netsuite Token based Authentication

Question

I am trying to authenticate netsuite through token based I have tried it here but its giving error

{"error" : {"code" : "INVALID_LOGIN_ATTEMPT", "message" : "Invalid login attempt."}}

I referred to code given in the stack solution

I am passing data string as '' right now because I only want to authenticate. What may be am missing in the code and can this code can be run without Script id and deploy id?

Answer 1

I had the same error in my c# code ("{"error" : {"code" : "INVALID_LOGIN_ATTEMPT", "message" : "Invalid login attempt."}}").

I changed Realm(netsuiteAccountId) "xxxxxxx-sb1" change to "xxxxxxx_SB1". The _SB should be in upper case.

This is working fine for me.

    var consumer_key = "abcde12345";
    var consumer_secret = "12345abcde";
    var tkey = "1a2b3c4d5e";
    var token_secret = "a12b3c4d5e";
    var URL = "https://xxxxxxx-sb1.restlets.api.netsuite.com/xxx/site/hosting/xxx.nl?xxxx=xxxx&deploy=x";
   

    var client = new RestClient(URL);
    var oAuth1 = OAuth1Authenticator.ForAccessToken(
                    consumerKey: consumer_key,
                    consumerSecret: consumer_secret,
                    token: tkey,
                    tokenSecret: token_secret,
                    OAuthSignatureMethod.HmacSha256);

    var netsuiteAccount = "xxxxxxx_SB1"; // "xxxxxxx-sb1" change to "xxxxxxx_SB1"
    oAuth1.Realm = netsuiteAccount;

    client.Authenticator = oAuth1;
    var request = new RestRequest(URL, Method.POST);
    request.AddHeader("Content-Type", "application/json");
    string body = "{\"start\": {\"from\": 12345, \"to\": 67890 } ";
    request.AddParameter("application/json", body, ParameterType.RequestBody);
    var response = client.Execute(request);

Answer 2

I got the same error. This happens to me because of the incorrect signature generation method that I have used for the authentication. You could see the specific login attempt error from the Netsuite login audit trail. Following is the Java code written by me to generate the correct authentication header and it worked for me.

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.swing.text.Document;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.*;
import java.security.GeneralSecurityException;

public class Main {

    private static final String ALPHA_NUMERIC_STRING = "2312312312312sadadadadNKSNSKMSLMXSX";
    static String OAuth ="null";


    public static void main(String[] args) {

        try {

            String oauth_val = mediate();

            URL url = new URL("https://rest.na1.netsuite.com/app/site/hosting/restlet.nl?script=xxx&deploy=x");
            HttpURLConnection conn = (HttpURLConnection) url.openConnection();
            conn.setRequestMethod("GET");
            conn.setRequestProperty("Accept", "application/json");
            conn.setRequestProperty("Authorization",oauth_val);
            conn.setRequestProperty("Content-Type","application/json");

            if (conn.getResponseCode() != 200) {
                throw new RuntimeException("Failed : HTTP error code : "
                        + conn.getResponseCode());
            }

            BufferedReader br = new BufferedReader(new InputStreamReader(
                    (conn.getInputStream())));

            String output;
            System.out.println("Output from Server .... \n");
            while ((output = br.readLine()) != null) {
                System.out.println(output);
            }

            conn.disconnect();

        } catch (MalformedURLException e) {

            e.printStackTrace();

        } catch (IOException e) {

            e.printStackTrace();

        }

    }



    public static String randomAlphaNumeric(int count) {
        StringBuilder builder = new StringBuilder();
        while (count-- != 0) {
            int character = (int)(Math.random()*ALPHA_NUMERIC_STRING.length());
            builder.append(ALPHA_NUMERIC_STRING.charAt(character));
        }
        return builder.toString();
    }

    private static String computeSignature(String baseString, String keyString) throws GeneralSecurityException, UnsupportedEncodingException {

        final String EMPTY_STRING = "";
        final String CARRIAGE_RETURN = "\r\n";
        final String UTF8 = "UTF-8";
        String HMAC_SHA1 = "HmacSHA1";

        SecretKeySpec key = new SecretKeySpec(keyString.getBytes(UTF8), HMAC_SHA1);
        Mac mac = Mac.getInstance(HMAC_SHA1);
        mac.init(key);
        byte[] bytes = mac.doFinal(baseString.getBytes(UTF8));
        String base= bytesToBase64String(bytes).replace(CARRIAGE_RETURN, EMPTY_STRING);
        return URLEncoder.encode(base, "UTF-8");

