Request Validation does not ignore Header parameters with name Accept, Content-Type or Authorization

[thejamescollins]

Thanks for this very useful package 😀

When validating a request using an OpenAPI specification that contains a Parameter definition for a header parameter named Authorization, the following errors occurs:

League\OpenAPIValidation\PSR7\Exception\Validation\InvalidHeaders: Value "Basic dXNlcm5hbWU6cGFzc3dvcmQ=" for header "Authorization" is invalid for Request [get /users]

vendor/league/openapi-psr7-validator/src/PSR7/Exception/Validation/AddressValidationFailed.php:28
vendor/league/openapi-psr7-validator/src/PSR7/Exception/Validation/InvalidHeaders.php:35
vendor/league/openapi-psr7-validator/src/PSR7/Validators/HeadersValidator.php:46
vendor/league/openapi-psr7-validator/src/PSR7/Validators/ValidatorChain.php:25
vendor/league/openapi-psr7-validator/src/PSR7/RequestValidator.php:79
tests/AssertValidateTrait.php:35
tests/Unit/Handlers/UsersTest.php:68

This Authorization parameter should be ignored by the validator, according to https://swagger.io/specification/#parameter-object

If in is "header" and the name field is "Accept", "Content-Type" or "Authorization", the parameter definition SHALL be ignored.

I believe all Header parameters named Accept, Content-Type or Authorization should be ignored entirely in the validator.

Steps to replicate

Minimal OpenAPI specification:

openapi: 3.0.0
info:
  title: Test API
  version: "1"
paths:
  /users:
    get:
      description: Get users
      parameters:
      - name: Authorization
        in: header
        schema:
          type: string
          format: uuid
      responses:
        default:
          description: response description
      security:
        - basicAuth: []
components:
  securitySchemes:
    basicAuth:
      type: http
      scheme: basic