Python POST to RESTlet with Token Based Authentication and OAuth INVALID_REQUEST, Malformed Syntax

I am trying to do an integration with Token Based Authentication on a RESTlet script in Netsuite where I POST some data to it from Python using requests and oauth. I have followed some guides and am using this code below, but it produces the error message: {“error” : {“code” : “INVALID_REQUEST”, “message” : “The request could not be understood by the server due to malformed syntax.”}}.

 

After some research people have said that this could be that it requires a HMAC SHA 256 signature method which oauth does not support, but I saw on a Netsuite help page that they postponed the SHA 256 requirement.

 

Any help or insight would be amazing, thank you!

 

Heres the code:

import json
import oauth2 as oauth
import requests
import time
url = ‘https://123456-sb1.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=1&deploy=1’
token = oauth.Token(key=’xxxxxxxxxxxxxxxxxxx’, secret=’xxxxxxxxxxxxxxxxxxxx’)
consumer = oauth.Consumer(key=’xxxxxxxxxxxxxxxxxxxxxx’, secret=’xxxxxxxxxxxxxxxxxxx’)
httpMethod = ‘POST’
realm = ‘123_SB1’
payload = {
    ‘test’: ‘test’
}
params = {
    ‘oauth_version’: ‘1.0’,
    ‘oauth_nonce’: oauth.generate_nonce(),
    ‘oauth_timestamp’: str(int(time.time())),
    ‘oauth_token’: token.key,
    ‘oauth_consumer_key’: consumer.key
}
req = oauth.Request(method=httpMethod, url=url, parameters=params)
signatureMethod = oauth.SignatureMethod_HMAC_SHA1()
req.sign_request(signatureMethod, consumer, token)
header = req.to_header(realm)
headery = header[‘Authorization’].encode(‘ascii’, ‘ignore’)
headerx = {‘Authorization’: headery, ‘Content-Type’:’application/json’}
print(headerx)
conn = requests.post(url=url, headers=headerx, data=json.dumps(payload))
print(conn.text)

                
Rookie Asked on March 4, 2022 in How To's.
Add Comment
1 Answer(s)

I think it’s definitely because you are using HMAC-SHA1… I did some testing on my end using postman and if I use HMAC-SHA1 I get the same error but if I switch to HMAC-SHA256 works fine!

 

Rookie Answered on March 7, 2022.

Can confirm I just need to use HMAC-SHA256 now that I have it working in Postman, it would be nice if I could figure out how to generate my own HMAC-SHA256 signature though.

on March 7, 2022.
Add Comment

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.
  • This site made possible by our sponsors:   Tipalti   Celigo   Limebox   Become a Sponsor   Become a Sponsor