https://netsuiteprofessionals.com logo
Join SlackCommunities
Powered by
is there a library or possibly a NetSuite function...
# suitescript
t
is there a library or possibly a NetSuite function for request signing? I have an example in node, I’m just not sure if SS will support some of the functions in here: https://github.com/ConfidentCannabis/public-api-tools/blob/master/js/signing.js
Obviously, CryptoJS would have to be included, and I believe that is fairly straightforward.
b
It looks like a hmac, so you could probably implement it in suitescript
Using N/crypto
But i would go with their code first, especially if you arent writing a suiteapp that needs to pass review
t
cool
I’ve done this once or twice before but never seem to keep a log or copy of the script and seems like each implementation is a little different. If the crypto lib supports it though I might look into that further
b
Said like someone who has never used N/crypto
t
although I guess that is kind of by design for security purposes, maybe? here is the SUMMARY of their steps for the signature: 1. create base string by combining method and route - eg: GET/api/v0/test 2. create ascii-sorted (ascending), lowercased list of (key, value) pairs from headers dictionary (must include X-ConfidentCannabis-Timestamp but not X-ConfidentCannabis-APIKey or X-ConfidentCannabis-Signature) 3. create url encoded string ‘key=value&...’ for ascii-ordered header fields, lowercased 4. create semi-colon separated list of lowercase header keys eg: x-confidentcannabis-timestamp;host 5. create ascii-sorted list of (key, value) pairs from data 6. add (‘api_key’, ‘api_value’) to the END of the list 7. create url encoded param string ‘key=value&...’ for ordered data fields 8. percent-encode (see notes below about URI Encoding) the base string from step 1 9. combine percent encoded base string, url encoded header string, and url encoded parameter string with & between them 10. create sha256 hmac signature from string using api_secret 11. prefix with signing algorithm and header list string: ‘CC0-HMAC-SHA256host;x confidentcannabis timestamp
Seems like I should at least use n/crypto to create the signature instead of importing and using CryptoJS.HmacSHA256
I’m stuck on there not being parity between CryptoJS.HmacSHA256 and crypto.createHmac - cryptojs is expecting the signing string and a secret where NetSuite does it differently. Based on the documentation you create the key object with the apiSecret and createHmac with that and the algo. Then you update with the signing string (assuming docs are lacking here) and then return with digest - that gives me AN_ERROR_OCCURRED_WHILE_DECRYPT_PASSWORDGUID
b
there is a reason i could tell you havent used N/crypto before
its not friendly, and it handles keys very differently than other crypto libraries
you will want to use the new api secret feature to store your key, and then use that to create your secret key object
you can also use a guid returned from a secret key field, but thats a lot more work
t
not sure what the “new api secret feature” is
like a field type
?
b
t
Does it simply replace the reference to
Copy code
'custsecret1'
with the password set?
I found this sample but it’s not dealing with hmac
b
yes, but in a way such that you can't access the secret key
all of the crypto stuff is designed for secrets to be retrieved from netsuite and not be accessible to the script
t
oh I see, just the secret key creation
thanks @battk owe you a beer - got it generating the signing string - now to get the API working…
b
if you had to advise someone else on how to do this, would you recommend N/crypto or to use the other code
t
I can’t say I understand the whole concept well enough but I was forced to in this case because the CryptoJS lib min could not be used, there was a conflict with define. I think it probably would work fine if it was SS1.0. I would always recommend to use the simplest, most “native” way to do something instead of hacking around because the loopholes get closed eventually.
b
Suitescript javascript environment is old
Newer versions of crypto js wont work since they expect modern crypto globals that suitescript doesnt expose
Use the 3.1.x series of crypto js to maintain suitescript compatibility
4 Views
Open in Slack
PreviousNext
Powered by