@storecraft/storage-s3-compatible 1.0.0

package/README.md

@@ -0,0 +1,39 @@
+# Storecraft S3 compatible storage
+
+`fetch` ready support for an `S3` like storage:
+- `Amazon S3`
+- `Cloudflare R2`
+- `DigitalOcean Spaces`
+- `minIO` servers
+
+Features:
+- Works in any `js` runtime and platform that supports `fetch`
+- Supports streaming `Get` / `Put` / `Delete`
+- Supports `presigned` `Get` / `Put` requests to offload to client
+
+## usage
+
+```js
+import { R2 } from '@storecraft/storage-s3-compatible'
+
+const storage = new R2(
+  process.env.R2_BUCKET, process.env.R2_ACCOUNT_ID, 
+  process.env.R2_ACCESS_KEY_ID, process.env.R2_SECRET_ACCESS_KEY
+  );
+
+// write
+await storage.putBlob(
+  'folder1/tomer.txt', 
+  new Blob(['this is some text from tomer :)'])
+);
+
+// read
+const { value } = await storage.getBlob('folder1/tomer.txt');
+const url = await storage.getSigned('folder1/tomer.txt');
+console.log('presign GET url ', url);
+
+```
+
+```text
+Author: Tomer Shalev (tomer.shalev@gmail.com)
+```

