The CanonicalHeaders list must include the following:
HTTP host header.
If the Content-Type header is present in the request, you must add it to the CanonicalHeaders list.
Any x-amz-* headers that you plan to include in your request must also be added. For example, if you are using temporary security credentials, you need to include x-amz-security-token in your request. You must add this header in the list of CanonicalHeaders.
However, this implementation only includes Host, X-Amz-Date, X-Amz-User-Agent and (if present) X-Amz-Security-Token
Quoting https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html:
However, this implementation only includes Host, X-Amz-Date, X-Amz-User-Agent and (if present) X-Amz-Security-Token