Malin
3248cbb029
Adds a new 'S3-Compatible Storage' provider that works with any
S3-API-compatible object storage service, including MinIO, Ceph,
Cloudflare R2, Backblaze B2, and others.
Changes:
- New provider class: classes/providers/storage/s3-compatible-provider.php
- Provider key: s3compatible
- Reads user-configured endpoint URL from settings
- Uses path-style URL access (required by most S3-compatible services)
- Supports credentials via AS3CF_S3COMPAT_ACCESS_KEY_ID /
AS3CF_S3COMPAT_SECRET_ACCESS_KEY wp-config.php constants
- Disables AWS-specific features (Block Public Access, Object Ownership)
- New provider SVG icons (s3compatible.svg, -link.svg, -round.svg)
- Registered provider in main plugin class with endpoint setting support
- Updated StorageProviderSubPage to show endpoint URL input for S3-compatible
- Built pro settings bundle with rollup (Svelte 4.2.19)
- Added package.json and updated rollup.config.mjs for pro-only builds
63 lines
2.3 KiB
PHP
63 lines
2.3 KiB
PHP
<?php
|
|
|
|
namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\S3;
|
|
|
|
use DeliciousBrains\WP_Offload_Media\Aws3\Aws\CommandInterface;
|
|
use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\RequestInterface;
|
|
/**
|
|
* Simplifies the SSE-C process by encoding and hashing the key.
|
|
* @internal
|
|
*/
|
|
class SSECMiddleware
|
|
{
|
|
private $endpointScheme;
|
|
private $nextHandler;
|
|
/**
|
|
* Provide the URI scheme of the client sending requests.
|
|
*
|
|
* @param string $endpointScheme URI scheme (http/https).
|
|
*
|
|
* @return callable
|
|
*/
|
|
public static function wrap($endpointScheme)
|
|
{
|
|
return function (callable $handler) use($endpointScheme) {
|
|
return new self($endpointScheme, $handler);
|
|
};
|
|
}
|
|
public function __construct($endpointScheme, callable $nextHandler)
|
|
{
|
|
$this->nextHandler = $nextHandler;
|
|
$this->endpointScheme = $endpointScheme;
|
|
}
|
|
public function __invoke(CommandInterface $command, RequestInterface $request = null)
|
|
{
|
|
// Allows only HTTPS connections when using SSE-C
|
|
if (($command['SSECustomerKey'] || $command['CopySourceSSECustomerKey']) && $this->endpointScheme !== 'https') {
|
|
throw new \RuntimeException('You must configure your S3 client to ' . 'use HTTPS in order to use the SSE-C features.');
|
|
}
|
|
// Prepare the normal SSE-CPK headers
|
|
if ($command['SSECustomerKey']) {
|
|
$this->prepareSseParams($command);
|
|
}
|
|
// If it's a copy operation, prepare the SSE-CPK headers for the source.
|
|
if ($command['CopySourceSSECustomerKey']) {
|
|
$this->prepareSseParams($command, 'CopySource');
|
|
}
|
|
$f = $this->nextHandler;
|
|
return $f($command, $request);
|
|
}
|
|
private function prepareSseParams(CommandInterface $command, $prefix = '')
|
|
{
|
|
// Base64 encode the provided key
|
|
$key = $command[$prefix . 'SSECustomerKey'];
|
|
$command[$prefix . 'SSECustomerKey'] = \base64_encode($key);
|
|
// Base64 the provided MD5 or, generate an MD5 if not provided
|
|
if ($md5 = $command[$prefix . 'SSECustomerKeyMD5']) {
|
|
$command[$prefix . 'SSECustomerKeyMD5'] = \base64_encode($md5);
|
|
} else {
|
|
$command[$prefix . 'SSECustomerKeyMD5'] = \base64_encode(\md5($key, \true));
|
|
}
|
|
}
|
|
}
|