package/adapter.js

@@ -0,0 +1,322 @@
+import { App } from '@storecraft/core'
+import { AwsClient } from './aws4fetch.js';
+
+const types = {
+  'png': 'image/png',
+  'gif': 'image/gif',
+  'jpeg': 'image/jpeg',
+  'jpg': 'image/jpeg',
+  'tiff': 'image/tiff',
+  'webp': 'image/webp',
+  'txt': 'text/plain',
+  'json': 'application/json',
+}
+
+/**
+ * 
+ * @param {string} name 
+ */
+const infer_content_type = (name) => {
+  const idx = name.lastIndexOf('.');
+  if(!idx) return 'application/octet-stream';
+  const type = types[name.substring(idx + 1).trim()]
+  return type ?? 'application/octet-stream';
+}
+
+
+/**
+ * @typedef {import('./types.public.js').Config} Config
+ */
+
+/**
+ * The base S3 compatible class
+ * @typedef {import('@storecraft/core/v-storage').storage_driver} storage
+ * 
+ * @implements {storage}
+ */
+export class S3CompatibleStorage {
+  
+  /** @type {AwsClient} */ #_client;
+  /** @type {Config} */ #_config;
+  /** @type {string} */ #_url;
+
+  /**
+   * 
+   * @param {Config} options 
+   */
+  #compute_url(options) {
+    const url = new URL(options.endpoint);
+    if(options.forcePathStyle) {
+      url.pathname = options.bucket;
+    } else {
+      url.host = `${options.bucket}.${url.host}`;
+    }
+    return url.toString();
+  }
+
+
+  /**
+   * 
+   * @param {Config} config 
+   */
+  constructor(config) {
+    this.#_config = config;
+    this.#_client = new AwsClient({
+      accessKeyId: config.accessKeyId, secretAccessKey: config.secretAccessKey, 
+      region: config.region ?? 'auto', service: 's3'
+    });
+
+    this.#_url = this.#compute_url(config);
+  }
+
+  get url() { return this.#_url; }
+  get client() { return this.#_client; }
+  get config() { return this.#_config; }
+
+  features() {
+    /** @type {import('@storecraft/core/v-storage').StorageFeatures} */
+    const f = {
+      supports_signed_urls: true
+    }
+
+    return f;
+  }
+
+  /**
+   * 
+   * @type {storage["init"]}
+   */
+  async init(app) { return this; }
+
+  // puts
+
+  /**
+   * 
+   * @param {string} key 
+   * @param {BodyInit} body 
+   */
+  async #put_internal(key, body) {
+    const r = await this.client.fetch(
+      this.get_file_url(key),
+      {
+        method: 'PUT',
+        body
+      }
+    );
+
+    return r.ok;
+  }
+
+  /**
+   * 
+   * @param {string} key 
+   * @param {Blob} blob 
+   */
+  async putBlob(key, blob) {
+    return this.#put_internal(key, blob);
+  }
+
+  /**
+   * 
+   * @param {string} key 
+   * @param {ArrayBuffer} buffer 
+   */
+  async putArraybuffer(key, buffer) {
+    return this.#put_internal(key, buffer);
+  }  
+
+  /**
+   * 
+   * @param {string} key 
+   * @param {ReadableStream} stream 
+   */
+  async putStream(key, stream) {
+    return this.#put_internal(key, stream);
+  }
+
+  /**
+   * 
+   * @param {string} key 
+   * @returns {ReturnType<import('@storecraft/core/v-storage').storage_driver["putSigned"]>}
+   */
+  async putSigned(key) {
+    const url = new URL(this.get_file_url(key));
+    const signed = await this.client.sign(
+      new Request(url, {
+        method: "PUT",
+      }), 
+      {
+        aws: { signQuery: true },
+      }
+    );
+
+    return {
+      url: signed.url,
+      method: signed.method,
+      headers: Object.fromEntries(signed.headers.entries())
+    }
+  }
+
+  // gets
+
+  /** @param {string} key  */
+  get_file_url(key) {
+    return `${this.#_url}/${key}`;
