https://netsuiteprofessionals.com logo
Join Slack
Powered by
So, I'm trying to store a password using addCreden...
# suitescript
d
So, I'm trying to store a password using addCredentialField .. then use it later in an Authorization Basic: scenario ... which requires a POST. Doesn't look like POST is supported. Anyone ever do this?
b
i hope you are prepared for a lot of work that only makes sense if you are building a suiteapp
d
sigh Should I just encrypt this myself?
j
^ I'd recommend that, I've only ever gotten the credential stuff to work in SS1 and after trying to log with support that it doesn't work in SS2 for weeks I got told that it wasn't supposed to be supported.
d
Of course!
b
its is by far easier, but if you want your passwords secure, its supported in POST
1
assuming you get the setup of the credential field correct, you would want to try setting the credentials key like in the example from the docs
d
I don't think this'll work. Not only do I need to retrieve the secured password, I need to encode it to Base_64 and include it in the Auth Basic: header
b
for the encoding, you can use a https secure string to encode
j
So the secure string is the un-encrypted pwd?
b
but im of the belief thats too much work and you should just store the encoded username:password in the credential field
secure strings allow the manipulation of the value stored in the credential field
you can do things like concatenate another string, encode it, hash it, hmac it
j
In that link what would the variable secureStringPWD be ? If you didn't encode or hash etc would that be the password
b
it would be an object representing the password. you wont be able to do something like log the password from it
j
So how would the Authorization header get built for Basic Auth... after? Sorry for so many questions just interested in this
b
netsuite takes the value placed in a credential field and returns a GUID to represent it
it uses template string replacement in the https methods options object and replaces instances of the GUID with the value from the credential field
if you require manipulation of the credential field like for hashing, you can use a secure string. netsuite will replace a secure string with a string represent whatever operation was used on the secure string
ive never bothered using a secure string for basic authentication , its a constant value so i just store the encoded username:password combination in the credential field to avoid secure strings
j
Where is that encoded username:password stored in NetSuite?
b
id guess somewhere in their application servers memory
a key feature of the credential and secure key fields is that netsuite does not expose the values stored in them to users or scripts
d
I'm convinced that https.GET is the only way to use those secure fields
b
what does your https post look like
d
b
i advise tossing the secure string first and just make it work with the guids
d
What do you mean?
b
Copy code
var echoResponse = <http://https.post|https.post>({
  url: "<https://httpbin.org/post?password={91b406ffb95c491ba6c49a588d60c209}>",
  body: { key: "{91b406ffb95c491ba6c49a588d60c209}" },
  headers: {
    Authorization: "Basic {91b406ffb95c491ba6c49a588d60c209}"
  },
  credentials: ["91b406ffb95c491ba6c49a588d60c209"]
});
log.debug("echoResponse", echoResponse.body);
d
Just store the username:password in BASE_64 in a record?
b
dont use a secure string
just use the plain guid
d
Oh, I that I had to
But, I need to convert the username:password to BASE_64 at some point
b
im a fan of just using the encode username:password as the credential field
i advise making small steps. get the post with password guid working, then move on to secure strings
or honestly skip the secure string in the first place
d
So, you create a form asking for username password, and before you POST those values, you create the username:password (in BASE64) and push that value into a credential, and THEN post?
b
im not sure why you are posting, but yes, base 64 encode the username:password and set the encoded value in the credential field
j
I have four endpoints using Basic Auth I want NetSuite to store the base64 encoded string. How do I provide the initial value and then get it for https requests after
b
you create a credential field on an existing record using a before load user event script or create a suitelet that creates a form with a credential field
then attach client script which uses btoa to set the credential field
the value in the credential field will be replaced with a guid, which you can then use with https
j
So in my example I would need a Suitelet with a unique deployment per endpoint?
The goal is to provide the base64 encoded string in the Suitelet and then later use it in a map reduce script
b
keep in mind the use of the suitelet is a one time deal sort of thing
but yes, a deployment per credential is nice since creating a credential field require specifying which hosts a credential will be sent to and which scripts can use the credential
j
So then in a scheduled script (for example) you just need the Suitelet script and deployment ids to get the guid to then be used in the HTTPS request
b
not really sure how you are structuring this
j
I want to store the encoded base 64 string in a credential field so it's not in a script file and then use that value in a scheduled script to do HTTPS GET or POST request to an API endpoint
b
most straightforward idea here is to create a script parameter for your scheduled script
take the guid from the suitelet and set it on the script deployment
in your script, get the guid from the script parameter and use that with the https module
j
Ok I'll give this a shot. I really appreciate all your help @battk
d
What a giant waste of time
b
I refer you to my opening statement
d
lol
j
So in an account customization type of scenario where you right script to some endpoint with a Basic Auth would you still use a credential field
b
depends on what is acceptable in your account. if you dont want passwords in a file or record or somewhere else in your account
then suffer like @darrenhillconsulting
otherwise i like taking the easy way out and storing it in a hard to reach place
j
hard to reach within NetSuite?
I'm just curious what others are doing.
b
i already know the basics of credential guids, and form what ive seen, not many people do
ask your question generally in #C29HQS63G to see what others have done
11 Views
Open in Slack
PreviousNext
Powered by