAO,GAAA,CAAI,UAAA,CAAYC,CAAI,EAC7B,CACA,OAAIF,CAAAA,EAAS,MAAA,EAAQC,CAAAA,CAAO,GAAA,CAAI,QAAA,CAAUD,CAAAA,CAAQ,MAAM,EACjDL,CAAAA,CAAsB,CAAA,EAAGN,CAAI,CAAA,kBAAA,EAAqBY,CAAM,CAAA,CAAE,CACnE,CAAA,CAEA,OAAOzD,CAAAA,CAAKwD,CAAAA,CAAU,CACpB,IAAMC,CAAAA,CAAS,IAAI,eAAA,CAAgB,CAAE,IAAAzD,CAAI,CAAC,CAAA,CAC1C,OAAIwD,CAAAA,EAAS,MAAA,EAAQC,CAAAA,CAAO,GAAA,CAAI,SAAUD,CAAAA,CAAQ,MAAM,CAAA,CACjDL,CAAAA,CACL,CAAA,EAAGN,CAAI,CAAA,QAAA,EAAWY,CAAM,GACxB,CAAE,MAAA,CAAQ,QAAS,CACrB,CACF,CAAA,CAEA,SAAA,CAAW,CACT,KAAKF,CAAAA,CAAS,CACZ,OAAOD,CAAAA,CACL,CAAA,EAAGT,CAAI,CAAA,uBAAA,CAAA,CACPU,CACF,CACF,CAAA,CAEA,QAAA,CAASA,CAAAA,CAAS,CAChB,OAAOD,CAAAA,CACL,CAAA,EAAGT,CAAI,0BACPU,CACF,CACF,CAAA,CAEA,QAAA,CAASA,CAAAA,CAAS,CAChB,OAAOD,CAAAA,CAOJ,GAAGT,CAAI,CAAA,2BAAA,CAAA,CAA+BU,CAAO,CAClD,CAAA,CAEA,KAAA,CAAMA,CAAAA,CAAS,CACb,OAAOD,CAAAA,CACL,CAAA,EAAGT,CAAI,CAAA,wBAAA,CAAA,CACPU,CACF,CACF,CACF,CACF,CACF,CC5LO,SAASI,CAAAA,CACdC,CAAAA,CACAJ,CAAAA,CACe,CACf,GAAIA,CAAAA,CAAQ,QAAQ,MAAA,EAad,CAZYA,CAAAA,CAAQ,MAAA,CAAO,IAAA,CAAMK,CAAAA,EAE/BA,CAAAA,CAAK,UAAA,CAAW,GAAG,CAAA,CACdD,CAAAA,CAAK,IAAA,CAAK,WAAA,EAAY,CAAE,QAAA,CAASC,CAAAA,CAAK,WAAA,EAAa,CAAA,CAGxDA,CAAAA,CAAK,QAAA,CAAS,IAAI,CAAA,CACbD,CAAAA,CAAK,IAAA,CAAK,UAAA,CAAWC,EAAK,OAAA,CAAQ,IAAA,CAAM,GAAG,CAAC,CAAA,CAG9CD,CAAAA,CAAK,IAAA,GAASC,CACtB,EACa,CACZ,IAAMC,CAAAA,CAAMF,CAAAA,CAAK,IAAA,CAAK,QAAA,CAAS,GAAG,CAAA,CAAIA,EAAK,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA,CAAE,GAAA,EAAI,CAAI,IAAA,CACnE,OAAO,cAAcE,CAAAA,CAAM,CAAA,CAAA,EAAIA,CAAG,CAAA,CAAA,CAAKF,CAAAA,CAAK,IAAA,EAAQ,SAAS,CAAA,gBAAA,CAC/D,CAGF,OAAIA,CAAAA,CAAK,IAAA,GAAS,CAAA,CACT,eAAA,CAGLJ,CAAAA,CAAQ,WAAA,EAAeI,CAAAA,CAAK,KAAOJ,CAAAA,CAAQ,WAAA,CAEtC,CAAA,kBAAA,EAAA,CADQA,CAAAA,CAAQ,YAAe,OAAA,EAAc,OAAA,CAAQ,CAAC,CAC5B,YAG5B,IACT","file":"index.js","sourcesContent":["/**\n * Builds a RFC 6266 `Content-Disposition` value for a file attachment.\n * Includes both the ASCII-safe `filename` fallback and the RFC 5987\n * `filename*` parameter for full Unicode support.\n *\n * @example\n * buildContentDisposition(\"résumé finale.pdf\")\n * // → 'attachment; filename=\"resume finale.pdf\"; filename*=UTF-8\\'\\'r%C3%A9sum%C3%A9%20finale.pdf'\n */\nexport function buildContentDisposition(fileName: string): string {\n const ascii = fileName.replace(/[^\\x20-\\x7E]/g, \"_\").replace(/[\"\\\\]/g, \"_\");\n const encoded = encodeURIComponent(fileName);\n return `attachment; filename=\"${ascii}\"; filename*=UTF-8''${encoded}`;\n}\n\nexport async function parseBody<T extends Record<string, unknown>>(\n request: Request,\n): Promise<T | null> {\n try {\n const body = await request.json();\n return body && typeof body === \"object\" ? (body as T) : null;\n } catch {\n return null;\n }\n}\n\nexport function requireString(value: unknown, name: string): string | Response {\n const trimmed = typeof value === \"string\" ? value.trim() : \"\";\n if (!trimmed) {\n return Response.json({ message: `${name} is required` }, { status: 400 });\n }\n return trimmed;\n}\n\nexport function normalizeExpiresIn(value: unknown): number {\n const n = Number(value);\n return Number.isFinite(n) && n > 0 ? Math.floor(n) : 600;\n}\n\nexport function withS3ErrorHandler(\n handler: (request: Request) => Promise<Response>,\n) {\n return async (request: Request) => {\n try {\n return await handler(request);\n } catch (err) {\n const message =\n err instanceof Error ? err.message : \"Internal server error\";\n console.error(\"[S3 API]\", message);\n return Response.json({ message }, { status: 500 });\n }\n };\n}\n\n/**\n * Run a server hook. Returns a Response if the hook rejects (throws),\n * or `null` if the hook passes (or is undefined).\n */\nexport async function runHook<T>(\n hook: ((context: T) => Promise<void> | void) | undefined,\n context: T,\n): Promise<Response | null> {\n if (!hook) return null;\n try {\n await hook(context);\n return null;\n } catch (err) {\n const message = err instanceof Error ? err.message : \"Forbidden\";\n const status =\n typeof (err as Record<string, unknown>)?.status === \"number\"\n ? ((err as Record<string, unknown>).status as number)\n : 403;\n return Response.json({ message }, { status });\n }\n}\n","import { createPresignedPost } from \"@aws-sdk/s3-presigned-post\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n normalizeExpiresIn,\n buildContentDisposition,\n runHook,\n withS3ErrorHandler,\n} from \"../../helpers\";\n\n// 5 GiB — S3 single-object upload limit\nconst MAX_UPLOAD_SIZE = 5 * 1024 * 1024 * 1024;\n\ntype Payload = {\n key: string;\n contentType?: string;\n /**\n * Exact byte size of the file the client intends to upload.\n * When provided the presigned POST policy locks `content-length-range` to\n * `[fileSize, fileSize]`, so S3 rejects any upload that is not exactly this\n * size — even if the client tampers with the payload.\n * When omitted the range is `[1, maxFileSize ?? 5 GiB]`.\n */\n fileSize?: number;\n metadata?: Record<string, string>;\n bucket?: string;\n expiresIn?: number;\n acl?: \"private\" | \"public-read\";\n /** Original file name. Stored as `Content-Disposition: attachment; filename=\"...\"` on the S3 object. */\n fileName?: string;\n};\n\nexport function createUploadHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n const expiresIn = normalizeExpiresIn(body.expiresIn);\n const acl = body.acl === \"public-read\" ? \"public-read\" : \"private\";\n const contentType = body.contentType?.trim() || \"application/octet-stream\";\n const fileSize =\n typeof body.fileSize === \"number\" && body.fileSize > 0\n ? Math.floor(body.fileSize)\n : null;\n\n if (\n fileSize !== null &&\n config.maxFileSize &&\n fileSize > config.maxFileSize\n ) {\n return Response.json(\n {\n message: `File size (${fileSize} bytes) exceeds the maximum allowed size of ${config.maxFileSize} bytes`,\n },\n { status: 413 },\n );\n }\n\n const guardResult = await runHook(config.hooks?.upload?.guard, {\n request,\n key,\n bucket,\n contentType: body.contentType,\n fileSize: fileSize ?? undefined,\n metadata: body.metadata,\n acl,\n });\n if (guardResult) return guardResult;\n\n // Build presigned POST fields. Fields are embedded in the signed policy\n // so the client cannot change them without invalidating the signature.\n const fields: Record<string, string> = { acl, \"Content-Type\": contentType };\n\n if (body.fileName) {\n fields[\"Content-Disposition\"] = buildContentDisposition(body.fileName);\n }\n\n if (body.metadata) {\n for (const [k, v] of Object.entries(body.metadata)) {\n fields[`x-amz-meta-${k}`] = v;\n }\n }\n\n // `content-length-range` is enforced by S3 at the storage layer —\n // uploads outside this range are rejected before the object is stored.\n //\n // When the client declares fileSize: S3 locks the range to exactly that\n // number of bytes, so uploading a different-sized file is impossible.\n // When fileSize is not declared: falls back to [1, maxFileSize ?? 5 GiB].\n const rangeMin = fileSize ?? 1;\n const rangeMax = fileSize ?? config.maxFileSize ?? MAX_UPLOAD_SIZE;\n\n const { url, fields: signedFields } = await createPresignedPost(config.s3, {\n Bucket: bucket,\n Key: key,\n Conditions: [[\"content-length-range\", rangeMin, rangeMax]],\n Fields: fields,\n Expires: expiresIn,\n });\n\n await config.hooks?.upload?.onPresigned?.({\n request,\n key,\n bucket,\n contentType: body.contentType,\n metadata: body.metadata,\n acl,\n url,\n expiresIn,\n });\n\n return Response.json({ bucket, key, url, fields: signedFields, expiresIn });\n });\n}\n","import { HeadObjectCommand } from \"@aws-sdk/client-s3\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n runHook,\n withS3ErrorHandler,\n} from \"../../helpers\";\n\ntype Payload = {\n key: string;\n bucket?: string;\n};\n\nexport function createConfirmHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n\n const guardResult = await runHook(config.hooks?.upload?.guard, {\n request,\n key,\n bucket,\n });\n if (guardResult) return guardResult;\n\n const head = await config.s3.send(\n new HeadObjectCommand({ Bucket: bucket, Key: key }),\n );\n\n const context = {\n request,\n key,\n bucket,\n contentType: head.ContentType,\n contentLength: head.ContentLength ?? 0,\n eTag: head.ETag?.replace(/\"/g, \"\"),\n metadata: head.Metadata,\n };\n\n await config.hooks?.upload?.onUploaded?.(context);\n\n return Response.json({\n key,\n bucket,\n contentType: context.contentType,\n contentLength: context.contentLength,\n eTag: context.eTag,\n });\n });\n}\n","import { GetObjectCommand, HeadObjectCommand } from \"@aws-sdk/client-s3\";\nimport { getSignedUrl } from \"@aws-sdk/s3-request-presigner\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport { normalizeExpiresIn, runHook, withS3ErrorHandler } from \"../../helpers\";\n\nexport function createDownloadHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const { searchParams } = new URL(request.url);\n const key = searchParams.get(\"key\")?.trim();\n if (!key) {\n return Response.json(\n { message: \"key query parameter is required\" },\n { status: 400 },\n );\n }\n\n const bucket = searchParams.get(\"bucket\")?.trim() || config.defaultBucket;\n const expiresIn = normalizeExpiresIn(searchParams.get(\"expiresIn\"));\n const fileName = searchParams.get(\"fileName\")?.trim();\n\n const guardResult = await runHook(config.hooks?.download?.guard, {\n request,\n key,\n bucket,\n fileName: fileName || undefined,\n });\n if (guardResult) return guardResult;\n\n try {\n await config.s3.send(new HeadObjectCommand({ Bucket: bucket, Key: key }));\n } catch (err: unknown) {\n const name = (err as { name?: string })?.name;\n if (name === \"NoSuchKey\" || name === \"NotFound\") {\n return Response.json({ message: \"Object not found\" }, { status: 404 });\n }\n throw err;\n }\n\n const url = await getSignedUrl(\n config.s3,\n new GetObjectCommand({\n Bucket: bucket,\n Key: key,\n ResponseContentDisposition: fileName\n ? `attachment; filename=\"${fileName}\"`\n : \"attachment\",\n }),\n { expiresIn },\n );\n\n await config.hooks?.download?.onPresigned?.({\n request,\n key,\n bucket,\n fileName: fileName || undefined,\n url,\n expiresIn,\n });\n\n return Response.json({ bucket, key, url, expiresIn });\n });\n}\n","import { DeleteObjectCommand, HeadObjectCommand } from \"@aws-sdk/client-s3\";\nimport type { S3HandlerConfig } from \"../types\";\nimport { runHook, withS3ErrorHandler } from \"../helpers\";\n\nexport function createDeleteHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const { searchParams } = new URL(request.url);\n const key = searchParams.get(\"key\")?.trim();\n if (!key) {\n return Response.json(\n { message: \"key query parameter is required\" },\n { status: 400 },\n );\n }\n\n const bucket = searchParams.get(\"bucket\")?.trim() || config.defaultBucket;\n\n const guardResult = await runHook(config.hooks?.delete?.guard, {\n request,\n key,\n bucket,\n });\n if (guardResult) return guardResult;\n\n try {\n await config.s3.send(new HeadObjectCommand({ Bucket: bucket, Key: key }));\n } catch {\n return Response.json({ message: \"Object not found\" }, { status: 404 });\n }\n\n await config.s3.send(new DeleteObjectCommand({ Bucket: bucket, Key: key }));\n\n await config.hooks?.delete?.onDeleted?.({ request, key, bucket });\n\n return Response.json({ success: true, bucket, key });\n });\n}\n","import { CreateMultipartUploadCommand } from \"@aws-sdk/client-s3\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n buildContentDisposition,\n runHook,\n withS3ErrorHandler,\n} from \"../../helpers\";\n\ntype Payload = {\n key: string;\n bucket?: string;\n contentType?: string;\n /** Declared total byte size of the file being uploaded. */\n fileSize?: number;\n metadata?: Record<string, string>;\n acl?: \"private\" | \"public-read\";\n /** Original file name. Stored as `Content-Disposition: attachment; filename=\"...\"` on the S3 object. */\n fileName?: string;\n};\n\nexport function createMultipartInitHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n const acl = body.acl === \"public-read\" ? \"public-read\" : \"private\";\n const fileSize =\n typeof body.fileSize === \"number\" && body.fileSize > 0\n ? Math.floor(body.fileSize)\n : undefined;\n\n if (\n fileSize !== undefined &&\n config.maxFileSize &&\n fileSize > config.maxFileSize\n ) {\n return Response.json(\n {\n message: `File size (${fileSize} bytes) exceeds the maximum allowed size of ${config.maxFileSize} bytes`,\n },\n { status: 413 },\n );\n }\n\n const guardResult = await runHook(config.hooks?.multipart?.guard, {\n request,\n key,\n bucket,\n fileSize,\n });\n if (guardResult) return guardResult;\n\n const { UploadId } = await config.s3.send(\n new CreateMultipartUploadCommand({\n Bucket: bucket,\n Key: key,\n ContentType: body.contentType,\n ContentDisposition: body.fileName\n ? buildContentDisposition(body.fileName)\n : undefined,\n Metadata: body.metadata,\n ACL: acl,\n }),\n );\n\n await config.hooks?.multipart?.onInit?.({\n request,\n key,\n bucket,\n uploadId: UploadId!,\n contentType: body.contentType,\n fileSize,\n metadata: body.metadata,\n acl,\n });\n\n return Response.json({ bucket, key, uploadId: UploadId }, { status: 201 });\n });\n}\n","import { UploadPartCommand } from \"@aws-sdk/client-s3\";\nimport { getSignedUrl } from \"@aws-sdk/s3-request-presigner\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n normalizeExpiresIn,\n runHook,\n withS3ErrorHandler,\n} from \"../../helpers\";\n\ntype Payload = {\n key: string;\n uploadId: string;\n partNumber: number;\n bucket?: string;\n expiresIn?: number;\n};\n\nexport function createMultipartPartHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const uploadId = requireString(body.uploadId, \"uploadId\");\n if (uploadId instanceof Response) return uploadId;\n\n const partNumber = Number(body.partNumber);\n if (!Number.isInteger(partNumber) || partNumber <= 0) {\n return Response.json(\n { message: \"partNumber must be a positive integer\" },\n { status: 400 },\n );\n }\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n const expiresIn = normalizeExpiresIn(body.expiresIn);\n\n const guardResult = await runHook(config.hooks?.multipart?.guard, {\n request,\n key,\n bucket,\n });\n if (guardResult) return guardResult;\n\n const presignedUrl = await getSignedUrl(\n config.s3,\n new UploadPartCommand({\n Bucket: bucket,\n Key: key,\n UploadId: uploadId,\n PartNumber: partNumber,\n }),\n { expiresIn },\n );\n\n return Response.json({\n presignedUrl,\n partNumber,\n uploadId,\n bucket,\n expiresIn,\n });\n });\n}\n","import { CompleteMultipartUploadCommand, HeadObjectCommand, DeleteObjectCommand } from \"@aws-sdk/client-s3\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n runHook,\n withS3ErrorHandler,\n} from \"../../helpers\";\n\ntype PartEntry = {\n partNumber: number;\n eTag: string;\n};\n\ntype Payload = {\n key: string;\n uploadId: string;\n bucket?: string;\n parts: PartEntry[];\n};\n\nexport function createMultipartCompleteHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const uploadId = requireString(body.uploadId, \"uploadId\");\n if (uploadId instanceof Response) return uploadId;\n\n const parts = (Array.isArray(body.parts) ? body.parts : [])\n .map(({ partNumber, eTag }) => ({\n PartNumber: Number(partNumber),\n ETag: String(eTag),\n }))\n .filter((p) => Number.isInteger(p.PartNumber) && p.ETag)\n .sort((a, b) => a.PartNumber - b.PartNumber);\n\n if (!parts.length) {\n return Response.json(\n { message: \"At least one valid part is required\" },\n { status: 400 },\n );\n }\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n\n const guardResult = await runHook(config.hooks?.multipart?.guard, {\n request,\n key,\n bucket,\n });\n if (guardResult) return guardResult;\n\n await config.s3.send(\n new CompleteMultipartUploadCommand({\n Bucket: bucket,\n Key: key,\n UploadId: uploadId,\n MultipartUpload: { Parts: parts },\n }),\n );\n\n // Verify the actual uploaded object metadata via HeadObject.\n // This is the server's only opportunity to enforce maxFileSize for\n // multipart uploads, since individual parts bypass size checks.\n const head = await config.s3.send(\n new HeadObjectCommand({ Bucket: bucket, Key: key }),\n );\n const contentLength = head.ContentLength ?? 0;\n const contentType = head.ContentType;\n const eTag = head.ETag?.replace(/\"/g, \"\");\n\n if (config.maxFileSize && contentLength > config.maxFileSize) {\n // Delete the object and reject the request. The client has uploaded\n // more data than the server policy allows.\n await config.s3\n .send(new DeleteObjectCommand({ Bucket: bucket, Key: key }))\n .catch(() => {});\n return Response.json(\n {\n message: `File size (${contentLength} bytes) exceeds the maximum allowed size of ${config.maxFileSize} bytes`,\n },\n { status: 422 },\n );\n }\n\n await config.hooks?.multipart?.onComplete?.({\n request,\n key,\n bucket,\n uploadId,\n contentLength,\n contentType,\n eTag,\n });\n\n return Response.json({ bucket, key, uploadId, contentLength, contentType, eTag });\n });\n}\n","import { AbortMultipartUploadCommand } from \"@aws-sdk/client-s3\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n runHook,\n withS3ErrorHandler,\n} from \"../../helpers\";\n\ntype Payload = {\n key: string;\n uploadId: string;\n bucket?: string;\n};\n\nexport function createMultipartAbortHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const uploadId = requireString(body.uploadId, \"uploadId\");\n if (uploadId instanceof Response) return uploadId;\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n\n const guardResult = await runHook(config.hooks?.multipart?.guard, {\n request,\n key,\n bucket,\n });\n if (guardResult) return guardResult;\n\n await config.s3.send(\n new AbortMultipartUploadCommand({\n Bucket: bucket,\n Key: key,\n UploadId: uploadId,\n }),\n );\n\n await config.hooks?.multipart?.onAbort?.({\n request,\n key,\n bucket,\n uploadId,\n });\n\n return Response.json({ bucket, key, uploadId, aborted: true });\n });\n}\n","import type { S3HandlerConfig, S3Handlers } from \"./types\";\nimport { createUploadHandler } from \"./handlers/presign/upload\";\nimport { createConfirmHandler } from \"./handlers/presign/confirm\";\nimport { createDownloadHandler } from \"./handlers/presign/download\";\nimport { createDeleteHandler } from \"./handlers/delete\";\nimport { createMultipartInitHandler } from \"./handlers/multipart/init\";\nimport { createMultipartPartHandler } from \"./handlers/multipart/part\";\nimport { createMultipartCompleteHandler } from \"./handlers/multipart/complete\";\nimport { createMultipartAbortHandler } from \"./handlers/multipart/abort\";\n\nexport function createHandlers(config: S3HandlerConfig): S3Handlers {\n return {\n presign: {\n upload: createUploadHandler(config),\n confirm: createConfirmHandler(config),\n download: createDownloadHandler(config),\n },\n multipart: {\n init: createMultipartInitHandler(config),\n part: createMultipartPartHandler(config),\n complete: createMultipartCompleteHandler(config),\n abort: createMultipartAbortHandler(config),\n },\n delete: createDeleteHandler(config),\n };\n}\n","import type { S3RouteHandlerConfig } from \"./types\";\nimport { createHandlers } from \"./create-handlers\";\nimport { runHook } from \"./helpers\";\n\nconst disabled = () => Response.json({ message: \"Not Found\" }, { status: 404 });\n\nexport function createRouter(config: S3RouteHandlerConfig) {\n const handlers = createHandlers(config);\n const base = config.basePath.replace(/\\/$/, \"\");\n const { features } = config;\n\n return async (request: Request): Promise<Response> => {\n // Global guard — runs before every request\n const guardResult = await runHook(config.hooks?.guard, { request });\n if (guardResult) return guardResult;\n\n const url = new URL(request.url);\n const subpath = url.pathname.slice(base.length).replace(/^\\//, \"\");\n const method = request.method;\n\n if (method === \"POST\" && subpath === \"presign/upload\")\n return features.upload ? handlers.presign.upload(request) : disabled();\n if (method === \"POST\" && subpath === \"presign/upload/confirm\")\n return features.upload ? handlers.presign.confirm(request) : disabled();\n if (method === \"GET\" && subpath === \"presign/download\")\n return features.download\n ? handlers.presign.download(request)\n : disabled();\n if (method === \"DELETE\" && subpath === \"delete\")\n return features.delete ? handlers.delete(request) : disabled();\n if (method === \"POST\" && subpath === \"presign/multipart/init\")\n return features.multipart ? handlers.multipart.init(request) : disabled();\n if (method === \"POST\" && subpath === \"presign/multipart/part\")\n return features.multipart ? handlers.multipart.part(request) : disabled();\n if (method === \"POST\" && subpath === \"presign/multipart/complete\")\n return features.multipart\n ? handlers.multipart.complete(request)\n : disabled();\n if (method === \"POST\" && subpath === \"presign/multipart/abort\")\n return features.multipart\n ? handlers.multipart.abort(request)\n : disabled();\n\n return Response.json({ message: \"Not Found\" }, { status: 404 });\n };\n}\n","export type PresignResponse = {\n key: string;\n bucket: string;\n url: string;\n expiresIn: number;\n};\n\nexport type PresignedPostResponse = {\n key: string;\n bucket: string;\n url: string;\n fields: Record<string, string>;\n expiresIn: number;\n};\n\nexport type MultipartInitResponse = {\n key: string;\n bucket: string;\n uploadId: string;\n};\n\nexport type MultipartPartResponse = {\n presignedUrl: string;\n partNumber: number;\n uploadId: string;\n bucket: string;\n expiresIn: number;\n};\n\nexport type UploadConfirmResponse = {\n key: string;\n bucket: string;\n contentType?: string;\n contentLength: number;\n eTag?: string;\n};\n\nexport type S3Api = {\n upload: (payload: {\n key: string;\n contentType?: string;\n /**\n * Exact byte size of the file. When provided the presigned POST policy\n * locks `content-length-range` to `[fileSize, fileSize]` so S3 rejects\n * uploads of any other size at the storage layer.