    }

    private static String bytesToBase64String(byte[] bytes) {
        return Base64Encoder.getInstance().encode(bytes);
    }

    public static String mediate() {
        try {
            String BASE_URL =  "https://rest.na1.netsuite.com/app/site/hosting/restlet.nl";
            String HTTP_METHOD =  "GET";
            String TOKEN_ID = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
            String TOKEN_SECRET = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
            String CONSUMER_KEY = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
            String CONSUMER_SECRET = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
            String SIGNATURE_METHOD = "HMAC-SHA1";
            String OAUTH_NONCE = randomAlphaNumeric(20);
            String TIME_STAMP = String.valueOf(System.currentTimeMillis() / 1000);
            String OAUTH_VERSION = "1.0";
            String SCRIPT_DEPLOYMENT_ID = "xxx";
            String SCRIPT_ID = "xxx";
            String REALM= "xxxxx";
            Document xmldoc = null;




            String data = "";
            data = data + "deploy=" + SCRIPT_DEPLOYMENT_ID + "&";
            data = data + "oauth_consumer_key=" + CONSUMER_KEY + "&";
            data = data + "oauth_nonce=" + OAUTH_NONCE + "&";
            data = data + "oauth_signature_method=" + SIGNATURE_METHOD +"&";
            data = data + "oauth_timestamp=" + TIME_STAMP + "&";
            data = data + "oauth_token=" + TOKEN_ID + "&";
            data = data + "oauth_version=" + OAUTH_VERSION + "&";
            data = data + "script=" + SCRIPT_ID;
            String encodedData = encode(data);

            System.out.println("This is the Encoded Data.... : "+ encodedData);

            String completeData = HTTP_METHOD + "&" + encode(BASE_URL) + "&"+ encodedData;

            System.out.println("This is the completeData.... : "+ completeData);

            String key ="";
            key = encode(CONSUMER_SECRET) + "&" + encode(TOKEN_SECRET);

            System.out.println("This is the constructed key.... : "+ key);
            String signature= computeSignature(completeData,key);


            OAuth = "OAuth realm=\"" + REALM + "\",";
            OAuth = OAuth + "oauth_consumer_key=\""+ CONSUMER_KEY + "\",";
            OAuth = OAuth + "oauth_token=\"" + TOKEN_ID + "\",";
            OAuth = OAuth + "oauth_signature_method=\"HMAC-SHA1\",";
            OAuth = OAuth + "oauth_timestamp=\"" + TIME_STAMP + "\",";
            OAuth = OAuth + "oauth_nonce=\"" + OAUTH_NONCE + "\",";
            OAuth = OAuth + "oauth_version=\"" + "1.0" + "\",";
            OAuth = OAuth + "oauth_signature=\"" + signature + "\"";


            return OAuth;

        } catch (UnsupportedEncodingException | GeneralSecurityException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        return "error";
    }

    private static String encode(String value) {
        String encoded = "";
        try {
            encoded = URLEncoder.encode(value, "UTF-8");
        } catch (Exception e) {
            e.printStackTrace();
        }
        String sb = "";
        char focus;
        for (int i = 0; i < encoded.length(); i++) {
            focus = encoded.charAt(i);
            if (focus == '*') {
                sb += "%2A";
            } else if (focus == '+') {
                sb += "%20";
            } else if (focus == '%' && i + 1 < encoded.length()
                    && encoded.charAt(i + 1) == '7' && encoded.charAt(i + 2) == 'E') {
                sb += '~';
                i += 2;
            } else {
                sb += focus;
            }
        }
        return sb.toString();
    }

   }

Answer 3

No, you cannot run the code without a script and deployment. And the data string should be an object, even if it's just sample data like '{"test":true}'.

Also, the PHP you have referred to is technically incomplete. To properly send data to NetSuite's RESTLets you need to implement an automatic retry due to the concurrency limits. That said, it doesn't help you with the problem of just connecting.

You should also be calling the NetSuite datacenter to get the proper URL.

 * NetSuite SuiteAnser for datacenter calls
 * https://netsuite.custhelp.com/app/answers/detail/a_id/65684
 * 
 * Sample production response:
 * {"webservicesDomain":"https://webservices.na1.netsuite.com","restDomain":"https://rest.na1.netsuite.com","systemDomain":"https://system.na1.netsuite.com"}