fix: Send large API keys in the body of the request

This avoids the server rejecting requests because of too large headers.

Author: Clément Le Provost

algoliasearch/src/main/java/com/algolia/search/saas/AbstractClient.java

@@ -107,6 +107,9 @@ private static class HostStatus {
     /** This library's version. */
     private final static String version = "3.12.0";
 
+    /** Maximum size for an API key to be sent in the HTTP headers. Bigger keys will go inside the body. */
+    private final static int MAX_API_KEY_LENGTH = 500;
+
     // ----------------------------------------------------------------------
     // Fields
     // ----------------------------------------------------------------------
@@ -545,7 +548,18 @@ private byte[] _requestRaw(Method m, String url, String json, List<String> hosts
 
                 // set auth headers
                 hostConnection.setRequestProperty("X-Algolia-Application-Id", this.applicationID);
-                hostConnection.setRequestProperty("X-Algolia-API-Key", this.apiKey);
+                // If API key is too big, send it in the request's body (if applicable).
+                if (this.apiKey != null && this.apiKey.length() > MAX_API_KEY_LENGTH && json != null) {
+                    try {
+                        final JSONObject body = new JSONObject(json);
+                        body.put("apiKey", this.apiKey);
+                        json = body.toString();
+                    } catch (JSONException e) {
+                        throw new AlgoliaException("Failed to patch JSON body");
+                    }
+                } else {
+                    hostConnection.setRequestProperty("X-Algolia-API-Key", this.apiKey);
+                }
                 for (Map.Entry<String, String> entry : this.headers.entrySet()) {
                     hostConnection.setRequestProperty(entry.getKey(), entry.getValue());
                 }