Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

specify signature_algorithm in the config/cloudinary.php #63

Open
meyer59 opened this issue Mar 23, 2022 · 5 comments
Open

specify signature_algorithm in the config/cloudinary.php #63

meyer59 opened this issue Mar 23, 2022 · 5 comments
Assignees
@tara-matthew
Labels
enhancement New feature or request

Comments

@meyer59
Copy link

meyer59 commented Mar 23, 2022

Hello
It will be great if we can specify some more parameters in the cloudinary.php conf file as mentioned here.
Actually, i am trying to specify the signature_algorithm parameter, is there any way to do it with the current package version ?
Thank you
@unicodeveloper unicodeveloper added good first issue Good for newcomers help wanted Extra attention is needed hacktoberfest labels Oct 2, 2023
@tara-matthew
Copy link

Please could I have a go at working on this?

@unicodeveloper
Copy link
Collaborator

@tara-matthew assigned to you.

@uhexos
Copy link

uhexos commented Oct 12, 2023

@unicodeveloper after taking a stab at this seems like the extra env parameters would not be needed since we use the cloudinary url. The extra parameters can be added to the string the signature_algorithm in particular can be added using

cloudinary://cloudinary_url_here?cloud[signature_algorithm]=sha256

relevant cloudinary docs maybe we just need to add some more docs here to let people know

@unicodeveloper
Copy link
Collaborator

unicodeveloper commented Oct 12, 2023 via email

@uhexos
Copy link

uhexos commented Oct 12, 2023

tried adding the sha256 and if you set a sha eg 2566 that doesn't exist it throws an error that says you need a enter a valid signature_algorithm. Seems it actually detects the setting. Buuuutt I couldn't actually get it to produce a sha 256 signature.

Given
$uploadedFileUrl = cloudinary()->upload($request->file('file')->getRealPath()); SignatureVerifier::verifyApiResponseSignature($uploadedFileUrl->getPublicId(), $uploadedFileUrl->getVersion(), $uploadedFileUrl->getSignature());

the signature that comes back seems to be sha1 encrypted cause we end up here at which during execution and it returns true
public static function generateHmac($payloadToSign, $apiSecret) { return sha1($payloadToSign . $apiSecret); }

Any chance the sha256 is for paying accounts only ?

@joshmanders joshmanders added enhancement New feature or request and removed good first issue Good for newcomers help wanted Extra attention is needed hacktoberfest labels Aug 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tara-matthew tara-matthew

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@joshmanders @unicodeveloper @meyer59 @uhexos @tara-matthew