Hi,
Recently I came across an integration scenario where I am consuming API's hosted in AWS API Gateway. I was given with an apiKey, accessKey and secretKey. Given the AWS requires a signature part of the authorization header, I found couple of samples how to generate
the Signature for the request.
The authorization header must contain all headers used in the signature generation (separated by character ';'). The moment the authorization header contains ';', I am getting an error saying invalid format.
The format of the authorization header required by AWS is "Authorization: algorithm Credential=access key ID/credential scope,
SignedHeaders=SignedHeaders, Signature=signature"
The format of SignedHeaders value is "SignedHeaders=header1;header2;header3" which is a semicolon separated.
Refer above formats
here.
I am adding the authorization header using syntax (httpClient.DefaultRequestHeaders.Add("authorization"n, authHeader).
As long as the Signing header count is 1, everything working as expected. In the scenario where more than one header is used for signature generation, I have to specify that in the authorization header like this: SignedHeaders = Header1;Header2.
Somehow, this is not allowed in C#. So, I am forced to use only header for my integration work. I am lucky as the AWS API Gateway doesn't need the additional headers for signing procedure.
Is this a limitation in .net? Don't we have a native support in .net for AWS signing like we have for Azure Tokens?
Authorization Header:
AWS4-HMAC-SHA256 Credential=A3132135131335131A/20171006/ap-southeast-2/execute-api/aws4_request,
SignedHeaders=content-type;host;x-amz-date;x-api-key, Signature=abcdefghijklmnopqrstuvwxyz1234567890
Exception Stack Trace:
System.FormatException:
at System.Net.Http.Headers.HttpHeaderParser.ParseValue (System.Net.Http, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
at System.Net.Http.Headers.HttpHeaders.ParseAndAddValue (System.Net.Http, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
at System.Net.Http.Headers.HttpHeaders.Add (System.Net.Http, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)