Added optional headers to the AWS SigningDecorator.

[dblock]

Description

• Added an optional headers to the signing decorator to pass Host.
• Added docs on auth.

Issues Resolved

Closes #248.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[dmnlk]

@dblock

Thank you for the fix. I have confirmed that it works correctly in my environment.
However, I believe this fix requires knowledge of AWS specifications.

As stated in the following documentation:
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv-signing-elements.html

For HTTP/1.1 requests, you must include the Host header. For HTTP/2 requests, you can include the :authority header or the Host header. Use only the :authority header for compliance with the HTTP/2 specification. Not all services support HTTP/2 requests.

The Host or :authority header is mandatory.

Since the SigningClientDecorator is located under the aws folder, it is intended for AWS.
In this case, it would be more helpful to include code like the following:

Although the current OpenSearch does not support HTTP/2.0, it is planned to support it in version 3.0, so the following code conforms to that specification:
https://forum.opensearch.org/t/support-for-http-2-with-opensearch-version-2-11-1/17799?utm_source=chatgpt.com

public function sendRequest(RequestInterface $request): ResponseInterface
{
    foreach ($this->headers as $name => $value) {
        $request = $request->withHeader($name, $value);
    }
    if ($request->getProtocolVersion() === 'HTTP/1.0' || $request->getHeader('Host') === null) {
        throw new \IRuntimeException('Header Host must be set');
    }
    if ($request->getProtocolVersion() === 'HTTP/2.0' || $request->getHeader(':authority') === null) {
        throw new \RuntimeException('Header authority must be set');
    }
    $request = $request->withHeader('x-amz-content-sha256', hash('sha256', (string) $request->getBody()));
    $request = $this->signer->signRequest($request, $this->credentials);
    return $this->inner->sendRequest($request);
}

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 24.06%. Comparing base (887df5e) to head (ad4ed40).
Report is 1 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff              @@
##               main     #253      +/-   ##
============================================
+ Coverage     24.02%   24.06%   +0.03%     
- Complexity     3398     3400       +2     
============================================
  Files           485      485              
  Lines         12984    12988       +4     
============================================
+ Hits           3120     3126       +6     
+ Misses         9864     9862       -2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[dblock]

@dmnlk Good point. I updated the code to raise an error when the Host header is missing.

HTTP2 support in OpenSearch was added in opensearch-project/OpenSearch#3847 and I am not sure whether AWS OpenSearch supports it today. For this PR I didn't include the protocol check, I'd prefer it if we made sure we can do HTTP/2 first, then add code like this (please do help!).

[dmnlk]

Good!! Thanks! @dblock