\n */\n fileSize?: number;\n metadata?: Record<string, string>;\n bucket?: string;\n acl?: \"private\" | \"public-read\";\n /** Original file name. Stored as `Content-Disposition` on the S3 object. */\n fileName?: string;\n }) => Promise<PresignedPostResponse>;\n confirm: (payload: {\n key: string;\n bucket?: string;\n }) => Promise<UploadConfirmResponse>;\n download: (\n key: string,\n options?: { fileName?: string; bucket?: string },\n ) => Promise<PresignResponse>;\n delete: (\n key: string,\n options?: { bucket?: string },\n ) => Promise<{ success: boolean; bucket: string; key: string }>;\n multipart: {\n init: (payload: {\n key: string;\n contentType?: string;\n /** Declared total byte size of the file. Used for quota/guard checks and stored in `onInit` context. */\n fileSize?: number;\n metadata?: Record<string, string>;\n bucket?: string;\n acl?: \"private\" | \"public-read\";\n /** Original file name. Stored as `Content-Disposition` on the S3 object. */\n fileName?: string;\n }) => Promise<MultipartInitResponse>;\n signPart: (payload: {\n key: string;\n uploadId: string;\n partNumber: number;\n bucket?: string;\n }) => Promise<MultipartPartResponse>;\n complete: (payload: {\n key: string;\n uploadId: string;\n parts: Array<{ partNumber: number; eTag: string }>;\n bucket?: string;\n }) => Promise<{\n key: string;\n bucket: string;\n uploadId: string;\n contentLength: number;\n contentType?: string;\n eTag?: string;\n }>;\n abort: (payload: {\n key: string;\n uploadId: string;\n bucket?: string;\n }) => Promise<{ aborted: boolean }>;\n };\n};\n\nexport function createS3Api(basePath = \"/api/s3\"): S3Api {\n const base = basePath.replace(/\\/$/, \"\");\n\n const json = async <T>(url: string, init?: RequestInit): Promise<T> => {\n const res = await fetch(url, init);\n if (!res.ok) {\n const body = await res.json().catch(() => ({}));\n throw new Error((body as { message?: string }).message ?? res.statusText);\n }\n return res.json() as Promise<T>;\n };\n\n const post = <T>(url: string, body: unknown): Promise<T> =>\n json<T>(url, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify(body),\n });\n\n return {\n upload(payload) {\n return post<PresignedPostResponse>(`${base}/presign/upload`, payload);\n },\n\n confirm(payload) {\n return post<UploadConfirmResponse>(\n `${base}/presign/upload/confirm`,\n payload,\n );\n },\n\n download(key, options?) {\n const params = new URLSearchParams({ key });\n if (options?.fileName) {\n const safe = options.fileName.replace(/[\"\\\\\\r\\n]/g, \"_\");\n params.set(\"fileName\", safe);\n }\n if (options?.bucket) params.set(\"bucket\", options.bucket);\n return json<PresignResponse>(`${base}/presign/download?${params}`);\n },\n\n delete(key, options?) {\n const params = new URLSearchParams({ key });\n if (options?.bucket) params.set(\"bucket\", options.bucket);\n return json<{ success: boolean; bucket: string; key: string }>(\n `${base}/delete?${params}`,\n { method: \"DELETE\" },\n );\n },\n\n multipart: {\n init(payload) {\n return post<MultipartInitResponse>(\n `${base}/presign/multipart/init`,\n payload,\n );\n },\n\n signPart(payload) {\n return post<MultipartPartResponse>(\n `${base}/presign/multipart/part`,\n payload,\n );\n },\n\n complete(payload) {\n return post<{\n key: string;\n bucket: string;\n uploadId: string;\n contentLength: number;\n contentType?: string;\n eTag?: string;\n }>(`${base}/presign/multipart/complete`, payload);\n },\n\n abort(payload) {\n return post<{ aborted: boolean }>(\n `${base}/presign/multipart/abort`,\n payload,\n );\n },\n },\n };\n}\n","export function validateFile(\n file: File,\n options: { accept?: string[]; maxFileSize?: number },\n): string | null {\n if (options.accept?.length) {\n const allowed = options.accept.some((type) => {\n // Extension check: \".pdf\", \".jpg\", etc.\n if (type.startsWith(\".\")) {\n return file.name.toLowerCase().endsWith(type.toLowerCase());\n }\n // Wildcard MIME: \"image/*\"\n if (type.endsWith(\"/*\")) {\n return file.type.startsWith(type.replace(\"/*\", \"/\"));\n }\n // Exact MIME: \"application/pdf\"\n return file.type === type;\n });\n if (!allowed) {\n const ext = file.name.includes(\".\") ? file.name.split(\".\").pop() : null;\n return `File type \"${ext ? `.${ext}` : file.type || \"unknown\"}\" is not allowed`;\n }\n }\n\n if (file.size === 0) {\n return \"File is empty\";\n }\n\n if (options.maxFileSize && file.size > options.maxFileSize) {\n const maxMB = (options.maxFileSize / (1024 * 1024)).toFixed(1);\n return `File size exceeds ${maxMB} MB limit`;\n }\n\n return null;\n}\n"]}
1
+ {"version":3,"sources":["../src/internal-helpers.ts","../src/helpers/build-content-disposition.ts","../src/helpers/build-public-url.ts","../src/helpers/parse-file-name.ts","../src/handlers/presign/upload.ts","../src/helpers/server/resolve-object-acl.ts","../src/handlers/presign/confirm.ts","../src/handlers/presign/download.ts","../src/handlers/delete.ts","../src/handlers/multipart/init.ts","../src/handlers/multipart/part.ts","../src/handlers/multipart/complete.ts","../src/handlers/multipart/abort.ts","../src/create-handlers.ts","../src/router.ts","../src/api.ts","../src/helpers/validate-file.ts"],"names":["parseBody","request","body","requireString","value","name","trimmed","normalizeExpiresIn","withS3ErrorHandler","handler","err","message","runHook","hook","context","status","buildContentDisposition","fileName","ascii","encoded","buildPublicUrl","publicUrlBase","bucket","key","acl","parseFileName","contentDisposition","utf8Match","MAX_UPLOAD_SIZE","createUploadHandler","config","expiresIn","contentType","fileSize","guardResult","fields","k","v","rangeMin","rangeMax","url","signedFields","createPresignedPost","resolveObjectAcl","s3","GetObjectAclCommand","g","createConfirmHandler","head","HeadObjectCommand","publicUrl","createDownloadHandler","searchParams","getSignedUrl","GetObjectCommand","createDeleteHandler","DeleteObjectCommand","createMultipartInitHandler","UploadId","CreateMultipartUploadCommand","createMultipartPartHandler","uploadId","partNumber","presignedUrl","UploadPartCommand","createMultipartCompleteHandler","parts","eTag","p","a","b","CompleteMultipartUploadCommand","contentLength","createMultipartAbortHandler","AbortMultipartUploadCommand","createHandlers","disabled","createRouter","handlers","base","subpath","method","createS3Api","basePath","json","init","res","post","payload","options","params","safe","validateFile","file","type","ext"],"mappings":"4UAAA,eAAsBA,EACpBC,CAAAA,CACmB,CACnB,GAAI,CACF,IAAMC,CAAAA,CAAO,MAAMD,CAAAA,CAAQ,IAAA,GAC3B,OAAOC,CAAAA,EAAQ,OAAOA,CAAAA,EAAS,QAAA,CAAYA,CAAAA,CAAa,IAC1D,CAAA,KAAQ,CACN,OAAO,IACT,CACF,CAEO,SAASC,CAAAA,CAAcC,CAAAA,CAAgBC,CAAAA,CAAiC,CAC7E,IAAMC,CAAAA,CAAU,OAAOF,CAAAA,EAAU,QAAA,CAAWA,CAAAA,CAAM,IAAA,EAAK,CAAI,EAAA,CAC3D,OAAKE,CAAAA,EACI,QAAA,CAAS,IAAA,CAAK,CAAE,QAAS,CAAA,EAAGD,CAAI,CAAA,YAAA,CAAe,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,CAG5E,CAEO,SAASE,CAAAA,CAAmBH,CAAAA,CAAwB,CACzD,IAAM,CAAA,CAAI,MAAA,CAAOA,CAAK,CAAA,CACtB,OAAO,MAAA,CAAO,QAAA,CAAS,CAAC,CAAA,EAAK,EAAI,CAAA,CAAI,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAI,GACvD,CAEO,SAASI,EACdC,CAAAA,CACA,CACA,OAAO,MAAOR,GAAqB,CACjC,GAAI,CACF,OAAO,MAAMQ,CAAAA,CAAQR,CAAO,CAC9B,CAAA,MAASS,CAAAA,CAAK,CACZ,IAAMC,CAAAA,CACJD,aAAe,KAAA,CAAQA,CAAAA,CAAI,OAAA,CAAU,uBAAA,CACvC,eAAQ,KAAA,CAAM,UAAA,CAAYC,CAAO,CAAA,CAC1B,SAAS,IAAA,CAAK,CAAE,OAAA,CAAAA,CAAQ,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,CACnD,CACF,CACF,CAMA,eAAsBC,CAAAA,CACpBC,CAAAA,CACAC,CAAAA,CAC0B,CAC1B,GAAI,CAACD,CAAAA,CAAM,OAAO,IAAA,CAClB,GAAI,CACF,OAAA,MAAMA,CAAAA,CAAKC,CAAO,EACX,IACT,CAAA,MAASJ,CAAAA,CAAK,CACZ,IAAMC,CAAAA,CAAUD,CAAAA,YAAe,KAAA,CAAQA,CAAAA,CAAI,QAAU,WAAA,CAC/CK,CAAAA,CACJ,OAAQL,CAAAA,EAAiC,MAAA,EAAW,QAAA,CAC9CA,CAAAA,CAAgC,MAAA,CAClC,IACN,OAAO,QAAA,CAAS,IAAA,CAAK,CAAE,QAAAC,CAAQ,CAAA,CAAG,CAAE,MAAA,CAAAI,CAAO,CAAC,CAC9C,CACF,CC/CO,SAASC,CAAAA,CAAwBC,CAAAA,CAA0B,CAChE,IAAMC,CAAAA,CAAQD,CAAAA,CAAS,OAAA,CAAQ,eAAA,CAAiB,GAAG,CAAA,CAAE,OAAA,CAAQ,QAAA,CAAU,GAAG,EACpEE,CAAAA,CAAU,kBAAA,CAAmBF,CAAQ,CAAA,CAC3C,OAAO,CAAA,sBAAA,EAAyBC,CAAK,CAAA,oBAAA,EAAuBC,CAAO,CAAA,CACrE,CCNO,SAASC,CAAAA,CACdC,EACAC,CAAAA,CACAC,CAAAA,CACAC,CAAAA,CACoB,CACpB,OAAIA,CAAAA,GAAQ,aAAA,EAAiB,CAACH,CAAAA,CAAe,OAEtC,CAAA,EADMA,CAAAA,CAAcC,CAAM,CAAA,CAAE,QAAQ,KAAA,CAAO,EAAE,CACtC,CAAA,CAAA,EAAIC,CAAG,CAAA,CACvB,CCXO,SAASE,CAAAA,CACdC,EACoB,CACpB,GAAI,CAACA,CAAAA,CAAoB,OAEzB,IAAMC,CAAAA,CAAYD,CAAAA,CAAmB,MAAM,8BAA8B,CAAA,CACzE,GAAIC,CAAAA,CACF,GAAI,CACF,OAAO,kBAAA,CAAmBA,CAAAA,CAAU,CAAC,CAAC,CACxC,CAAA,KAAQ,CAER,CAIF,OADmBD,CAAAA,CAAmB,KAAA,CAAM,qBAAqB,CAAA,GAC7C,CAAC,CACvB,CCZA,IAAME,CAAAA,CAAkB,CAAA,CAAI,IAAA,CAAO,IAAA,CAAO,KAqBnC,SAASC,CAAAA,CAAoBC,CAAAA,CAAyB,CAC3D,OAAOtB,CAAAA,CAAmB,MAAOP,CAAAA,EAAqB,CACpD,IAAMC,CAAAA,CAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,sBAAuB,CAAA,CAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMqB,CAAAA,CAAMpB,CAAAA,CAAcD,EAAK,GAAA,CAAK,KAAK,CAAA,CACzC,GAAIqB,aAAe,QAAA,CAAU,OAAOA,CAAAA,CAEpC,IAAMD,CAAAA,CAASpB,CAAAA,CAAK,MAAA,EAAQ,IAAA,IAAU4B,CAAAA,CAAO,aAAA,CACvCC,CAAAA,CAAYxB,CAAAA,CAAmBL,EAAK,SAAS,CAAA,CAC7CsB,CAAAA,CAAMtB,CAAAA,CAAK,MAAQ,aAAA,CAAgB,aAAA,CAAgB,SAAA,CACnD8B,CAAAA,CAAc9B,CAAAA,CAAK,WAAA,EAAa,IAAA,EAAK,EAAK,2BAC1C+B,CAAAA,CACJ,OAAO/B,CAAAA,CAAK,QAAA,EAAa,UAAYA,CAAAA,CAAK,QAAA,CAAW,CAAA,CACjD,IAAA,CAAK,MAAMA,CAAAA,CAAK,QAAQ,CAAA,CACxB,IAAA,CAEN,GACE+B,CAAAA,GAAa,IAAA,EACbH,CAAAA,CAAO,aACPG,CAAAA,CAAWH,CAAAA,CAAO,WAAA,CAElB,OAAO,SAAS,IAAA,CACd,CACE,OAAA,CAAS,CAAA,WAAA,EAAcG,CAAQ,CAAA,4CAAA,EAA+CH,CAAAA,CAAO,WAAW,CAAA,MAAA,CAClG,EACA,CAAE,MAAA,CAAQ,GAAI,CAChB,EAGF,IAAMI,CAAAA,CAAc,MAAMtB,CAAAA,CAAQkB,EAAO,MAAA,EAAQ,KAAA,CAAO,CACtD,OAAA,CAAA7B,EACA,GAAA,CAAAsB,CAAAA,CACA,MAAA,CAAAD,CAAAA,CACA,WAAA,CAAapB,CAAAA,CAAK,WAAA,CAClB,QAAA,CAAU+B,GAAY,KAAA,CAAA,CACtB,QAAA,CAAU/B,CAAAA,CAAK,QAAA,CACf,IAAAsB,CACF,CAAC,CAAA,CACD,GAAIU,EAAa,OAAOA,CAAAA,CAOxB,IAAMC,CAAAA,CAAiC,CAAE,GAAA,CAAAX,CAAAA,CAAK,cAAA,CAAgBQ,CAAY,CAAA,CAM1E,GAJI9B,CAAAA,CAAK,QAAA,GACPiC,EAAO,qBAAqB,CAAA,CAAInB,CAAAA,CAAwBd,CAAAA,CAAK,QAAQ,CAAA,CAAA,CAGnEA,CAAAA,CAAK,QAAA,CACP,IAAA,GAAW,CAACkC,CAAAA,CAAGC,CAAC,CAAA,GAAK,OAAO,OAAA,CAAQnC,CAAAA,CAAK,QAAQ,CAAA,CAC/CiC,EAAO,CAAA,WAAA,EAAcC,CAAC,CAAA,CAAE,CAAA,CAAIC,EAUhC,IAAMC,CAAAA,CAAWL,CAAAA,EAAY,CAAA,CACvBM,EAAWN,CAAAA,EAAYH,CAAAA,CAAO,WAAA,EAAeF,CAAAA,CAE7C,CAAE,GAAA,CAAAY,CAAAA,CAAK,MAAA,CAAQC,CAAa,EAAI,MAAMC,mBAAAA,CAAoBZ,CAAAA,CAAO,EAAA,CAAI,CACzE,MAAA,CAAQR,CAAAA,CACR,GAAA,CAAKC,CAAAA,CACL,UAAA,CAAY,CAAC,CAAC,sBAAA,CAAwBe,EAAUC,CAAQ,CAAC,CAAA,CACzD,MAAA,CAAQJ,EACR,OAAA,CAASJ,CACX,CAAC,CAAA,CAED,aAAMD,CAAAA,CAAO,MAAA,EAAQ,WAAA,GAAc,CACjC,OAAA,CAAA7B,CAAAA,CACA,GAAA,CAAAsB,CAAAA,CACA,OAAAD,CAAAA,CACA,WAAA,CAAapB,CAAAA,CAAK,WAAA,CAClB,SAAUA,CAAAA,CAAK,QAAA,CACf,GAAA,CAAAsB,CAAAA,CACA,IAAAgB,CAAAA,CACA,SAAA,CAAAT,CACF,CAAC,CAAA,CAEM,QAAA,CAAS,IAAA,CAAK,CAAE,OAAAT,CAAAA,CAAQ,GAAA,CAAAC,CAAAA,CAAK,GAAA,CAAAiB,EAAK,MAAA,CAAQC,CAAAA,CAAc,SAAA,CAAAV,CAAU,CAAC,CAC5E,CAAC,CACH,CCrHA,eAAsBY,CAAAA,CACpBC,EACAtB,CAAAA,CACAC,CAAAA,CACoC,CACpC,GAAI,CASF,OAAA,CARe,MAAMqB,CAAAA,CAAG,IAAA,CACtB,IAAIC,mBAAAA,CAAoB,CAAE,MAAA,CAAQvB,EAAQ,GAAA,CAAKC,CAAI,CAAC,CACtD,GACwB,MAAA,EAAQ,IAAA,CAC7BuB,CAAAA,EACCA,CAAAA,CAAE,SAAS,GAAA,GAAQ,iDAAA,GAClBA,CAAAA,CAAE,UAAA,GAAe,MAAA,EAAUA,CAAAA,CAAE,UAAA,GAAe,cAAA,CACjD,EACkB,aAAA,CAAgB,SACpC,CAAA,KAAQ,CACN,OAAO,SACT,CACF,CCXO,SAASC,EAAqBjB,CAAAA,CAAyB,CAC5D,OAAOtB,CAAAA,CAAmB,MAAOP,CAAAA,EAAqB,CACpD,IAAMC,EAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,KACd,CAAE,OAAA,CAAS,sBAAuB,CAAA,CAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMqB,CAAAA,CAAMpB,CAAAA,CAAcD,CAAAA,CAAK,GAAA,CAAK,KAAK,CAAA,CACzC,GAAIqB,CAAAA,YAAe,QAAA,CAAU,OAAOA,CAAAA,CAEpC,IAAMD,CAAAA,CAASpB,CAAAA,CAAK,MAAA,EAAQ,IAAA,EAAK,EAAK4B,CAAAA,CAAO,cAEvCI,CAAAA,CAAc,MAAMtB,CAAAA,CAAQkB,CAAAA,CAAO,QAAQ,KAAA,CAAO,CACtD,OAAA,CAAA7B,CAAAA,CACA,IAAAsB,CAAAA,CACA,MAAA,CAAAD,CACF,CAAC,CAAA,CACD,GAAIY,CAAAA,CAAa,OAAOA,EAExB,IAAMc,CAAAA,CAAO,MAAMlB,CAAAA,CAAO,GAAG,IAAA,CAC3B,IAAImB,iBAAAA,CAAkB,CAAE,OAAQ3B,CAAAA,CAAQ,GAAA,CAAKC,CAAI,CAAC,CACpD,CAAA,CAEMC,CAAAA,CAAM,MAAMmB,EAAiBb,CAAAA,CAAO,EAAA,CAAIR,CAAAA,CAAQC,CAAG,EACnD2B,CAAAA,CAAY9B,CAAAA,CAAeU,CAAAA,CAAO,gBAAA,CAAkBR,EAAQC,CAAAA,CAAKC,CAAG,CAAA,CACpEP,CAAAA,CAAWQ,EAAcuB,CAAAA,CAAK,kBAAkB,CAAA,CAEhDlC,CAAAA,CAAU,CACd,OAAA,CAAAb,CAAAA,CACA,GAAA,CAAAsB,CAAAA,CACA,OAAAD,CAAAA,CACA,WAAA,CAAa0B,CAAAA,CAAK,WAAA,CAClB,cAAeA,CAAAA,CAAK,aAAA,EAAiB,CAAA,CACrC,IAAA,CAAMA,CAAAA,CAAK,IAAA,EAAM,OAAA,CAAQ,IAAA,CAAM,EAAE,CAAA,CACjC,QAAA,CAAUA,CAAAA,CAAK,QAAA,CACf,IAAAxB,CAAAA,CACA,QAAA,CAAAP,CAAAA,CACA,SAAA,CAAAiC,CACF,CAAA,CAEA,OAAA,MAAMpB,CAAAA,CAAO,MAAA,EAAQ,UAAA,GAAahB,CAAO,CAAA,CAElC,QAAA,CAAS,KAAK,CACnB,GAAA,CAAAS,CAAAA,CACA,MAAA,CAAAD,EACA,WAAA,CAAaR,CAAAA,CAAQ,WAAA,CACrB,aAAA,CAAeA,EAAQ,aAAA,CACvB,IAAA,CAAMA,CAAAA,CAAQ,IAAA,CACd,GAAA,CAAAU,CAAAA,CACA,QAAA,CAAAP,CAAAA,CACA,UAAAiC,CACF,CAAC,CACH,CAAC,CACH,CC9DO,SAASC,CAAAA,CAAsBrB,CAAAA,CAAyB,CAC7D,OAAOtB,CAAAA,CAAmB,MAAOP,CAAAA,EAAqB,CACpD,GAAM,CAAE,YAAA,CAAAmD,CAAa,EAAI,IAAI,GAAA,CAAInD,CAAAA,CAAQ,GAAG,CAAA,CACtCsB,CAAAA,CAAM6B,CAAAA,CAAa,GAAA,CAAI,KAAK,CAAA,EAAG,IAAA,EAAK,CAC1C,GAAI,CAAC7B,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,iCAAkC,CAAA,CAC7C,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMD,CAAAA,CAAS8B,CAAAA,CAAa,GAAA,CAAI,QAAQ,GAAG,IAAA,EAAK,EAAKtB,CAAAA,CAAO,aAAA,CACtDC,EAAYxB,CAAAA,CAAmB6C,CAAAA,CAAa,GAAA,CAAI,WAAW,CAAC,CAAA,CAC5DnC,CAAAA,CAAWmC,CAAAA,CAAa,IAAI,UAAU,CAAA,EAAG,IAAA,EAAK,CAE9ClB,EAAc,MAAMtB,CAAAA,CAAQkB,CAAAA,CAAO,QAAA,EAAU,MAAO,CACxD,OAAA,CAAA7B,CAAAA,CACA,GAAA,CAAAsB,EACA,MAAA,CAAAD,CAAAA,CACA,QAAA,CAAUL,CAAAA,EAAY,MACxB,CAAC,CAAA,CACD,GAAIiB,CAAAA,CAAa,OAAOA,CAAAA,CAExB,GAAI,CACF,MAAMJ,EAAO,EAAA,CAAG,IAAA,CAAK,IAAImB,iBAAAA,CAAkB,CAAE,MAAA,CAAQ3B,CAAAA,CAAQ,GAAA,CAAKC,CAAI,CAAC,CAAC,EAC1E,CAAA,MAASb,EAAc,CACrB,IAAML,CAAAA,CAAQK,CAAAA,EAA2B,KACzC,GAAIL,CAAAA,GAAS,WAAA,EAAeA,CAAAA,GAAS,UAAA,CACnC,OAAO,QAAA,CAAS,IAAA,CAAK,CAAE,OAAA,CAAS,kBAAmB,CAAA,CAAG,CAAE,OAAQ,GAAI,CAAC,CAAA,CAEvE,MAAMK,CACR,CAEA,IAAM8B,CAAAA,CAAM,MAAMa,YAAAA,CAChBvB,CAAAA,CAAO,EAAA,CACP,IAAIwB,iBAAiB,CACnB,MAAA,CAAQhC,CAAAA,CACR,GAAA,CAAKC,EACL,0BAAA,CAA4BN,CAAAA,CACxBD,CAAAA,CAAwBC,CAAQ,EAChC,YACN,CAAC,CAAA,CACD,CAAE,UAAAc,CAAU,CACd,CAAA,CAEA,OAAA,MAAMD,EAAO,QAAA,EAAU,WAAA,GAAc,CACnC,OAAA,CAAA7B,EACA,GAAA,CAAAsB,CAAAA,CACA,MAAA,CAAAD,CAAAA,CACA,SAAUL,CAAAA,EAAY,KAAA,CAAA,CACtB,GAAA,CAAAuB,CAAAA,CACA,SAAA,CAAAT,CACF,CAAC,CAAA,CAEM,SAAS,IAAA,CAAK,CAAE,MAAA,CAAAT,CAAAA,CAAQ,IAAAC,CAAAA,CAAK,GAAA,CAAAiB,CAAAA,CAAK,SAAA,CAAAT,CAAU,CAAC,CACtD,CAAC,CACH,CC9DO,SAASwB,CAAAA,CAAoBzB,EAAyB,CAC3D,OAAOtB,CAAAA,CAAmB,MAAOP,GAAqB,CACpD,GAAM,CAAE,YAAA,CAAAmD,CAAa,CAAA,CAAI,IAAI,GAAA,CAAInD,EAAQ,GAAG,CAAA,CACtCsB,CAAAA,CAAM6B,CAAAA,CAAa,IAAI,KAAK,CAAA,EAAG,IAAA,EAAK,CAC1C,GAAI,CAAC7B,CAAAA,CACH,OAAO,QAAA,CAAS,KACd,CAAE,OAAA,CAAS,iCAAkC,CAAA,CAC7C,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMD,CAAAA,CAAS8B,CAAAA,CAAa,GAAA,CAAI,QAAQ,GAAG,IAAA,EAAK,EAAKtB,CAAAA,CAAO,aAAA,CAEtDI,CAAAA,CAAc,MAAMtB,CAAAA,CAAQkB,CAAAA,CAAO,QAAQ,KAAA,CAAO,CACtD,OAAA,CAAA7B,CAAAA,CACA,IAAAsB,CAAAA,CACA,MAAA,CAAAD,CACF,CAAC,EACD,GAAIY,CAAAA,CAAa,OAAOA,CAAAA,CAExB,GAAI,CACF,MAAMJ,CAAAA,CAAO,GAAG,IAAA,CAAK,IAAImB,iBAAAA,CAAkB,CAAE,OAAQ3B,CAAAA,CAAQ,GAAA,CAAKC,CAAI,CAAC,CAAC,EAC1E,CAAA,KAAQ,CACN,OAAO,QAAA,CAAS,IAAA,CAAK,CAAE,OAAA,CAAS,kBAAmB,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,CACvE,CAEA,OAAA,MAAMO,CAAAA,CAAO,GAAG,IAAA,CAAK,IAAI0B,mBAAAA,CAAoB,CAAE,OAAQlC,CAAAA,CAAQ,GAAA,CAAKC,CAAI,CAAC,CAAC,CAAA,CAE1E,MAAMO,CAAAA,CAAO,MAAA,EAAQ,YAAY,CAAE,OAAA,CAAA7B,CAAAA,CAAS,GAAA,CAAAsB,EAAK,MAAA,CAAAD,CAAO,CAAC,CAAA,CAElD,QAAA,CAAS,IAAA,CAAK,CAAE,OAAA,CAAS,GAAM,MAAA,CAAAA,CAAAA,CAAQ,GAAA,CAAAC,CAAI,CAAC,CACrD,CAAC,CACH,CCdO,SAASkC,CAAAA,CAA2B3B,CAAAA,CAAyB,CAClE,OAAOtB,EAAmB,MAAOP,CAAAA,EAAqB,CACpD,IAAMC,EAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,sBAAuB,EAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,EAGF,IAAMqB,CAAAA,CAAMpB,CAAAA,CAAcD,CAAAA,CAAK,IAAK,KAAK,CAAA,CACzC,GAAIqB,CAAAA,YAAe,SAAU,OAAOA,CAAAA,CAEpC,IAAMD,CAAAA,CAASpB,EAAK,MAAA,EAAQ,IAAA,EAAK,EAAK4B,CAAAA,CAAO,cACvCN,CAAAA,CAAMtB,CAAAA,CAAK,GAAA,GAAQ,aAAA,CAAgB,cAAgB,SAAA,CACnD+B,CAAAA,CACJ,OAAO/B,CAAAA,CAAK,QAAA,EAAa,QAAA,EAAYA,CAAAA,CAAK,QAAA,CAAW,EACjD,IAAA,CAAK,KAAA,CAAMA,CAAAA,CAAK,QAAQ,EACxB,KAAA,CAAA,CAEN,GACE+B,CAAAA,GAAa,KAAA,CAAA,EACbH,EAAO,WAAA,EACPG,CAAAA,CAAWH,CAAAA,CAAO,WAAA,CAElB,OAAO,QAAA,CAAS,IAAA,CACd,CACE,OAAA,CAAS,cAAcG,CAAQ,CAAA,4CAAA,EAA+CH,CAAAA,CAAO,WAAW,QAClG,CAAA,CACA,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMI,CAAAA,CAAc,MAAMtB,CAAAA,CAAQkB,CAAAA,CAAO,SAAA,EAAW,KAAA,CAAO,CACzD,OAAA,CAAA7B,CAAAA,CACA,GAAA,CAAAsB,CAAAA,CACA,OAAAD,CAAAA,CACA,QAAA,CAAAW,CACF,CAAC,EACD,GAAIC,CAAAA,CAAa,OAAOA,CAAAA,CAExB,GAAM,CAAE,QAAA,CAAAwB,CAAS,CAAA,CAAI,MAAM5B,CAAAA,CAAO,EAAA,CAAG,IAAA,CACnC,IAAI6B,6BAA6B,CAC/B,MAAA,CAAQrC,CAAAA,CACR,GAAA,CAAKC,EACL,WAAA,CAAarB,CAAAA,CAAK,WAAA,CAClB,kBAAA,CAAoBA,CAAAA,CAAK,QAAA,CACrBc,CAAAA,CAAwBd,CAAAA,CAAK,QAAQ,CAAA,CACrC,KAAA,CAAA,CACJ,QAAA,CAAUA,CAAAA,CAAK,SACf,GAAA,CAAKsB,CACP,CAAC,CACH,EAEA,OAAA,MAAMM,CAAAA,CAAO,SAAA,EAAW,MAAA,GAAS,CAC/B,OAAA,CAAA7B,CAAAA,CACA,GAAA,CAAAsB,EACA,MAAA,CAAAD,CAAAA,CACA,QAAA,CAAUoC,CAAAA,CACV,YAAaxD,CAAAA,CAAK,WAAA,CAClB,QAAA,CAAA+B,CAAAA,CACA,SAAU/B,CAAAA,CAAK,QAAA,CACf,GAAA,CAAAsB,CACF,CAAC,CAAA,CAEM,QAAA,CAAS,IAAA,CAAK,CAAE,MAAA,CAAAF,CAAAA,CAAQ,GAAA,CAAAC,CAAAA,CAAK,SAAUmC,CAAS,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,CAC3E,CAAC,CACH,CCtEO,SAASE,EAA2B9B,CAAAA,CAAyB,CAClE,OAAOtB,CAAAA,CAAmB,MAAOP,CAAAA,EAAqB,CACpD,IAAMC,CAAAA,CAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,KACd,CAAE,OAAA,CAAS,sBAAuB,CAAA,CAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMqB,CAAAA,CAAMpB,CAAAA,CAAcD,CAAAA,CAAK,IAAK,KAAK,CAAA,CACzC,GAAIqB,CAAAA,YAAe,SAAU,OAAOA,CAAAA,CAEpC,IAAMsC,CAAAA,CAAW1D,EAAcD,CAAAA,CAAK,QAAA,CAAU,UAAU,CAAA,CACxD,GAAI2D,CAAAA,YAAoB,QAAA,CAAU,OAAOA,EAEzC,IAAMC,CAAAA,CAAa,MAAA,CAAO5D,CAAAA,CAAK,UAAU,CAAA,CACzC,GAAI,CAAC,MAAA,CAAO,UAAU4D,CAAU,CAAA,EAAKA,CAAAA,EAAc,CAAA,CACjD,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,uCAAwC,CAAA,CACnD,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMxC,CAAAA,CAASpB,CAAAA,CAAK,QAAQ,IAAA,EAAK,EAAK4B,CAAAA,CAAO,aAAA,CACvCC,CAAAA,CAAYxB,CAAAA,CAAmBL,CAAAA,CAAK,SAAS,EAE7CgC,CAAAA,CAAc,MAAMtB,CAAAA,CAAQkB,CAAAA,CAAO,WAAW,KAAA,CAAO,CACzD,OAAA,CAAA7B,CAAAA,CACA,IAAAsB,CAAAA,CACA,MAAA,CAAAD,CACF,CAAC,CAAA,CACD,GAAIY,CAAAA,CAAa,OAAOA,EAExB,IAAM6B,CAAAA,CAAe,MAAMV,YAAAA,CACzBvB,EAAO,EAAA,CACP,IAAIkC,iBAAAA,CAAkB,CACpB,OAAQ1C,CAAAA,CACR,GAAA,CAAKC,CAAAA,CACL,QAAA,CAAUsC,CAAAA,CACV,UAAA,CAAYC,CACd,CAAC,EACD,CAAE,SAAA,CAAA/B,CAAU,CACd,EAEA,OAAO,QAAA,CAAS,IAAA,CAAK,CACnB,aAAAgC,CAAAA,CACA,UAAA,CAAAD,CAAAA,CACA,QAAA,CAAAD,EACA,MAAA,CAAAvC,CAAAA,CACA,SAAA,CAAAS,CACF,CAAC,CACH,CAAC,CACH,CC7CO,SAASkC,CAAAA,CAA+BnC,CAAAA,CAAyB,CACtE,OAAOtB,CAAAA,CAAmB,MAAOP,CAAAA,EAAqB,CACpD,IAAMC,CAAAA,CAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,sBAAuB,CAAA,CAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMqB,CAAAA,CAAMpB,CAAAA,CAAcD,CAAAA,CAAK,GAAA,CAAK,KAAK,CAAA,CACzC,GAAIqB,CAAAA,YAAe,QAAA,CAAU,OAAOA,CAAAA,CAEpC,IAAMsC,CAAAA,CAAW1D,EAAcD,CAAAA,CAAK,QAAA,CAAU,UAAU,CAAA,CACxD,GAAI2D,CAAAA,YAAoB,QAAA,CAAU,OAAOA,CAAAA,CAEzC,IAAMK,CAAAA,CAAAA,CAAS,KAAA,CAAM,OAAA,CAAQhE,CAAAA,CAAK,KAAK,CAAA,CAAIA,CAAAA,CAAK,KAAA,CAAQ,IACrD,GAAA,CAAI,CAAC,CAAE,UAAA,CAAA4D,EAAY,IAAA,CAAAK,CAAK,CAAA,IAAO,CAC9B,WAAY,MAAA,CAAOL,CAAU,CAAA,CAC7B,IAAA,CAAM,MAAA,CAAOK,CAAI,CACnB,CAAA,CAAE,EACD,MAAA,CAAQC,CAAAA,EAAM,MAAA,CAAO,SAAA,CAAUA,EAAE,UAAU,CAAA,EAAKA,CAAAA,CAAE,IAAI,EACtD,IAAA,CAAK,CAACC,CAAAA,CAAGC,CAAAA,GAAMD,CAAAA,CAAE,UAAA,CAAaC,CAAAA,CAAE,UAAU,EAE7C,GAAI,CAACJ,CAAAA,CAAM,MAAA,CACT,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,qCAAsC,CAAA,CACjD,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAM5C,CAAAA,CAASpB,EAAK,MAAA,EAAQ,IAAA,EAAK,EAAK4B,CAAAA,CAAO,cAEvCI,CAAAA,CAAc,MAAMtB,CAAAA,CAAQkB,CAAAA,CAAO,WAAW,KAAA,CAAO,CACzD,OAAA,CAAA7B,CAAAA,CACA,IAAAsB,CAAAA,CACA,MAAA,CAAAD,CACF,CAAC,EACD,GAAIY,CAAAA,CAAa,OAAOA,CAAAA,CAExB,MAAMJ,CAAAA,CAAO,EAAA,CAAG,IAAA,CACd,IAAIyC,+BAA+B,CACjC,MAAA,CAAQjD,CAAAA,CACR,GAAA,CAAKC,CAAAA,CACL,QAAA,CAAUsC,CAAAA,CACV,eAAA,CAAiB,CAAE,KAAA,CAAOK,CAAM,CAClC,CAAC,CACH,CAAA,CAKA,IAAMlB,CAAAA,CAAO,MAAMlB,EAAO,EAAA,CAAG,IAAA,CAC3B,IAAImB,iBAAAA,CAAkB,CAAE,MAAA,CAAQ3B,CAAAA,CAAQ,GAAA,CAAKC,CAAI,CAAC,CACpD,CAAA,CACMiD,CAAAA,CAAgBxB,EAAK,aAAA,EAAiB,CAAA,CACtChB,CAAAA,CAAcgB,CAAAA,CAAK,YACnBmB,CAAAA,CAAOnB,CAAAA,CAAK,IAAA,EAAM,OAAA,CAAQ,IAAA,CAAM,EAAE,CAAA,CAElCxB,CAAAA,CAAM,MAAMmB,CAAAA,CAAiBb,CAAAA,CAAO,EAAA,CAAIR,CAAAA,CAAQC,CAAG,CAAA,CACnD2B,CAAAA,CAAY9B,CAAAA,CAAeU,CAAAA,CAAO,iBAAkBR,CAAAA,CAAQC,CAAAA,CAAKC,CAAG,CAAA,CACpEP,EAAWQ,CAAAA,CAAcuB,CAAAA,CAAK,kBAAkB,CAAA,CAEtD,OAAIlB,CAAAA,CAAO,WAAA,EAAe0C,CAAAA,CAAgB1C,CAAAA,CAAO,aAG/C,MAAMA,CAAAA,CAAO,EAAA,CACV,IAAA,CAAK,IAAI0B,mBAAAA,CAAoB,CAAE,MAAA,CAAQlC,CAAAA,CAAQ,GAAA,CAAKC,CAAI,CAAC,CAAC,EAC1D,KAAA,CAAM,IAAM,CAAC,CAAC,EACV,QAAA,CAAS,IAAA,CACd,CACE,OAAA,CAAS,cAAciD,CAAa,CAAA,4CAAA,EAA+C1C,CAAAA,CAAO,WAAW,CAAA,MAAA,CACvG,CAAA,CACA,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,GAGF,MAAMA,CAAAA,CAAO,WAAW,UAAA,GAAa,CACnC,OAAA,CAAA7B,CAAAA,CACA,IAAAsB,CAAAA,CACA,MAAA,CAAAD,CAAAA,CACA,QAAA,CAAAuC,CAAAA,CACA,aAAA,CAAAW,CAAAA,CACA,WAAA,CAAAxC,EACA,IAAA,CAAAmC,CAAAA,CACA,GAAA,CAAA3C,CAAAA,CACA,SAAAP,CAAAA,CACA,SAAA,CAAAiC,CACF,CAAC,EAEM,QAAA,CAAS,IAAA,CAAK,CACnB,MAAA,CAAA5B,EACA,GAAA,CAAAC,CAAAA,CACA,QAAA,CAAAsC,CAAAA,CACA,cAAAW,CAAAA,CACA,WAAA,CAAAxC,CAAAA,CACA,IAAA,CAAAmC,EACA,GAAA,CAAA3C,CAAAA,CACA,QAAA,CAAAP,CAAAA,CACA,UAAAiC,CACF,CAAC,CAAA,CACH,CAAC,CACH,CClHO,SAASuB,CAAAA,CAA4B3C,CAAAA,CAAyB,CACnE,OAAOtB,CAAAA,CAAmB,MAAOP,CAAAA,EAAqB,CACpD,IAAMC,CAAAA,CAAO,MAAMF,CAAAA,CAAmBC,CAAO,CAAA,CAC7C,GAAI,CAACC,CAAAA,CACH,OAAO,QAAA,CAAS,IAAA,CACd,CAAE,OAAA,CAAS,sBAAuB,CAAA,CAClC,CAAE,MAAA,CAAQ,GAAI,CAChB,CAAA,CAGF,IAAMqB,CAAAA,CAAMpB,CAAAA,CAAcD,CAAAA,CAAK,GAAA,CAAK,KAAK,CAAA,CACzC,GAAIqB,CAAAA,YAAe,QAAA,CAAU,OAAOA,CAAAA,CAEpC,IAAMsC,CAAAA,CAAW1D,CAAAA,CAAcD,CAAAA,CAAK,QAAA,CAAU,UAAU,CAAA,CACxD,GAAI2D,CAAAA,YAAoB,QAAA,CAAU,OAAOA,CAAAA,CAEzC,IAAMvC,CAAAA,CAASpB,CAAAA,CAAK,QAAQ,IAAA,EAAK,EAAK4B,CAAAA,CAAO,aAAA,CAEvCI,EAAc,MAAMtB,CAAAA,CAAQkB,CAAAA,CAAO,SAAA,EAAW,MAAO,CACzD,OAAA,CAAA7B,CAAAA,CACA,GAAA,CAAAsB,CAAAA,CACA,MAAA,CAAAD,CACF,CAAC,EACD,OAAIY,CAAAA,GAEJ,MAAMJ,CAAAA,CAAO,GAAG,IAAA,CACd,IAAI4C,2BAAAA,CAA4B,CAC9B,OAAQpD,CAAAA,CACR,GAAA,CAAKC,CAAAA,CACL,QAAA,CAAUsC,CACZ,CAAC,CACH,CAAA,CAEA,MAAM/B,CAAAA,CAAO,SAAA,EAAW,OAAA,GAAU,CAChC,QAAA7B,CAAAA,CACA,GAAA,CAAAsB,CAAAA,CACA,MAAA,CAAAD,EACA,QAAA,CAAAuC,CACF,CAAC,CAAA,CAEM,QAAA,CAAS,IAAA,CAAK,CAAE,MAAA,CAAAvC,EAAQ,GAAA,CAAAC,CAAAA,CAAK,QAAA,CAAAsC,CAAAA,CAAU,QAAS,CAAA,CAAK,CAAC,CAAA,CAC/D,CAAC,CACH,CC/CO,SAASc,CAAAA,CAAe7C,CAAAA,CAAqC,CAClE,OAAO,CACL,OAAA,CAAS,CACP,OAAQD,CAAAA,CAAoBC,CAAM,CAAA,CAClC,OAAA,CAASiB,EAAqBjB,CAAM,CAAA,CACpC,QAAA,CAAUqB,CAAAA,CAAsBrB,CAAM,CACxC,CAAA,CACA,SAAA,CAAW,CACT,IAAA,CAAM2B,CAAAA,CAA2B3B,CAAM,CAAA,CACvC,KAAM8B,CAAAA,CAA2B9B,CAAM,CAAA,CACvC,QAAA,CAAUmC,EAA+BnC,CAAM,CAAA,CAC/C,KAAA,CAAO2C,CAAAA,CAA4B3C,CAAM,CAC3C,CAAA,CACA,MAAA,CAAQyB,CAAAA,CAAoBzB,CAAM,CACpC,CACF,CCrBA,IAAM8C,CAAAA,CAAW,IAAM,QAAA,CAAS,IAAA,CAAK,CAAE,OAAA,CAAS,WAAY,CAAA,CAAG,CAAE,OAAQ,GAAI,CAAC,CAAA,CAEvE,SAASC,CAAAA,CAAa/C,CAAAA,CAA8B,CACzD,IAAMgD,EAAWH,CAAAA,CAAe7C,CAAM,CAAA,CAChCiD,CAAAA,CAAOjD,EAAO,QAAA,CAAS,OAAA,CAAQ,KAAA,CAAO,EAAE,EAE9C,OAAO,MAAO7B,CAAAA,EAAwC,CAEpD,IAAMiC,CAAAA,CAAc,MAAMtB,CAAAA,CAAQkB,CAAAA,CAAO,MAAO,CAAE,OAAA,CAAA7B,CAAQ,CAAC,EAC3D,GAAIiC,CAAAA,CAAa,OAAOA,CAAAA,CAGxB,IAAM8C,CAAAA,CADM,IAAI,GAAA,CAAI/E,CAAAA,CAAQ,GAAG,CAAA,CACX,QAAA,CAAS,KAAA,CAAM8E,EAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,CAAO,EAAE,CAAA,CAC3DE,CAAAA,CAAShF,CAAAA,CAAQ,MAAA,CAEvB,OAAIgF,CAAAA,GAAW,MAAA,EAAUD,CAAAA,GAAY,gBAAA,CAC5BlD,CAAAA,CAAO,MAAA,EAAQ,OAAA,CAClBgD,CAAAA,CAAS,QAAQ,MAAA,CAAO7E,CAAO,CAAA,CAC/B2E,CAAAA,GACFK,CAAAA,GAAW,MAAA,EAAUD,CAAAA,GAAY,wBAAA,CAC5BlD,EAAO,MAAA,EAAQ,OAAA,CAClBgD,CAAAA,CAAS,OAAA,CAAQ,OAAA,CAAQ7E,CAAO,CAAA,CAChC2E,CAAAA,GACFK,CAAAA,GAAW,KAAA,EAASD,CAAAA,GAAY,kBAAA,CAC3BlD,EAAO,QAAA,EAAU,OAAA,CACpBgD,CAAAA,CAAS,OAAA,CAAQ,SAAS7E,CAAO,CAAA,CACjC2E,CAAAA,EAAS,CACXK,IAAW,QAAA,EAAYD,CAAAA,GAAY,QAAA,CAC9BlD,CAAAA,CAAO,QAAQ,OAAA,CAAUgD,CAAAA,CAAS,MAAA,CAAO7E,CAAO,EAAI2E,CAAAA,EAAS,CAClEK,CAAAA,GAAW,MAAA,EAAUD,IAAY,wBAAA,CAC5BlD,CAAAA,CAAO,SAAA,EAAW,OAAA,CACrBgD,CAAAA,CAAS,SAAA,CAAU,IAAA,CAAK7E,CAAO,EAC/B2E,CAAAA,EAAS,CACXK,CAAAA,GAAW,MAAA,EAAUD,IAAY,wBAAA,CAC5BlD,CAAAA,CAAO,SAAA,EAAW,OAAA,CACrBgD,EAAS,SAAA,CAAU,IAAA,CAAK7E,CAAO,CAAA,CAC/B2E,CAAAA,EAAS,CACXK,CAAAA,GAAW,MAAA,EAAUD,IAAY,4BAAA,CAC5BlD,CAAAA,CAAO,SAAA,EAAW,OAAA,CACrBgD,EAAS,SAAA,CAAU,QAAA,CAAS7E,CAAO,CAAA,CACnC2E,GAAS,CACXK,CAAAA,GAAW,MAAA,EAAUD,CAAAA,GAAY,yBAAA,CAC5BlD,CAAAA,CAAO,SAAA,EAAW,OAAA,CACrBgD,EAAS,SAAA,CAAU,KAAA,CAAM7E,CAAO,CAAA,CAChC2E,GAAS,CAER,QAAA,CAAS,IAAA,CAAK,CAAE,QAAS,WAAY,CAAA,CAAG,CAAE,MAAA,CAAQ,GAAI,CAAC,CAChE,CACF,CCyDO,SAASM,CAAAA,CAAYC,CAAAA,CAAW,SAAA,CAAkB,CACvD,IAAMJ,CAAAA,CAAOI,CAAAA,CAAS,OAAA,CAAQ,KAAA,CAAO,EAAE,CAAA,CAEjCC,CAAAA,CAAO,MAAU5C,CAAAA,CAAa6C,CAAAA,GAAmC,CACrE,IAAMC,CAAAA,CAAM,MAAM,KAAA,CAAM9C,CAAAA,CAAK6C,CAAI,CAAA,CACjC,GAAI,CAACC,CAAAA,CAAI,EAAA,CAAI,CACX,IAAMpF,CAAAA,CAAO,MAAMoF,CAAAA,CAAI,IAAA,EAAK,CAAE,KAAA,CAAM,KAAO,GAAG,CAAA,CAC9C,MAAM,IAAI,KAAA,CAAOpF,EAA8B,OAAA,EAAWoF,CAAAA,CAAI,UAAU,CAC1E,CACA,OAAOA,CAAAA,CAAI,IAAA,EACb,CAAA,CAEMC,CAAAA,CAAO,CAAI/C,CAAAA,CAAatC,IAC5BkF,CAAAA,CAAQ5C,CAAAA,CAAK,CACX,MAAA,CAAQ,OACR,OAAA,CAAS,CAAE,cAAA,CAAgB,kBAAmB,EAC9C,IAAA,CAAM,IAAA,CAAK,SAAA,CAAUtC,CAAI,CAC3B,CAAC,CAAA,CAEH,OAAO,CACL,OAAOsF,CAAAA,CAAS,CACd,OAAOD,CAAAA,CAA4B,GAAGR,CAAI,CAAA,eAAA,CAAA,CAAmBS,CAAO,CACtE,EAEA,OAAA,CAAQA,CAAAA,CAAS,CACf,OAAOD,CAAAA,CACL,CAAA,EAAGR,CAAI,CAAA,uBAAA,CAAA,CACPS,CACF,CACF,CAAA,CAEA,QAAA,CAASjE,CAAAA,CAAKkE,EAAU,CACtB,IAAMC,CAAAA,CAAS,IAAI,gBAAgB,CAAE,GAAA,CAAAnE,CAAI,CAAC,CAAA,CAC1C,GAAIkE,CAAAA,EAAS,QAAA,CAAU,CACrB,IAAME,CAAAA,CAAOF,CAAAA,CAAQ,QAAA,CAAS,QAAQ,YAAA,CAAc,GAAG,CAAA,CACvDC,CAAAA,CAAO,IAAI,UAAA,CAAYC,CAAI,EAC7B,CACA,OAAIF,CAAAA,EAAS,MAAA,EAAQC,CAAAA,CAAO,IAAI,QAAA,CAAUD,CAAAA,CAAQ,MAAM,CAAA,CACjDL,EAAsB,CAAA,EAAGL,CAAI,CAAA,kBAAA,EAAqBW,CAAM,EAAE,CACnE,CAAA,CAEA,MAAA,CAAOnE,CAAAA,CAAKkE,EAAU,CACpB,IAAMC,CAAAA,CAAS,IAAI,gBAAgB,CAAE,GAAA,CAAAnE,CAAI,CAAC,EAC1C,OAAIkE,CAAAA,EAAS,MAAA,EAAQC,CAAAA,CAAO,IAAI,QAAA,CAAUD,CAAAA,CAAQ,MAAM,CAAA,CACjDL,CAAAA,CACL,CAAA,EAAGL,CAAI,CAAA,QAAA,EAAWW,CAAM,CAAA,CAAA,CACxB,CAAE,MAAA,CAAQ,QAAS,CACrB,CACF,CAAA,CAEA,SAAA,CAAW,CACT,KAAKF,CAAAA,CAAS,CACZ,OAAOD,CAAAA,CACL,CAAA,EAAGR,CAAI,CAAA,uBAAA,CAAA,CACPS,CACF,CACF,CAAA,CAEA,QAAA,CAASA,CAAAA,CAAS,CAChB,OAAOD,CAAAA,CACL,CAAA,EAAGR,CAAI,CAAA,uBAAA,CAAA,CACPS,CACF,CACF,CAAA,CAEA,QAAA,CAASA,CAAAA,CAAS,CAChB,OAAOD,CAAAA,CAOJ,CAAA,EAAGR,CAAI,CAAA,2BAAA,CAAA,CAA+BS,CAAO,CAClD,CAAA,CAEA,MAAMA,CAAAA,CAAS,CACb,OAAOD,CAAAA,CACL,GAAGR,CAAI,CAAA,wBAAA,CAAA,CACPS,CACF,CACF,CACF,CACF,CACF,CCjMO,SAASI,GACdC,CAAAA,CACAJ,CAAAA,CACe,CACf,GAAIA,EAAQ,MAAA,EAAQ,MAAA,EAad,CAZYA,CAAAA,CAAQ,OAAO,IAAA,CAAMK,CAAAA,EAE/BA,CAAAA,CAAK,UAAA,CAAW,GAAG,CAAA,CACdD,CAAAA,CAAK,IAAA,CAAK,aAAY,CAAE,QAAA,CAASC,CAAAA,CAAK,WAAA,EAAa,CAAA,CAGxDA,CAAAA,CAAK,QAAA,CAAS,IAAI,EACbD,CAAAA,CAAK,IAAA,CAAK,UAAA,CAAWC,CAAAA,CAAK,QAAQ,IAAA,CAAM,GAAG,CAAC,CAAA,CAG9CD,EAAK,IAAA,GAASC,CACtB,CAAA,CACa,CACZ,IAAMC,CAAAA,CAAMF,CAAAA,CAAK,IAAA,CAAK,QAAA,CAAS,GAAG,CAAA,CAAIA,CAAAA,CAAK,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA,CAAE,GAAA,EAAI,CAAI,KACnE,OAAO,CAAA,WAAA,EAAcE,CAAAA,CAAM,CAAA,CAAA,EAAIA,CAAG,CAAA,CAAA,CAAKF,CAAAA,CAAK,IAAA,EAAQ,SAAS,kBAC/D,CAGF,OAAIA,CAAAA,CAAK,IAAA,GAAS,EACT,eAAA,CAGLJ,CAAAA,CAAQ,WAAA,EAAeI,CAAAA,CAAK,KAAOJ,CAAAA,CAAQ,WAAA,CAEtC,CAAA,kBAAA,EAAA,CADQA,CAAAA,CAAQ,YAAe,OAAA,EAAc,OAAA,CAAQ,CAAC,CAC5B,YAG5B,IACT","file":"index.js","sourcesContent":["export async function parseBody<T extends Record<string, unknown>>(\n request: Request,\n): Promise<T | null> {\n try {\n const body = await request.json();\n return body && typeof body === \"object\" ? (body as T) : null;\n } catch {\n return null;\n }\n}\n\nexport function requireString(value: unknown, name: string): string | Response {\n const trimmed = typeof value === \"string\" ? value.trim() : \"\";\n if (!trimmed) {\n return Response.json({ message: `${name} is required` }, { status: 400 });\n }\n return trimmed;\n}\n\nexport function normalizeExpiresIn(value: unknown): number {\n const n = Number(value);\n return Number.isFinite(n) && n > 0 ? Math.floor(n) : 600;\n}\n\nexport function withS3ErrorHandler(\n handler: (request: Request) => Promise<Response>,\n) {\n return async (request: Request) => {\n try {\n return await handler(request);\n } catch (err) {\n const message =\n err instanceof Error ? err.message : \"Internal server error\";\n console.error(\"[S3 API]\", message);\n return Response.json({ message }, { status: 500 });\n }\n };\n}\n\n/**\n * Run a server hook. Returns a Response if the hook rejects (throws),\n * or `null` if the hook passes (or is undefined).\n */\nexport async function runHook<T>(\n hook: ((context: T) => Promise<void> | void) | undefined,\n context: T,\n): Promise<Response | null> {\n if (!hook) return null;\n try {\n await hook(context);\n return null;\n } catch (err) {\n const message = err instanceof Error ? err.message : \"Forbidden\";\n const status =\n typeof (err as Record<string, unknown>)?.status === \"number\"\n ? ((err as Record<string, unknown>).status as number)\n : 403;\n return Response.json({ message }, { status });\n }\n}\n","/**\n * Builds a RFC 6266 `Content-Disposition` value for a file attachment.\n *\n * Includes both the ASCII-safe `filename` fallback and the RFC 5987\n * `filename*` parameter for full Unicode support, so the original file\n * name (including non-ASCII characters) is preserved across all browsers\n * and HTTP clients.\n *\n * @example\n * buildContentDisposition(\"résumé finale.pdf\")\n * // → 'attachment; filename=\"resume finale.pdf\"; filename*=UTF-8\\'\\'r%C3%A9sum%C3%A9%20finale.pdf'\n */\nexport function buildContentDisposition(fileName: string): string {\n const ascii = fileName.replace(/[^\\x20-\\x7E]/g, \"_\").replace(/[\"\\\\]/g, \"_\");\n const encoded = encodeURIComponent(fileName);\n return `attachment; filename=\"${ascii}\"; filename*=UTF-8''${encoded}`;\n}\n","/**\n * Builds the public URL for an S3 object.\n *\n * Returns `undefined` when:\n * - the object is `\"private\"`, or\n * - `publicUrlBase` is not provided.\n *\n * @param publicUrlBase - A function that returns the base URL for a given bucket.\n * Matches the `publicUrlBase` field of `S3HandlerConfig`.\n */\nexport function buildPublicUrl(\n publicUrlBase: ((bucket: string) => string) | undefined,\n bucket: string,\n key: string,\n acl: \"public-read\" | \"private\",\n): string | undefined {\n if (acl !== \"public-read\" || !publicUrlBase) return undefined;\n const base = publicUrlBase(bucket).replace(/\\/$/, \"\");\n return `${base}/${key}`;\n}\n","/**\n * Parses the display file name from a `Content-Disposition` header value.\n *\n * Prefers the RFC 5987 `filename*=UTF-8''…` encoding (full Unicode) over\n * the plain ASCII `filename=\"…\"` fallback.\n *\n * Returns `undefined` when no filename can be extracted.\n */\nexport function parseFileName(\n contentDisposition: string | undefined,\n): string | undefined {\n if (!contentDisposition) return undefined;\n\n const utf8Match = contentDisposition.match(/filename\\*=UTF-8''([^;\\s]+)/i);\n if (utf8Match) {\n try {\n return decodeURIComponent(utf8Match[1]);\n } catch {\n /* ignore malformed encoding */\n }\n }\n\n const asciiMatch = contentDisposition.match(/filename=\"([^\"]*)\"/i);\n return asciiMatch?.[1];\n}\n","import { createPresignedPost } from \"@aws-sdk/s3-presigned-post\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n normalizeExpiresIn,\n runHook,\n withS3ErrorHandler,\n} from \"../../internal-helpers\";\nimport { buildContentDisposition } from \"../../helpers\";\n\n// 5 GiB — S3 single-object upload limit\nconst MAX_UPLOAD_SIZE = 5 * 1024 * 1024 * 1024;\n\ntype Payload = {\n key: string;\n contentType?: string;\n /**\n * Exact byte size of the file the client intends to upload.\n * When provided the presigned POST policy locks `content-length-range` to\n * `[fileSize, fileSize]`, so S3 rejects any upload that is not exactly this\n * size — even if the client tampers with the payload.\n * When omitted the range is `[1, maxFileSize ?? 5 GiB]`.\n */\n fileSize?: number;\n metadata?: Record<string, string>;\n bucket?: string;\n expiresIn?: number;\n acl?: \"private\" | \"public-read\";\n /** Original file name. Stored as `Content-Disposition: attachment; filename=\"...\"` on the S3 object. */\n fileName?: string;\n};\n\nexport function createUploadHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n const expiresIn = normalizeExpiresIn(body.expiresIn);\n const acl = body.acl === \"public-read\" ? \"public-read\" : \"private\";\n const contentType = body.contentType?.trim() || \"application/octet-stream\";\n const fileSize =\n typeof body.fileSize === \"number\" && body.fileSize > 0\n ? Math.floor(body.fileSize)\n : null;\n\n if (\n fileSize !== null &&\n config.maxFileSize &&\n fileSize > config.maxFileSize\n ) {\n return Response.json(\n {\n message: `File size (${fileSize} bytes) exceeds the maximum allowed size of ${config.maxFileSize} bytes`,\n },\n { status: 413 },\n );\n }\n\n const guardResult = await runHook(config.upload?.guard, {\n request,\n key,\n bucket,\n contentType: body.contentType,\n fileSize: fileSize ?? undefined,\n metadata: body.metadata,\n acl,\n });\n if (guardResult) return guardResult;\n\n // Build presigned POST fields. Fields are embedded in the signed policy\n // so the client cannot change them without invalidating the signature.\n // Note: the `acl` field is the correct presigned POST field per AWS spec.\n // Some S3-compatible providers ignore it; PutObjectAcl is called in the\n // confirm step as a reliable post-upload fallback.\n const fields: Record<string, string> = { acl, \"Content-Type\": contentType };\n\n if (body.fileName) {\n fields[\"Content-Disposition\"] = buildContentDisposition(body.fileName);\n }\n\n if (body.metadata) {\n for (const [k, v] of Object.entries(body.metadata)) {\n fields[`x-amz-meta-${k}`] = v;\n }\n }\n\n // `content-length-range` is enforced by S3 at the storage layer —\n // uploads outside this range are rejected before the object is stored.