Has anyone figured out a way to call a rest call with powershell? I am STRUGGLING to get past the oauth1 security. I am trying to figure out how to, in powershell, create a signature, timestamp & nonce

I don't really know powershell, but a quick google search brought back these which I'd use as a jumping off point... if you've progressed further than this already then I'd suggest providing more details so someone versed in PS can more easily assist. https://www.example-code.com/powershell/woo_commerce_oauth1.asp https://stackoverflow.com/questions/60992276/powershell-oauth-1-0-one-legged-authentication-with-hmac-sha1-fails https://www.powershellgallery.com/packages/MyTwitter/1.0.12/Content/Public%5CGet-OAuthAuthorization.ps1

This should point you in the right direction (yes it was a PITA to get working) ...

cls

Add-Type -AssemblyName System.Web

## USER SETTINGS START ##############################################################################################

$nsUrlInstanceName = "" #example: 12345-SB1

$nsRealm = "" #example: 12345_SB1

$nsDeployId = "" #example: 1

$nsScriptId = "" #example: 123

$oauth_consumer_key = ""

$oauth_consumer_secret = ""

$oauth_token = ""

$oauth_token_secret = ""

## USER SETTINGS END ##############################################################################################

function EncodeToUpper

{

param($value)

return $value.Replace("%2a","%2A").Replace("%2b","%2B").Replace("%2c","%2C").Replace("%2d","%2D").Replace("%2e","%2E").Replace("%2f","%2F").Replace("%3a","%3A").Replace("%3b","%3B").Replace("%3c","%3C").Replace("%3d","%3D").Replace("%3e","%3E").Replace("%3f","%3F")

}

$oauth_nonce = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes([System.DateTime]::Now.Ticks.ToString()))

$oauth_timestamp = [long](([datetime]::UtcNow)-(Get-Date "1970-01-01")).TotalSeconds

$baseUrl = 'https://'+$nsUrlInstanceName+'.<http://restlets.api.netsuite.com/app/site/hosting/restlet.nl|restlets.api.netsuite.com/app/site/hosting/restlet.nl>'

$fullUrl = $baseUrl + '?script='+$nsScriptId+'&deploy='+$nsDeployId

$baseUrlEncoded = [System.Web.HttpUtility]::UrlEncode($baseUrl)

$baseUrlEncoded = EncodeToUpper $baseUrlEncoded

#sort param names lexicographically

$params = "deploy=$nsDeployId&oauth_consumer_key=$oauth_consumer_key&oauth_nonce=$oauth_nonce&oauth_signature_method=HMAC-SHA256&oauth_timestamp=$oauth_timestamp&oauth_token=$oauth_token&oauth_version=1.0&script=$nsScriptId"

$paramsEncoded = [System.Web.HttpUtility]::UrlEncode($params)

$paramsEncoded = EncodeToUpper $paramsEncoded

$message = 'GET&'+$baseUrlEncoded+'&'+$paramsEncoded

$key = $oauth_consumer_secret + "&" + $oauth_token_secret

$hmac = New-Object System.Security.Cryptography.HMACSHA256

$hmac.Key = [System.Text.Encoding]::ASCII.GetBytes($key)

$signature = [System.Convert]::ToBase64String($hmac.ComputeHash([System.Text.Encoding]::ASCII.GetBytes($message)))

$signature = [System.Web.HttpUtility]::UrlEncode($signature)

$signature = EncodeToUpper $signature

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"

$headers.Add("Content-Type", "application/json")

$headers.Add("Authorization", 'OAuth realm="'+$nsRealm+'", oauth_consumer_key="'+$oauth_consumer_key+'", oauth_token="'+$oauth_token+'", oauth_signature_method="HMAC-SHA256", oauth_timestamp="'+$oauth_timestamp+'", oauth_nonce="'+$oauth_nonce+'", oauth_version="1.0", oauth_signature="'+$signature+'"')

$response = Invoke-RestMethod $fullUrl -Method 'GET' -Headers $headers

$response | ConvertTo-Json

maybe try Client Credentials Flow Oauth 2?

@dynamicl Hmmm, so I have all of the keys quadrupally checked but I am getting an "Invalid Login attempt" still. All I did was copy and paste and put in my user settings

Long shot, but check for a leading trailing space somewhere?

Haha, unfortunately there are non that I see 😕

Not touched this for a year or more, let me try it my side.

Dang. I'm getting a forbidden

I've only ever used this for RESTlets, are you testing with one?

I am. Do you know what your restlet settings are? Mine is set to released and allows all roles

message has been deleted

If I take your code and put the postman nonce, timestamp, and oauth_signature values it works. So something with how at least 1 of those 3 are being created is the issue for me at least 😕

But if you copy and paste those into postman its ok?

Yup, if I take the nonce & tiemstamp your code creates, put it in postman, postman returns successfully

My code in PS, so you can see if it matches exactly

$oauth_consumer_secret + "&" + $oauth_token_secret These are the secrets and not the keys right?

Have you outputted $headers to the console? Just double check its not introduced a leading or trailing space or something like that.

Yeah. It all looks great, but it for some reason keeps getting rejected when using the signature

are you doing a GET?

Yup

mmm, running out of ideas ... can you try against 2 different instances to rule that out? I'd also add debug messages to the log, just to make sure the invalid login isnt a red herring.

Ditto. It just feels like netsuite is expecting a different signature

@battk Cool. So I can see that it was a Failure, but there is nothing in the "security challenge" column. Anymore info on how I could use this?

which of the 5 steps did you follow

you talking about the "to track tokens" If so, all of them

what do your results look like

message has been deleted

these results fail to convince me you followed all the steps

Dang. brain dead.

timestamp is unusual

4:14 est

Thanks, will make a note of that in my script. Glad it's working for you 👍

Meeeeeeee tooooooo. 10 hours because of a case issue in the url Thanks netsuite 😑 lol