From 3fe4daf2584455ff4d715918b333260d3707cb33 Mon Sep 17 00:00:00 2001
From: Artur Paikin <artur@arturpaikin.com>
Date: Fri, 20 Oct 2023 14:45:26 +0100
Subject: [PATCH 1/4] Log notes on how to set up AWS S3 for Uppy from scratch
 (draft)

---
 examples/aws-nodejs/from-scratch-with-sts.md | 72 ++++++++++++++++++++
 1 file changed, 72 insertions(+)
 create mode 100644 examples/aws-nodejs/from-scratch-with-sts.md

diff --git a/examples/aws-nodejs/from-scratch-with-sts.md b/examples/aws-nodejs/from-scratch-with-sts.md
new file mode 100644
index 0000000000..3250031d1e
--- /dev/null
+++ b/examples/aws-nodejs/from-scratch-with-sts.md
@@ -0,0 +1,72 @@
+Assuming you have MY-UPPY-USER and MY-UPPY-BUCKET, here’s how you can allow MY-UPPY-USER to get STS Federated Token and upload files to MY-UPPY-BUCKET:
+
+1. Set CORS settings on `MY-UPPY-BUCKET` bucket:
+
+    ```json
+    [
+        {
+            "AllowedHeaders": [
+                "*"
+            ],
+            "AllowedMethods": [
+                "GET",
+                "PUT",
+                "HEAD",
+                "POST",
+                "DELETE"
+            ],
+            "AllowedOrigins": [
+                "*"
+            ],
+            "ExposeHeaders": [
+                "ETag",
+                "Location"
+            ]
+        }
+    ]
+    ```
+
+2. Add a Policy to `MY-UPPY-BUCKET`:
+
+    ```json
+    {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Sid": "MyMultipartPolicyStatement1",
+                "Effect": "Allow",
+                "Principal": {
+                    "AWS": "arn:aws:iam::*:user/MY-UPPY-USER"
+                },
+                "Action": [
+                    "s3:PutObject",
+                    "s3:ListMultipartUploadParts",
+                    "s3:AbortMultipartUpload"
+                ],
+                "Resource": "arn:aws:s3:::MY-UPPY-BUCKET/*"
+            }
+        ]
+    }
+    ```
+
+3. Add a Policy to `MY-UPPY-USER`:
+    
+    **Optional** if you’d like to enable signing on the client:
+
+    ```json
+    {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Sid": "MyStsPolicyStatement1",
+                "Effect": "Allow",
+                "Action": [
+                    "sts:GetFederationToken"
+                ],
+                "Resource": [
+                    "arn:aws:sts::*:federated-user/*"
+                ]
+            }
+        ]
+    }
+	```

From 8031321f5caa1e366aeffb1a5495c3a6786be208 Mon Sep 17 00:00:00 2001
From: Antoine du Hamel <duhamelantoine1995@gmail.com>
Date: Fri, 20 Oct 2023 18:21:01 +0200
Subject: [PATCH 2/4] update readme, remove old example

---
 examples/aws-nodejs/README.md                | 117 ++++++++++++-------
 examples/aws-nodejs/from-scratch-with-sts.md |  72 ------------
 examples/aws-nodejs/public/drag.html         | 104 -----------------
 3 files changed, 72 insertions(+), 221 deletions(-)
 delete mode 100644 examples/aws-nodejs/from-scratch-with-sts.md
 delete mode 100644 examples/aws-nodejs/public/drag.html

diff --git a/examples/aws-nodejs/README.md b/examples/aws-nodejs/README.md
index 6bc2f94b80..a4558c20ab 100644
--- a/examples/aws-nodejs/README.md
+++ b/examples/aws-nodejs/README.md
@@ -8,42 +8,86 @@ Express.js). It uses presigned URL at the backend level.
 It's assumed that you are familiar with AWS, at least, with the storage service
 (S3) and users & policies (IAM).
 
-These instructions are **not fit for production** but tightening the security is
+These instructions are **not fit for production**, tightening the security is
 out of the scope here.
 
