Forums Cached SuiteTalk

This topic contains 4 replies, has 0 voices, and was last updated by TheUsualSuspect 7 years, 10 months ago.

  • Author
    Posts
  • January 4, 2017 at 4:31 pm #6513

    TheUsualSuspect

    I’m trying to get a request to work for TBA web services. I was having issues and tried to verify what I was doing by running the NetSuite example for TBA through my own code to ensure my signature process was being performed correctly.

    They show the following code in SuiteAnswer 44710:

    String sCompId = “1234567”;

    String consumerKey = “71cc02b731f05895561ef0862d71553a3ac99498a947c3b7b eaf4a1e4a29f7c4”;

    String consumerSecret = “7278da58caf07f5c336301a601203d10a58e948efa280f061 8e25fcee1ef2abd”;

    String tokenId = “89e08d9767c5ac85b374415725567d05b54ecf0960ad24708 94a52f741020d82”;

    String tokenSecret = “060cd9ab3ffbbe1e3d3918e90165ffd37ab12acc76b469104 6e2d29c7d7674c2”;

    String algorithm = SignatureAlgorithm._HMAC_SHA256;

    and the following example header:

    Code:

    1234567
    71cc02b731f05895561ef0862d71553a3ac99498a947c3b7beaf4a1e4a29f7c4
    89e08d9767c5ac85b374415725567d05b54ecf0960ad2470894a52f741020d82
    6obMKq0tmY8ylVOdEkA1
    1439829974
    fzGxUBu6SZvGqv5hk8P4ou2DPthSxXtJ4zJIeCBQK5A=

    You create the signature by running a base string and key into a HMAC SHA256 function and then base 64 encoding it. There is sample code in the suiteanswer

    String baseString = sCompId+ “&” + consumerKey + “&” + tokenId + “&” + nonce + “&” + timeStamp;

    1234567&71cc02b731f05895561ef0862d71553a3ac99498a9 47c3b7beaf4a1e4a29f7c4&89e08d9767c5ac85b3744157255 67d05b54ecf0960ad2470894a52f741020d82&6obMKq0tmY8y lVOdEkA1&1439829974

    String key = consumerSecret + ‘&’ + tokenSecret;

    7278da58caf07f5c336301a601203d10a58e948efa280f0618 e25fcee1ef2abd&060cd9ab3ffbbe1e3d3918e90165ffd37ab 12acc76b4691046e2d29c7d7674c2

    Using Python, Node and their own example code on the suiteanswer I always get the same answer which doesn’t match their signature. I’ve also tried different text and url encodings and still can’t get their answer. Is it an invalid signature for what they have? Its driving me nuts

    my signature: FCghIZqXNetuZY8ILWOFH0ucdfzQOmAuL+q+kF21zPs=

    their signiature: fzGxUBu6SZvGqv5hk8P4ou2DPthSxXtJ4zJIeCBQK5A=

    Python:

    Code:
    import hmac
    import hashlib
    import base64
    import urllib

    baseStringStr = u’1234567&71cc02b731f05895561ef0862d71553a3ac99498a947c3b7beaf4a1e4a29f7c4&89e08d9767c5ac85b374415725567d05b54ecf0960ad2470894a52f741020d82&6obMKq0tmY8ylVOdEkA1&1439829974′
    keyStr = u’7278da58caf07f5c336301a601203d10a58e948efa280f0618e25fcee1ef2abd&060cd9ab3ffbbe1e3d3918e90165ffd37ab12acc76b4691046e2d29c7d7674c2′
    baseString = baseStringStr.encode(‘utf-8’)
    key = keyStr.encode(‘utf-8’)
    dig = hmac.new(key, msg=baseString, digestmod=hashlib.sha256).digest()
    print(base64.b64encode(dig).decode())
    Java:

    Code:
    import java.security.*;
    import java.util.Base64;
    import java.util.Date;
    import org.apache.commons.lang3.RandomStringUtils;
    import javax.crypto.*;
    import javax.crypto.spec.SecretKeySpec;
    import javax.xml.*;

    public class createSignature{

    public static void main(String[] args) {
    try {
    testGetServerTimeWithTBA();
    } catch (Exception e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
    }
    }

    public static String computeSignature(
    String account,
    String consumerKey,
    String consumerSecret,
    String token,
    String tokenSecret,
    String nonce,
    Long timeStamp,
    String signatureAlgorithm
    ) throws Exception
    {
    String baseString = account + “&” + consumerKey + “&” + token + “&” + nonce + “&” + timeStamp;
    String key = consumerSecret + ‘&’ + tokenSecret;

