我尝试使用 **oauth 1.0(TBA)* 从 SuiteScript 2.1 连接到 Restlet,但 SuiteScript 2.1 加密不支持哈希。我们有什么可能的方法可以实现这一目标吗?
我们使用了加密和编码,但没有任何作用。 SuiteScript 2.1 或 2.0 中是否有其他方法可以通过 oauth 1.0(TBA) 进行加密身份验证或使用 HMAC-SHA256 创建签名?
var SIGNATURE_METHOD = "HMAC-SHA256"
var length = 11;
var OAUTH_NONCE = random(length)
var date = new Date()
var milliseconds = date.getTime()
var TIME_STAMP = parseInt(((milliseconds -120000)/1000))
var OAUTH_VERSION = "1.0";
var SCRIPT_DEPLOYMENT_ID = 1;
var REALM = "78787878"
var CONSUMERKEY = "4554545";
var CONSUMERSECRET = "45455454";
var TOKENKEY = "78787878";
var TOKENSECRET = "4545454544";
var base_url = "https://89898989-sb1.restlets.api.netsuite.com/app/site/hosting/restlet.nl"
var encdata = "deploy=" + SCRIPT_DEPLOYMENT_ID + "&"
encdata = encdata + "oauth_consumer_key=" + CONSUMERKEY + "&"
encdata = encdata + "oauth_nonce=" + OAUTH_NONCE + "&"
encdata = encdata + "oauth_signature_method=" + SIGNATURE_METHOD + "&"
encdata = encdata + "oauth_timestamp=" + TIME_STAMP + "&"
encdata = encdata + "oauth_token=" + TOKENKEY + "&"
encdata = encdata + "oauth_version=" + OAUTH_VERSION + "&"
encdata = encdata + "script=" + scriptId
var baseEncrypt = base_url;
var encryptData = encdata;
var completeData = method+'&' + baseEncrypt + '&'+ encryptData
var ConsumerSecretEncode = CONSUMERSECRET
var ConsumerTokedEncode = TOKENSECRET
var key = ConsumerSecretEncode + "&" + ConsumerTokedEncode
var algorithm = 'SHA256';
var signatureNormal = generateHMAC(key, completeData, algorithm, crypto, encode);
var signature = signatureNormal
var OAuth = "OAuth realm=\"" + REALM + "\","
OAuth = OAuth + "oauth_consumer_key=\"" + CONSUMERKEY + "\","
OAuth = OAuth + "oauth_token=\"" + TOKENKEY + "\","
OAuth = OAuth + "oauth_signature_method=\"HMAC-SHA256\","
OAuth = OAuth + "oauth_timestamp=\"" + TIME_STAMP + "\","
OAuth = OAuth + "oauth_nonce=\"" + OAUTH_NONCE + "\","
OAuth = OAuth + "oauth_version=\"" + "1.0" + "\","
OAuth = OAuth + "oauth_signature=\"" + signature + "\""
return OAuth
}
function generateHMAC(key, data, algorithm, crypto, encode) {
const encoder = encode
const dataValue = encoder.convert({
string: data,
inputEncoding: encoder.Encoding.UTF_8, // Use the value directly
outputEncoding: encoder.Encoding.BASE_64 // Use the value directly
});
const keyData = encoder.convert({
string: key,
inputEncoding: encoder.Encoding.UTF_8, // Use the value directly
outputEncoding: encoder.Encoding.BASE_64 // Use the value directly
});
return crypto.subtle.importKey('raw', keyData, { name: 'HMAC', hash: 'SHA-256' }, false, ['sign'])
.then((cryptoKey) => crypto.subtle.sign('HMAC', cryptoKey, dataValue))
.then((signature) => {
const view = new DataView(signature);
let hash = '';
for (let i = 0; i < view.byteLength; i++) {
const hex = view.getUint8(i).toString(16);
if (hex.length === 1) {
hash += '0';
}
hash += hex;
}
return hash;
});
}
您可能想尝试
netsuiteoauth2
npm 包。它是使用 NetSuite 处理 OAuth 2.0 身份验证的轻量级选项,并且是使用本机 Node.js 构建的。这使得它成为一个简单而有效的选择,而无需添加不必要的依赖项。
您可以在这里找到更多详细信息:netsuiteoauth2 npm 页面。