AkamaiSecureUrlBuilder creates not working urls for files

[sim1234]

Describe the bug

AkamaiSecureUrlBuilder claims to follow secure delivery guidelines described in https://uploadcare.com/docs/security/secure-delivery/ but the urls generated by it don't work (HTTP 403).

Reference implementation uses Akamai EdgeAuth that differs a bit from what is implemented in this project:

• Akamai implementation uses sha256 hash function while pypuloadcare uses sha1 by default. This isn't an issue since it can be overwritten.
• Akamai doesn't use acl in hashed values, nor in the token itself.

Code / screenshots

Uploadcare(..., secure_url_builder=AkamaiSecureUrlBuilder(...)).generate_secure_url("<uuid>") results in https://mydomain.com/<uuid>/?token=exp=...~acl=/<uuid>/~hmac=...

while

EdgeAuth(...).generate_url_token("<uuid>") results in exp=.../~hmac=...

Environment

• Library version: 3.1.0
• Language/framework version: Python 3.8
• OS version: macOS 13.0.1

[dmitry-mukhin]

Hi!
This is a known issue, that is addressed in #220.
It'll be a part of version 4.0.

I'll try to introduce it to 3.2 as well.

[dmitry-mukhin]

@sim1234 please check the newest version

[sim1234]

@dmitry-mukhin I don't think the acl issue was addressed there.

[dmitry-mukhin]

Adding ACL is optional. We've decided to use it.

[dmitry-mukhin]

feel free to send PR that makes this optional in pyuploadcare as well!