need the rest of the header

its probably bad that its not passed to computeSignature

using System; using RestSharp; using RestSharp.Authenticators; using System.Security.Cryptography; using Newtonsoft.Json; public class NetSuiteClient { public NetSuiteClient() { } private RestRequest buildClient(string resource, Method method, string script, string deploy) { _client = new RestClient(this._endpoint); RestRequest request = new RestRequest(resource, method); string creds = CredManager.ReadNetSuite("netsuite").AcctID ?? "notfound"; if (creds == "notfound") { using (Logger _out = new Logger("info")) { _out.info("ERROR", "NetSuiteClient", "No NetSuite Creds set up.", 0, 0); } return null; } //Realm is our instance of NetSuite CredManager.NetSuiteCredential nsc = CredManager.ReadNetSuite("netsuite"); string realm = nsc.AcctID; //Set the keys and secrets string consumerKey = nsc.ConsumerKey.ConvertToUnsecureString(); string consumerSecret = nsc.ConsumerSecret.ConvertToUnsecureString(); string tokenId = nsc.TokenID.ConvertToUnsecureString(); string tokenSecret = nsc.TokenSecret.ConvertToUnsecureString(); //Compute the nonce string nonce = computeNonce(); //Compute the timestamp long timestamp = computeTimestamp(); TokenPassport sign = computeSignature(deploy , consumerKey , consumerSecret , tokenId , tokenSecret , nonce , timestamp , script , "POST" , resource); string auth = buildAuth(sign.Value , nonce , sign.algorithm , consumerKey , tokenId , timestamp , realm); request.AddQueryParameter("script", script); request.AddQueryParameter("deploy", deploy); request.AddParameter("Authorization", auth, ParameterType.HttpHeader); return request; } private TokenPassport computeSignature(string deploy , string consumerKey , string consumerSecret , string tokenId , string tokenSecret , string nonce , long timestamp , string script , string method , string resource) { string baseString = "deploy=" + deploy + "&" + "oauth_consumer_key=" + consumerKey + "&" + "oauth_nonce=" + nonce + "&" + "oauth_signature_method=HMAC-SHA256&" + "oauth_timestamp=" + timestamp.ToString() + "&" + "oauth_token=" + tokenId + "&" + "oauth_version=1.0&" + "script=" + script; //string baseStringEncode = HttpUtility.UrlEncode(baseString); string baseStringEncode = System.Net.WebUtility.UrlEncode(baseString); string fullURL = method + "&" + System.Net.WebUtility.UrlEncode(this._endpoint + resource) + "&" + baseStringEncode; string key = consumerSecret + "&" + tokenSecret; string signature = ""; var encoding = new System.Text.ASCIIEncoding(); byte[] keyBytes = encoding.GetBytes(key); byte[] baseStringBytes = encoding.GetBytes(fullURL); using (var hmacSha256 = new HMACSHA256(keyBytes)) { byte[] hashBaseString = hmacSha256.ComputeHash(baseStringBytes); signature = Convert.ToBase64String(hashBaseString); } string signatureEncode = System.Net.WebUtility.UrlEncode(signature); TokenPassport sign = new TokenPassport(); sign.algorithm = "HMAC-SHA256"; sign.Value = signatureEncode; return sign; } private string buildAuth(string value , string nonce , string algorithm , string consumerKey , string tokenId , long timestamp , string realm) { string auth = @"OAuth oauth_signature=""" + value + @""",oauth_version=""" + "1.0" + @""",oauth_nonce=""" + nonce + @""",oauth_signature_method=""" + algorithm + @""",oauth_consumer_key=""" + consumerKey + @""",oauth_token=""" + tokenId + @""",oauth_timestamp=""" + timestamp.ToString() + @""",realm=""" + realm + "\""; return auth; } private string computeNonce() { //Use System.Security.Cryptography for RNGCryptoServiceProvider RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); byte[] data = new byte[20]; rng.GetBytes(data); int value = Math.Abs(BitConverter.ToInt32(data, 0)); return value.ToString(); } private long computeTimestamp() { return ((long)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds); } }

probably need to look at TokenPassport

today is the day only sha-256 works in tba

@battk Do you see if I need to configure something on the Integration record

works as expected

implemented a TokenPassport that basically only has a public Value and algorithm

what does your TokenPassport look like

whats a TokenPassport?

its a bad idea to touch code in a language that you dont know

i only know c# as basically java

public partial class TokenPassport     {       private string algorithmField;       private string valueField;       public string algorithm       {         get         {           return this.algorithmField;         }         set         {           this.algorithmField = value;         }       }       public string Value       {         get         {           return this.valueField;         }         set         {           this.valueField = value;         }       }

One thing to be aware of with SOAP is to make sure you are using a fairly recent WSDL. It is possible that Netsuite disabled any WSDL’s that won’t be supported in 2021.2 along with the HMAC-SHA1 deprecation. Just speculation, but if I were using SOAP, I’d be updating my WSDL’s from time to time to stay current.

In other words, don’t be lulled into a false sense of security. When the next test window for this comes around, you will break again.