fix: Fix quota project header on retry

Author: robertvoinescu-work

Src/Support/Google.Apis.Auth/OAuth2/AccessTokenWithHeaders.cs

@@ -15,8 +15,11 @@ limitations under the License.
 */
 
 using Google.Apis.Util;
+using System;
 using System.Collections.Generic;
 using System.Collections.ObjectModel;
+using System.Linq;
+using System.Net;
 using System.Net.Http;
 using System.Net.Http.Headers;
 
@@ -75,10 +78,29 @@ private AccessTokenWithHeaders(string token, string quotaProject = null)
         public void AddHeaders(HttpRequestHeaders requestHeaders)
         {
             requestHeaders.ThrowIfNull(nameof(requestHeaders));
-
             foreach (var header in Headers)
             {
-                requestHeaders.Add(header.Key, header.Value);
+                // In the case it's a single value header we will not add it if already present, just validate we match
+                // what's already there.
+                if (IsSingleValueHeader(header.Key) && requestHeaders.TryGetValues(header.Key, out var existingValue))
+                {
+                    ValidateMatch(header.Key, existingValue, header.Value);
+                    continue;
+                }
+                else
+                {
+                    requestHeaders.Add(header.Key, header.Value);
+                }
+            }
+
+            bool IsSingleValueHeader(string key) => key == QuotaProjectHeaderName;
+
+            void ValidateMatch(string key, IEnumerable<string> existing, IEnumerable<string> incoming)
+            {
+                if (!existing.SequenceEqual(incoming))
+                {
+                    throw new InvalidOperationException($"The {key} header cannot be overwritten once set.");
+                }
             }
         }
 

Src/Support/Google.Apis.Core/Http/ConfigurableMessageHandler.cs

@@ -38,8 +38,6 @@ namespace Google.Apis.Http
     /// </summary>
     public class ConfigurableMessageHandler : DelegatingHandler
     {
-        private const string QuotaProjectHeaderName = "x-goog-user-project";
-
         /// <summary>The class logger.</summary>
         private static readonly ILogger Logger = ApplicationContext.Logger.ForType<ConfigurableMessageHandler>();
 
@@ -464,10 +462,6 @@ protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage
                     await interceptor.InterceptAsync(request, cancellationToken).ConfigureAwait(false);
                 }
 
-                // Before having the credential intercept the call, check that quota project hasn't
-                // been added as a header. Quota project cannot be added except through the credential.
-                CheckValidAfterInterceptors(request);
-
                 await CredentialInterceptAsync(request, cancellationToken).ConfigureAwait(false);
 
                 if (loggable)
@@ -657,14 +651,6 @@ bool DisposeAndReturnFalse(IDisposable disposable)
             return response;
         }
 
-        private void CheckValidAfterInterceptors(HttpRequestMessage request)
-        {
-            if (request.Headers.Contains(QuotaProjectHeaderName))
-            {
-                throw new InvalidOperationException($"{QuotaProjectHeaderName} header can only be added through the credential or through the <Product>ClientBuilder.");
-            }
-        }
-
         private async Task CredentialInterceptAsync(HttpRequestMessage request, CancellationToken cancellationToken)
         {
             var effectiveCredential = GetEffectiveCredential(request);