0

Hi I'm trying to fetch data from NetSuite but unable to do so because of INVALID LOGIN ATTEMPT. I tried a lot of stuff but noting happened interestingly in my POSTMAN everything is working perfectly. And Following are the some documents out of dozens which I referred.

Doc1: Netsuite OAuth Not Working

Doc2: https://netsuite.custhelp.com/app/answers/detail/a_id/44241/kw/SuiteTalk%20Authentication

Doc3: https://www.endyourif.com/netsuite-api-setting-up-access-token-authentication/

Doc4: https://github.com/NetSweet/netsuite/blob/master/lib/netsuite/passports/token.rb

Doc5: Implementation HMAC-SHA1 in python

And is my code.

nsAccountID = "1059967"
consumerKey = "434545646123fdgty7565g2bd1a71f0a2ae2badbeda67771a"
consumerSecret = "cdnc87rrth34ut4346wvnhrfg84fhf8923945u48r42fhcedw78df4"
token = "43t43f7hefc7h34fh34789fwf234rf90e89cf4h98f234"
tokenSecret = "78hf487rfy478fhc478fh34f34f3434t4yhbwae21443665u"
Nonce = self._generateNonce(length=11)
currentTime = self._generateTimestamp()
signature_method = 'HMAC-SHA256'
version = '1.0'
method = 'GET'
base_url = "https://1056867.suitetalk.api.netsuite.com/services/rest/record/v1/customer"
encoded_url = urllib.parse.quote(base_url)
collected_string = '&'.join(['oauth_consumer_key='+consumerKey, 'oauth_nonce='+Nonce,
                                     'oauth_signature_method='+signature_method, 'oauth_timestamp='+currentTime,
                                     'oauth_token='+token, 'oauth_version='+version])
encoded_string = urllib.parse.quote(collected_string)
base = '&'.join([method, encoded_url, encoded_string])
key = '&'.join([consumerSecret, tokenSecret])
digest = hmac.new(key=str.encode(key), msg=str.encode(base), digestmod=hashlib.sha256).digest()
signature = base64.b64encode(digest).decode()
url = "https://1059967.suitetalk.api.netsuite.com/services/rest/record/v1/customer"

payload = ""
headers = {
          'Content-Type': "application/json",
          'Authorization': "OAuth realm=\"1059967\","
  "oauth_consumer_key=\"434545646123fdgty7565g2bd1a71f0a2ae2badbeda67771a\","
  "oauth_token=\"43t43f7hefc7h34fh34789fwf234rf90e89cf4h98f234\","
  "oauth_signature_method=\"HMAC-SHA256\","
  "oauth_timestamp=\"" + currentTime + "\","
  "oauth_nonce=\""+Nonce+"\","
  "oauth_version=\"1.0\","
  "oauth_signature=\"" + signature + "\"",
  'cache-control': "no-cache",
            }

response = requests.request("GET", url, data=payload, headers=headers)

I also tried sdk i.e netsuitesdk but it was giving me an error

unable to open database file

Note: Upper given credentials are dummy

Adam Strauss
  • 1,889
  • 2
  • 15
  • 45
  • 1
    The OAuth signature signs a string that includes a lot more than what you are using. It includes the URL, parameters and headers except for realm in sorted order. There are a few examples in other languages on SO, for example : https://stackoverflow.com/questions/57957730/ – Brian Jan 29 '21 at 18:17
  • 1
    your signature base should include the HTTP Method as well, in this case, GET. it would be like: `GET&normalized_url&all_parameters` . all parameters are your current base. also you need to sort your parameters first. don't forget to UrlEncode them before using it – Peyman Jan 29 '21 at 19:18
  • Thanks guys you did it.....Now I'm getting 200 response :) – Adam Strauss Feb 01 '21 at 06:01
  • @AdamStrauss would you mind posting the solution? Having a similar problem. – Peter Andreoli Jun 22 '21 at 18:59
  • see question https://stackoverflow.com/questions/33174172/looking-for-example-python-code-for-netsuite-api-using-oauth/68854320#68854320 – Jay42 Aug 19 '21 at 20:44
  • @PeterAndreoli sorry for delay but here is my code – Adam Strauss Aug 20 '21 at 05:37

1 Answers1

0

Here you can see my code.

def _generateTimestamp(self):
    return str(int(time.time()))

def _generateNonce(self, length=11):
    """Generate pseudorandom number
    """
    return ''.join([str(random.randint(0, 9)) for i in range(length)])

def _generateSignature(self, method, url, consumerKey, Nonce, currentTime, token, consumerSecret,
                       tokenSecret, offset):
    signature_method = 'HMAC-SHA256'
    version = '1.0'
    base_url = url
    encoded_url = urllib.parse.quote_plus(base_url)
    collected_string = None
    if type(offset) == int:
        collected_string = '&'.join(['oauth_consumer_key=' + consumerKey, 'oauth_nonce=' + Nonce,
                                     'oauth_signature_method=' + signature_method, 'oauth_timestamp=' + currentTime,
                                     'oauth_token=' + token, 'oauth_version=' + version, 'offset=' + str(offset)])
    else:
        collected_string = '&'.join(['oauth_consumer_key=' + consumerKey, 'oauth_nonce=' + Nonce,
                                     'oauth_signature_method=' + signature_method, 'oauth_timestamp=' + currentTime,
                                     'oauth_token=' + token, 'oauth_version=' + version])
    encoded_string = urllib.parse.quote_plus(collected_string)
    base = '&'.join([method, encoded_url, encoded_string])
    key = '&'.join([consumerSecret, tokenSecret])
    digest = hmac.new(key=str.encode(key), msg=str.encode(base), digestmod=hashlib.sha256).digest()
    signature = base64.b64encode(digest).decode()
    return urllib.parse.quote_plus(signature)

def _create_oauth(self, base_url):
    nsAccountID = 'YOUR_NETSUITE_ACCOUNT_ID'
    consumerKey = 'YOUR_NETSUITE_CONSUMER_KEY'
    consumerSecret = 'YOUR_NETSUITE_CONSUMER_SECRET'
    token = 'YOUR_NETSUITE_TOKEN'
    tokenSecret = 'YOUR_NETSUITE_TOKEN_SECRET'

    Nonce = self._generateNonce(length=11)
    currentTime = self._generateTimestamp()

    signature = self._generateSingleSignature('GET', base_url, consumerKey, Nonce, currentTime, token,
                                                  consumerSecret, tokenSecret)

    oauth = "OAuth realm=\"" + nsAccountID + "\"," \
                                                 "oauth_consumer_key=\"" + consumerKey + "\"," \
                                                                                         "oauth_token=\"" + token + "\"," \
                                                                                                                    "oauth_signature_method=\"HMAC-SHA256\"," \
                                                                                                                    "oauth_timestamp=\"" + currentTime + "\"," \
                                                                                                                                                         "oauth_nonce=\"" + Nonce + "\"," \
                                                                                                                                                                                    "oauth_version=\"1.0\"," \
                                                                                                                                                                                    "oauth_signature=\"" + signature + "\""
    headers = {
        'Content-Type': "application/json",
        'Authorization': oauth,
        'cache-control': "no-cache",
    }
    return headers

"""Here is my API call"""

base_url = "https://REALM.suitetalk.api.netsuite.com/services/rest/record/v1/salesorder/"
payload = ""
data = {}
response = requests.request("GET", base_url, data=payload, headers=self._create_oauth(base_url))
Adam Strauss
  • 1,889
  • 2
  • 15
  • 45