CloudinaryDotNet 1.6 bug

Gabe

February 25, 2019 16:23 Edited

I was working with the CloudinaryDotNet 1.6 library from Nuget and it appears to have a bug creating signed upload signatures.

When I attempt to perform a signed upload with a signature generated by ApiShared.SignParamters(), I get the following error:

I modified my web service to generate a signature based on the instructions at https://cloudinary.com/documentation/upload_images#generating_authentication_signatures and the result is totally different than signature generated by the Cloudinary API method.  My signature works and I'm able to upload images, which leads me to believe there's a bug in the CloudinaryDotNet 1.6 implementation.

Here's my source code in debug showing the two different signatures and how I generated one that allows me to successfully execute signed uploads.

0

• 

  Shirly Manor

  February 25, 2019 23:04

  Hi,

  In order to provide better feedback, can you please open a support ticket with your cloud name and the string that you sign?

  Here is a sample code that I create. so if you can share your code it would be great!

  https://dotnetfiddle.net/qfnrra

  Looking forward to your ticket,

  0
• 

  Gabe

  February 26, 2019 05:20

  Hi Shirly, I figured out the issue, and since I have a solution I'm not going to submit a ticket because I'm in a crunch to get a lot of work done.  The problem is that the method public string SignParameters(IDictionary<string, object> parameters) in https://github.com/cloudinary/CloudinaryDotNet/blob/master/Shared/ApiShared.cs doesn't sort the dictionary before making them into a query string and hashing it. 
  
  The unit test that covers this function public void TestSign() in https://github.com/cloudinary/CloudinaryDotNet/blob/master/Shared.Tests/ApiTest.cs uses a SortedDictionary, so it passes.  Unfortunately the fact that sorting must be performed before calling the function is undocumented.

  0

Post is closed for comments.