feature: allow using of STS Session Tokens

[slenky]

Hello,

Thank you for such a good extension! We'd like to use it in environment where we create temporary users in Minio using STS (which pretends to copy AWS STS behaviour). Hence we really need to also specify Session Token's.

I've tested boto3 behaviour with both boto3.resource(..., session_token=None) and boto3.resource(..., session_token='') towards AWS S3 and it still works as expected so that would be nice to have:

[reevejd]

Hi @slenky, thanks for the PR! This seems like a good use case that I'm happy to support. I will take a closer look later today.

[reevejd]

I made one small change (https://github.com/slenky/jupyterlab-s3-browser/commit/c05b5b001a428a89571219c519526f3b21cfef7a). I can confirm this doesn't break any existing functionality, but I haven't been able to actually validate that this new feature works.

There's a dev release available here if you would like to try for yourself.

[slenky]

Hi @reevejd , thanks, that seems reasonable!

During the test with authentication in Browser UI I received an error with An error occurred (InvalidTokenId) when calling the ListBuckets operation: The security token included in the request is invalid.

I presume that session_token from frontend doesn't get properly escaped. I gonna test it a bit with dev-release and come back to you!

[slenky]

@reevejd I guess we need to revert your change because if we don't set self.config.session_token = req["session_token"], it doesn't work inside /jupyterlab_s3_browser/auth then.

I've just tested it with returning that change back and it does a trick for me. I'll check if it breaks anything against real S3 without Minio tomorrow.

[slenky]

I confirm that it works with that change & AWS S3

[reevejd]

Thanks for the update. I should have time to take another look this evening

[reevejd]

After 8b9072f I think it's good to go now. I've created a dev release if you want to confirm.