+  }
+
+  /** @param {string} key  */
+  #get_request(key) {
+    return this.client.fetch(this.get_file_url(key));
+  }
+
+  /**
+   * 
+   * @param {string} key 
+   */
+  async getArraybuffer(key) {
+    const r = await this.#get_request(key);
+    const b = await r.arrayBuffer();
+    return {
+      value: b, 
+      metadata: {
+        contentType: infer_content_type(key)
+      }
+    };
+  }
+
+  /**
+   * 
+   * @param {string} key 
+   */
+  async getBlob(key) {
+    const r = await this.#get_request(key);
+    const b = await r.blob();
+    return {
+      value: b, 
+      metadata: {
+        contentType: infer_content_type(key)
+      }
+    };
+  }
+
+  /**
+   * 
+   * @param {string} key 
+   * @param {Response} key 
+   */
+  async getStream(key) {
+
+    const s = (await this.#get_request(key)).body
+    return {
+      value: s, 
+      metadata: {
+        contentType: infer_content_type(key)
+      }
+    };
+  }
+
+  /**
+   * 
+   * @param {string} key 
+   * @returns {ReturnType<import('@storecraft/core/v-storage').storage_driver["getSigned"]>}
+   */
+  async getSigned(key) {
+    const url = new URL(this.get_file_url(key));
+    // url.searchParams.set("X-Amz-Expires", "3600");
+    const signed = await this.client.sign(
+      new Request(url, {
+        method: "GET",
+      }), 
+      {
+        aws: { signQuery: true },
+      }
+    );
+
+    return {
+      url: signed.url,
+      method: signed.method,
+      headers: Object.fromEntries(signed.headers.entries())
+    }
+  }
+
+  // remove
+
+  /**
+   * 
+   * @param {string} key 
+   */
+  async remove(key) {
+    const r = await this.client.fetch(
+      this.get_file_url(key), { method: 'DELETE' }
+    );
+    return r.ok;
+  }
+}
+
+/**
+ * Cloudflare R2
+ */
+export class R2 extends S3CompatibleStorage {
+
+  /**
+   * 
+   * @param {string} bucket 
+   * @param {string} account_id 
+   * @param {string} access_key_id 
+   * @param {string} secret_access_key 
+   */
+  constructor(bucket, account_id, access_key_id, secret_access_key) {
+    super({
+      endpoint: `https://${account_id}.r2.cloudflarestorage.com`,
+      accessKeyId: access_key_id, secretAccessKey: secret_access_key, 
+      bucket, forcePathStyle: true, region: 'auto'
+    })
+  }
+
+}
+
+/**
+ * Amazon S3
+ */
+export class S3 extends S3CompatibleStorage {
+
+  /**
+   * 
+   * @param {string} bucket 
+   * @param {string} region 
+   * @param {string} access_key_id 
+   * @param {string} secret_access_key 
+   * @param {boolean} forcePathStyle 
+   */
+  constructor(bucket, region, access_key_id, secret_access_key, forcePathStyle=false) {
+    super({
+      endpoint: `https://s3${region ? ('.'+region) : ''}.amazonaws.com`,
+      accessKeyId: access_key_id, secretAccessKey: secret_access_key, 
+      bucket, forcePathStyle, region
+    })
+  }
+
+}
+
+/**
+ * Digital Ocean spaces
+ */
+export class DigitalOceanSpaces extends S3CompatibleStorage {
+
+  /**
+   * 
+   * @param {string} bucket 
+   * @param {string} region 'nyc3' for example
+   * @param {string} access_key_id 
+   * @param {string} secret_access_key 
+   */
+  constructor(bucket, region, access_key_id, secret_access_key) {
+    super({
+      endpoint: `https://${region}.digitaloceanspaces.com`,
+      accessKeyId: access_key_id, secretAccessKey: secret_access_key, 
+      bucket, forcePathStyle: false, region: 'auto'
+    })
+  }
+
+}
+

