[jira] [Created] (HTTPCLIENT-2160) Authorization header doesn't support comma separated values syntax

["Lenoire (Jira)" <ji...@apache.org>]

Lenoire created HTTPCLIENT-2160:
-----------------------------------

             Summary: Authorization header doesn't support comma separated values syntax
                 Key: HTTPCLIENT-2160
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2160
             Project: HttpComponents HttpClient
          Issue Type: Bug
    Affects Versions: 4.5.13
            Reporter: Lenoire


I'm trying to authenticate to an AWS service using an AWS specific authorization type ([https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html).]

HTTP client splits the header into multiple authorization headers which cause an HTTP 400 response from AWS service.

Example:

The request header
{code:java}
Authorization: AWS4-HMAC-SHA256 Credential=AKIAYYTXXF2ED3DDZKPB/20200723/us-east-1/rekognition/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date;x-amz-target, Signature=b7a5caaad97b8115c2a2c7d58227307fb6a010bdad79612b15488d6779e34788{code}
HTTP client logs
{code:java}
[UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >> POST / HTTP/1.1
[UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >> Authorization: AWS4-HMAC-SHA256 Credential=AKIAYYTXXF2ED3DDZKPB/20200723/us-east-1/rekognition/aws4_request
[UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >> Authorization: SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date;x-amz-target
[UIThread [62374a04]] DEBUG org.apache.http.headers - http-outgoing-4 >> Authorization: Signature=b7a5caaad97b8115c2a2c7d58227307fb6a010bdad79612b15488d6779e34788{code}
 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org