Home

RE: Python POST to RESTlet with Token Based Authentication and OAuth INVALID_REQUEST, Malformed Syntax

I am trying to do an integration with Token Based Authentication on a RESTlet script in Netsuite where I POST some data to it from Python using requests and oauth. I have followed some guides and am using this code below, but it produces the error message: {“error” : {“code” : “INVALID_REQUEST”, “message” : “The request could not be understood by the server due to malformed syntax.”}}.

 

After some research people have said that this could be that it requires a HMAC SHA 256 signature method which oauth does not support, but I saw on a Netsuite help page that they postponed the SHA 256 requirement.

 

Any help or insight would be amazing, thank you!

 

Heres the code:

import json
import oauth2 as oauth
import requests
import time
url = ‘https://123456-sb1.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=1&deploy=1’
token = oauth.Token(key=’xxxxxxxxxxxxxxxxxxx’, secret=’xxxxxxxxxxxxxxxxxxxx’)
consumer = oauth.Consumer(key=’xxxxxxxxxxxxxxxxxxxxxx’, secret=’xxxxxxxxxxxxxxxxxxx’)
httpMethod = ‘POST’
realm = ‘123_SB1’
payload = {
    ‘test’: ‘test’
}
params = {
    ‘oauth_version’: ‘1.0’,
    ‘oauth_nonce’: oauth.generate_nonce(),
    ‘oauth_timestamp’: str(int(time.time())),
    ‘oauth_token’: token.key,
    ‘oauth_consumer_key’: consumer.key
}
req = oauth.Request(method=httpMethod, url=url, parameters=params)
signatureMethod = oauth.SignatureMethod_HMAC_SHA1()
req.sign_request(signatureMethod, consumer, token)
header = req.to_header(realm)
headery = header[‘Authorization’].encode(‘ascii’, ‘ignore’)
headerx = {‘Authorization’: headery, ‘Content-Type’:’application/json’}
print(headerx)
conn = requests.post(url=url, headers=headerx, data=json.dumps(payload))
print(conn.text)

                


                

                    

                        
                            
                                                            
                            cadew
                        
                        Rookie
                        
                            Asked on March 4, 2022 in                        
                        
                            How To's.
                        
                    

                    

                        
                    

                


                

                

                    

                                            

                    		Add Comment
	    

	    

	        
	        
	        
	        
	        
	        

	            

	                
	            

	            

	                

	                    
	                

	                

	                    Cancel
	                

	            

	        

	    


	                

            

        

        

            

                

                    1 Answers
                

                

                    
                

            

        



        

            

                

	
    
    




	
    
    
                             

    
    

                    

    


    

        
I think it’s definitely because you are using HMAC-SHA1… I did some testing on my end using postman and if I use HMAC-SHA1 I get the same error but if I switch to HMAC-SHA256 works fine!


 

    


    

        

            
            

                
            

            

                

                    
                

                

                    
                        Cancel                    
                

            

        

    


    

    	
        

            
                
            
                Rookie                
                    Answered on March 7, 2022.                
        

		

        

        	
            
        

        
    

    

    

		

		


    

                

            
                cadew            
        

    

    

        

            
Can confirm I just need to use HMAC-SHA256 now that I have it working in Postman, it would be nice if I could figure out how to generate my own HMAC-SHA256 signature though.



            on March 7, 2022.  
                            
                    

        

            

                
                

                    
                

                

                    

                        
                    

                    

                        Cancel
                    

                

            

        

    


		


        		Add Comment
	    

	    

	        
	        
	        
	        
	        
	        

	            

	                
	            

	            

	                

	                    
	                

	                

	                    Cancel
	                

	            

	        

	    


	
    


            

        


        

            

                
Your Answer

                

                    
                    
                    







                    

                        

                            
                        

                        

                            By posting your answer, you agree to the privacy policy and terms of service.