 ### S3 Setup
 
-- Create new S3 bucket in AWS (e.g. `aws-nodejs`).
-- Add a bucket policy.
-
-  ```json
-  {
-    "Version": "2012-10-17",
-    "Statement": [
-      {
-        "Sid": "PublicAccess",
-        "Effect": "Allow",
-        "Principal": "*",
-        "Action": "s3:GetObject",
-        "Resource": "arn:aws:s3:::aws-nodejs/*"
-      }
+Assuming you’re trying to setup the user `MY-UPPY-USER` to put the uploaded
+files to the bucket `MY-UPPY-BUCKET`, here’s how you can allow `MY-UPPY-USER` to
+get STS Federated Token and upload files to `MY-UPPY-BUCKET`:
+
+1. Set CORS settings on `MY-UPPY-BUCKET` bucket:
+
+    ```json
+    [
+        {
+            "AllowedHeaders": [
+                "*"
+            ],
+            "AllowedMethods": [
+                "GET",
+                "PUT",
+                "HEAD",
+                "POST",
+                "DELETE"
+            ],
+            "AllowedOrigins": [
+                "*"
+            ],
+            "ExposeHeaders": [
+                "ETag",
+                "Location"
+            ]
+        }
     ]
-  }
-  ```
+    ```
 
-- Make the S3 bucket public.
-- Add CORS configuration.
+2. Add the following Policy to `MY-UPPY-BUCKET`:
 
-  ```json
-  [
+    ```json
     {
-      "AllowedHeaders": ["*"],
-      "AllowedMethods": ["GET", "PUT", "HEAD", "POST", "DELETE"],
-      "AllowedOrigins": ["*"],
-      "ExposeHeaders": []
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Sid": "MyMultipartPolicyStatement1",
+                "Effect": "Allow",
+                "Principal": {
+                    "AWS": "arn:aws:iam::*:user/MY-UPPY-USER"
+                },
+                "Action": [
+                    "s3:PutObject",
+                    "s3:PutObjectAcl",
+                    "s3:ListMultipartUploadParts",
+                    "s3:AbortMultipartUpload"
+                ],
+                "Resource": "arn:aws:s3:::MY-UPPY-BUCKET/*"
+            }
+        ]
     }
-  ]
-  ```
+    ```
+
+3. Add the following Policy to `MY-UPPY-USER`:
+    
+   (if you don’t want to enable signing on the client, you can skip this step)
+    
+    ```json
+    {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Sid": "MyStsPolicyStatement1",
+                "Effect": "Allow",
+                "Action": [
+                    "sts:GetFederationToken"
+                ],
+                "Resource": [
+                    "arn:aws:sts::*:federated-user/*"
+                ]
+            }
+        ]
+    }
+	```
 
 ### AWS Credentials
 
@@ -55,21 +99,6 @@ You may use existing AWS credentials or create a new user in the IAM page.
   [environment variables](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/loading-node-credentials-environment.html)
   or a
   [credentials file in `~/.aws/credentials`](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/setting-credentials-node.html).
-- You will need at least `PutObject` and `PutObjectAcl` permissions.
-
-```json
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Sid": "VisualEditor0",
-      "Effect": "Allow",
-      "Action": ["s3:PutObject", "s3:PutObjectAcl"],
-      "Resource": "arn:aws:s3:::aws-nodejs/*"
-    }
-  ]
-}
-```
 
