lean-s3 0.1.6 → 0.2.0

package/dist/S3File.js

@@ -0,0 +1,206 @@
+import { Readable } from "node:stream";
+import S3Error from "./S3Error.js";
+import S3Stat from "./S3Stat.js";
+import { write, stream } from "./S3Client.js";
+import { sha256 } from "./sign.js";
+// TODO: If we want to hack around, we can use this to access the private implementation of the "get stream" algorithm used by Node.js's blob internally
+// We probably have to do this some day if the fetch implementation is moved to internals.
+// If this happens, fetch will probably use `[kHandle].getReader()` instead of .stream() to read the Blob
+// This would break our use-case of passing an S3File as a body
+// Using this hack would also make `.text()`, `.bytes()` etc. "just work" in every case, since these use `[kHandle]` internally as well.
+// We now resort back into overriding text/bytes/etc. But as soon as another internal Node.js API uses this functionality, this would probably also use `[kHandle]` and bypass our data.
+// const kHandle = Object.getOwnPropertySymbols(new Blob).find(s => s.toString() === 'Symbol(kHandle)');
+export default class S3File {
+    #client;
+    #path;
+    #start;
+    #end;
+    #contentType;
+    /**
+     * @internal
+     */
+    constructor(client, path, start, end, contentType) {
+        if (typeof start === "number" && start < 0) {
+            throw new Error("Invalid slice `start`.");
+        }
+        if (typeof end === "number" &&
+            (end < 0 || (typeof start === "number" && end < start))) {
+            throw new Error("Invalid slice `end`.");
+        }
+        this.#client = client;
+        this.#path = path;
+        this.#start = start;
+        this.#end = end;
+        this.#contentType = contentType ?? "application/octet-stream";
+    }
+    // TODO: slice overloads
+    slice(start, end, contentType) {
+        return new S3File(this.#client, this.#path, start ?? undefined, end ?? undefined, contentType ?? this.#contentType);
+    }
+    /**
+     *  Get the stat of a file in the bucket. Uses `HEAD` request to check existence.
+     *
+     * @throws {Error} If the file does not exist.
+     * @param {Partial<S3StatOptions>} [options]
+     * @returns {Promise<S3Stat>}
+     */
+    async stat({ signal } = {}) {
+        // TODO: Support all options
+        // TODO: Don't use presign here
+        const url = this.#client.presign(this.#path, { method: "HEAD" });
+        const response = await fetch(url, { method: "HEAD", signal }); // TODO: Use undici
+        if (!response.ok) {
+            switch (response.status) {
+                case 404:
+                    // TODO: Process response body
+                    throw new S3Error("NoSuchKey", this.#path);
+                default:
+                    // TODO: Process response body
+                    throw new S3Error("Unknown", this.#path);
+            }
+        }
+        const result = S3Stat.tryParseFromHeaders(response.headers);
+        if (!result) {
+            throw new Error("S3 server returned an invalid response for HEAD");
+        }
+        return result;
+    }
+    /**
+     * Check if a file exists in the bucket. Uses `HEAD` request to check existence.
+     * @param {Partial<S3FileExistsOptions>} [options]
+     * @returns {Promise<boolean>}
+     */
+    async exists({ signal, } = {}) {
+        // TODO: Support all options
+        // TODO: Don't use presign here
+        const url = this.#client.presign(this.#path, { method: "HEAD" });
+        const res = await fetch(url, { method: "HEAD", signal }); // TODO: Use undici
+        return res.ok;
+    }
+    /**
+     * Delete a file from the bucket.
+     * @param {Partial<S3FileDeleteOptions>} [options]
+     * @returns {Promise<void>}
+     *
+     * @example
+     * ```js
+     * // Simple delete
+     * await client.unlink("old-file.txt");
+     *
+     * // With error handling
+     * try {
+     *   await client.unlink("file.dat");
+     *   console.log("File deleted");
+     * } catch (err) {
+     *   console.error("Delete failed:", err);
+     * }
+     * ```
+     */
+    async delete({ signal } = {}) {
+        // TODO: Support all options
+        // TODO: Don't use presign here
+        const url = this.#client.presign(this.#path, { method: "DELETE" });
+        const response = await fetch(url, { method: "DELETE", signal }); // TODO: Use undici
+        if (!response.ok) {
+            switch (response.status) {
+                case 404:
+                    // TODO: Process response body
+                    throw new S3Error("NoSuchKey", this.#path);
+                default:
+                    // TODO: Process response body
+                    throw new S3Error("Unknown", this.#path);
+            }
+        }
+    }
+    toString() {
+        return `S3File { path: "${this.#path}" }`;
+    }
+    /** @returns {Promise<unknown>} */
+    json() {
+        // Not using JSON.parse(await this.text()), so the env can parse json while loading
+        // Also, see TODO note above this class
+        return new Response(this.stream()).json();
+    }
+    // TODO
+    // /** @returns {Promise<Uint8Array>} */
+    // bytes() {
+    // 	return new Response(this.stream()).bytes(); // TODO: Does this exist?
+    // }
+    /** @returns {Promise<ArrayBuffer>} */
+    arrayBuffer() {
+        return new Response(this.stream()).arrayBuffer();
+    }
+    /** @returns {Promise<string>} */
+    text() {
+        return new Response(this.stream()).text();
+    }
+    /** @returns {Promise<Blob>} */
+    blob() {
+        return new Response(this.stream()).blob();
+    }
+    /** @returns {ReadableStream<Uint8Array>} */
+    stream() {
+        // This function is called for every operation on the blob
+        return this.#client[stream](this.#path, undefined, this.#start, this.#end);
+    }
+    /**
+     * @param {ByteSource} data
+     * @returns {Promise<[
+     *   buffer: import("./index.d.ts").UndiciBodyInit,
+     *   size: number | undefined,
+     *   hash: Buffer | undefined,
+     * ]>}
+     */
+    async #transformData(data) {
+        if (typeof data === "string") {
+            const binary = new TextEncoder();
+            const bytes = binary.encode(data);
+            return [
+                bytes,
+                bytes.byteLength,
+                sha256(bytes), // TODO: Maybe use some streaming to compute hash while encoding?
+            ];
+        }
+        if (data instanceof Blob) {
+            const bytes = await data.bytes();
+            return [
+                bytes,
+                bytes.byteLength,
+                sha256(bytes), // TODO: Maybe use some streaming to compute hash while encoding?
+            ];
+        }
+        if (data instanceof Readable) {
+            return [data, undefined, undefined];
+        }
+        if (data instanceof ArrayBuffer ||
+            data instanceof SharedArrayBuffer ||
+            ArrayBuffer.isView(data)) {
+            // TODO: Support hashing
+            return [
+                data,
+                data.byteLength,
+                undefined, // TODO: Compute hash some day
+            ];
+        }
+        assertNever(data);
+    }
+    /**
+     * @param {ByteSource} data
+     * @returns {Promise<void>}
+     */
+    async write(data) {
+        /** @type {AbortSignal | undefined} */
+        const signal = undefined; // TODO: Take this as param
+        // TODO: Support S3File as input and maybe use CopyObject
+        // TODO: Support Request and Response as input?
+        const [bytes, length, hash] = await this.#transformData(data);
+        return await this.#client[write](this.#path, bytes, this.#contentType, length, hash, this.#start, this.#end, signal);
+    }
+}
+/**
+ * @param {never} v
+ * @returns {never}
+ */
+function assertNever(v) {
+    throw new TypeError(`Expected value not to have type ${typeof v}`);
+}

