<?php

namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Signature;

use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Credentials\Credentials;
use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Credentials\CredentialsInterface;
use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\RequestInterface;
class S3ExpressSignature extends S3SignatureV4
{
    public function signRequest(RequestInterface $request, CredentialsInterface $credentials, $signingService = 's3express')
    {
        $request = $this->modifyTokenHeaders($request, $credentials);
        $credentials = $this->getSigningCredentials($credentials);
        return parent::signRequest($request, $credentials, $signingService);
    }
    public function presign(RequestInterface $request, CredentialsInterface $credentials, $expires, array $options = [])
    {
        $request = $this->modifyTokenHeaders($request, $credentials);
        $credentials = $this->getSigningCredentials($credentials);
        return parent::presign($request, $credentials, $expires, $options);
    }
    private function modifyTokenHeaders(RequestInterface $request, CredentialsInterface $credentials)
    {
        //The x-amz-security-token header is not supported by s3 express
        $request = $request->withoutHeader('X-Amz-Security-Token');
        return $request->withHeader('x-amz-s3session-token', $credentials->getSecurityToken());
    }
    private function getSigningCredentials(CredentialsInterface $credentials)
    {
        return new Credentials($credentials->getAccessKeyId(), $credentials->getSecretKey());
    }
}