 ## Prerequisites
 
@@ -83,7 +112,7 @@ Add a `.env` file to the root directory and define the S3 bucket name and port
 variables like the example below:
 
 ```
-COMPANION_AWS_BUCKET=aws-nodejs
+COMPANION_AWS_BUCKET=MY-UPPY-BUCKET
 COMPANION_AWS_REGION=…
 COMPANION_AWS_KEY=…
 COMPANION_AWS_SECRET=…
@@ -104,6 +133,4 @@ corepack yarn workspace @uppy-example/aws-nodejs start
 
 Dashboard demo should now be available at http://localhost:8080.
 
-You have also a Drag & Drop demo on http://localhost:8080/drag.
-
 _Feel free to check how the demo works and feel free to open an issue._
diff --git a/examples/aws-nodejs/from-scratch-with-sts.md b/examples/aws-nodejs/from-scratch-with-sts.md
deleted file mode 100644
index 3250031d1e..0000000000
--- a/examples/aws-nodejs/from-scratch-with-sts.md
+++ /dev/null
@@ -1,72 +0,0 @@
-Assuming you have MY-UPPY-USER and MY-UPPY-BUCKET, here’s how you can allow MY-UPPY-USER to get STS Federated Token and upload files to MY-UPPY-BUCKET:
-
-1. Set CORS settings on `MY-UPPY-BUCKET` bucket:
-
-    ```json
-    [
-        {
-            "AllowedHeaders": [
-                "*"
-            ],
-            "AllowedMethods": [
-                "GET",
-                "PUT",
-                "HEAD",
-                "POST",
-                "DELETE"
-            ],
-            "AllowedOrigins": [
-                "*"
-            ],
-            "ExposeHeaders": [
-                "ETag",
-                "Location"
-            ]
-        }
-    ]
-    ```
-
-2. Add a Policy to `MY-UPPY-BUCKET`:
-
-    ```json
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Sid": "MyMultipartPolicyStatement1",
-                "Effect": "Allow",
-                "Principal": {
-                    "AWS": "arn:aws:iam::*:user/MY-UPPY-USER"
-                },
-                "Action": [
-                    "s3:PutObject",
-                    "s3:ListMultipartUploadParts",
-                    "s3:AbortMultipartUpload"
-                ],
-                "Resource": "arn:aws:s3:::MY-UPPY-BUCKET/*"
-            }
-        ]
-    }
-    ```
-
-3. Add a Policy to `MY-UPPY-USER`:
-    
-    **Optional** if you’d like to enable signing on the client:
-
-    ```json
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Sid": "MyStsPolicyStatement1",
-                "Effect": "Allow",
-                "Action": [
-                    "sts:GetFederationToken"
-                ],
-                "Resource": [
-                    "arn:aws:sts::*:federated-user/*"
-                ]
-            }
-        ]
-    }
-	```
diff --git a/examples/aws-nodejs/public/drag.html b/examples/aws-nodejs/public/drag.html
deleted file mode 100644
index ead78d2ff0..0000000000
--- a/examples/aws-nodejs/public/drag.html
+++ /dev/null
@@ -1,104 +0,0 @@
-<!doctype html>
-<html>
-  <head>
-    <meta charset="utf-8" />
-    <title>Uppy</title>
-    <link
-      href="https://releases.transloadit.com/uppy/v3.17.0/uppy.min.css"
-      rel="stylesheet"
-    />
-  </head>
-  <body>
-    <section class="example">
-      <div id="drag-drop-area"></div>
-      <div class="for-ProgressBar"></div>
-      <div class="uploaded-files">
-        <h5>Uploaded files:</h5>
-        <ol></ol>
-      </div>
-      <script type="module">
-        import {
-          Uppy,
-          DragDrop,
-          ProgressBar,
-          AwsS3,
-        } from 'https://releases.transloadit.com/uppy/v3.17.0/uppy.min.mjs'
-
-        // Function for displaying uploaded files
-        const onUploadSuccess = (elForUploadedFiles) => (file, response) => {
-          const url = response.uploadURL
-          const fileName = file.name
-
-          const li = document.createElement('li')
-          const a = document.createElement('a')
-          a.href = url
-          a.target = '_blank'
-          a.appendChild(document.createTextNode(fileName))
-          li.appendChild(a)
-
-          document.querySelector(elForUploadedFiles).appendChild(li)
-        }
-
-        var uppy = new Uppy({
-          autoProceed: true,
-          restrictions: {
-            maxNumberOfFiles: 10,
-          },
-        })
-          .use(DragDrop, {
-            inline: true,
-            target: '#drag-drop-area',
-          })
-          .use(ProgressBar, {
-            target: '.example .for-ProgressBar',
-            hideAfterFinish: true,
-          })
-          .use(AwsS3, {
-            getUploadParameters(file) {
-              // Send a request to our PHP signing endpoint.
-              return fetch('/sign-s3', {
-                method: 'post',
-                // Send and receive JSON.
-                headers: {
-                  accept: 'application/json',
-                  'content-type': 'application/json',
-                },
-                body: JSON.stringify({
-                  filename: file.name,
-                  contentType: file.type,
-                }),
-              })
-                .then((response) => {
-                  // Parse the JSON response.
-                  return response.json()
-                })
-                .then((data) => {
-                  // Return an object in the correct shape.
-                  return {
-                    method: data.method,
-                    url: data.url,
-                    fields: data.fields,
-                    // Provide content type header required by S3
-                    headers: {
-                      'Content-Type': file.type,
-                    },
-                  }
-                })
-            },
-          })
-
-        uppy.on('complete', (result) => {
-          console.log(
-            'Upload complete! We’ve uploaded these files:',
-            result.successful,
-          )
-        })
-
-        uppy.on(
-          'upload-success',
-          onUploadSuccess('.example .uploaded-files ol'),
-        )
-      </script>
-    </section>
-  </body>
-</html>

From 3d8e2f966e4e6acda38a1f93ef30b669c76c3bf7 Mon Sep 17 00:00:00 2001
From: Antoine du Hamel <antoine@transloadit.com>
Date: Thu, 30 Nov 2023 14:07:32 +0100
Subject: [PATCH 3/4] Update examples/aws-nodejs/README.md

---
 examples/aws-nodejs/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/aws-nodejs/README.md b/examples/aws-nodejs/README.md
index a4558c20ab..fd3cabd2aa 100644
--- a/examples/aws-nodejs/README.md
+++ b/examples/aws-nodejs/README.md
@@ -87,7 +87,7 @@ get STS Federated Token and upload files to `MY-UPPY-BUCKET`:
             }
         ]
     }
-	```
+    ```
 
 ### AWS Credentials
 

From f8a85f8c9a08165909f54ca47939b95c2a871ee9 Mon Sep 17 00:00:00 2001
From: Murderlon <merlijn@soverin.net>
Date: Mon, 10 Jun 2024 15:42:35 +0200
Subject: [PATCH 4/4] Format

---
 examples/aws-nodejs/README.md | 113 ++++++++++++++--------------------
 1 file changed, 47 insertions(+), 66 deletions(-)

diff --git a/examples/aws-nodejs/README.md b/examples/aws-nodejs/README.md
index fd3cabd2aa..1fc8c7fb54 100644
--- a/examples/aws-nodejs/README.md
+++ b/examples/aws-nodejs/README.md
@@ -19,75 +19,56 @@ get STS Federated Token and upload files to `MY-UPPY-BUCKET`:
 
 1. Set CORS settings on `MY-UPPY-BUCKET` bucket:
 