package/aws4fetch.js

@@ -0,0 +1,428 @@
+// @ts-check
+
+/**
+ * @license MIT <https://opensource.org/licenses/MIT>
+ * @copyright Michael Hart 2022
+ */
+
+const encoder = new TextEncoder()
+
+/** @type {Object.<string, string>} */
+const HOST_SERVICES = {
+  appstream2: 'appstream',
+  cloudhsmv2: 'cloudhsm',
+  email: 'ses',
+  marketplace: 'aws-marketplace',
+  mobile: 'AWSMobileHubService',
+  pinpoint: 'mobiletargeting',
+  queue: 'sqs',
+  'git-codecommit': 'codecommit',
+  'mturk-requester-sandbox': 'mturk-requester',
+  'personalize-runtime': 'personalize',
+}
+
+// https://github.com/aws/aws-sdk-js/blob/cc29728c1c4178969ebabe3bbe6b6f3159436394/lib/signers/v4.js#L190-L198
+const UNSIGNABLE_HEADERS = new Set([
+  'authorization',
+  'content-type',
+  'content-length',
+  'user-agent',
+  'presigned-expires',
+  'expect',
+  'x-amzn-trace-id',
+  'range',
+  'connection',
+])
+
+export class AwsClient {
+  /**
+   * @param {{
+   *   accessKeyId: string
+   *   secretAccessKey: string
+   *   sessionToken?: string
+   *   service?: string
+   *   region?: string
+   *   cache?: Map<string,ArrayBuffer>
+   *   retries?: number
+   *   initRetryMs?: number
+   * }} options
+   */
+  constructor({ accessKeyId, secretAccessKey, sessionToken, service, region, cache, retries, initRetryMs }) {
+    if (accessKeyId == null) throw new TypeError('accessKeyId is a required option')
+    if (secretAccessKey == null) throw new TypeError('secretAccessKey is a required option')
+    this.accessKeyId = accessKeyId
+    this.secretAccessKey = secretAccessKey
+    this.sessionToken = sessionToken
+    this.service = service
+    this.region = region
+    this.cache = cache || new Map()
+    this.retries = retries != null ? retries : 10 // Up to 25.6 secs
+    this.initRetryMs = initRetryMs || 50
+  }
+
+  /**
+   * @typedef {RequestInit & {
+   *   aws?: {
+   *     accessKeyId?: string
+   *     secretAccessKey?: string
+   *     sessionToken?: string
+   *     service?: string
+   *     region?: string
+   *     cache?: Map<string,ArrayBuffer>
+   *     datetime?: string
+   *     signQuery?: boolean
+   *     appendSessionToken?: boolean
+   *     allHeaders?: boolean
+   *     singleEncode?: boolean
+   *   }
+   * }} AwsRequestInit
+   *
+   * @param {RequestInfo} input
+   * @param {?AwsRequestInit} [init]
+   * @returns {Promise<Request>}
+   */
+  async sign(input, init) {
+    if (input instanceof Request) {
+      const { method, url, headers, body } = input
+      init = Object.assign({ method, url, headers }, init)
+      if (init.body == null && headers.has('Content-Type')) {
+        init.body = body != null && headers.has('X-Amz-Content-Sha256') ? body : await input.clone().arrayBuffer()
+      }
+      input = url
+    }
+    const signer = new AwsV4Signer(Object.assign({ url: input }, init, this, init && init.aws))
+    const signed = Object.assign({}, init, await signer.sign())
+    delete signed.aws
+    try {
+      return new Request(signed.url.toString(), signed)
+    } catch (e) {
+      if (e instanceof TypeError) {
+        // https://bugs.chromium.org/p/chromium/issues/detail?id=1360943
+        return new Request(signed.url.toString(), Object.assign({ duplex: 'half' }, signed))
+      }
+      throw e
+    }
+  }
+
+  /**
+   * @param {RequestInfo} input
+   * @param {?AwsRequestInit} [init]
+   * @returns {Promise<Response>}
+   */
+  async fetch(input, init) {
+    for (let i = 0; i <= this.retries; i++) {
+      const fetched = fetch(await this.sign(input, init))
+      if (i === this.retries) {
+        return fetched // No need to await if we're returning anyway
+      }
+      const res = await fetched
+      if (res.status < 500 && res.status !== 429) {
+        return res
+      }
+      await new Promise(resolve => setTimeout(resolve, Math.random() * this.initRetryMs * Math.pow(2, i)))
+    }
+    throw new Error('An unknown error occurred, ensure retries is not negative')
+  }
+}
+
+export class AwsV4Signer {
+  /**
+   * @param {{
+   *   method?: string
+   *   url: string
+   *   headers?: HeadersInit
+   *   body?: BodyInit | null
+   *   accessKeyId: string
+   *   secretAccessKey: string
+   *   sessionToken?: string
+   *   service?: string
+   *   region?: string
+   *   cache?: Map<string,ArrayBuffer>
+   *   datetime?: string
+   *   signQuery?: boolean
+   *   appendSessionToken?: boolean
+   *   allHeaders?: boolean
+   *   singleEncode?: boolean
+   * }} options
+   */
+  constructor({ method, url, headers, body, accessKeyId, secretAccessKey, sessionToken, service, region, cache, datetime, signQuery, appendSessionToken, allHeaders, singleEncode }) {
+    if (url == null) throw new TypeError('url is a required option')
