Apparently aiohttp is filtering out the "Authorization" header in aiohttp.wsgi:69 in create_wsgi_environ.

This bug was found while using aiopyramid + jwtauth, you can find more details (and an example project) on housleyjk/aiopyramid#14