\n //\n // When the client declares fileSize: S3 locks the range to exactly that\n // number of bytes, so uploading a different-sized file is impossible.\n // When fileSize is not declared: falls back to [1, maxFileSize ?? 5 GiB].\n const rangeMin = fileSize ?? 1;\n const rangeMax = fileSize ?? config.maxFileSize ?? MAX_UPLOAD_SIZE;\n\n const { url, fields: signedFields } = await createPresignedPost(config.s3, {\n Bucket: bucket,\n Key: key,\n Conditions: [[\"content-length-range\", rangeMin, rangeMax]],\n Fields: fields,\n Expires: expiresIn,\n });\n\n await config.upload?.onPresigned?.({\n request,\n key,\n bucket,\n contentType: body.contentType,\n metadata: body.metadata,\n acl,\n url,\n expiresIn,\n });\n\n return Response.json({ bucket, key, url, fields: signedFields, expiresIn });\n });\n}\n","import { GetObjectAclCommand, type S3Client } from \"@aws-sdk/client-s3\";\n\n/**\n * Determines the ACL of an S3 object by querying `GetObjectAcl`.\n *\n * Returns `\"public-read\"` when the `AllUsers` grantee has `READ` or\n * `FULL_CONTROL` permission; falls back to `\"private\"` when the provider\n * does not support the operation (e.g. Cloudflare R2).\n */\nexport async function resolveObjectAcl(\n s3: S3Client,\n bucket: string,\n key: string,\n): Promise<\"public-read\" | \"private\"> {\n try {\n const result = await s3.send(\n new GetObjectAclCommand({ Bucket: bucket, Key: key }),\n );\n const isPublic = result.Grants?.some(\n (g) =>\n g.Grantee?.URI === \"http://acs.amazonaws.com/groups/global/AllUsers\" &&\n (g.Permission === \"READ\" || g.Permission === \"FULL_CONTROL\"),\n );\n return isPublic ? \"public-read\" : \"private\";\n } catch {\n return \"private\";\n }\n}\n","import { HeadObjectCommand } from \"@aws-sdk/client-s3\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n runHook,\n withS3ErrorHandler,\n} from \"../../internal-helpers\";\nimport { buildPublicUrl, parseFileName } from \"../../helpers\";\nimport { resolveObjectAcl } from \"../../helpers/server\";\n\ntype Payload = {\n key: string;\n bucket?: string;\n};\n\nexport function createConfirmHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n\n const guardResult = await runHook(config.upload?.guard, {\n request,\n key,\n bucket,\n });\n if (guardResult) return guardResult;\n\n const head = await config.s3.send(\n new HeadObjectCommand({ Bucket: bucket, Key: key }),\n );\n\n const acl = await resolveObjectAcl(config.s3, bucket, key);\n const publicUrl = buildPublicUrl(config.resolvePublicUrl, bucket, key, acl);\n const fileName = parseFileName(head.ContentDisposition);\n\n const context = {\n request,\n key,\n bucket,\n contentType: head.ContentType,\n contentLength: head.ContentLength ?? 0,\n eTag: head.ETag?.replace(/\"/g, \"\"),\n metadata: head.Metadata,\n acl,\n fileName,\n publicUrl,\n };\n\n await config.upload?.onUploaded?.(context);\n\n return Response.json({\n key,\n bucket,\n contentType: context.contentType,\n contentLength: context.contentLength,\n eTag: context.eTag,\n acl,\n fileName,\n publicUrl,\n });\n });\n}\n","import { GetObjectCommand, HeadObjectCommand } from \"@aws-sdk/client-s3\";\nimport { getSignedUrl } from \"@aws-sdk/s3-request-presigner\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n normalizeExpiresIn,\n runHook,\n withS3ErrorHandler,\n} from \"../../internal-helpers\";\nimport { buildContentDisposition } from \"../../helpers\";\n\nexport function createDownloadHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const { searchParams } = new URL(request.url);\n const key = searchParams.get(\"key\")?.trim();\n if (!key) {\n return Response.json(\n { message: \"key query parameter is required\" },\n { status: 400 },\n );\n }\n\n const bucket = searchParams.get(\"bucket\")?.trim() || config.defaultBucket;\n const expiresIn = normalizeExpiresIn(searchParams.get(\"expiresIn\"));\n const fileName = searchParams.get(\"fileName\")?.trim();\n\n const guardResult = await runHook(config.download?.guard, {\n request,\n key,\n bucket,\n fileName: fileName || undefined,\n });\n if (guardResult) return guardResult;\n\n try {\n await config.s3.send(new HeadObjectCommand({ Bucket: bucket, Key: key }));\n } catch (err: unknown) {\n const name = (err as { name?: string })?.name;\n if (name === \"NoSuchKey\" || name === \"NotFound\") {\n return Response.json({ message: \"Object not found\" }, { status: 404 });\n }\n throw err;\n }\n\n const url = await getSignedUrl(\n config.s3,\n new GetObjectCommand({\n Bucket: bucket,\n Key: key,\n ResponseContentDisposition: fileName\n ? buildContentDisposition(fileName)\n : \"attachment\",\n }),\n { expiresIn },\n );\n\n await config.download?.onPresigned?.({\n request,\n key,\n bucket,\n fileName: fileName || undefined,\n url,\n expiresIn,\n });\n\n return Response.json({ bucket, key, url, expiresIn });\n });\n}\n","import { DeleteObjectCommand, HeadObjectCommand } from \"@aws-sdk/client-s3\";\nimport type { S3HandlerConfig } from \"../types\";\nimport { runHook, withS3ErrorHandler } from \"../internal-helpers\";\n\nexport function createDeleteHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const { searchParams } = new URL(request.url);\n const key = searchParams.get(\"key\")?.trim();\n if (!key) {\n return Response.json(\n { message: \"key query parameter is required\" },\n { status: 400 },\n );\n }\n\n const bucket = searchParams.get(\"bucket\")?.trim() || config.defaultBucket;\n\n const guardResult = await runHook(config.delete?.guard, {\n request,\n key,\n bucket,\n });\n if (guardResult) return guardResult;\n\n try {\n await config.s3.send(new HeadObjectCommand({ Bucket: bucket, Key: key }));\n } catch {\n return Response.json({ message: \"Object not found\" }, { status: 404 });\n }\n\n await config.s3.send(new DeleteObjectCommand({ Bucket: bucket, Key: key }));\n\n await config.delete?.onDeleted?.({ request, key, bucket });\n\n return Response.json({ success: true, bucket, key });\n });\n}\n","import { CreateMultipartUploadCommand } from \"@aws-sdk/client-s3\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n runHook,\n withS3ErrorHandler,\n} from \"../../internal-helpers\";\nimport { buildContentDisposition } from \"../../helpers\";\n\ntype Payload = {\n key: string;\n bucket?: string;\n contentType?: string;\n /** Declared total byte size of the file being uploaded. */\n fileSize?: number;\n metadata?: Record<string, string>;\n acl?: \"private\" | \"public-read\";\n /** Original file name. Stored as `Content-Disposition: attachment; filename=\"...\"` on the S3 object. */\n fileName?: string;\n};\n\nexport function createMultipartInitHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n const acl = body.acl === \"public-read\" ? \"public-read\" : \"private\";\n const fileSize =\n typeof body.fileSize === \"number\" && body.fileSize > 0\n ? Math.floor(body.fileSize)\n : undefined;\n\n if (\n fileSize !== undefined &&\n config.maxFileSize &&\n fileSize > config.maxFileSize\n ) {\n return Response.json(\n {\n message: `File size (${fileSize} bytes) exceeds the maximum allowed size of ${config.maxFileSize} bytes`,\n },\n { status: 413 },\n );\n }\n\n const guardResult = await runHook(config.multipart?.guard, {\n request,\n key,\n bucket,\n fileSize,\n });\n if (guardResult) return guardResult;\n\n const { UploadId } = await config.s3.send(\n new CreateMultipartUploadCommand({\n Bucket: bucket,\n Key: key,\n ContentType: body.contentType,\n ContentDisposition: body.fileName\n ? buildContentDisposition(body.fileName)\n : undefined,\n Metadata: body.metadata,\n ACL: acl,\n }),\n );\n\n await config.multipart?.onInit?.({\n request,\n key,\n bucket,\n uploadId: UploadId!,\n contentType: body.contentType,\n fileSize,\n metadata: body.metadata,\n acl,\n });\n\n return Response.json({ bucket, key, uploadId: UploadId }, { status: 201 });\n });\n}\n","import { UploadPartCommand } from \"@aws-sdk/client-s3\";\nimport { getSignedUrl } from \"@aws-sdk/s3-request-presigner\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n normalizeExpiresIn,\n runHook,\n withS3ErrorHandler,\n} from \"../../internal-helpers\";\n\ntype Payload = {\n key: string;\n uploadId: string;\n partNumber: number;\n bucket?: string;\n expiresIn?: number;\n};\n\nexport function createMultipartPartHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const uploadId = requireString(body.uploadId, \"uploadId\");\n if (uploadId instanceof Response) return uploadId;\n\n const partNumber = Number(body.partNumber);\n if (!Number.isInteger(partNumber) || partNumber <= 0) {\n return Response.json(\n { message: \"partNumber must be a positive integer\" },\n { status: 400 },\n );\n }\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n const expiresIn = normalizeExpiresIn(body.expiresIn);\n\n const guardResult = await runHook(config.multipart?.guard, {\n request,\n key,\n bucket,\n });\n if (guardResult) return guardResult;\n\n const presignedUrl = await getSignedUrl(\n config.s3,\n new UploadPartCommand({\n Bucket: bucket,\n Key: key,\n UploadId: uploadId,\n PartNumber: partNumber,\n }),\n { expiresIn },\n );\n\n return Response.json({\n presignedUrl,\n partNumber,\n uploadId,\n bucket,\n expiresIn,\n });\n });\n}\n","import {\n CompleteMultipartUploadCommand,\n HeadObjectCommand,\n DeleteObjectCommand,\n} from \"@aws-sdk/client-s3\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n runHook,\n withS3ErrorHandler,\n} from \"../../internal-helpers\";\nimport { buildPublicUrl, parseFileName } from \"../../helpers\";\nimport { resolveObjectAcl } from \"../../helpers/server\";\n\ntype PartEntry = {\n partNumber: number;\n eTag: string;\n};\n\ntype Payload = {\n key: string;\n uploadId: string;\n bucket?: string;\n parts: PartEntry[];\n};\n\nexport function createMultipartCompleteHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const uploadId = requireString(body.uploadId, \"uploadId\");\n if (uploadId instanceof Response) return uploadId;\n\n const parts = (Array.isArray(body.parts) ? body.parts : [])\n .map(({ partNumber, eTag }) => ({\n PartNumber: Number(partNumber),\n ETag: String(eTag),\n }))\n .filter((p) => Number.isInteger(p.PartNumber) && p.ETag)\n .sort((a, b) => a.PartNumber - b.PartNumber);\n\n if (!parts.length) {\n return Response.json(\n { message: \"At least one valid part is required\" },\n { status: 400 },\n );\n }\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n\n const guardResult = await runHook(config.multipart?.guard, {\n request,\n key,\n bucket,\n });\n if (guardResult) return guardResult;\n\n await config.s3.send(\n new CompleteMultipartUploadCommand({\n Bucket: bucket,\n Key: key,\n UploadId: uploadId,\n MultipartUpload: { Parts: parts },\n }),\n );\n\n // Verify the actual uploaded object metadata via HeadObject.\n // This is the server's only opportunity to enforce maxFileSize for\n // multipart uploads, since individual parts bypass size checks.\n const head = await config.s3.send(\n new HeadObjectCommand({ Bucket: bucket, Key: key }),\n );\n const contentLength = head.ContentLength ?? 0;\n const contentType = head.ContentType;\n const eTag = head.ETag?.replace(/\"/g, \"\");\n\n const acl = await resolveObjectAcl(config.s3, bucket, key);\n const publicUrl = buildPublicUrl(config.resolvePublicUrl, bucket, key, acl);\n const fileName = parseFileName(head.ContentDisposition);\n\n if (config.maxFileSize && contentLength > config.maxFileSize) {\n // Delete the object and reject the request. The client has uploaded\n // more data than the server policy allows.