package/dist/S3Stat.d.ts

@@ -0,0 +1,9 @@
+import type { Headers } from "undici-types";
+export default class S3Stat {
+    readonly etag: string;
+    readonly lastModified: Date;
+    readonly size: number;
+    readonly type: string;
+    constructor(etag: string, lastModified: Date, size: number, type: string);
+    static tryParseFromHeaders(headers: Headers): S3Stat | undefined;
+}

package/dist/S3Stat.js

@@ -0,0 +1,35 @@
+export default class S3Stat {
+    etag;
+    lastModified;
+    size;
+    type;
+    constructor(etag, lastModified, size, type) {
+        this.etag = etag;
+        this.lastModified = lastModified;
+        this.size = size;
+        this.type = type;
+    }
+    static tryParseFromHeaders(headers) {
+        const lm = headers.get("last-modified");
+        if (lm === null) {
+            return undefined;
+        }
+        const etag = headers.get("etag");
+        if (etag === null) {
+            return undefined;
+        }
+        const cl = headers.get("content-length");
+        if (cl === null) {
+            return undefined;
+        }
+        const size = Number(cl);
+        if (!Number.isSafeInteger(size)) {
+            return undefined;
+        }
+        const ct = headers.get("content-type");
+        if (ct === null) {
+            return undefined;
+        }
+        return new S3Stat(etag, new Date(lm), size, ct);
+    }
+}

