I'm running an externally available Suitelet but w...
# suitescriptb
Benjamin Jung
01/10/2024, 11:28 PMI'm running an externally available Suitelet but would like it to interpret the saved search date filters in a different time zone. Currently it runs as the system user, which, as I'm working with a OneWorld account, not the same time zone as the end user of my Suitelet.
Any tips for how I can run the Suitelet under a different user from just an external URL alone? Would it be best to convert my Suitelet to a RESTlet and use OAuth/TBA?
b
battk
01/11/2024, 12:15 PMyou probably wanted the restlet in the first place if it is an option
battk
01/11/2024, 12:16 PMexternally available suitelets are bad from a security perspective
👍 1
b
Benjamin Jung
01/11/2024, 1:40 PM@battk Yes, I was planning to do that actually. I'm inexperienced with restlets though, so I have a probably stupid question: how do I add the content header to make the restlet output application/json?
b
battk
01/11/2024, 1:47 PMthe restlet's content type matches the content-type header sent in the request
b
Benjamin Jung
01/11/2024, 1:48 PMCheers.
Benjamin Jung
01/11/2024, 10:44 PMI converted my suitelet to a restlet and set up it up with OAuth 1.0 using this guide: https://timdietrich.me/blog/netsuite-suiteql-query-api/
That's working now.
If you don't mind me asking -- any opinion on the security of that compared to OAuth 2.0? I don't have experience yet setting that up so I don't know how much extra effort it is.
b
battk
01/12/2024, 10:13 AMboth are fine securitywise, oauth 2.0 client credentials is likely to be supported longer than token based authentication
👍 1
battk
01/12/2024, 10:17 AMbut is harder to implement since you will very likely be doing some of the coding yourself, it uses a less well supported extension of oauth 2.0, so you will need to add a jwt
🧐 1
b
Benjamin Jung
01/12/2024, 4:13 PM@battk Thanks. I'd love to learn how to implement OAuth 2.0 in NS, both for incoming connections to RESTlets and also to connect to outside services (there was an OIDC service I needed to connect to). Can these things typically be done just through SuiteScript APIs, or are other components necessary? I guess I don't understand the model well enough yet.
b
battk
01/12/2024, 4:22 PMdoing it within netsuite is usually harder than using something like node js
battk
01/12/2024, 4:23 PMoauth 2 is typically best implemented using a library, and those libraries wont be written with suitescript in mind
b
Benjamin Jung
01/12/2024, 5:13 PMI see. So then you need to have nodejs hosted somewhere? How would you connect NS to the nojs instance securely?
I had a colleague create a PHP script (no doubt using some OAuth library) to connect to endpoints through OIDC but I simply connected to his PHP endpoint using nlapiRequestURL. Seems like there should be a better way?
b
battk
01/12/2024, 5:22 PMhost a node js server, or use one of the many services that will let you do so
battk
01/12/2024, 5:22 PMthen you can send a https request to it
b
Benjamin Jung
01/12/2024, 5:34 PMSo basically you use a trusted server under your own control as an in-between to make the OAuth connections.
b
battk
01/12/2024, 5:39 PMits the method virtually guaranteed to work
battk
01/12/2024, 5:39 PMyou can use suitescript directly sometimes
battk
01/12/2024, 5:40 PMbut you need to know which crypto algorithms it supports and how to use them
b
Benjamin Jung
01/12/2024, 5:42 PMI see.
Benjamin Jung
01/12/2024, 5:44 PMLike for OAuth 1.0 NS supports HMAC-SHA256, it seems.
274 Views