From 025cc5646f93c48d06d3d0f6caa801faf93ce850 Mon Sep 17 00:00:00 2001
From: David Kocher <dkocher@iterate.ch>
Date: Tue, 26 Nov 2024 20:34:23 +0100
Subject: [PATCH] Set STS endpoint explicitly and allow override in profile.

---
 s3/src/main/java/ch/cyberduck/core/s3/S3Session.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/s3/src/main/java/ch/cyberduck/core/s3/S3Session.java b/s3/src/main/java/ch/cyberduck/core/s3/S3Session.java
index c2b900d1fb1..136206fb5af 100644
--- a/s3/src/main/java/ch/cyberduck/core/s3/S3Session.java
+++ b/s3/src/main/java/ch/cyberduck/core/s3/S3Session.java
@@ -89,6 +89,7 @@
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
 
+import com.amazonaws.client.builder.AwsClientBuilder;
 import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
 import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder;
 import com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException;
@@ -337,6 +338,7 @@ public void login(final LoginCallback prompt, final CancelCallback cancel) throw
                 final CustomClientConfiguration configuration = new CustomClientConfiguration(host,
                         new ThreadLocalHostnameDelegatingTrustManager(trust, host.getHostname()), key);
                 final AWSSecurityTokenServiceClientBuilder builder = AWSSecurityTokenServiceClientBuilder.standard()
+                        .withEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration(host.getProtocol().getSTSEndpoint(), null))
                         .withCredentials(AWSCredentialsConfigurator.toAWSCredentialsProvider(client.getProviderCredentials()))
                         .withClientConfiguration(configuration);
                 final AWSSecurityTokenService service = builder.build();