+    if (accessKeyId == null) throw new TypeError('accessKeyId is a required option')
+    if (secretAccessKey == null) throw new TypeError('secretAccessKey is a required option')
+
+    this.method = method || (body ? 'POST' : 'GET')
+    this.url = new URL(url)
+    this.headers = new Headers(headers || {})
+    this.body = body
+
+    this.accessKeyId = accessKeyId
+    this.secretAccessKey = secretAccessKey
+    this.sessionToken = sessionToken
+
+    let guessedService, guessedRegion
+    if (!service || !region) {
+      ;[guessedService, guessedRegion] = guessServiceRegion(this.url, this.headers)
+    }
+    /** @type {string} */
+    this.service = service || guessedService || ''
+    this.region = region || guessedRegion || 'us-east-1'
+
+    this.cache = cache || new Map()
+    this.datetime = datetime || new Date().toISOString().replace(/[:-]|\.\d{3}/g, '')
+    this.signQuery = signQuery
+    this.appendSessionToken = appendSessionToken || this.service === 'iotdevicegateway'
+
+    this.headers.delete('Host') // Can't be set in insecure env anyway
+
+    if (this.service === 's3' && !this.signQuery && !this.headers.has('X-Amz-Content-Sha256')) {
+      this.headers.set('X-Amz-Content-Sha256', 'UNSIGNED-PAYLOAD')
+    }
+
+    const params = this.signQuery ? this.url.searchParams : this.headers
+
+    params.set('X-Amz-Date', this.datetime)
+    if (this.sessionToken && !this.appendSessionToken) {
+      params.set('X-Amz-Security-Token', this.sessionToken)
+    }
+
+    // headers are always lowercase in keys()
+    this.signableHeaders = ['host', ...this.headers.keys()]
+      .filter(header => allHeaders || !UNSIGNABLE_HEADERS.has(header))
+      .sort()
+
+    this.signedHeaders = this.signableHeaders.join(';')
+
+    // headers are always trimmed:
+    // https://fetch.spec.whatwg.org/#concept-header-value-normalize
+    this.canonicalHeaders = this.signableHeaders
+      .map(header => header + ':' + (header === 'host' ? this.url.host : (this.headers.get(header) || '').replace(/\s+/g, ' ')))
+      .join('\n')
+
+    this.credentialString = [this.datetime.slice(0, 8), this.region, this.service, 'aws4_request'].join('/')
+
+    if (this.signQuery) {
+      if (this.service === 's3' && !params.has('X-Amz-Expires')) {
+        params.set('X-Amz-Expires', '86400') // 24 hours
+      }
+      params.set('X-Amz-Algorithm', 'AWS4-HMAC-SHA256')
+      params.set('X-Amz-Credential', this.accessKeyId + '/' + this.credentialString)
+      params.set('X-Amz-SignedHeaders', this.signedHeaders)
+    }
+
+    if (this.service === 's3') {
+      try {
+        /** @type {string} */
+        this.encodedPath = decodeURIComponent(this.url.pathname.replace(/\+/g, ' '))
+      } catch (e) {
+        this.encodedPath = this.url.pathname
+      }
+    } else {
+      this.encodedPath = this.url.pathname.replace(/\/+/g, '/')
+    }
+    if (!singleEncode) {
+      this.encodedPath = encodeURIComponent(this.encodedPath).replace(/%2F/g, '/')
+    }
+    this.encodedPath = encodeRfc3986(this.encodedPath)
+
+    const seenKeys = new Set()
+    this.encodedSearch = [...this.url.searchParams]
+      .filter(([k]) => {
+        if (!k) return false // no empty keys
+        if (this.service === 's3') {
+          if (seenKeys.has(k)) return false // first val only for S3
+          seenKeys.add(k)
+        }
+        return true
+      })
+      .map(pair => pair.map(p => encodeRfc3986(encodeURIComponent(p))))
+      .sort(([k1, v1], [k2, v2]) => k1 < k2 ? -1 : k1 > k2 ? 1 : v1 < v2 ? -1 : v1 > v2 ? 1 : 0)
+      .map(pair => pair.join('='))
+      .join('&')
+  }
+
+  /**
+   * @returns {Promise<{
+   *   method: string
+   *   url: URL
+   *   headers: Headers
+   *   body?: BodyInit | null
+   * }>}
+   */
+  async sign() {
+    if (this.signQuery) {
+      this.url.searchParams.set('X-Amz-Signature', await this.signature())
+      if (this.sessionToken && this.appendSessionToken) {
+        this.url.searchParams.set('X-Amz-Security-Token', this.sessionToken)
+      }
+    } else {
+      this.headers.set('Authorization', await this.authHeader())
+    }
+
+    return {
+      method: this.method,
+      url: this.url,
+      headers: this.headers,
+      body: this.body,
+    }
+  }
+
+  /**
+   * @returns {Promise<string>}
+   */
+  async authHeader() {
+    return [
+      'AWS4-HMAC-SHA256 Credential=' + this.accessKeyId + '/' + this.credentialString,
+      'SignedHeaders=' + this.signedHeaders,
+      'Signature=' + (await this.signature()),
+    ].join(', ')
+  }
+
+  /**
+   * @returns {Promise<string>}
+   */
+  async signature() {
+    const date = this.datetime.slice(0, 8)
+    const cacheKey = [this.secretAccessKey, date, this.region, this.service].join()
