in src/S3Control/EndpointArnMiddleware.php [101:258]
public function __invoke(CommandInterface $cmd, RequestInterface $req)
{
$nextHandler = $this->nextHandler;
$op = $this->service->getOperation($cmd->getName())->toArray();
if (!empty($op['input']['shape'])
&& !in_array($cmd->getName(), self::$nonArnableCmds)
) {
$service = $this->service->toArray();
if (!empty($input = $service['shapes'][$op['input']['shape']])) {
// Stores member name that targets 'BucketName' shape
$bucketNameMember = null;
// Stores member name that targets 'AccessPointName' shape
$accesspointNameMember = null;
foreach ($input['members'] as $key => $member) {
if ($member['shape'] === 'BucketName') {
$bucketNameMember = $key;
}
if ($member['shape'] === 'AccessPointName') {
$accesspointNameMember = $key;
}
}
// Determine if appropriate member contains ARN value and is
// eligible for ARN expansion
if (!is_null($bucketNameMember)
&& !empty($cmd[$bucketNameMember])
&& !in_array($cmd->getName(), self::$selectiveNonArnableCmds['BucketName'])
&& ArnParser::isArn($cmd[$bucketNameMember])
) {
$arn = ArnParser::parse($cmd[$bucketNameMember]);
!$this->isUseEndpointV2 && $partition = $this->validateBucketArn($arn);
} elseif (!is_null($accesspointNameMember)
&& !empty($cmd[$accesspointNameMember])
&& !in_array($cmd->getName(), self::$selectiveNonArnableCmds['AccessPointName'])
&& ArnParser::isArn($cmd[$accesspointNameMember])
) {
$arn = ArnParser::parse($cmd[$accesspointNameMember]);
!$this->isUseEndpointV2 && $partition = $this->validateAccessPointArn($arn);
}
// Process only if an appropriate member contains an ARN value
// and is an Outposts ARN
if (!empty($arn) && $arn instanceof OutpostsArnInterface) {
if (!$this->isUseEndpointV2) {
// Generate host based on ARN
$host = $this->generateOutpostsArnHost($arn, $req);
$req = $req->withHeader('x-amz-outpost-id', $arn->getOutpostId());
}
// ARN replacement
$path = $req->getUri()->getPath();
if ($arn instanceof AccessPointArnInterface) {
// Replace ARN with access point name
$path = str_replace(
urlencode($cmd[$accesspointNameMember]),
$arn->getAccesspointName(),
$path
);
// Replace ARN in the payload
$req->getBody()->seek(0);
$body = Psr7\Utils::streamFor(str_replace(
$cmd[$accesspointNameMember],
$arn->getAccesspointName(),
$req->getBody()->getContents()
));
// Replace ARN in the command
$cmd[$accesspointNameMember] = $arn->getAccesspointName();
} elseif ($arn instanceof BucketArnInterface) {
// Replace ARN in the path
$path = str_replace(
urlencode($cmd[$bucketNameMember]),
$arn->getBucketName(),
$path
);
// Replace ARN in the payload
$req->getBody()->seek(0);
$newBody = str_replace(
$cmd[$bucketNameMember],
$arn->getBucketName(),
$req->getBody()->getContents()
);
$body = Psr7\Utils::streamFor($newBody);
// Replace ARN in the command
$cmd[$bucketNameMember] = $arn->getBucketName();
}
// Validate or set account ID in command
if (isset($cmd['AccountId'])) {
if ($cmd['AccountId'] !== $arn->getAccountId()) {
throw new \InvalidArgumentException("The account ID"
. " supplied in the command ({$cmd['AccountId']})"
. " does not match the account ID supplied in the"
. " ARN (" . $arn->getAccountId() . ").");
}
} else {
$cmd['AccountId'] = $arn->getAccountId();
}
// Set modified request
if (isset($body)) {
$req = $req->withBody($body);
}
if ($this->isUseEndpointV2) {
$req = $req->withUri($req->getUri()->withPath($path));
goto next;
}
$req = $req
->withUri($req->getUri()->withHost($host)->withPath($path))
->withHeader('x-amz-account-id', $arn->getAccountId());
// Update signing region based on ARN data if configured to do so
if ($this->config['use_arn_region']->isUseArnRegion()) {
$region = $arn->getRegion();
} else {
$region = $this->region;
}
$endpointData = $partition([
'region' => $region,
'service' => $arn->getService()
]);
$cmd['@context']['signing_region'] = $endpointData['signingRegion'];
// Update signing service for Outposts ARNs
if ($arn instanceof OutpostsArnInterface) {
$cmd['@context']['signing_service'] = $arn->getService();
}
}
}
}
if ($this->isUseEndpointV2) {
goto next;
}
// For operations that redirect endpoint & signing service based on
// presence of OutpostId member. These operations will likely not
// overlap with operations that perform ARN expansion.
if (in_array($cmd->getName(), self::$outpostIdRedirectCmds)
&& !empty($cmd['OutpostId'])
) {
$req = $req->withUri(
$req->getUri()->withHost($this->generateOutpostIdHost())
);
$cmd['@context']['signing_service'] = 's3-outposts';
}
next:
return $nextHandler($cmd, $req);
}