in src/main/java/com/amazonaws/neptune/auth/NeptuneRequestMetadataSigV4Signer.java [173:207]
protected void attachSignature(final RequestMetadata request, final NeptuneSigV4Signature signature)
throws NeptuneSigV4SignerException {
// make sure the request is not null and contains the minimal required set of information
checkNotNull(signature, "The signature must not be null");
checkNotNull(signature.getHostHeader(), "The signed Host header must not be null");
checkNotNull(signature.getXAmzDateHeader(), "The signed X-AMZ-DATE header must not be null");
checkNotNull(signature.getAuthorizationHeader(), "The signed Authorization header must not be null");
final Map<String, String> headers = request.getHeaders();
// Check if host header is present in the request headers.
Optional<String> hostHeaderName = Optional.empty();
for (String name: headers.keySet()) {
if (name.equalsIgnoreCase(HOST)) {
hostHeaderName = Optional.of(name);
break;
}
}
// Remove the host header from the request as we are going to add the host header from the signed request.
// This also ensures that the right header name is used.
hostHeaderName.ifPresent(name -> headers.remove(name));
request.getHeaders().put(HOST, signature.getHostHeader());
request.getHeaders().put(X_AMZ_DATE, signature.getXAmzDateHeader());
request.getHeaders().put(AUTHORIZATION, signature.getAuthorizationHeader());
// https://docs.aws.amazon.com/general/latest/gr/sigv4-add-signature-to-request.html
// For temporary security credentials, it requires an additional HTTP header
// or query string parameter for the security token. The name of the header
// or query string parameter is X-Amz-Security-Token, and the value is the session token.
if (!signature.getSessionToken().isEmpty()) {
request.getHeaders().put(X_AMZ_SECURITY_TOKEN, signature.getSessionToken());
}
}