From dc7b7af9eb33067908262c9975f676f549c6b7e5 Mon Sep 17 00:00:00 2001
From: Hector Valcarcel <hmvalcarcel@gmail.com>
Date: Thu, 6 Feb 2025 12:04:30 +0100
Subject: [PATCH 1/3] feat(s3_config): add support for S3 session token
 configuration

- Introduced logic to handle S3 session token using environment variables.
- Supports session token from both a file and direct environment variable.
- Defaults to an empty token if no value is provided.

Signed-off-by: Hector Valcarcel <hmvalcarcel@gmail.com>
---
 .config/s3.config.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.config/s3.config.php b/.config/s3.config.php
index a17e4037..40379fe6 100644
--- a/.config/s3.config.php
+++ b/.config/s3.config.php
@@ -40,6 +40,14 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
+  if (getenv('OBJECTSTORE_S3_SESSION_TOKEN_FILE')) {
+    $CONFIG['objectstore']['arguments']['session_token'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SESSION_TOKEN_FILE')));
+  } elseif (getenv('OBJECTSTORE_S3_SESSION_TOKEN')) {
+    $CONFIG['objectstore']['arguments']['session_token'] = getenv('OBJECTSTORE_S3_SESSION_TOKEN');
+  } else {
+    $CONFIG['objectstore']['arguments']['session_token'] = '';
+  }
+
   if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
   } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {

From ecbd2ab480e3fdec13345b32ccae2a5676c5eda8 Mon Sep 17 00:00:00 2001
From: Hector Valcarcel <hmvalcarcel@gmail.com>
Date: Mon, 10 Feb 2025 10:28:04 +0100
Subject: [PATCH 2/3] docs(readme): add new variable for the Object Storage
 section

- variable "OBJECTSTORE_S3_SESSION_TOKEN" to support AWS STS auth workflow

Signed-off-by: Hector Valcarcel <hmvalcarcel@gmail.com>
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index ac5b0e28..0bae4628 100644
--- a/README.md
+++ b/README.md
@@ -271,6 +271,7 @@ To use an external S3 compatible object store as primary storage, set the follow
 - `OBJECTSTORE_S3_PORT`: The port that the object storage server is being served over
 - `OBJECTSTORE_S3_KEY`: AWS style access key
 - `OBJECTSTORE_S3_SECRET`: AWS style secret access key
+- `OBJECTSTORE_S3_SESSION_TOKEN`: AWS style session token for STS auth workflows
 - `OBJECTSTORE_S3_STORAGE_CLASS`: The storage class to use when adding objects to the bucket
 - `OBJECTSTORE_S3_SSL` (default: `true`): Whether or not SSL/TLS should be used to communicate with object storage server
 - `OBJECTSTORE_S3_USEPATH_STYLE` (default: `false`): Not required for AWS S3

From c351ce76ab819301d0c124aefe9475761582e3f3 Mon Sep 17 00:00:00 2001
From: Josh <josh.t.richards@gmail.com>
Date: Sun, 9 Mar 2025 10:31:16 -0400
Subject: [PATCH 3/3] docs(README): Fix missing `-it` in non-Compose `docker
 exec` command

Signed-off-by: Josh <josh.t.richards@gmail.com>
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 9f13f17c..7de62124 100644
--- a/README.md
+++ b/README.md
@@ -157,7 +157,7 @@ See:
 
 To use the [Nextcloud command-line interface](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/occ_command.html) (aka. `occ` command):
 ```console
-$ docker exec --user www-data CONTAINER_ID php occ
+$ docker exec -it --user www-data CONTAINER_ID php occ
 ```
 or for docker compose:
 ```console