\n await config.s3\n .send(new DeleteObjectCommand({ Bucket: bucket, Key: key }))\n .catch(() => {});\n return Response.json(\n {\n message: `File size (${contentLength} bytes) exceeds the maximum allowed size of ${config.maxFileSize} bytes`,\n },\n { status: 422 },\n );\n }\n\n await config.multipart?.onComplete?.({\n request,\n key,\n bucket,\n uploadId,\n contentLength,\n contentType,\n eTag,\n acl,\n fileName,\n publicUrl,\n });\n\n return Response.json({\n bucket,\n key,\n uploadId,\n contentLength,\n contentType,\n eTag,\n acl,\n fileName,\n publicUrl,\n });\n });\n}\n","import { AbortMultipartUploadCommand } from \"@aws-sdk/client-s3\";\nimport type { S3HandlerConfig } from \"../../types\";\nimport {\n parseBody,\n requireString,\n runHook,\n withS3ErrorHandler,\n} from \"../../internal-helpers\";\n\ntype Payload = {\n key: string;\n uploadId: string;\n bucket?: string;\n};\n\nexport function createMultipartAbortHandler(config: S3HandlerConfig) {\n return withS3ErrorHandler(async (request: Request) => {\n const body = await parseBody<Payload>(request);\n if (!body) {\n return Response.json(\n { message: \"Invalid JSON payload\" },\n { status: 400 },\n );\n }\n\n const key = requireString(body.key, \"key\");\n if (key instanceof Response) return key;\n\n const uploadId = requireString(body.uploadId, \"uploadId\");\n if (uploadId instanceof Response) return uploadId;\n\n const bucket = body.bucket?.trim() || config.defaultBucket;\n\n const guardResult = await runHook(config.multipart?.guard, {\n request,\n key,\n bucket,\n });\n if (guardResult) return guardResult;\n\n await config.s3.send(\n new AbortMultipartUploadCommand({\n Bucket: bucket,\n Key: key,\n UploadId: uploadId,\n }),\n );\n\n await config.multipart?.onAbort?.({\n request,\n key,\n bucket,\n uploadId,\n });\n\n return Response.json({ bucket, key, uploadId, aborted: true });\n });\n}\n","import type { S3HandlerConfig, S3Handlers } from \"./types\";\nimport { createUploadHandler } from \"./handlers/presign/upload\";\nimport { createConfirmHandler } from \"./handlers/presign/confirm\";\nimport { createDownloadHandler } from \"./handlers/presign/download\";\nimport { createDeleteHandler } from \"./handlers/delete\";\nimport { createMultipartInitHandler } from \"./handlers/multipart/init\";\nimport { createMultipartPartHandler } from \"./handlers/multipart/part\";\nimport { createMultipartCompleteHandler } from \"./handlers/multipart/complete\";\nimport { createMultipartAbortHandler } from \"./handlers/multipart/abort\";\n\nexport function createHandlers(config: S3HandlerConfig): S3Handlers {\n return {\n presign: {\n upload: createUploadHandler(config),\n confirm: createConfirmHandler(config),\n download: createDownloadHandler(config),\n },\n multipart: {\n init: createMultipartInitHandler(config),\n part: createMultipartPartHandler(config),\n complete: createMultipartCompleteHandler(config),\n abort: createMultipartAbortHandler(config),\n },\n delete: createDeleteHandler(config),\n };\n}\n","import type { S3RouteHandlerConfig } from \"./types\";\nimport { createHandlers } from \"./create-handlers\";\nimport { runHook } from \"./internal-helpers\";\n\nconst disabled = () => Response.json({ message: \"Not Found\" }, { status: 404 });\n\nexport function createRouter(config: S3RouteHandlerConfig) {\n const handlers = createHandlers(config);\n const base = config.basePath.replace(/\\/$/, \"\");\n\n return async (request: Request): Promise<Response> => {\n // Global guard — runs before every request\n const guardResult = await runHook(config.guard, { request });\n if (guardResult) return guardResult;\n\n const url = new URL(request.url);\n const subpath = url.pathname.slice(base.length).replace(/^\\//, \"\");\n const method = request.method;\n\n if (method === \"POST\" && subpath === \"presign/upload\")\n return config.upload?.enabled\n ? handlers.presign.upload(request)\n : disabled();\n if (method === \"POST\" && subpath === \"presign/upload/confirm\")\n return config.upload?.enabled\n ? handlers.presign.confirm(request)\n : disabled();\n if (method === \"GET\" && subpath === \"presign/download\")\n return config.download?.enabled\n ? handlers.presign.download(request)\n : disabled();\n if (method === \"DELETE\" && subpath === \"delete\")\n return config.delete?.enabled ? handlers.delete(request) : disabled();\n if (method === \"POST\" && subpath === \"presign/multipart/init\")\n return config.multipart?.enabled\n ? handlers.multipart.init(request)\n : disabled();\n if (method === \"POST\" && subpath === \"presign/multipart/part\")\n return config.multipart?.enabled\n ? handlers.multipart.part(request)\n : disabled();\n if (method === \"POST\" && subpath === \"presign/multipart/complete\")\n return config.multipart?.enabled\n ? handlers.multipart.complete(request)\n : disabled();\n if (method === \"POST\" && subpath === \"presign/multipart/abort\")\n return config.multipart?.enabled\n ? handlers.multipart.abort(request)\n : disabled();\n\n return Response.json({ message: \"Not Found\" }, { status: 404 });\n };\n}\n","export type PresignResponse = {\n key: string;\n bucket: string;\n url: string;\n expiresIn: number;\n};\n\nexport type PresignedPostResponse = {\n key: string;\n bucket: string;\n url: string;\n fields: Record<string, string>;\n expiresIn: number;\n};\n\nexport type MultipartInitResponse = {\n key: string;\n bucket: string;\n uploadId: string;\n};\n\nexport type MultipartPartResponse = {\n presignedUrl: string;\n partNumber: number;\n uploadId: string;\n bucket: string;\n expiresIn: number;\n};\n\nexport type UploadConfirmResponse = {\n key: string;\n bucket: string;\n contentType?: string;\n contentLength: number;\n eTag?: string;\n acl: \"private\" | \"public-read\";\n /** Display file name parsed from the object's Content-Disposition header. */\n fileName?: string;\n /** Public URL of the object. Only present when `acl` is `public-read` and `publicUrlBase` is configured on the server. */\n publicUrl?: string;\n};\n\nexport type S3Api = {\n upload: (payload: {\n key: string;\n contentType?: string;\n /**\n * Exact byte size of the file. When provided the presigned POST policy\n * locks `content-length-range` to `[fileSize, fileSize]` so S3 rejects\n * uploads of any other size at the storage layer.\n */\n fileSize?: number;\n metadata?: Record<string, string>;\n bucket?: string;\n acl?: \"private\" | \"public-read\";\n /** Original file name. Stored as `Content-Disposition` on the S3 object. */\n fileName?: string;\n }) => Promise<PresignedPostResponse>;\n confirm: (payload: {\n key: string;\n bucket?: string;\n }) => Promise<UploadConfirmResponse>;\n download: (\n key: string,\n options?: { fileName?: string; bucket?: string },\n ) => Promise<PresignResponse>;\n delete: (\n key: string,\n options?: { bucket?: string },\n ) => Promise<{ success: boolean; bucket: string; key: string }>;\n multipart: {\n init: (payload: {\n key: string;\n contentType?: string;\n /** Declared total byte size of the file. Used for quota/guard checks and stored in `onInit` context. */\n fileSize?: number;\n metadata?: Record<string, string>;\n bucket?: string;\n acl?: \"private\" | \"public-read\";\n /** Original file name. Stored as `Content-Disposition` on the S3 object. */\n fileName?: string;\n }) => Promise<MultipartInitResponse>;\n signPart: (payload: {\n key: string;\n uploadId: string;\n partNumber: number;\n bucket?: string;\n }) => Promise<MultipartPartResponse>;\n complete: (payload: {\n key: string;\n uploadId: string;\n parts: Array<{ partNumber: number; eTag: string }>;\n bucket?: string;\n }) => Promise<{\n key: string;\n bucket: string;\n uploadId: string;\n contentLength: number;\n contentType?: string;\n eTag?: string;\n }>;\n abort: (payload: {\n key: string;\n uploadId: string;\n bucket?: string;\n }) => Promise<{ aborted: boolean }>;\n };\n};\n\nexport function createS3Api(basePath = \"/api/s3\"): S3Api {\n const base = basePath.replace(/\\/$/, \"\");\n\n const json = async <T>(url: string, init?: RequestInit): Promise<T> => {\n const res = await fetch(url, init);\n if (!res.ok) {\n const body = await res.json().catch(() => ({}));\n throw new Error((body as { message?: string }).message ?? res.statusText);\n }\n return res.json() as Promise<T>;\n };\n\n const post = <T>(url: string, body: unknown): Promise<T> =>\n json<T>(url, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify(body),\n });\n\n return {\n upload(payload) {\n return post<PresignedPostResponse>(`${base}/presign/upload`, payload);\n },\n\n confirm(payload) {\n return post<UploadConfirmResponse>(\n `${base}/presign/upload/confirm`,\n payload,\n );\n },\n\n download(key, options?) {\n const params = new URLSearchParams({ key });\n if (options?.fileName) {\n const safe = options.fileName.replace(/[\"\\\\\\r\\n]/g, \"_\");\n params.set(\"fileName\", safe);\n }\n if (options?.bucket) params.set(\"bucket\", options.bucket);\n return json<PresignResponse>(`${base}/presign/download?${params}`);\n },\n\n delete(key, options?) {\n const params = new URLSearchParams({ key });\n if (options?.bucket) params.set(\"bucket\", options.bucket);\n return json<{ success: boolean; bucket: string; key: string }>(\n `${base}/delete?${params}`,\n { method: \"DELETE\" },\n );\n },\n\n multipart: {\n init(payload) {\n return post<MultipartInitResponse>(\n `${base}/presign/multipart/init`,\n payload,\n );\n },\n\n signPart(payload) {\n return post<MultipartPartResponse>(\n `${base}/presign/multipart/part`,\n payload,\n );\n },\n\n complete(payload) {\n return post<{\n key: string;\n bucket: string;\n uploadId: string;\n contentLength: number;\n contentType?: string;\n eTag?: string;\n }>(`${base}/presign/multipart/complete`, payload);\n },\n\n abort(payload) {\n return post<{ aborted: boolean }>(\n `${base}/presign/multipart/abort`,\n payload,\n );\n },\n },\n };\n}\n","export function validateFile(\n file: File,\n options: { accept?: string[]; maxFileSize?: number },\n): string | null {\n if (options.accept?.length) {\n const allowed = options.accept.some((type) => {\n // Extension check: \".pdf\", \".jpg\", etc.\n if (type.startsWith(\".\")) {\n return file.name.toLowerCase().endsWith(type.toLowerCase());\n }\n // Wildcard MIME: \"image/*\"\n if (type.endsWith(\"/*\")) {\n return file.type.startsWith(type.replace(\"/*\", \"/\"));\n }\n // Exact MIME: \"application/pdf\"\n return file.type === type;\n });\n if (!allowed) {\n const ext = file.name.includes(\".\") ? file.name.split(\".\").pop() : null;\n return `File type \"${ext ? `.${ext}` : file.type || \"unknown\"}\" is not allowed`;\n }\n }\n\n if (file.size === 0) {\n return \"File is empty\";\n }\n\n if (options.maxFileSize && file.size > options.maxFileSize) {\n const maxMB = (options.maxFileSize / (1024 * 1024)).toFixed(1);\n return `File size exceeds ${maxMB} MB limit`;\n }\n\n return null;\n}\n"]}
package/dist/{helpers.d.ts → internal-helpers.d.ts} RENAMED
@@ -1,13 +1,3 @@
1
- /**
2
- * Builds a RFC 6266 `Content-Disposition` value for a file attachment.
