3

I am trying to use suitetalk web service api from an app written in Python.

There isn't much documentation, but from what there is i tried creating the authentication(HMAC-SHA256) but get this each time: error="token_rejected", error_description="Invalid login attempt."

using the same credentials in postman using the collection supplied by netsuite i am able to login and call the API so i know my creds are good and it isn't a permission issue.

the only difference between the postman call and mine are the nonce, timestamp(these two are obvious) and the signature.

I tried using the signature with the following code:

params = {
    'oauth_version': "1.0",
    'oauth_nonce': oauth.generate_nonce(),
    'oauth_timestamp': str(int(time.time())),
    'oauth_token': token.key,
    'oauth_consumer_key': consumer.key
}

req = oauth.Request(method=http_method, url=url, parameters=params)
signature_method = oauth.SignatureMethod_HMAC_SHA1()
req.sign_request(signature_method, consumer, token)
header = req.to_header(realm)
return header['Authorization']

I thought it was HMAC_SHA1 issue rather then 256, but that encryption works on postman.

I also tried : NetSuite python TBA Authentication

I am quite puzzled and would be grateful for some insights or code snippet that works.

Amir
  • 31
  • 2
  • Take a look at this ruby code for an example of how to generate the oauth signature https://github.com/NetSweet/netsuite/blob/master/lib/netsuite/passports/token.rb – iloveitaly Nov 23 '20 at 02:57
  • Did you find the solution because I'm stuck here and tried alot of things but nothing happened iy would be great if you guide me – Adam Strauss Jan 29 '21 at 06:25

1 Answers1

0

This how I do it:

class NetsuiteAuth(object):

    def __init__(self):
            self.access_token = SANDBOX_ACCESS_TOKEN
            self.token_secret = SANDBOX_TOKEN_SECRET
            self.realm_uppercase = SANDBOX_REALM_uppercase
            self.deploy = SANDBOX_DEPLOY

    def get_headers(self, http_method, url):

        token = oauth.Token(key=self.access_token,
                            secret=self.token_secret)

        consumer = oauth.Consumer(key=CONSUMER_KEY,
                                  secret=CONSUMER_SECRET)

        # # crafting the request
        params = {
            'oauth_version': "1.0",
            'oauth_nonce': oauth.generate_nonce(),
            'oauth_timestamp': str(int(time.time())),
            'oauth_token': token.key,
            'oauth_consumer_key': consumer.key
        }
        signature_method = oauth.SignatureMethod_HMAC_SHA1()  # soon deprecated by Netsuite !

        req = oauth.Request(method=http_method, url=url, parameters=params)
        req.sign_request(signature_method, consumer, token)
        auth_header = req.to_header(self.realm_uppercase)
        auth_header_encoded = auth_header['Authorization'].encode('ascii', 'ignore')

        headers = {"Authorization": auth_header_encoded, "Content-Type": "application/json"}

        return headers

Then I invoke it like this and use the headers in the request.

headers = NETSUITE_AUTH.get_headers('POST', URL)
Nicolas
  • 53
  • 1
  • 2
  • 11