I've objects stored in my OCI bucket, and i want to build an API to allow users to delete specific objects from it, i don't want to use the config file method where i get the storage credentials like this:
const provider = new common.ConfigFileAuthenticationDetailsProvider(
"~/.myoci/config"
);
const client = new os.ObjectStorageClient({
authenticationDetailsProvider: provider,
});
as it depends on using my config file and i don't want to add it to the build because the storage is for many other projects too and it will be a bit risky and not secure enough.
I've used pre-authenticated requests to write on bucket and read from bucket, but sadly it wont work for delete, so are there any tips on how to approach this while being secure?
If you couldn't solve this problem I have a module that uses OCI here is the link: https://github.com/Sirherobrine23/coreUtils/blob/420c7369159645a79d59c944e6c124e2c91653dd/packages/cloud/src/oracleBucket.ts#L127
this here create same ociAuth.SessionAuthDetailProvider so only use user input and more secure to encrypt JSON config if necessary.
Sample:
import * as ociAuth from "oci-common";
const provider = new ociAuth.SimpleAuthenticationDetailsProvider(
tenancy, // tenancy id
user, // User ID
fingerprint, // Tenancy id
privateKey, // private key to sign the request.
passphase, // if private key have passphrase else set null or undefined
ociAuth.Region.<REGION_NAME> // example ociAuth.Region.US_PHOENIX_1 or ociAuth.Region.SA_SAOPAULO_1
);