Lenoire created HTTPCLIENT-2160:
-----------------------------------
Summary: Authorization header doesn't support comma separated
values syntax
Key: HTTPCLIENT-2160
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2160
Project: HttpComponents HttpClient
Issue Type: Bug
Affects Versions: 4.5.13
Reporter: Lenoire
I'm trying to authenticate to an AWS service using an AWS specific
authorization type
([https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html).]
HTTP client splits the header into multiple authorization headers which cause
an HTTP 400 response from AWS service.
Example:
The request header
{code:java}
Authorization: AWS4-HMAC-SHA256
Credential=AKIAYYTXXF2ED3DDZKPB/20200723/us-east-1/rekognition/aws4_request,
SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date;x-amz-target,
Signature=b7a5caaad97b8115c2a2c7d58227307fb6a010bdad79612b15488d6779e34788{code}
HTTP client logs
{code:java}
[UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >> POST /
HTTP/1.1
[UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >>
Authorization: AWS4-HMAC-SHA256
Credential=AKIAYYTXXF2ED3DDZKPB/20200723/us-east-1/rekognition/aws4_request
[UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >>
Authorization:
SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date;x-amz-target
[UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >>
Authorization:
Signature=b7a5caaad97b8115c2a2c7d58227307fb6a010bdad79612b15488d6779e34788{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