-    ```json
-    [
-        {
-            "AllowedHeaders": [
-                "*"
-            ],
-            "AllowedMethods": [
-                "GET",
-                "PUT",
-                "HEAD",
-                "POST",
-                "DELETE"
-            ],
-            "AllowedOrigins": [
-                "*"
-            ],
-            "ExposeHeaders": [
-                "ETag",
-                "Location"
-            ]
-        }
-    ]
-    ```
+   ```json
+   [
+     {
+       "AllowedHeaders": ["*"],
+       "AllowedMethods": ["GET", "PUT", "HEAD", "POST", "DELETE"],
+       "AllowedOrigins": ["*"],
+       "ExposeHeaders": ["ETag", "Location"]
+     }
+   ]
+   ```
 
 2. Add the following Policy to `MY-UPPY-BUCKET`:
 
-    ```json
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Sid": "MyMultipartPolicyStatement1",
-                "Effect": "Allow",
-                "Principal": {
-                    "AWS": "arn:aws:iam::*:user/MY-UPPY-USER"
-                },
-                "Action": [
-                    "s3:PutObject",
-                    "s3:PutObjectAcl",
-                    "s3:ListMultipartUploadParts",
-                    "s3:AbortMultipartUpload"
-                ],
-                "Resource": "arn:aws:s3:::MY-UPPY-BUCKET/*"
-            }
-        ]
-    }
-    ```
-
-3. Add the following Policy to `MY-UPPY-USER`:
-    
-   (if you don’t want to enable signing on the client, you can skip this step)
-    
-    ```json
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Sid": "MyStsPolicyStatement1",
-                "Effect": "Allow",
-                "Action": [
-                    "sts:GetFederationToken"
-                ],
-                "Resource": [
-                    "arn:aws:sts::*:federated-user/*"
-                ]
-            }
-        ]
-    }
-    ```
+   ```json
+   {
+     "Version": "2012-10-17",
+     "Statement": [
+       {
+         "Sid": "MyMultipartPolicyStatement1",
+         "Effect": "Allow",
+         "Principal": {
+           "AWS": "arn:aws:iam::*:user/MY-UPPY-USER"
+         },
+         "Action": [
+           "s3:PutObject",
+           "s3:PutObjectAcl",
+           "s3:ListMultipartUploadParts",
+           "s3:AbortMultipartUpload"
+         ],
+         "Resource": "arn:aws:s3:::MY-UPPY-BUCKET/*"
+       }
+     ]
+   }
+   ```
+
+3. Add the following Policy to `MY-UPPY-USER`: (if you don’t want to enable
+   signing on the client, you can skip this step)
+   ```json
+   {
+     "Version": "2012-10-17",
+     "Statement": [
+       {
+         "Sid": "MyStsPolicyStatement1",
+         "Effect": "Allow",
+         "Action": ["sts:GetFederationToken"],
+         "Resource": ["arn:aws:sts::*:federated-user/*"]
+       }
+     ]
+   }
+   ```
 
 ### AWS Credentials