Oauth implementation in netsuite using php
Here is some code I wrote for a PHP -> NS integration using Restlets and OAuth:
define("NETSUITE_URL", 'https://rest.netsuite.com/app/site/hosting/restlet.nl');
define("NETSUITE_SCRIPT_ID", 'XXXXXX');
define("NETSUITE_DEPLOY_ID", 'XXXXXX');
define("NETSUITE_ACCOUNT", 'XXXXXX');
define("NETSUITE_CONSUMER_KEY", 'XXXXXX');
define("NETSUITE_CONSUMER_SECRET", 'XXXXXX');
define("NETSUITE_TOKEN_ID", 'XXXXXX');
define("NETSUITE_TOKEN_SECRET", 'XXXXXX');
function sendOrderToNS($details) {
$data_string = json_encode($details);
$oauth_nonce = md5(mt_rand());
$oauth_timestamp = time();
$oauth_signature_method = 'HMAC-SHA1';
$oauth_version = "1.0";
$base_string =
"POST&" . urlencode(NETSUITE_URL) . "&" .
urlencode(
"deploy=" . NETSUITE_DEPLOY_ID
. "&oauth_consumer_key=" . NETSUITE_CONSUMER_KEY
. "&oauth_nonce=" . $oauth_nonce
. "&oauth_signature_method=" . $oauth_signature_method
. "&oauth_timestamp=" . $oauth_timestamp
. "&oauth_token=" . NETSUITE_TOKEN_ID
. "&oauth_version=" . $oauth_version
. "&realm=" . NETSUITE_ACCOUNT
. "&script=" . NETSUITE_SCRIPT_ID
);
$sig_string = urlencode(NETSUITE_CONSUMER_SECRET) . '&' . urlencode(NETSUITE_TOKEN_SECRET);
$signature = base64_encode(hash_hmac("sha1", $base_string, $sig_string, true));
$auth_header = "OAuth "
. 'oauth_signature="' . rawurlencode($signature) . '", '
. 'oauth_version="' . rawurlencode($oauth_version) . '", '
. 'oauth_nonce="' . rawurlencode($oauth_nonce) . '", '
. 'oauth_signature_method="' . rawurlencode($oauth_signature_method) . '", '
. 'oauth_consumer_key="' . rawurlencode(NETSUITE_CONSUMER_KEY) . '", '
. 'oauth_token="' . rawurlencode(NETSUITE_TOKEN_ID) . '", '
. 'oauth_timestamp="' . rawurlencode($oauth_timestamp) . '", '
. 'realm="' . rawurlencode(NETSUITE_ACCOUNT) .'"';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, NETSUITE_URL . '?&script=' . NETSUITE_SCRIPT_ID . '&deploy=' . NETSUITE_DEPLOY_ID . '&realm=' . NETSUITE_ACCOUNT);
curl_setopt($ch, CURLOPT_POST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Authorization: ' . $auth_header,
'Content-Type: application/json',
'Content-Length: ' . strlen($data_string)
]);
curl_exec($ch);
curl_close($ch);
}
I'd comment but am not able to yet. michoel's answer is correct but threw "invalid login attempt" errors when 'realm=...' was part of the $auth_header var. Taking that string out removed the issue.
Netsuite TBA Restlets won't support SHA1 anymore in 2021.1 release , you have to change PHP code to from $oauth_signature_method = 'HMAC-SHA1'; to $oauth_signature_method = 'HMAC-SHA256'; and from $signature = base64_encode(hash_hmac("sha1", $base_string, $sig_string, true)); to $signature = base64_encode(hash_hmac("sha256", $base_string, $sig_string, true));
define("NETSUITE_URL", 'https://rest.netsuite.com/app/site/hosting/restlet.nl');
define("NETSUITE_SCRIPT_ID", 'XXXXXX');
define("NETSUITE_DEPLOY_ID", 'XXXXXX');
define("NETSUITE_ACCOUNT", 'XXXXXX');
define("NETSUITE_CONSUMER_KEY", 'XXXXXX');
define("NETSUITE_CONSUMER_SECRET", 'XXXXXX');
define("NETSUITE_TOKEN_ID", 'XXXXXX');
define("NETSUITE_TOKEN_SECRET", 'XXXXXX');
function sendOrderToNS($details) {
$data_string = json_encode($details);
$oauth_nonce = md5(mt_rand());
$oauth_timestamp = time();
$oauth_signature_method = 'HMAC-SHA256';
$oauth_version = "1.0";
$base_string =
"POST&" . urlencode(NETSUITE_URL) . "&" .
urlencode(
"deploy=" . NETSUITE_DEPLOY_ID
. "&oauth_consumer_key=" . NETSUITE_CONSUMER_KEY
. "&oauth_nonce=" . $oauth_nonce
. "&oauth_signature_method=" . $oauth_signature_method
. "&oauth_timestamp=" . $oauth_timestamp
. "&oauth_token=" . NETSUITE_TOKEN_ID
. "&oauth_version=" . $oauth_version
. "&realm=" . NETSUITE_ACCOUNT
. "&script=" . NETSUITE_SCRIPT_ID
);
$sig_string = urlencode(NETSUITE_CONSUMER_SECRET) . '&' . urlencode(NETSUITE_TOKEN_SECRET);
$signature = base64_encode(hash_hmac("sha256", $base_string, $sig_string, true));
$auth_header = "OAuth "
. 'oauth_signature="' . rawurlencode($signature) . '", '
. 'oauth_version="' . rawurlencode($oauth_version) . '", '
. 'oauth_nonce="' . rawurlencode($oauth_nonce) . '", '
. 'oauth_signature_method="' . rawurlencode($oauth_signature_method) . '", '
. 'oauth_consumer_key="' . rawurlencode(NETSUITE_CONSUMER_KEY) . '", '
. 'oauth_token="' . rawurlencode(NETSUITE_TOKEN_ID) . '", '
. 'oauth_timestamp="' . rawurlencode($oauth_timestamp) . '", '
. 'realm="' . rawurlencode(NETSUITE_ACCOUNT) .'"';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, NETSUITE_URL . '?&script=' . NETSUITE_SCRIPT_ID . '&deploy=' . NETSUITE_DEPLOY_ID . '&realm=' . NETSUITE_ACCOUNT);
curl_setopt($ch, CURLOPT_POST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Authorization: ' . $auth_header,
'Content-Type: application/json',
'Content-Length: ' . strlen($data_string)
]);
curl_exec($ch);
curl_close($ch);
}