Giters

NetSweet / netsuite

NetSuite SuiteTalk API Wrapper

Home Page:http://opensuite-slackin.herokuapp.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Help required to understand how to make the POST Authentication for restless service

jwaiswa7 opened this issue · comments

commented

Hello,

Am having trouble building a successful Authentication when making a POST request to netsuite restless service.

I constantly get the response

400
{"error"=>{"code"=>"INVALID_REQUEST", "message"=>"The request could not be understood by the server due to malformed syntax."}}

Below is how am making the request using Fraday for reference.

Any help is greatly appreciated.

Thanks

    def request
      conn = Faraday.new(
        url: base_url,
        headers: {
          "Content-Type" => "application/json",
          "Authorization" => header(header_details)
        }
      )

      response = conn.post("/endpoint") do |req|
        req.body = params.to_json
      end

      JSON.parse response.body
    end

    private

    def header(params)
      params["oauth_signature"] = authorization
      header = "OAuth "
      params.each do |k, v|
        header += "#{k}=#{v},"
      end
      header.slice(0..-2) # chop off last ,"
    end

    def authorization
      signature_base_string = signature_base_string(
        "POST",
        "restless_url",
        header_details
      )

      signing_key = consumer_secret + "&" + token_id

      url_encode(sign(signing_key, signature_base_string))
    end

    def header_details
      {
        "realm" => account,
        "oauth_consumer_key" => consumer_key, # Your consumer key
        "oauth_token" => token_id, # Your access token
        "oauth_signature_method" => "HMAC-SHA256", # How you"ll be signing (see later)
        "oauth_timestamp" => timestamp, # Timestamp
        "oauth_nonce" => nonce, # A random string, see below for function
        "oauth_version" => "1.0" # oAuth version
      }
    end

    def signature_base_string(method, uri, header_details)
      # Join up the parameters into one long URL-safe string of key value pairs
      encoded_params = header_details.sort.collect { |k, v| url_encode("#{k}=#{v}") }.join("%26")
      # Join the above with your method and URL-safe destination URL
      method + "&" + url_encode(uri) + "&" + encoded_params
    end

    def url_encode(string)
      CGI.escape(string)
    end

    # where sign is:
    def sign(key, base_string)
      digest = OpenSSL::Digest::Digest.new("sha256")
      hmac = OpenSSL::HMAC.digest(digest, key, base_string)
      Base64.encode64(hmac).chomp.delete("\n")
    end
commented

I have also tried to use the passport class in this repo to generate a signature but with the same results.

passport = NetSuite::Passports::Token.new(account, consumer_key, consumer_secret, token_id, token_secret).passport
commented

@jwaiswa7 I'd recommend jumping into the slack group to ask for help on this!