feat(object_store): Add support for session token (STS) in AWS credentials

[refucktor]

• Resolves: Support AWS STS (AWS_SESSION_TOKEN) for S3 Object Storage #50579
• Resolves: Support for temporary credentials via AssumeRoleWithWebIdentity / OIDC and STS when accessing S3 buckets #35919

Summary

Support using a Session Token for temporal AWS Credentials

Checklist

• Code is properly formatted
• Sign-off message is added to all commits
• Tests (unit, integration, api and/or acceptance) are included
• Screenshots before/after for front-end changes
• Documentation (manuals or wiki) has been updated or is not required
• Backports requested where applicable (ex: critical bugfixes)

[joshtrichards]

I wonder what it'd take to add an integration test for this... 🤔

https://min.io/docs/minio/linux/developers/security-token-service.html
https://github.com/minio/minio/tree/master/docs/sts

[joshtrichards]

How does the expiration/rotation of STS credentials work here given that the Nextcloud use case for S3 is ongoing not temporary?

[refucktor]

@joshtrichards that could be an interesting step. However, I would recommend trying a different direction for the integration tests, something like a combination of:

• https://testcontainers.com/modules/localstack/
• https://docs.localstack.cloud/references/coverage/coverage_iam/
• https://docs.localstack.cloud/references/coverage/coverage_s3/

then you can manage all the outside platforms directly via code 😉

[github-actions]

Hello there,
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.

We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process.

Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6

Thank you for contributing to Nextcloud and we hope to hear from you soon!

(If you believe you should not receive this message, you can add yourself to the blocklist.)

[icewind1991]

I don't know enough about S3 to judge the use case, but the code itself seems fine

[welcome]

Thanks for your first pull request and welcome to the community! Feel free to keep them coming! If you are looking for issues to tackle then have a look at this selection: https://github.com/nextcloud/server/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22