package/dist/index.d.ts

@@ -0,0 +1,15 @@
+import type { Readable } from "node:stream";
+export { default as S3File, type S3FileDeleteOptions, type S3FileExistsOptions, type S3StatOptions, } from "./S3File.ts";
+export { default as S3Client, type ListObjectsResponse, type CreateFileInstanceOptions, type OverridableS3ClientOptions, type S3ClientOptions, type S3FilePresignOptions, } from "./S3Client.ts";
+export { default as S3Error, type S3ErrorOptions } from "./S3Error.ts";
+export { default as S3Stat } from "./S3Stat.ts";
+export { default as S3BucketEntry } from "./S3BucketEntry.ts";
+export type Acl = "private" | "public-read" | "public-read-write" | "aws-exec-read" | "authenticated-read" | "bucket-owner-read" | "bucket-owner-full-control" | "log-delivery-write";
+export type StorageClass = "STANDARD" | "DEEP_ARCHIVE" | "EXPRESS_ONEZONE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "OUTPOSTS" | "REDUCED_REDUNDANCY" | "SNOW" | "STANDARD_IA";
+export type ChecksumAlgorithm = "CRC32" | "CRC32C" | "CRC64NVME" | "SHA1" | "SHA256";
+export type ChecksumType = "COMPOSITE" | "FULL_OBJECT";
+export type PresignableHttpMethod = "GET" | "DELETE" | "PUT" | "HEAD";
+export type HttpMethod = PresignableHttpMethod | "POST";
+/** Body values supported by undici. */
+export type UndiciBodyInit = string | Buffer | Uint8Array | Readable;
+export type ByteSource = UndiciBodyInit | Blob;

package/dist/index.js

@@ -0,0 +1,13 @@
+export { default as S3File, } from "./S3File.js";
+export { default as S3Client, } from "./S3Client.js";
+export { default as S3Error } from "./S3Error.js";
+export { default as S3Stat } from "./S3Stat.js";
+export { default as S3BucketEntry } from "./S3BucketEntry.js";
+// TODO
+// | ArrayBufferView
+// | ArrayBuffer
+// | SharedArrayBuffer
+// | Request
+// | Response
+// | S3File
+// | ReadableStream<Uint8Array>

package/dist/index.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/sign.d.ts

@@ -0,0 +1,16 @@
+import { type BinaryLike } from "node:crypto";
+import type { AmzDate } from "./AmzDate.ts";
+import type { HttpMethod, PresignableHttpMethod } from "./index.ts";
+export declare function deriveSigningKey(date: string, region: string, secretAccessKey: string): Buffer;
+export declare function signCanonicalDataHash(signinKey: Buffer, canonicalDataHash: string, date: AmzDate, region: string): string;
+export declare const unsignedPayload = "UNSIGNED-PAYLOAD";
+/**
+ * Same as {@see createCanonicalDataDigest}, but only sets the `host` header and the content hash to `UNSIGNED-PAYLOAD`.
+ *
+ * Used for pre-signing only. Pre-signed URLs [cannot contain content hashes](https://github.com/aws/aws-sdk-js/blob/966fa6c316dbb11ca9277564ff7120e6b16467f4/lib/signers/v4.js#L182-L183)
+ * and the only header that is signed is `host`. So we can use an optimized version for that.
+ */
+export declare function createCanonicalDataDigestHostOnly(method: PresignableHttpMethod, path: string, query: string, host: string): string;
+export declare function createCanonicalDataDigest(method: HttpMethod, path: string, query: string, sortedHeaders: Record<string, string>, contentHashStr: string): string;
+export declare function sha256(data: BinaryLike): Buffer;
+export declare function md5Hex(data: BinaryLike): string;

