cloudinary-examples icon indicating copy to clipboard operation
cloudinary-examples copied to clipboard

Published 20 hours ago verified publisher icon cloudinary-community

Netlify Function - Cloudinary Custom Remote Function: Signature verification

Open AlexBeznoss opened this issue 2 years ago • 2 comments

Hey Thanks for these examples, they are incredibly helpful. I'm building a custom remote function, and it works perfectly, but in my case, I would like to verify "x-cld-signature" to ensure that the request is coming from Cloudinary. Did you ever try it? According to Cloudinary documentation, it should be a SHA-1 Hex-Digest of body + timestamp + API secret, but in my case, as a signature, I'm receiving 128 characters long string. I can't even imagine how to make SHA1 Hex 128 characters long :)

AlexBeznoss avatar May 22 '23 23:05 AlexBeznoss

hey @AlexBeznoss thanks for flagging this, it looks like the docs need to be updated as i was told its actually sha512 of timestamp + api_secret, im told that doesn't include a body as the docs state

ill try to get around to including this in an example

colbyfayock avatar May 23 '23 15:05 colbyfayock

Wow, it works and is so simple. Thanks 👍

AlexBeznoss avatar May 23 '23 22:05 AlexBeznoss