HTTP headers should be case-insensitive when used in FEEL expressions

[chillleader]

Describe the Bug

HTTP headers are case-insensitive. For convenience, header keys are transformed to lowercase when processing the HTTP webhook connector requests. However, for the FEEL engine context variables are case-sensitive, which may lead to unexpected results when trying to reference header keys in FEEL expressions.

Steps to Reproduce

1. Configure a webhook connector with API key auth
2. Set any value of the API key
3. Use the following API key locator expression: =request.headers.apiKey
4. Deploy the diagram and wait for the connector to be activated
5. Send a request with the following header: apiKey, observe an authentication error
6. Now change the webhook configuration to expect the API key in the header called apikey instead (lowercase), locator expression: =request.headers.apikey
7. Submit the same request from step 5 again and observe a successful response.

Expected Behavior

HTTP headers should be case-insensitive when referred to in FEEL expressions. Both request.headers.apiKey and request.headers.apikey should return the same header.

[sbuettner]

@chillleader to take a look whether the lower case conversion can be challenged and we could get rid of it OR find a different solution for accessing headers in webhook requests.

[sbuettner]

Decided in the grooming that we wont spend more time on this but rather document the behaviour in our docs that header names need to be accessed using lower case. cc @chillleader