package/dist/sign.js

@@ -0,0 +1,77 @@
+import { createHmac, createHash } from "node:crypto";
+// Spec:
+// https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
+export function deriveSigningKey(date, region, secretAccessKey) {
+    const key = `AWS4${secretAccessKey}`;
+    const signedDate = createHmac("sha256", key).update(date).digest();
+    const signedDateRegion = createHmac("sha256", signedDate)
+        .update(region)
+        .digest();
+    const signedDateRegionService = createHmac("sha256", signedDateRegion)
+        .update("s3")
+        .digest();
+    return createHmac("sha256", signedDateRegionService)
+        .update("aws4_request")
+        .digest();
+}
+export function signCanonicalDataHash(signinKey, canonicalDataHash, date, region) {
+    // it is actually faster to pass a single large string instead of doing multiple .update() chains with the parameters
+    // see `benchmark-operations.js`
+    return createHmac("sha256", signinKey)
+        .update(`AWS4-HMAC-SHA256\n${date.dateTime}\n${date.date}/${region}/s3/aws4_request\n${canonicalDataHash}`)
+        .digest("hex");
+}
+export const unsignedPayload = "UNSIGNED-PAYLOAD";
+/**
+ * Same as {@see createCanonicalDataDigest}, but only sets the `host` header and the content hash to `UNSIGNED-PAYLOAD`.
+ *
+ * Used for pre-signing only. Pre-signed URLs [cannot contain content hashes](https://github.com/aws/aws-sdk-js/blob/966fa6c316dbb11ca9277564ff7120e6b16467f4/lib/signers/v4.js#L182-L183)
+ * and the only header that is signed is `host`. So we can use an optimized version for that.
+ */
+export function createCanonicalDataDigestHostOnly(method, path, query, host) {
+    // it is actually faster to pass a single large string instead of doing multiple .update() chains with the parameters
+    // see `benchmark-operations.js`
+    return createHash("sha256")
+        .update(`${method}\n${path}\n${query}\nhost:${host}\n\nhost\nUNSIGNED-PAYLOAD`)
+        .digest("hex");
+}
+export function createCanonicalDataDigest(method, path, query, sortedHeaders, contentHashStr) {
+    // Use this for debugging
+    /*
+    const xHash = {
+        h: createHash("sha256"),
+        m: "",
+        update(v) {
+            this.m += v;
+            this.h.update(v);
+            return this;
+        },
+        digest(v) {
+            if (this.m.includes("continuation-token")) console.log(this.m);
+            return this.h.digest(v);
+        },
+    };
+    */
+    const sortedHeaderNames = Object.keys(sortedHeaders);
+    // it is actually faster to pass a single large string instead of doing multiple .update() chains with the parameters
+    // see `benchmark-operations.js`
+    let canonData = `${method}\n${path}\n${query}\n`;
+    for (const header of sortedHeaderNames) {
+        canonData += `${header}:${sortedHeaders[header]}\n`;
+    }
+    canonData += "\n";
+    // emit the first header without ";", so we can avoid branching inside the loop for the other headers
+    // this is just a version of `sortedHeaderList.join(";")` that seems about 2x faster (see `benchmark-operations.js`)
+    canonData += sortedHeaderNames.length > 0 ? sortedHeaderNames[0] : "";
+    for (let i = 1; i < sortedHeaderNames.length; ++i) {
+        canonData += `;${sortedHeaderNames[i]}`;
+    }
+    canonData += `\n${contentHashStr}`;
+    return createHash("sha256").update(canonData).digest("hex");
+}
+export function sha256(data) {
+    return createHash("sha256").update(data).digest();
+}
+export function md5Hex(data) {
+    return createHash("md5").update(data).digest("hex");
+}

package/dist/sign.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test-common.d.ts

@@ -0,0 +1,4 @@
+/**
+ * @module Used by integration tests and unit tests.
+ */
+export declare function runTests(runId: number, endpoint: string, forcePathStyle: boolean, accessKeyId: string, secretAccessKey: string, region: string, bucket: string): void;

package/dist/test.integration.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test.integration.js

@@ -0,0 +1,19 @@
+// @ts-check
+import { describe } from "node:test";
+import { runTests } from "./test-common.js";
+const env = process.env;
+const runId = Date.now();
+for (const provider of ["hetzner", "aws", "cloudflare"]) {
+    describe(`integration with ${provider}@runId:${runId}`, () => {
+        const p = provider.toUpperCase();
+        const endpoint = env[`${p}_S3_ENDPOINT`];
+        const region = env[`${p}_S3_REGION`];
+        const bucket = env[`${p}_S3_BUCKET`];
+        const accessKeyId = env[`${p}_S3_ACCESS_KEY_ID`];
+        const secretAccessKey = env[`${p}_S3_SECRET_KEY`];
+        if (!endpoint || !region || !bucket || !accessKeyId || !secretAccessKey) {
+            throw new Error("Invalid config");
+        }
+        runTests(runId, endpoint, false, accessKeyId, secretAccessKey, region, bucket);
+    });
+}

package/dist/url.d.ts

@@ -0,0 +1,9 @@
+export declare function buildRequestUrl(endpoint: string, bucket: string, region: string, path: string): URL;
+/**
+ * Sorts headers alphabetically. Removes headers that are undefined/null.
+ *
+ * `http.request` doesn't allow passing `undefined` as header values (despite the types allowing it),
+ * so we have to filter afterwards.
+ */
+export declare function prepareHeadersForSigning(unfilteredHeadersUnsorted: Record<string, string | undefined>): Record<string, string>;
+export declare function getRangeHeader(start: number | undefined, endExclusive: number | undefined): string | undefined;

package/dist/url.js

@@ -0,0 +1,52 @@
+export function buildRequestUrl(endpoint, bucket, region, path) {
+    const normalizedBucket = normalizePath(bucket);
+    const [endpointWithBucketAndRegion, replacedBucket] = replaceDomainPlaceholders(endpoint, normalizedBucket, region);
+    const result = new URL(endpointWithBucketAndRegion);
+    const pathPrefix = result.pathname.endsWith("/")
+        ? result.pathname
+        : `${result.pathname}/`;
+    const pathSuffix = replacedBucket
+        ? normalizePath(path)
+        : `${normalizedBucket}/${normalizePath(path)}`;
+    result.pathname = pathPrefix + pathSuffix;
+    return result;
+}
+function replaceDomainPlaceholders(endpoint, bucket, region) {
+    const replacedBucket = endpoint.includes("{bucket}");
+    return [
+        endpoint.replaceAll("{bucket}", bucket).replaceAll("{region}", region),
+        replacedBucket,
+    ];
+}
+/**
+ * Removes trailing and leading slash.
+ */
+function normalizePath(path) {
+    const start = path[0] === "/" ? 1 : 0;
+    const end = path[path.length - 1] === "/" ? path.length - 1 : path.length;
+    return path.substring(start, end);
+}
+/**
+ * Sorts headers alphabetically. Removes headers that are undefined/null.
+ *
+ * `http.request` doesn't allow passing `undefined` as header values (despite the types allowing it),
+ * so we have to filter afterwards.
+ */
+export function prepareHeadersForSigning(unfilteredHeadersUnsorted) {
+    const result = {};
+    // TODO: `Object.keys(headersUnsorted).sort()` is constant in our case,
+    // maybe we want to move this somewhere else to avoid sorting every time
+    for (const header of Object.keys(unfilteredHeadersUnsorted).sort()) {
+        const v = unfilteredHeadersUnsorted[header];
+        if (v !== undefined && v !== null) {
+            result[header] = v;
+        }
+    }
+    return result;
+}
+export function getRangeHeader(start, endExclusive) {
+    return typeof start === "number" || typeof endExclusive === "number"
+        ? // Http-ranges are end-inclusive, we are exclusiv ein our slice
+            `bytes=${start ?? 0}-${typeof endExclusive === "number" ? endExclusive - 1 : ""}`
+        : undefined;
+}

package/dist/url.test.d.ts

@@ -0,0 +1 @@
+export {};

