From 5750d79181885d24654dda4ecf81bedeaa6aeb34 Mon Sep 17 00:00:00 2001
From: James Letendre <James.Letendre@gmail.com>
Date: Mon, 14 Dec 2020 16:20:30 -0500
Subject: [PATCH] Replace defaultProvider with explicit calls to exclude user
 home directory lookup

Signed-off-by: James Letendre <james.letendre@gmail.com>
---
 .../Files/ObjectStore/S3ConnectionTrait.php      | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/lib/private/Files/ObjectStore/S3ConnectionTrait.php b/lib/private/Files/ObjectStore/S3ConnectionTrait.php
index f23bcbc675d..1a36683a300 100644
--- a/lib/private/Files/ObjectStore/S3ConnectionTrait.php
+++ b/lib/private/Files/ObjectStore/S3ConnectionTrait.php
@@ -32,6 +32,7 @@ namespace OC\Files\ObjectStore;
 
 use Aws\ClientResolver;
 use Aws\Credentials\CredentialProvider;
+use Aws\Credentials\EcsCredentialProvider;
 use Aws\Credentials\Credentials;
 use Aws\Exception\CredentialsException;
 use Aws\S3\Exception\S3Exception;
@@ -104,10 +105,23 @@ trait S3ConnectionTrait {
 		$provider = CredentialProvider::memoize(
 			CredentialProvider::chain(
 				$this->paramCredentialProvider(),
-				CredentialProvider::defaultProvider()
+				CredentialProvider::env(),
+				CredentialProvider::instanceProfile()
 			)
 		);
 
+		// If running in an ECS environment, then also include the ECS task role in the chain
+		if (!empty(getenv(EcsCredentialProvider::ENV_URI))) {
+			$provider = CredentialProvider::memoize(
+				CredentialProvider::chain(
+					$this->paramCredentialProvider(),
+					CredentialProvider::env(),
+					CredentialProvider::ecsCredentials(),
+					CredentialProvider::instanceProfile()
+				)
+			);
+		}
+
 		$options = [
 			'version' => isset($this->params['version']) ? $this->params['version'] : 'latest',
 			'credentials' => $provider,
-- 
GitLab