When you construct the Canonical requests you should keep in mind the following for the Canonical Headers:
1.Make all header names lowercase.
2.Sort all headers by header name using a lexicographical sort by code point value.
3.Separate each header with a newline (/n).
4.Eliminate duplicate header names by creating one header name with a comma-separated list of values. Be sure there is no whitespace between the values, and be sure that the order of the comma-separated list matches the order that the headers appear in your request. For more information, see RFC 7230 section 3.2.
5.Replace any folding whitespace or newlines (CRLF or LF) with a single space. For more information about folding whitespace, see RFC 7230, section 3.2.4..
6.Remove any whitespace around the colon that appears after the header name.
7.For example, using the custom header x-goog-acl: private without removing the space after the colon returns a 403 Forbidden error, because the request signature you calculate does not match the signature Google calculates.
Therefore you can get a 403 Forbidden error when the request signature you calculate does not match the signature Google calculates.
It worked like a charm!!!!. The Option 2 (Sort all headers by header name using a lexicographical sort by code point value.) helped me solve the issue. Kudos.