3
- * Includes both the ASCII-safe `filename` fallback and the RFC 5987
4
- * `filename*` parameter for full Unicode support.
5
- *
6
- * @example
7
- * buildContentDisposition("résumé finale.pdf")
8
- * // → 'attachment; filename="resume finale.pdf"; filename*=UTF-8\'\'r%C3%A9sum%C3%A9%20finale.pdf'
9
- */
10
- export declare function buildContentDisposition(fileName: string): string;
11
1
  export declare function parseBody<T extends Record<string, unknown>>(request: Request): Promise<T | null>;
12
2
  export declare function requireString(value: unknown, name: string): string | Response;
13
3
  export declare function normalizeExpiresIn(value: unknown): number;
package/dist/types.d.ts CHANGED
@@ -22,6 +22,11 @@ export type UploadCompleteContext = HookContext & {
22
22
  contentLength: number;
23
23
  eTag?: string;
24
24
  metadata?: Record<string, string>;
25
+ acl: "private" | "public-read";
26
+ /** Display file name parsed from the object's Content-Disposition header. */
27
+ fileName?: string;
28
+ /** Public URL of the object. Only present when `acl` is `public-read` and `publicUrlBase` is configured. */
29
+ publicUrl?: string;
25
30
  };
26
31
  export type DownloadHookContext = HookContext & {
27
32
  key: string;
@@ -58,124 +63,84 @@ export type MultipartCompleteSuccessContext = MultipartHookContext & {
58
63
  contentLength: number;
59
64
  contentType?: string;
60
65
  eTag?: string;
66
+ acl: "private" | "public-read";
67
+ /** Display file name parsed from the object's Content-Disposition header. */
68
+ fileName?: string;
69
+ /** Public URL of the object. Only present when `acl` is `public-read` and `publicUrlBase` is configured. */
70
+ publicUrl?: string;
61
71
  };
62
- export type S3ServerHooks = {
72
+ export type S3HandlerConfig = {
73
+ /** The S3 client instance used to communicate with your bucket. */
74
+ s3: S3Client;
75
+ /** Default bucket used when no `bucket` is specified in the request payload. */
76
+ defaultBucket: string;
63
77
  /**
64
- * Runs before every request. Throw to reject (`403` by default).
78
+ * Maximum file size in bytes. Requests declaring a larger `fileSize` are
79
+ * rejected before any presigned URL is generated.
65
80
  */
81
+ maxFileSize?: number;
82
+ /**
83
+ * Resolves the public base URL for a bucket. The returned string is combined
84
+ * with the object key to produce `publicUrl` on upload/multipart responses
85
+ * when the object ACL is `public-read`. Omit if all objects are private.
86
+ *
87
+ * ```ts
88
+ * // Single bucket (virtual-hosted style)
89
+ * resolvePublicUrl: (bucket) => `https://${bucket}.s3.eu-west-1.amazonaws.com`
90
+ *
91
+ * // Single bucket (Cloudflare R2 / fixed domain)
92
+ * resolvePublicUrl: (_bucket) => `https://pub-xxxxx.r2.dev`
93
+ *
94
+ * // Multiple buckets — each mapped to its own domain
95
+ * resolvePublicUrl: (bucket) =>
96
+ * ({ avatars: "https://cdn.myapp.com", media: "https://media.myapp.com" })[bucket]
97
+ * ?? `https://${bucket}.s3.amazonaws.com`
98
+ * ```
99
+ */
100
+ resolvePublicUrl?: (bucket: string) => string;
101
+ /** Runs before every request. Throw to reject (`403` by default). */
66
102
  guard?: (context: HookContext) => Promise<void> | void;
67
103
  upload?: {
68
- /**
69
- * Runs before the presigned URL is generated.
70
- * `fileSize` is client-declared treat as untrusted.
71
- * Throw to reject (`403` by default).
72
- */
104
+ /** Enable the upload endpoints. @default false */
105
+ enabled?: boolean;
106
+ /** Runs before the presigned URL is generated. Throw to reject (`403` by default). */
73
107
  guard?: (context: UploadHookContext) => Promise<void> | void;
74
- /**
75
- * Fires after the presigned URL is issued. The file has not been uploaded yet.
76
- */
108
+ /** Fires after the presigned URL is issued (file not yet uploaded). */
77
109
  onPresigned?: (context: UploadSuccessContext) => Promise<void> | void;
78
- /**
79
- * Fires after `POST /presign/upload/confirm`. The server verifies the object via
80
- * `HeadObject`, so `contentLength` and `eTag` are the actual S3 values.
81
- */
110
+ /** Fires after upload confirmation. `contentLength` and `eTag` are verified S3 values. */
82
111
  onUploaded?: (context: UploadCompleteContext) => Promise<void> | void;
83
112
  };
84
113
  download?: {
85
- /**
86
- * Runs before the presigned download URL is generated.
87
- * Throw to reject (`403` by default).
88
- */
114
+ /** Enable the download endpoint. @default false */
115
+ enabled?: boolean;
116
+ /** Runs before the presigned download URL is generated. Throw to reject (`403` by default). */
89
117
  guard?: (context: DownloadHookContext) => Promise<void> | void;
90
- /**
91
- * Fires after the presigned download URL is issued. The file has not been downloaded yet.
92
- */
118
+ /** Fires after the presigned download URL is issued. */
93
119
  onPresigned?: (context: DownloadSuccessContext) => Promise<void> | void;
94
120
  };
95
121
  delete?: {
96
- /**
97
- * Runs before the object is deleted from S3.
98
- * Throw to reject (`403` by default).
99
- */
122
+ /** Enable the delete endpoint. @default false */
123
+ enabled?: boolean;
124
+ /** Runs before the object is deleted. Throw to reject (`403` by default). */
100
125
  guard?: (context: DeleteHookContext) => Promise<void> | void;
101
- /**
102
- * Fires after the object is successfully deleted from S3.
103
- */
126
+ /** Fires after the object is successfully deleted. */
104
127
  onDeleted?: (context: DeleteHookContext) => Promise<void> | void;
105
128
  };
106
129
  multipart?: {
107
- /**
108
- * Runs before every multipart operation (`init`, `part`, `complete`, `abort`).
109
- * `fileSize` is only present during `init`.
110
- * Throw to reject (`403` by default).
111
- */
130
+ /** Enable all multipart upload endpoints. @default false */
131
+ enabled?: boolean;
132
+ /** Runs before every multipart operation. Throw to reject (`403` by default). */
112
133
  guard?: (context: MultipartHookContext) => Promise<void> | void;
113
- /**
114
- * Fires after `CreateMultipartUpload`. Use to record the pending session in your database.
115
- */
134
+ /** Fires after `CreateMultipartUpload`. */
116
135
  onInit?: (context: MultipartInitSuccessContext) => Promise<void> | void;
117
- /**
118
- * Fires after `CompleteMultipartUpload`. The server runs `HeadObject` first,
119
- * so `contentLength` and `eTag` are the actual S3 values.
120
- */
136
+ /** Fires after `CompleteMultipartUpload`. `contentLength` and `eTag` are verified S3 values. */
121
137
  onComplete?: (context: MultipartCompleteSuccessContext) => Promise<void> | void;
122
- /**
123
- * Fires after `AbortMultipartUpload`. S3 releases all stored parts on success.
124
- */
138
+ /** Fires after `AbortMultipartUpload`. */
125
139
  onAbort?: (context: MultipartHookContext & {
126
140
  uploadId: string;
127
141
  }) => Promise<void> | void;
128
142
  };
129
143
  };
130
- export type S3Features = {
131
- /**
132
- * Enable presigned upload endpoints (`POST /presign/upload` and
133
- * `POST /presign/upload/confirm`).
134
- * @default false
135
- */
136
- upload?: boolean;
137
- /**
138
- * Enable the presigned download endpoint (`GET /presign/download`).
139
- * @default false
140
- */
141
- download?: boolean;
142
- /**
143
- * Enable the delete endpoint (`DELETE /delete`).
144
- * @default false
145
- */
146
- delete?: boolean;
147
- /**
148
- * Enable all multipart upload endpoints (`/presign/multipart/*`).
149
- * Keep disabled unless you explicitly need multipart support — see the
150
- * multipart cost-attack section in the README.
151
- * @default false
152
- */
153
- multipart?: boolean;
154
- };
155
- export type S3HandlerConfig = {
156
- /** The S3 client instance used to communicate with your bucket. */
157
- s3: S3Client;
158
- /** Default bucket used when no `bucket` is specified in the request payload. */
159
- defaultBucket: string;
160
- /**
161
- * Controls which API endpoints are active.
162
- * **All features are disabled by default** — you must opt in to each one.
163
- *
164
- * ```ts
165
- * features: { upload: true, download: true, delete: true }
166
- * // multipart stays off unless you explicitly enable it
167
- * ```
168
- */
169
- features: S3Features;
170
- /**
171
- * Maximum file size in bytes. If set and the client declares a `fileSize` that
172
- * exceeds this value, the request is rejected before any presigned URL is
173
- * generated. Applies to both simple upload and multipart init.
174
- */
175
- maxFileSize?: number;
176
- /** Optional lifecycle hooks for authentication, logging, and side effects. */
177
- hooks?: S3ServerHooks;
178
- };
179
144
  export type S3RouteHandlerConfig = S3HandlerConfig & {
180
145
  basePath: string;
181
146
  };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@better-s3/server",
3
- "version": "3.1.1",
3
+ "version": "3.2.1",
4
4
  "description": "Framework-agnostic S3 server handlers — presigned uploads, downloads, deletes, and multipart operations",
5
5
  "keywords": [
6
6
  "s3",
@@ -29,6 +29,14 @@
29
29
  "types": "./dist/index.d.ts",
30
30
  "default": "./dist/index.js"
31
31
  },
32
+ "./helpers": {
33
+ "types": "./dist/helpers/index.d.ts",
34
+ "default": "./dist/helpers/index.js"
35
+ },
36
+ "./helpers/server": {
37
+ "types": "./dist/helpers/server/index.d.ts",
38
+ "default": "./dist/helpers/server/index.js"
39
+ },
32
40
  "./next": {
33
41
  "types": "./dist/adapters/next.d.ts",
34
42
  "default": "./dist/adapters/next.js"
@@ -38,14 +46,14 @@
38
46
  "dist"
39
47
  ],
40
48
  "dependencies": {
41
- "@aws-sdk/s3-presigned-post": "^3.1036.0",
42
- "@aws-sdk/s3-request-presigner": "^3.1036.0"
49
+ "@aws-sdk/s3-presigned-post": "^3.1041.0",
50
+ "@aws-sdk/s3-request-presigner": "^3.1041.0"
43
51
  },
44
52
  "peerDependencies": {
45
53
  "@aws-sdk/client-s3": ">=3"
46
54
  },
47
55
  "devDependencies": {
48
- "@aws-sdk/client-s3": "^3.1036.0",
56
+ "@aws-sdk/client-s3": "^3.1041.0",
49
57
  "@aws-sdk/s3-presigned-post": "^3.1032.0",
50
58
  "@aws-sdk/s3-request-presigner": "^3.1029.0",
51
59
  "tsup": "^8.5.1",