Problem description
The format of the Authorization request header is invalid.
Causes
The V2 signature is used in the request. However, the format of the Authorization header is invalid.
Examples
The following code provides an example of a request that uses the V2 signature and the format of the Authorization header is invalid.
GET /oss.jpg HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Tue, 20 Dec 2022 08:48:18 GMT
Authorization: OSS2 AccessKeyId:44**07,The signature version and information in the Authorization header must be separated by spaces.
Signature version: Only
OSS2is supported.Signature information: The signature information is displayed in the form of key-value pairs (key:value). Separate key-value pairs with commas (,) and separate keys and values with colon (:).
The key of the signature information includes two required fields (
AccessKeyIdandSignature) and one optional field (AdditionalHeaders). The signature information of theAuthorizationheader must include two or three key-value pairs. However, only one key-value pair is included in the preceding example.
Solutions
Make sure that the format of the Authorization header in the request that uses the V2 signature meets the preceding requirements. The following code provides an example:
GET /oss.jpg HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Tue, 20 Dec 2022 08:48:18 GMT
Authorization: OSS2 AccessKeyId:44**07,AdditionalHeaders:host,Signature:n7I**I0=References
If you want to use Alibaba Cloud SDKs to initiate a request that uses the V2 signature, see Overview.
Use the self-signed mode.
If you want to calculate the V2 signature, see Calculate V2 signature by using OSS SDK for Python.
If you want to specify the signature logic, see Overview.
If the server returns a response that contains the
StringToSignparameter, you can check whether the value of the StringToSign parameter on the server is the same as the string before calculation.