+    let kCredentials = this.cache.get(cacheKey)
+    if (!kCredentials) {
+      const kDate = await hmac('AWS4' + this.secretAccessKey, date)
+      const kRegion = await hmac(kDate, this.region)
+      const kService = await hmac(kRegion, this.service)
+      kCredentials = await hmac(kService, 'aws4_request')
+      this.cache.set(cacheKey, kCredentials)
+    }
+    return buf2hex(await hmac(kCredentials, await this.stringToSign()))
+  }
+
+  /**
+   * @returns {Promise<string>}
+   */
+  async stringToSign() {
+    return [
+      'AWS4-HMAC-SHA256',
+      this.datetime,
+      this.credentialString,
+      buf2hex(await hash(await this.canonicalString())),
+    ].join('\n')
+  }
+
+  /**
+   * @returns {Promise<string>}
+   */
+  async canonicalString() {
+    return [
+      this.method.toUpperCase(),
+      this.encodedPath,
+      this.encodedSearch,
+      this.canonicalHeaders + '\n',
+      this.signedHeaders,
+      await this.hexBodyHash(),
+    ].join('\n')
+  }
+
+  /**
+   * @returns {Promise<string>}
+   */
+  async hexBodyHash() {
+    let hashHeader = this.headers.get('X-Amz-Content-Sha256') || (this.service === 's3' && this.signQuery ? 'UNSIGNED-PAYLOAD' : null)
+    if (hashHeader == null) {
+      if (this.body && typeof this.body !== 'string' && !('byteLength' in this.body)) {
+        throw new Error('body must be a string, ArrayBuffer or ArrayBufferView, unless you include the X-Amz-Content-Sha256 header')
+      }
+      hashHeader = buf2hex(await hash(this.body || ''))
+    }
+    return hashHeader
+  }
+}
+
+/**
+ * @param {string | ArrayBufferView | ArrayBuffer} key
+ * @param {string} string
+ * @returns {Promise<ArrayBuffer>}
+ */
+async function hmac(key, string) {
+  // @ts-ignore // https://github.com/microsoft/TypeScript/issues/38715
+  const cryptoKey = await crypto.subtle.importKey(
+    'raw',
+    typeof key === 'string' ? encoder.encode(key) : key,
+    { name: 'HMAC', hash: { name: 'SHA-256' } },
+    false,
+    ['sign'],
+  )
+  return crypto.subtle.sign('HMAC', cryptoKey, encoder.encode(string))
+}
+
+/**
+ * @param {string | ArrayBufferView | ArrayBuffer} content
+ * @returns {Promise<ArrayBuffer>}
+ */
+async function hash(content) {
+  // @ts-ignore // https://github.com/microsoft/TypeScript/issues/38715
+  return crypto.subtle.digest('SHA-256', typeof content === 'string' ? encoder.encode(content) : content)
+}
+
+/**
+ * @param {ArrayBuffer | ArrayLike<number> | SharedArrayBuffer} buffer
+ * @returns {string}
+ */
+function buf2hex(buffer) {
+  return Array.prototype.map.call(new Uint8Array(buffer), x => ('0' + x.toString(16)).slice(-2)).join('')
+}
+
+/**
+ * @param {string} urlEncodedStr
+ * @returns {string}
+ */
+function encodeRfc3986(urlEncodedStr) {
+  return urlEncodedStr.replace(/[!'()*]/g, c => '%' + c.charCodeAt(0).toString(16).toUpperCase())
+}
+
+/**
+ * @param {URL} url
+ * @param {Headers} headers
+ * @returns {string[]} [service, region]
+ */
+function guessServiceRegion(url, headers) {
+  const { hostname, pathname } = url
+
+  if (hostname.endsWith('.r2.cloudflarestorage.com')) {
+    return ['s3', 'auto']
+  }
+  if (hostname.endsWith('.backblazeb2.com')) {
+    const match = hostname.match(/^(?:[^.]+\.)?s3\.([^.]+)\.backblazeb2\.com$/)
+    return match != null ? ['s3', match[1]] : ['', '']
+  }
+  const match = hostname.replace('dualstack.', '').match(/([^.]+)\.(?:([^.]*)\.)?amazonaws\.com(?:\.cn)?$/)
+  let [service, region] = (match || ['', '']).slice(1, 3)
+
+  if (region === 'us-gov') {
+    region = 'us-gov-west-1'
+  } else if (region === 's3' || region === 's3-accelerate') {
+    region = 'us-east-1'
+    service = 's3'
+  } else if (service === 'iot') {
+    if (hostname.startsWith('iot.')) {
+      service = 'execute-api'
+    } else if (hostname.startsWith('data.jobs.iot.')) {
+      service = 'iot-jobs-data'
+    } else {
+      service = pathname === '/mqtt' ? 'iotdevicegateway' : 'iotdata'
+    }
+  } else if (service === 'autoscaling') {
+    const targetPrefix = (headers.get('X-Amz-Target') || '').split('.')[0]
+    if (targetPrefix === 'AnyScaleFrontendService') {
+      service = 'application-autoscaling'
+    } else if (targetPrefix === 'AnyScaleScalingPlannerFrontendService') {
+      service = 'autoscaling-plans'
+    }
+  } else if (region == null && service.startsWith('s3-')) {
+    region = service.slice(3).replace(/^fips-|^external-1/, '')
+    service = 's3'
+  } else if (service.endsWith('-fips')) {
+    service = service.slice(0, -5)
+  } else if (region && /-\d$/.test(service) && !/-\d$/.test(region)) {
+    ;[service, region] = [region, service]
+  }
+
+  return [HOST_SERVICES[service] || service, region]
+}

package/index.js

@@ -0,0 +1 @@
+export * from './adapter.js'

package/package.json

@@ -0,0 +1,34 @@
+{
+  "name": "@storecraft/storage-s3-compatible",
+  "version": "1.0.0",
+  "description": "Official S3-Compatible Storage adapter for storecraft",
+  "license": "MIT",
+  "author": "Tomer Shalev (https://github.com/store-craft)",
+  "homepage": "https://github.com/store-craft/storecraft",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/store-craft/storecraft.git",
+    "directory": "packages/storage-s3-compatible"
+  },
+  "keywords": [
+    "commerce",
+    "dashboard",
+    "code",
+    "storecraft"
+  ],
+  "scripts": {
+    "storage-s3-compatible:test": "uvu -c",
+    "storage-s3-compatible:publish": "npm publish --access public"
+  },
+  "type": "module",
+  "main": "index.js",
+  "types": "./types.public.d.ts",
+  "dependencies": {
+    "@storecraft/core": "^1.0.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.11.0",
+    "uvu": "^0.5.6",
+    "dotenv": "^16.3.1"
+  }
+}

package/tests/storage.r2.test.js

@@ -0,0 +1,85 @@
+import 'dotenv/config';
+import { test } from 'uvu';
+import * as assert from 'uvu/assert';
+import { R2 } from '../adapter.js'
+import { readFile } from 'node:fs/promises';
+import { homedir } from 'node:os'
+import * as path from 'node:path';
+
+const areBlobsEqual = async (blob1, blob2) => {
+  return !Buffer.from(await blob1.arrayBuffer()).compare(
+    Buffer.from(await blob2.arrayBuffer())
+  );
+};
+
+const storage = new R2(
+  process.env.R2_BUCKET, process.env.R2_ACCOUNT_ID, 
+  process.env.R2_ACCESS_KEY_ID, process.env.R2_SECRET_ACCESS_KEY
+  );
+
+test.before(async () => await storage.init())
+
+test('blob put/get/delete', async () => {
+  const data = [
+    // {
+    //   key: 'folder1/tomer.txt',
+    //   blob: new Blob(['this is some text from tomer :)']),
+    // },
+    {
+      key: 'node2222.png',
+      blob: new Blob([await readFile('./node.png')])
+    }
+  ];
+
+  data.forEach(
+    async d => {
+      // write
+      await storage.putBlob(d.key, d.blob);
+      // read
+      const { value: blob_read } = await storage.getBlob(d.key);
+      const url = await storage.getSigned(d.key);
+      console.log('presign GET url ', url);
+
+      // compare
+      const equal = await areBlobsEqual(blob_read, d.blob);
+      assert.ok(equal, 'Blobs are not equal !!!');
+
+      // delete
+      // await storage.remove(d.key);
+    }
+  );
+  
+});
+
+test('blob put (presign)', async () => {
+  const data = [
+    // {
+    //   key: 'folder1/tomer.txt',
+    //   blob: new Blob(['this is some text from tomer :)']),
+    // },
+    {
+      key: 'node_test2.png',
+      blob: new Blob([await readFile('./node.png')])
+    }
+  ];
+
+  data.forEach(
+    async d => {
+      // get put presigned url
+      const { url, method, headers } = await storage.putSigned(d.key);
+      // now let's use it to upload
+      const r = await fetch(
+        url, {
+          method,
+          headers,
+          body: d.blob
+        }
+      );
+
+      assert.ok(r.ok, 'upload failed')
+    }
+  );
+  
+});
+
+test.run();

package/tsconfig.json

@@ -0,0 +1,14 @@
+{
+  "compileOnSave": false,
+  "compilerOptions": {
+    "noEmit": true,
+    "allowJs": true,
+    "checkJs": true,
+    "target": "ESNext",
+    "resolveJsonModule": true,
+    "moduleResolution": "NodeNext",
+    "module": "NodeNext",
+    "composite": true,
+  },
+  "include": ["*", "src/*"]
+}

package/types.public.d.ts

@@ -0,0 +1,11 @@
+export * from './index.js';
+
+export type Config = {
+  endpoint: string;
+  bucket: string;
+  accessKeyId: string;
+  secretAccessKey: string;
+  region: string;
+  forcePathStyle: boolean;
+}
+