    String signature;

    if (signatureAlgorithm.equals(“HmacSHA256”))
    {
    signature = computeShaHash(baseString, key, “HmacSHA256”);
    } else {
    signature = computeShaHash(baseString, key, “HmacSHA1”);
    }

    return signature;
    }

    public static void testGetServerTimeWithTBA() throws Exception
    {
    // Constants
    String sCompId = “1234567”;
    String consumerKey = “71cc02b731f05895561ef0862d71553a3ac99498a947c3b7beaf4a1e4a29f7c4”;
    String consumerSecret = “7278da58caf07f5c336301a601203d10a58e948efa280f0618e25fcee1ef2abd”;
    String tokenId = “89e08d9767c5ac85b374415725567d05b54ecf0960ad2470894a52f741020d82”;
    String tokenSecret = “060cd9ab3ffbbe1e3d3918e90165ffd37ab12acc76b4691046e2d29c7d7674c2”;
    String algorithm = “HmacSHA256”;

    // Nonce and timeStamp must be unique for each request. Also, make sure that the nonce value you
    // generate does not contain special characters.

    // String nonce = RandomStringUtils.randomAlphanumeric(20);
    String nonce = “6obMKq0tmY8ylVOdEkA1”;
    // Long timeStamp = System.currentTimeMillis() / 1000L;
    Long timeStamp = 1439829974L;
    String signature = computeSignature(sCompId, consumerKey, consumerSecret, tokenId, tokenSecret, nonce, timeStamp, algorithm);

    // create and set TokenPassport SOAP Header
    // notice – no secrets are included in this call
    System.out.println(signature);
    }

    protected static String computeShaHash(String baseString, String key, String algorithm) throws Exception
    {
    if (!algorithm.equals(“HmacSHA256”) && !algorithm.equals(“HmacSHA1”)) algorithm = “HmacSHA1”;

    {
    byte[] bytes = key.getBytes();
    SecretKeySpec mySigningKey = new SecretKeySpec(bytes, algorithm);
    Mac messageAuthenticationCode = Mac.getInstance(algorithm);

    messageAuthenticationCode.init(mySigningKey);

    byte[] hash = messageAuthenticationCode.doFinal(baseString.getBytes());
    byte[] encoded = Base64.getEncoder().encode(hash);
    return new String(encoded);
    }
    }
    }
    This is a cached copy. Click here to see the original post.

  • January 4, 2017 at 6:45 pm #6514

    chanarbon

    Hi TheUsualSuspect

    I would suggest you to try SuiteAnswers 44787 (https://netsuite.custhelp.com/app/an…ail/a_id/44787) for the Python sample for the calculation

  • January 5, 2017 at 8:13 am #6515

    mtt

    Hi TheUsualSuspect , chanarbon

    Using the provided code for Java, with theses parameters, I got “/wp+If+p/8iCV9+wz61ynyg1GpOkGbUeRhcJTUzDRQk=” as Signature…

    1234567

    71cc02b731f05895561ef0862d71553a3 ac99498a947c3b7beaf4a1e4a29f7c4 89e08d9767c5ac85b374415725567d05b54ecf0 960ad2470894a52f741020d82

    6obMKq0tmY8ylVOdEkA1

    1439829974

    /wp+If+p/8iCV9+wz61ynyg1GpOkGbUeRhcJTUzDRQk=

    I don’t succeed to connect neither…

  • January 10, 2017 at 12:14 am #6516

    chanarbon

    TheUsualSuspect and mtt

    For the Java sample, I would suggest you to checkout SuiteAnswers ID 44710 (https://netsuite.custhelp.com/app/an…ail/a_id/44710) for the Java sample. I hope it works on you end since it worked on my end upon testing.

  • January 18, 2017 at 9:28 am #6517

    TheUsualSuspect

    Originally posted by chanarbon

    View Post

    Hi TheUsualSuspect

    I would suggest you to try SuiteAnswers 44787 (https://netsuite.custhelp.com/app/an…ail/a_id/44787) for the Python sample for the calculation

    Thank you for the code sample there. I’ll need to get some downtime to work on this again.

  • Author
    Posts

You must be logged in to reply to this topic.