How can I avoid 401 errors on signed uploads

Ceres6

Hi

I have a node.js feature to generate signed urls to then upload them from the frontend of my application. I'm currently trying to upload a jpg from my test suite to check whether the signed urls work or not.

The code used can be found below:

async getAssetUploadUrl(id: InvoiceId): Promise<Url> {

    const timestamp = Math.round(new Date().getTime() / 1000),

      signature = cloudinary.utils.api_sign_request({ public_id: id.value, timestamp }, this.config.api_secret),

            baseUrl = `http://api.cloudinary.com/v1_1/${this.config.cloud_name}/image/upload`,

      url = `${baseUrl}?api_key=${this.config.api_key}&publicId=${id.value}&timestamp=${timestamp}&signature=${signature}`;

    return new Url(url);

and then from the test I make:

const file = readFileSync(`${__dirname}/../../../../../tests/fakes/lenna.jpg`),

        response = await fetch(`${url.value}&file=${file.toString()}`, { method: 'POST' });

      console.log(JSON.stringify(response.status, null, 2));

Status returns 401. I've tried adding and removing publicId form query string as well as checking errors that other users had in similar cases, but I'm not being able to find the problem.

Thanks in advance for any help.

Michal

Hi,

When generating the signature you need to sign the exact parameters you are including in your upload request, as explained here: https://cloudinary.com/documentation/signatures#signature_generation. So if you include the public_id in your upload request it needs to be signed as well.

The error message you receive contains the String that was expected to be signed according to the parameters that were included in the request. For example:String to sign - 'timestamp=1665101173'

Please let me know if this helps and if you need any further assistance.

Best regards,

Michal