I need a JS script that can multipart upload directly to Amazon S3. While Amazon has an official JS SDK, there's no realistic way to use it without hard-coding your AWS credentials client-side. This is obviously a deal-breaker in a production environment.
You can generate authentication info in PHP and embed it in a POST form, but then you can only upload up to 5 GB. So to upload more than 5 GB you need to split up the file in JS and upload the pieces.
So my idea was to have a PHP script containing the AWS user credentials that is responsible for using those credentials to generate authorization signatures that the JS script can send to the AWS REST API. The AWS credentials must remain server-side and not be exposed to the client-side script.
It is important that when the client uploads the actual file data, that data goes directly to S3 and doesn't pass through the PHP script.
Here's the sequence of events:
1. The user browses for a file and clicks Upload. The JS script sends a request to the PHP script, which initiates the multipart upload and sends the upload ID back to the JS script.
2. The JS script splits the file into pieces, then sends a request to the PHP script for the authorization signature and then sends to AWS each piece as a multipart upload.
3. Once the entire file is uploaded, it sends a request to the PHP script to finish the multipart upload.
Steps 1 and 3 can be implemented directly via the AWS PHP SDK. Step 2 will require a manual implementation via Amazon's REST API.
* You should use the latest AWS API version (2006-03-01) and latest signature version (v4)
* The implementation should be as pure as possible with as few libraries as necessary (jQuery is ok)
So this project consists of three files: the JS script, the PHP script and an upload page. As it's a proof-of-concept the UI doesn't matter and you needn't spend any time making it look nice.