https://netsuiteprofessionals.com logo
Join Slack
Powered by
Hello. Could I know how to test OAuth2.0 in Restle...
# suitescript
b
Hello. Could I know how to test OAuth2.0 in Restlet using Postman please? And setting up the Integration record in NetSuite. I created an integration record in Netsuite like this. I set Redirect URI as 
https://<accountId>.<http://app.netsuite.com/app/login/oauth2/authorize.nl|app.netsuite.com/app/login/oauth2/authorize.nl>
with proper account Id. In postman I tried to get token code but not sure how to set up its Grant Type and Access token URL. Any help would be appreciated
b
thats not how the redirect url works
its supposed to be to a server that you control
if you dont actually have a server you control, the code grant flow is not the one you want to use
b
So I should use client password?
So without the server, you mean I can't use OAuth2?
b
you will not get very far looking for information if you go around calling it client password
b
Client Credentials Grant
b
b
openssl req -x509 -newkey rsa:4096 -sha256 -keyout auth-key.pem -out auth-cert.pem -nodes -days 730
I ran this command and tried to set it up in Client Credentials setup but it throws me this error.
Copy code
OAuth 2.0 Client Credentials Error
Unable to parse provided x509 certificate.
Any idea please?
b
are you trying to upload the certificate or the private key
b
yes
that is part of Client Credentials process?
private key
b
choose a better answer, my question it not a yes or no
b
private key (pem file)
b
wrong file, the private key is for you to keep secret
the public key in the certificate is for netsuite to use to verify that the request is from you
b
Oh Thank you
Copy code
#! /usr/bin/env python3

import requests
import logging

from pathlib import Path
import datetime
import jwt # PyJWT

GRANT_TYPE = "client_credentials"
CLIENT_ASSERTION_TYPE = 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'
CLIENT_ID = "<CLIENT_ID>"
TOKEN_ENDPOINT_URL = "https://<COMPID>.<http://suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token|suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token>"
CONNECT_ENDPOINT_URL = "https://<COMPID>.<http://connect.api.netsuite.com/services/rest/auth/oauth2/v1/token|connect.api.netsuite.com/services/rest/auth/oauth2/v1/token>"

CERTIFICATE_ID = "<CERTIFICATE_ID_GENERATED_WHEN_UPLOADED_TO_NS>"
CERTIFICATE_KEY_FILE = Path("certificates/key.pem")

SCOPES = ['SuiteAnalytics']


def main():
    now = datetime.datetime.now()
    payload = {
        'iss': CLIENT_ID,
        'scope': SCOPES,
        'aud': CONNECT_ENDPOINT_URL,
        'iat': now.timestamp(),
        'exp': now + datetime.timedelta(hours=1),
    }

    private_key = CERTIFICATE_KEY_FILE.read_bytes()

    jwt_assertion = jwt.encode(payload, private_key, algorithm="PS256", headers={'kid': CERTIFICATE_ID})

    data = {
            'grant_type': GRANT_TYPE,
            'client_assertion_type': CLIENT_ASSERTION_TYPE,
            'client_assertion': jwt_assertion,
    }
    resp = <http://requests.post|requests.post>(TOKEN_ENDPOINT_URL, data=data)
    data = resp.json()
    logging.debug("Received '%s'[%d]: %s", TOKEN_ENDPOINT_URL, resp.status_code, resp.raw)
    assert data["access_token"]



if __name__ == '__main__':
    main()
I tried to get access token following this code, but it returns "invalid_request" error Could I know if following this code structure is right or not please?
b
dont know what a python solution would look like
i personally suspect the private_key needs more processing than just reading its bytes
b
Actually I was trying to test with Postman but getting JWT assertion was difficult
Could I know how you usually get JWT assertion please?
maybe in javascript or c#?
b
for postman
b
Do I need to setup this parameters?
b
requires converting your private key to a jwk, but thats fairly simple
OAuth 2.0 Access and Refresh Token Structure defines the the structure of the response you get back
you would want to worry about that after you get the access and refresh tokens, and only if you wish to verify that the data came from netsuite
b
So I don't need to care about it
Thank you
Hello @battk Could you do me a favor please? Do I need 4 keys or 2 keys? https://stackoverflow.com/questions/68597628/creating-jwt-using-suitescript-2-x-for-docusign-api-integration This example shows 4 keys to create JWT
b
my personal guess is that you dont understand what you are doing in openssl
i only see one public key and private key pair
and a certificate, which is just a fancy way of dressing up a public key
3 Views
Open in Slack
PreviousNext
Powered by