in src/main/java/com/amazonaws/neptune/auth/NeptuneApacheHttpSigV4Signer.java [196:231]
protected void attachSignature(final HttpUriRequest request, final NeptuneSigV4Signature signature)
throws NeptuneSigV4SignerException {
// make sure the request is not null and contains the minimal required set of information
checkNotNull(signature, "The signature must not be null");
checkNotNull(signature.getHostHeader(), "The signed Host header must not be null");
checkNotNull(signature.getXAmzDateHeader(), "The signed X-AMZ-DATE header must not be null");
checkNotNull(signature.getAuthorizationHeader(), "The signed Authorization header must not be null");
final Header[] headers = request.getAllHeaders();
// Check if host header is present in the request headers.
Optional<String> hostHeaderName = Optional.empty();
for (final Header header: headers) {
if (header.getName().equalsIgnoreCase(HOST)) {
hostHeaderName = Optional.of(header.getName());
}
}
// Remove the host header from the request as we are going to add the host header from the signed request.
// This also ensures that the right header name is used.
hostHeaderName.ifPresent(request::removeHeaders);
request.setHeader(HOST, signature.getHostHeader());
request.setHeader(X_AMZ_DATE, signature.getXAmzDateHeader());
request.setHeader(AUTHORIZATION, signature.getAuthorizationHeader());
// https://docs.aws.amazon.com/general/latest/gr/sigv4-add-signature-to-request.html
// For temporary security credentials, it requires an additional HTTP header
// or query string parameter for the security token. The name of the header
// or query string parameter is X-Amz-Security-Token, and the value is the session token.
if (!signature.getSessionToken().isEmpty()) {
request.setHeader(X_AMZ_SECURITY_TOKEN, signature.getSessionToken());
}
}