úÎ!xTm°o      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmn"© Herbert Valerio Riedel 2016-2018GPL-3.0-or-laterNone2M ùS3MD5 HashS3Compute MD5 hashS3Hex-encode MD5 digest valueS3Hex-decode MD5 digest valueS3Extract MD5 digest valueS3)Construct MD5 digest value from 16 octetsoS3AWS S3 specific URL encodingpqrstuvwxyz{|}~€‚ƒo„…†"© Herbert Valerio Riedel 2016-2019GPL-3.0-or-laterNone27M_7¨S3Conditional RequestSNote that S3 server implementations vary in their support for conditional requestsS3  If-Match: *S3 If-None-Match: * S3  If-Match: ... S3 If-None-Match: ... S3Object MetadataS3 Denotes an 'https://en.wikipedia.org/wiki/HTTP_ETagETagS3LThis constructor will be used if the ETag looks like a proper MD5 based ETagS3qThe name for a key is a non-empty sequence of Unicode characters whose UTF-8 encoding is at most 1024 bytes long.See also remarks in % about permissible code-points.#See also AWS S3's documentation on Bhttps://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html"Object Key and Metadata"S3S3 Bucket identifierS3sMust be valid as DNS name component; S3 server implementations may have additional restrictions (see e.g. AWS S3's  Yhttps://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules"Rules for Bucket Naming")S3S3 CredentialsWe use memory pinned tVs because we don't want to have the credential data copied around more than necessary.S3‡$ denotes anonymous access (see also +)S33Denotes version of the S3 request signing algorithmS3,Legacy HMAC-SHA1/MD5 based signing algorithmS39Current HMAC-SHA256 based signing algorithm (recommended) S3Configure S3 endpoint"S3Service endpoint (i.e without t); Only scheme, host and port are used currently , s3cfgPathStyle :: !Bool -- ^ use path-style access mode (i.e.  http://s3.example.org/bucket-id! instead of virtual-hosted style  http://bucket-id.s3.example.org/)#S3E.g.  "us-east-1"> this is currently only used for computing the signature when $ is set to $S35Which signature algorithm to use for authentication; 8 is recommended unless there's reason to use the legacy  variant.%S3Enable use of  encoding=url feature for some operationsˆThis is only needed when object keys contain Unicode code-points not representable in XML 1.0; the XML 1.0 representable code-points are OChar ::= #x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF]dNote that some S3 server implementations exhibit bugs when using LF or CR characters in object keys.RNote also that some S3 implementation have been observed to incorrectly implement  encoding=url¡ so it's generally advisable to disable this feature unless there's actual need and it's been confirmed that the S3 server implementatio implements it correctly.&S3*Enable protocol debugging output to stdout'S3 Content-type)S3 Unspecified '*S3Default  . value with recommended/default settings, i.e. defaultS3CfgS3Cfg {s3cfgBaseUrl = "", s3cfgRegion = "us-east-1", s3cfgSigVersion = SignatureV4, s3cfgEncodingUrl = False, s3cfgDebug = False}NOTE-: At the very least you have to override the " field.+S3Anonymous access,S3Represents the null (or empty) -S3 Test whether  is the ,0  !"#$%&'(ˆ‰Š)*+‹Œ,-Ž"© Herbert Valerio Riedel 2016-2019GPL-3.0-or-laterNone"#_C…S3.Sets up AWS headers and performs AWS signature‘S3+Compute AWS v2 signature @ Authorization = AWS* + " " + AWSAccessKeyId + ":" + Signature;\Signature = Base64( HMAC-SHA1( YourSecretAccessKeyID, UTF-8-Encoding-Of( StringToSign ) ) );ŒStringToSign = HTTP-Verb + "n" + Content-MD5 + "n" + Content-Type + "n" + Date + "n" + CanonicalizedAmzHeaders + CanonicalizedResource;,CanonicalizedResource = [ "/" + Bucket ] +  HTTP-Request-URI,-from the protocol name up to the query string[ + [ subresource, if present. For example "?acl", "?location", "?logging", or "?torrent"];CanonicalizedAmzHeaders = ... @’S3Compute AWS v4 signature “”•–—˜™š›œžNoneX_DžŸS3More efficient variant of   ¡ ¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾ Ÿ¿"© Herbert Valerio Riedel 2016-2019GPL-3.0-or-laterNone"#27X_jü.S3Bucket metadata reported by F0S3Access permissions (aka  Canned ACLs)PThis has different meanings depending on whether it's set for buckets or objects:The owner of an entity has always full read & write access<For buckets, read access denotes the ability to list objects5S3;Represents a single-threaded HTTP channel to the S3 service6S3S3-level errorsBS3$Protocol-level errors and exceptionsFS3List buckets owned by userGS3 Create bucketHS3 Delete bucketNOTEh: Most S3 implementations require the bucket to be empty before it can be deleted. See documentation of M0 for