You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Oleg Kalnichevski (Jira)" <ji...@apache.org> on 2021/05/20 12:22:00 UTC
[jira] [Comment Edited] (HTTPCLIENT-2160) Authorization header
doesn't support comma separated values syntax
[ https://issues.apache.org/jira/browse/HTTPCLIENT-2160?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17348324#comment-17348324 ]
Oleg Kalnichevski edited comment on HTTPCLIENT-2160 at 5/20/21, 12:21 PM:
--------------------------------------------------------------------------
[~nlenoire] HttpClient of all versions does not support `AWS4-HMAC-SHA256` scheme. Those headers could not have been generated by HttpClient. Please provide a complete unit test reproducing the issue.
Oleg
was (Author: olegk):
[~nlenoire] However HttpClient of all versions does not support AWS4-HMAC-SHA256. Those headers could not have been generated by HttpClient. Please provide a complete unit test reproducing the issue.
Oleg
> Authorization header doesn't support comma separated values syntax
> ------------------------------------------------------------------
>
> Key: HTTPCLIENT-2160
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2160
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Affects Versions: 4.5.13
> Reporter: Lenoire
> Priority: Major
>
> I'm trying to authenticate to an AWS service using an AWS specific authorization type ([https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html).]
> HTTP client splits the header into multiple authorization headers which cause an HTTP 400 response from AWS service.
> Example:
> The request header
> {code:java}
> Authorization: AWS4-HMAC-SHA256 Credential=AKIAYYTXXF2ED3DDZKPB/20200723/us-east-1/rekognition/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date;x-amz-target, Signature=b7a5caaad97b8115c2a2c7d58227307fb6a010bdad79612b15488d6779e34788{code}
> HTTP client logs
> {code:java}
> [UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >> POST / HTTP/1.1
> [UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >> Authorization: AWS4-HMAC-SHA256 Credential=AKIAYYTXXF2ED3DDZKPB/20200723/us-east-1/rekognition/aws4_request
> [UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >> Authorization: SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date;x-amz-target
> [UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >> Authorization: Signature=b7a5caaad97b8115c2a2c7d58227307fb6a010bdad79612b15488d6779e34788{code}
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org