Help required to understand how to make the POST Authentication for restless service
jwaiswa7 opened this issue · comments
Joshua commented
Hello,
Am having trouble building a successful Authentication when making a POST request to netsuite restless service.
I constantly get the response
400
{"error"=>{"code"=>"INVALID_REQUEST", "message"=>"The request could not be understood by the server due to malformed syntax."}}
Below is how am making the request using Fraday for reference.
Any help is greatly appreciated.
Thanks
def request
conn = Faraday.new(
url: base_url,
headers: {
"Content-Type" => "application/json",
"Authorization" => header(header_details)
}
)
response = conn.post("/endpoint") do |req|
req.body = params.to_json
end
JSON.parse response.body
end
private
def header(params)
params["oauth_signature"] = authorization
header = "OAuth "
params.each do |k, v|
header += "#{k}=#{v},"
end
header.slice(0..-2) # chop off last ,"
end
def authorization
signature_base_string = signature_base_string(
"POST",
"restless_url",
header_details
)
signing_key = consumer_secret + "&" + token_id
url_encode(sign(signing_key, signature_base_string))
end
def header_details
{
"realm" => account,
"oauth_consumer_key" => consumer_key, # Your consumer key
"oauth_token" => token_id, # Your access token
"oauth_signature_method" => "HMAC-SHA256", # How you"ll be signing (see later)
"oauth_timestamp" => timestamp, # Timestamp
"oauth_nonce" => nonce, # A random string, see below for function
"oauth_version" => "1.0" # oAuth version
}
end
def signature_base_string(method, uri, header_details)
# Join up the parameters into one long URL-safe string of key value pairs
encoded_params = header_details.sort.collect { |k, v| url_encode("#{k}=#{v}") }.join("%26")
# Join the above with your method and URL-safe destination URL
method + "&" + url_encode(uri) + "&" + encoded_params
end
def url_encode(string)
CGI.escape(string)
end
# where sign is:
def sign(key, base_string)
digest = OpenSSL::Digest::Digest.new("sha256")
hmac = OpenSSL::HMAC.digest(digest, key, base_string)
Base64.encode64(hmac).chomp.delete("\n")
end
Joshua commented
I have also tried to use the passport class in this repo to generate a signature but with the same results.
passport = NetSuite::Passports::Token.new(account, consumer_key, consumer_secret, token_id, token_secret).passport
Michael Bianco commented
@jwaiswa7 I'd recommend jumping into the slack group to ask for help on this!