a code example deleting a non-empty bucket.IS3Simple single-connection À style combinator over J and K1If you need resource pool management you can use J& in combination with packages such as  0http://hackage.haskell.org/package/resource-pool resource-pool.JS3#Create HTTP(s) connection based on  KS3!Close connection constructed via JLS3List all objects in a bucket<This operation may cause multiple HTTP requests to be issued See also N and MMS3 Convenient Á-like object listing operationHere's an usage example for iterating over the list of objects in chunks of 100 objects and deleting those; and finally deleting the bucket: ÍdestroyBucket conn creds bid = do listObjectsFold conn creds bid nullObjKey Nothing 100 () $ \() objs [] -> forM_ objs $ \omi -> deleteObject conn creds bid (omiKey omi) deleteBucket conn creds bidNS3$Primitive operation for list objects;This operation corresponds to a single HTTP service requestThe N and L3 operations build on this primitive building block.OS3 Copy ObjectPS3PUT ObjectRS3GET ObjectTS3DELETE ObjectLS3prefixS3 delimiterS3 (objects, prefixes)MS3prefixS3 delimiterS3 max number of keys per iterationS39initial value of accumulator argument to folding functionS3folding functionS3(returns final value of accumulator valueNS3 prefix (use - if none)S3 delimiterS3 marker (use - if none)S3max-keys (set 0! to use default which is usually 1000)S3  (next-marker, objects, prefixes)OS3source object to copyPS3 Object keyS3Object payload dataS3 content-type (e.g. application/binary ); see also )QS3 Object keyS3Object payload dataS3 content-type (e.g. application/binary ); see also )RS3 Object keySS3 Object keyV  !"#$%&'()*+,-./0123456>789:;<=?@ABCDEFGHIJKLMNOPQRSTUV./01234FGHLMN-, '()PORT QSU6>789:;<=?@ABCDE+ !"#$%&*5IJK      !""#$%&'(()*+,-../0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwuvxyz{|}~|}~|€y‚uvƒ„…†‡ˆ‰ŠŠ‹ŒŽ‘’|“”•–—˜™š›œžŸŸ ¡¢£¤¥¦§¨©ª«|¬­­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉ|ÊË|ÌÍÎ!S3-0.1.0.0-ICJYI1Ni7n55Gr22u6JgTL Network.S3InternalNetwork.S3.TypesNetwork.S3.SignatureNetwork.S3.XMLMD5Valmd5hashmd5hexmd5unhexmd5ToSBS md5FromSBS ConditionIfExists IfNotExistsIfMatch IfNotMatch ObjMetaInfoOMIomiKeyomiEtagomiSize omiOwnerIdomiLastModifiedETagETagMD5ObjKeyBucketId Credentials s3AccessKey s3SecretKeySignatureVersion SignatureV2 SignatureV4S3Cfg s3cfgBaseUrl s3cfgRegions3cfgSigVersions3cfgEncodingUrl s3cfgDebugCTypenoCType defaultS3Cfg noCredentials nullObjKey isNullObjKey BucketInfoAcl AclPrivate AclPublicReadAclPublicReadWriteAclPublicAuthenticatedRead Connection ErrorCode AccessDeniedBucketAlreadyExistsBucketAlreadyOwnedByYouBucketNotEmpty MalformedXML NoSuchBucket NoSuchKeyInvalidArgument InvalidDigestSignatureDoesNotMatch UnknownError ProtocolErrorProtocolInconsistency HttpFailureUnexpectedResponse listBuckets createBucket deleteBucketwithConnectionconnectclose listObjectslistObjectsFoldlistObjectsChunk copyObject putObject putObjectCond getObject getObjectCond deleteObjectdeleteObjectCond$fExceptionProtocolError$fNFDataErrorCode$fExceptionErrorCode$fFromXMLListBucketResult $fNFDataAcl$fFromXMLCopyObjectResult$fFromXMLBucketInfo$fNFDataBucketInfo$fFromXMLOwner$fFromXMLBuckets$fFromXMLListAllMyBucketsResult$fFromXMLError$fShowProtocolError$fGenericProtocolError$fShowErrorCode$fGenericErrorCode$fShowMetadataEntry$fShowListBucketResult $fShowAcl $fGenericAcl$fShowCopyObjectResult$fShowBucketInfo$fGenericBucketInfo $fShowOwner $fShowError urlEncode'text-short-0.1.3-6s9Vn5x19Vb5f1556qmx0oData.Text.Short.Internal ShortText text-1.2.3.1Data.Text.InternalTextdeepseq-1.4.4.0Control.DeepSeqNFDatarnfbytestring-0.10.8.2Data.ByteString.Internal ByteStringbase Data.ProxyProxyGHC.BaseapData.ByteString.Short.InternalShortByteStringforce'hashable-1.3.0.0-1RsrIcitxVDKffGN1TuMlmData.Hashable.ClassHashable time-1.8.0.2 Data.Time.Clock.Internal.UTCTimeUTCTime SHA256Val sha256hash sha256hexmd5b64md5zero strictPairurlDecodeTextUtf8e2mmkChunkmemptyUrlPath XsdString fromXsdStringisAnonCredentialsunObjKeyetagToBSmkETagsetConditionHeader setAWSRequestgenSignatureV2genSignatureV4 AWSHeaders ahdrMethod ahdrUrlPath ahdrUrlQuery ahdrTimestampahdrContentTypeahdrContentHashesahdrExtraHeaders ahdrSigTypeahdrHost ahdrRegion unboundedAny unboundedpurePrunP_FromXML tagFromXML parseXML_s3qnameshowQN xsd'string xsd'dateTimexsd'longxsd'intxsd'enum xsd'boolean s3_xsd'strings3_xsd'dateTime s3_xsd'long s3_xsd'ints3_xsd'boolean s3_xsd'enumparseXML parseXML' decodeXML filterContent withChildrenoneaheadOnemaybeOne aheadMaybeOnefailPControl.Exception.Basebracket Control.MonadfoldM