package/package.json

@@ -2,7 +2,7 @@
   "name": "lean-s3",
   "author": "Niklas Mollenhauer",
   "license": "MIT",
-  "version": "0.1.6",
+  "version": "0.2.0",
   "description": "A server-side S3 API for the regular user.",
   "keywords": [
     "s3",
@@ -13,34 +13,39 @@
     "url": "https://github.com/nikeee/lean-s3"
   },
   "exports": {
-    "types": "./src/index.d.ts",
-    "default": "./src/index.js"
+    "types": "./dist/index.d.ts",
+    "default": "./dist/index.js"
   },
-  "types": "./src/index.d.ts",
+  "types": "./dist/index.d.ts",
   "type": "module",
   "scripts": {
-    "test": "node --test src/*.test.js",
-    "test:integration": "node --test integration/*.test.js",
+    "build": "tsc",
+    "clean": "rimraf dist",
+    "test": "tsc && node --test dist/*.test.js",
+    "test:integration": "tsc && node --test dist/test.integration.js",
     "ci": "biome ci ./src",
     "docs": "typedoc",
     "lint": "biome lint ./src",
-    "format": "biome format --write ./src && biome lint --write ./src && biome check --write ./src"
+    "format": "biome format --write ./src && biome lint --write ./src && biome check --write ./src",
+    "prepublishOnly": "npm run clean && npm run build"
   },
   "devDependencies": {
-    "@aws-sdk/client-s3": "^3.821.0",
+    "@aws-sdk/client-s3": "^3.828.0",
     "@biomejs/biome": "^1.9.4",
-    "@testcontainers/localstack": "^11.0.0",
-    "@testcontainers/minio": "^11.0.0",
-    "@types/node": "^22.15.29",
-    "expect": "^29.7.0",
+    "@testcontainers/localstack": "^11.0.3",
+    "@testcontainers/minio": "^11.0.3",
+    "@types/node": "^24.0.1",
+    "expect": "^30.0.0",
     "lefthook": "^1.11.13",
-    "typedoc": "^0.28.5"
+    "rimraf": "^6.0.1",
+    "typedoc": "^0.28.5",
+    "typescript": "^5.8.3"
   },
   "engines": {
     "node": "^20.19.0 || ^22.14.0 || ^24.0.0"
   },
   "dependencies": {
-    "fast-xml-parser": "^5.2.3",
+    "fast-xml-parser": "^5.2.5",
     "undici": "^7.10.0"
   }
 }

package/src/AmzDate.js

@@ -1,56 +0,0 @@
-const ONE_DAY = 1000 * 60 * 60 * 24;
-
-/**
- * @typedef {{
- *   numericDayStart: number;
- *   date: string;
- *   dateTime: string;
- * }} AmzDate
- */
-
-/**
- * @param {Date} dateTime
- * @return {AmzDate}
- */
-export function getAmzDate(dateTime) {
-	const date =
-		pad4(dateTime.getUTCFullYear()) +
-		pad2(dateTime.getUTCMonth() + 1) +
-		pad2(dateTime.getUTCDate());
-
-	const time =
-		pad2(dateTime.getUTCHours()) +
-		pad2(dateTime.getUTCMinutes()) +
-		pad2(dateTime.getUTCSeconds()); // it seems that we dont support milliseconds
-
-	return {
-		numericDayStart: (dateTime.getTime() / ONE_DAY) | 0,
-		date,
-		dateTime: `${date}T${time}Z`,
-	};
-}
-export function now() {
-	return getAmzDate(new Date());
-}
-
-/**
- * @param {number} v
- * @returns {string}
- */
-function pad4(v) {
-	return v < 10
-		? `000${v}`
-		: v < 100
-			? `00${v}`
-			: v < 1000
-				? `0${v}`
-				: v.toString();
-}
-
-/**
- * @param {number} v
- * @returns {string}
- */
-function pad2(v) {
-	return v < 10 ? `0${v}` : v.toString();
-}

package/src/KeyCache.js

@@ -1,36 +0,0 @@
-import * as sign from "./sign.js";
-
-/**@typedef {import("./AmzDate.js").AmzDate} AmzDate */
-
-export default class KeyCache {
-	/** @type {number} */
-	#lastNumericDay = -1;
-	/** @type {Map<string, Buffer>} */
-	#keys = new Map();
-
-	/**
-	 * @param {AmzDate} date
-	 * @param {string} region
-	 * @param {string} accessKeyId
-	 * @param {string} secretAccessKey
-	 * @returns {Buffer}
-	 */
-	computeIfAbsent(date, region, accessKeyId, secretAccessKey) {
-		if (date.numericDayStart !== this.#lastNumericDay) {
-			this.#keys.clear();
-			this.#lastNumericDay = date.numericDayStart;
-			// TODO: Add mechanism to clear the cache after some time
-		}
-
-		// using accessKeyId to prevent keeping the secretAccessKey somewhere
-		const cacheKey = `${date.date}:${region}:${accessKeyId}`;
-		const key = this.#keys.get(cacheKey);
-		if (key) {
-			return key;
-		}
-
-		const newKey = sign.deriveSigningKey(date.date, region, secretAccessKey);
-		this.#keys.set(cacheKey, newKey);
-		return newKey;
-	}
-}