You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My suggestion is to implement that for each http artifact or simply refactor the android implementation upwards to the core AbstractUploaderStrategy.
This allows cloudinary-java users to not have to enter api_secret if say the signature is generated via other microservices/authorization servers. This also allows easier server-side integration tests.
While I understand the audience for cloudinary-java is more towards server users where the secret key is most likely exposed within a monolithic service, the two reasons above are currently forcing us to mangle a separate UploaderStrategy which simply use the above Android part instead.
The text was updated successfully, but these errors were encountered:
Hi, still no news? Java SDK don't allow to use pre-generated "signature", and trying to get "api_secret" even if "signature" is included. Is it allowed to create a pull request from side person(I will just move functionality from android repo cloudinary_android to cloudinary_java)?
This issue affects all current http artifacts:
cloudinary_java/cloudinary-http42/src/main/java/com/cloudinary/http42/UploaderStrategy.java
Lines 45 to 49 in 0907886
Compared to the implementation on cloudinary-android:
Cloudinary Android Source: https://github.com/cloudinary/cloudinary_android/blob/f7a0b32cfd9f2b6507bb6461043e6c89d9478c03/lib/src/main/java/com/cloudinary/android/UploaderStrategy.java#L43-L59
My suggestion is to implement that for each http artifact or simply refactor the android implementation upwards to the core
AbstractUploaderStrategy
.This allows
cloudinary-java
users to not have to enterapi_secret
if say the signature is generated via other microservices/authorization servers. This also allows easier server-side integration tests.While I understand the audience for
cloudinary-java
is more towards server users where the secret key is most likely exposed within a monolithic service, the two reasons above are currently forcing us to mangle a separate UploaderStrategy which simply use the above Android part instead.The text was updated successfully, but these errors were encountered: