function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Vladimir GorelikVladimir Gorelik 

OAuth signature generation

I have some code generating OAuth signature and sending request to NetSuite.
I reviewed all the parameters I send to NetSuite with their developers and they told me that I have some issue with oauth_signature.

I will really appreciate if you take a look and tell me what I am doing wrong.
  
public String timestamp {get; set;} //seconds since unix epoch
    public String nonce {get; set;} //random number for making request unique
    public Map<String, String> oauth_params {get; set;} //store oauth params for signature generation   
    public OAuthService__c ns_oauth	{get; set;} //oauth data for ns -> salesforce
    	
    public String GenerateSignature(String httpMethod) {
    	
    	ns_oauth = [select Consumer_Key__c, Consumer_Secret__c, Authorization_URL__c, Realm__c, 
    						   (select token__c, secret__c from Tokens__r)
    					  from OAuthService__c
    					 where Name = 'SalesForce' limit 1];
    		
    	timestamp = String.valueOf(DateTime.now().getTime()/1000); //seconds since unix epoch
    	nonce = String.valueOf(Crypto.getRandomLong()); //random number
    
    	oauth_params = new Map<String, String>();
    
    	if(ns_oauth != null) { //store parameters for signature creating
    		oauth_params.put('oauth_version', '1.0');
    		oauth_params.put('oauth_nonce', nonce);
    		oauth_params.put('oauth_timestamp', timestamp);
    		oauth_params.put('oauth_consumer_key', ns_oauth.Consumer_Key__c);
    		oauth_params.put('oauth_token', ns_oauth.Tokens__r[0].token__c);
    	}
    		
    	String sig = normalizeUrl(ns_oauth.Authorization_URL__c);  //signature starts with normalized url (with port number)
    	Blob sigMac; //hash of signature
    	
    	sig = httpMethod.toUpperCase() + '&' + EncodingUtil.urlEncode(sig, 'UTF-8');
    		
    	//sort parameters  before appending to signature 
    	List<string> sortParams = new List<string>(oauth_params.keySet());
    	sortParams.sort();
    	
    	//append all the params for signature
    	for(String param_key : oauth_params.keySet()) {
    		sig += '&' + param_key + '=' + oauth_params.get(param_key);
    	}
    
    	//compute HASH using SHA-1 algorithm
    	//where key is acombination of concumer secret and token secret
    	
    	String hash_key = ns_oauth.Consumer_Secret__c + '&' + ns_oauth.Tokens__r[0].secret__c;
    
    	sigMac = Crypto.generateMac('HmacSHA1', Blob.valueOf(sig), Blob.valueOf(hash_key));
    
    	return EncodingUtil.urlEncode(EncodingUtil.base64Encode(sigMac), 'UTF-8');
    
    }
I get in response following:
  
{"error" : {"code" : "INVALID_LOGIN_ATTEMPT", "message" : "Invalid login attempt."}}


 
scottbcovertscottbcovert
Hi Vladimir,

I have never integrated with the NetSuite API, but you should definitely be able to make outbound calls from Apex to their API. After some searching it looks like this older post could prove helpful: https://developer.salesforce.com/forums/?id=906F00000008o1qIAA

Best,
Scott
SarbelloSarbello
Hi Vladimir,
 Did you ever figure this out? I get the same response from NetSuite. After working through their documentation I'm doing something very similiar.  I've confirmed the signature logic is generating the correct results based on samples from NetSuite. My thought is I may not be building the input correctly. In any event - would definitely enjoy hearing you input. Thank you!