AWSv4 presigned signature misses quoting on X-Amz-Credential
External ticket https://gitlab.com/gitlab-org/gitlab-workhorse/issues/181
The X-Amz-Credential query parameter is not correctly encoded during server-side signature generation for presigned AWSv4 URLs
RGW uses it as-is from the URL query string, and if that mismatches the quoting used client-side signature generation, then the server & client signatures will not match.
The specification requires that the query-string keys & values are all quoted. The Fog library had behavior where it would use correct quoting during client-side signature generation, but then it would output a shorter form with less quoting, which was since fixed https://github.com/fog/fog-aws/commit/7c36189fb02c9b3cee8f1b93441e1edf95732028
Spec page: https://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html
Example with correct quoting per spec: