netsuite_http_method="GET" netsuite_url="https://rest.na1.netsuite.com/app/site/hosting/restlet.nl?script=1&deploy=1" netsuite_oauth_account="" netsuite_content_type="text/plain" netsuite_oauth_consumer_key="" netsuite_oauth_consumer_secret="" netsuite_oauth_token="" netsuite_oauth_token_secret="" function OAuth(opts) { if(!(this instanceof OAuth)) { return new OAuth(opts); } if(!opts) { opts = {}; } if(!opts.consumer) { throw new Error('consumer option is required'); } this.consumer = opts.consumer; this.signature_method = opts.signature_method || 'HMAC-SHA1'; this.nonce_length = opts.nonce_length || 32; this.version = opts.version || '1.0'; this.parameter_seperator = opts.parameter_seperator || ', '; if(typeof opts.last_ampersand === 'undefined') { this.last_ampersand = true; } else { this.last_ampersand = opts.last_ampersand; } switch (this.signature_method) { case 'HMAC-SHA1': this.hash = function(base_string, key) { return CryptoJS.HmacSHA1(base_string, key).toString(CryptoJS.enc.Base64); }; break; case 'HMAC-SHA256': this.hash = function(base_string, key) { return CryptoJS.HmacSHA256(base_string, key).toString(CryptoJS.enc.Base64); }; break; case 'PLAINTEXT': this.hash = function(base_string, key) { return key; }; break; case 'RSA-SHA1': throw new Error('oauth-1.0a does not support this signature method right now. Coming Soon...'); default: throw new Error('The OAuth 1.0a protocol defines three signature methods: HMAC-SHA1, RSA-SHA1, and PLAINTEXT only'); } } /** * OAuth request authorize * * @param {Object} * request data { method, url, data } * @param {Object} * public and secret token * @return {Object} OAuth Authorized data */ OAuth.prototype.authorize = function(request, token) { var oauth_data = { oauth_consumer_key: this.consumer.public, oauth_nonce: this.getNonce(), oauth_signature_method: this.signature_method, oauth_timestamp: this.getTimeStamp(), oauth_version: this.version }; if(!token) { token = {}; } if(token.public) { oauth_data.oauth_token = token.public; } if(!request.data) { request.data = {}; } oauth_data.oauth_signature = this.getSignature(request, token.secret, oauth_data); return oauth_data; }; /** * Create an OAuth Signature * * @param {Object} * request data * @param {Object} * token_secret public and secret token * @param {Object} * oauth_data OAuth data * @return {String} Signature */ OAuth.prototype.getSignature = function(request, token_secret, oauth_data) { return this.hash(this.getBaseString(request, oauth_data), this.getSigningKey(token_secret)); }; /** * Base String = Method + Base Url + ParameterString * * @param {Object} * request data * @param {Object} * OAuth data * @return {String} Base String */ OAuth.prototype.getBaseString = function(request, oauth_data) { return request.method.toUpperCase() + '&' + this.percentEncode(this.getBaseUrl(request.url)) + '&' + this.percentEncode(this.getParameterString(request, oauth_data)); }; /** * Get data from url -> merge with oauth data -> percent encode key & value -> * sort * * @param {Object} * request data * @param {Object} * OAuth data * @return {Object} Parameter string data */ OAuth.prototype.getParameterString = function(request, oauth_data) { var base_string_data = this.sortObject(this.percentEncodeData(this.mergeObject(oauth_data, this.mergeObject(request.data, this.deParamUrl(request.url))))); var data_str = ''; // base_string_data to string for(var key in base_string_data) { var value = base_string_data[key]; // check if the value is an array // this means that this key has multiple values if (value && Array.isArray(value)){ // sort the array first value.sort(); var valString = ""; // serialize all values for this key: e.g. // formkey=formvalue1&formkey=formvalue2 value.forEach((function(item, i){ valString += key + '=' + item; if (i < value.length){ valString += "&"; } }).bind(this)); data_str += valString; } else { data_str += key + '=' + value + '&'; } } // remove the last character data_str = data_str.substr(0, data_str.length - 1); return data_str; }; /** * Create a Signing Key * * @param {String} * token_secret Secret Token * @return {String} Signing Key */ OAuth.prototype.getSigningKey = function(token_secret) { token_secret = token_secret || ''; if(!this.last_ampersand && !token_secret) { return this.percentEncode(this.consumer.secret); } return this.percentEncode(this.consumer.secret) + '&' + this.percentEncode(token_secret); }; /** * Get base url * * @param {String} * url * @return {String} */ OAuth.prototype.getBaseUrl = function(url) { return url.split('?')[0]; }; /** * Get data from String * * @param {String} * string * @return {Object} */ OAuth.prototype.deParam = function(string) { var arr = string.split('&'); var data = {}; for(var i = 0; i < arr.length; i++) { var item = arr[i].split('='); data[item[0]] = decodeURIComponent(item[1]); } return data; }; /** * Get data from url * * @param {String} * url * @return {Object} */ OAuth.prototype.deParamUrl = function(url) { var tmp = url.split('?'); if (tmp.length === 1) return {}; return this.deParam(tmp[1]); }; /** * Percent Encode * * @param {String} * str * @return {String} percent encoded string */ OAuth.prototype.percentEncode = function(str) { return encodeURIComponent(str) .replace(/\!/g, "%21") .replace(/\*/g, "%2A") .replace(/\'/g, "%27") .replace(/\(/g, "%28") .replace(/\)/g, "%29"); }; /** * Percent Encode Object * * @param {Object} * data * @return {Object} percent encoded data */ OAuth.prototype.percentEncodeData = function(data) { var result = {}; for(var key in data) { var value = data[key]; // check if the value is an array if (value && Array.isArray(value)){ var newValue = []; // percentEncode every value value.forEach((function(val){ newValue.push(this.percentEncode(val)); }).bind(this)); value = newValue; } else { value = this.percentEncode(value); } result[this.percentEncode(key)] = value; } return result; }; /** * Get OAuth data as Header * * @param {Object} * oauth_data * @return {String} Header data key - value */ OAuth.prototype.toHeader = function(oauth_data) { oauth_data = this.sortObject(oauth_data); var header_value = 'OAuth '; for(var key in oauth_data) { if (key.indexOf('oauth_') === -1) continue; header_value += this.percentEncode(key) + '="' + this.percentEncode(oauth_data[key]) + '"' + this.parameter_seperator; } return { Authorization: header_value.substr(0, header_value.length - this.parameter_seperator.length) // cut // the // last // chars }; }; /** * Create a random word characters string with input length * * @return {String} a random word characters string */ OAuth.prototype.getNonce = function() { var word_characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; var result = ''; for(var i = 0; i < this.nonce_length; i++) { result += word_characters[parseInt(Math.random() * word_characters.length, 10)]; } return result; }; /** * Get Current Unix TimeStamp * * @return {Int} current unix timestamp */ OAuth.prototype.getTimeStamp = function() { return parseInt(new Date().getTime()/1000, 10); }; // //////////////////// HELPER FUNCTIONS ////////////////////// /** * Merge object * * @param {Object} * obj1 * @param {Object} * obj2 * @return {Object} */ OAuth.prototype.mergeObject = function(obj1, obj2) { var merged_obj = obj1; for(var key in obj2) { merged_obj[key] = obj2[key]; } return merged_obj; }; /** * Sort object by key * * @param {Object} * data * @return {Object} sorted object */ OAuth.prototype.sortObject = function(data) { var keys = Object.keys(data); var result = {}; keys.sort(); for(var i = 0; i < keys.length; i++) { var key = keys[i]; result[key] = data[key]; } return result; }; var CryptoJS = CryptoJS || function(g, l) { var e = {}, d = e.lib = {}, m = function() {}, k = d.Base = { extend: function(a) { m.prototype = this; var c = new m; a && c.mixIn(a); c.hasOwnProperty("init") || (c.init = function() { c.$super.init.apply(this, arguments) }); c.init.prototype = c; c.$super = this; return c }, create: function() { var a = this.extend(); a.init.apply(a, arguments); return a }, init: function() {}, mixIn: function(a) { for (var c in a) a.hasOwnProperty(c) && (this[c] = a[c]); a.hasOwnProperty("toString") && (this.toString = a.toString) }, clone: function() { return this.init.prototype.extend(this) } }, p = d.WordArray = k.extend({ init: function(a, c) { a = this.words = a || []; this.sigBytes = c != l ? c : 4 * a.length }, toString: function(a) { return (a || n).stringify(this) }, concat: function(a) { var c = this.words, q = a.words, f = this.sigBytes; a = a.sigBytes; this.clamp(); if (f % 4) for (var b = 0; b < a; b++) c[f + b >>> 2] |= (q[b >>> 2] >>> 24 - 8 * (b % 4) & 255) << 24 - 8 * ((f + b) % 4); else if (65535 < q.length) for (b = 0; b < a; b += 4) c[f + b >>> 2] = q[b >>> 2]; else c.push.apply(c, q); this.sigBytes += a; return this }, clamp: function() { var a = this.words, c = this.sigBytes; a[c >>> 2] &= 4294967295 << 32 - 8 * (c % 4); a.length = g.ceil(c / 4) }, clone: function() { var a = k.clone.call(this); a.words = this.words.slice(0); return a }, random: function(a) { for (var c = [], b = 0; b < a; b += 4) c.push(4294967296 * g.random() | 0); return new p.init(c, a) } }), b = e.enc = {}, n = b.Hex = { stringify: function(a) { var c = a.words; a = a.sigBytes; for (var b = [], f = 0; f < a; f++) { var d = c[f >>> 2] >>> 24 - 8 * (f % 4) & 255; b.push((d >>> 4).toString(16)); b.push((d & 15).toString(16)) } return b.join("") }, parse: function(a) { for (var c = a.length, b = [], f = 0; f < c; f += 2) b[f >>> 3] |= parseInt(a.substr(f, 2), 16) << 24 - 4 * (f % 8); return new p.init(b, c / 2) } }, j = b.Latin1 = { stringify: function(a) { var c = a.words; a = a.sigBytes; for (var b = [], f = 0; f < a; f++) b.push(String.fromCharCode(c[f >>> 2] >>> 24 - 8 * (f % 4) & 255)); return b.join("") }, parse: function(a) { for (var c = a.length, b = [], f = 0; f < c; f++) b[f >>> 2] |= (a.charCodeAt(f) & 255) << 24 - 8 * (f % 4); return new p.init(b, c) } }, h = b.Utf8 = { stringify: function(a) { try { return decodeURIComponent(escape(j.stringify(a))) } catch (c) { throw Error("Malformed UTF-8 data"); } }, parse: function(a) { return j.parse(unescape(encodeURIComponent(a))) } }, r = d.BufferedBlockAlgorithm = k.extend({ reset: function() { this._data = new p.init; this._nDataBytes = 0 }, _append: function(a) { "string" == typeof a && (a = h.parse(a)); this._data.concat(a); this._nDataBytes += a.sigBytes }, _process: function(a) { var c = this._data, b = c.words, f = c.sigBytes, d = this.blockSize, e = f / (4 * d), e = a ? g.ceil(e) : g.max((e | 0) - this._minBufferSize, 0); a = e * d; f = g.min(4 * a, f); if (a) { for (var k = 0; k < a; k += d) this._doProcessBlock(b, k); k = b.splice(0, a); c.sigBytes -= f } return new p.init(k, f) }, clone: function() { var a = k.clone.call(this); a._data = this._data.clone(); return a }, _minBufferSize: 0 }); d.Hasher = r.extend({ cfg: k.extend(), init: function(a) { this.cfg = this.cfg.extend(a); this.reset() }, reset: function() { r.reset.call(this); this._doReset() }, update: function(a) { this._append(a); this._process(); return this }, finalize: function(a) { a && this._append(a); return this._doFinalize() }, blockSize: 16, _createHelper: function(a) { return function(b, d) { return (new a.init(d)).finalize(b) } }, _createHmacHelper: function(a) { return function(b, d) { return (new s.HMAC.init(a, d)).finalize(b) } } }); var s = e.algo = {}; return e }(Math); (function() { var g = CryptoJS, l = g.lib, e = l.WordArray, d = l.Hasher, m = [], l = g.algo.SHA1 = d.extend({ _doReset: function() { this._hash = new e.init([1732584193, 4023233417, 2562383102, 271733878, 3285377520]) }, _doProcessBlock: function(d, e) { for (var b = this._hash.words, n = b[0], j = b[1], h = b[2], g = b[3], l = b[4], a = 0; 80 > a; a++) { if (16 > a) m[a] = d[e + a] | 0; else { var c = m[a - 3] ^ m[a - 8] ^ m[a - 14] ^ m[a - 16]; m[a] = c << 1 | c >>> 31 } c = (n << 5 | n >>> 27) + l + m[a]; c = 20 > a ? c + ((j & h | ~j & g) + 1518500249) : 40 > a ? c + ((j ^ h ^ g) + 1859775393) : 60 > a ? c + ((j & h | j & g | h & g) - 1894007588) : c + ((j ^ h ^ g) - 899497514); l = g; g = h; h = j << 30 | j >>> 2; j = n; n = c } b[0] = b[0] + n | 0; b[1] = b[1] + j | 0; b[2] = b[2] + h | 0; b[3] = b[3] + g | 0; b[4] = b[4] + l | 0 }, _doFinalize: function() { var d = this._data, e = d.words, b = 8 * this._nDataBytes, g = 8 * d.sigBytes; e[g >>> 5] |= 128 << 24 - g % 32; e[(g + 64 >>> 9 << 4) + 14] = Math.floor(b / 4294967296); e[(g + 64 >>> 9 << 4) + 15] = b; d.sigBytes = 4 * e.length; this._process(); return this._hash }, clone: function() { var e = d.clone.call(this); e._hash = this._hash.clone(); return e } }); g.SHA1 = d._createHelper(l); g.HmacSHA1 = d._createHmacHelper(l) })(); (function() { var g = CryptoJS, l = g.enc.Utf8; g.algo.HMAC = g.lib.Base.extend({ init: function(e, d) { e = this._hasher = new e.init; "string" == typeof d && (d = l.parse(d)); var g = e.blockSize, k = 4 * g; d.sigBytes > k && (d = e.finalize(d)); d.clamp(); for (var p = this._oKey = d.clone(), b = this._iKey = d.clone(), n = p.words, j = b.words, h = 0; h < g; h++) n[h] ^= 1549556828, j[h] ^= 909522486; p.sigBytes = b.sigBytes = k; this.reset() }, reset: function() { var e = this._hasher; e.reset(); e.update(this._iKey) }, update: function(e) { this._hasher.update(e); return this }, finalize: function(e) { var d = this._hasher; e = d.finalize(e); d.reset(); return d.finalize(this._oKey.clone().concat(e)) } }) })(); (function() { var h = CryptoJS, j = h.lib.WordArray; h.enc.Base64 = { stringify: function(b) { var e = b.words, f = b.sigBytes, c = this._map; b.clamp(); b = []; for (var a = 0; a < f; a += 3) for (var d = (e[a >>> 2] >>> 24 - 8 * (a % 4) & 255) << 16 | (e[a + 1 >>> 2] >>> 24 - 8 * ((a + 1) % 4) & 255) << 8 | e[a + 2 >>> 2] >>> 24 - 8 * ((a + 2) % 4) & 255, g = 0; 4 > g && a + 0.75 * g < f; g++) b.push(c.charAt(d >>> 6 * (3 - g) & 63)); if (e = c.charAt(64)) for (; b.length % 4;) b.push(e); return b.join("") }, parse: function(b) { var e = b.length, f = this._map, c = f.charAt(64); c && (c = b.indexOf(c), -1 != c && (e = c)); for (var c = [], a = 0, d = 0; d < e; d++) if (d % 4) { var g = f.indexOf(b.charAt(d - 1)) << 2 * (d % 4), h = f.indexOf(b.charAt(d)) >>> 6 - 2 * (d % 4); c[a >>> 2] |= (g | h) << 24 - 8 * (a % 4); a++ } return j.create(c, a) }, _map: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=" } })(); // User token generated on the account where RESTlet resides var token = { public: netsuite_oauth_token, secret: netsuite_oauth_token_secret }; // User token generated on the account where RESTlet resides var oauth = OAuth( { consumer: { public: netsuite_oauth_consumer_key, secret: netsuite_oauth_consumer_secret }, signature_method: 'HMAC-SHA1' } ); var request_data = { url: netsuite_url, method: netsuite_http_method, data: {} }; var headerWithRealm = oauth.toHeader(oauth.authorize(request_data, token)); headerWithRealm.Authorization += ',realm=' + netsuite_oauth_account; headerWithRealm['Content-Type'] = netsuite_content_type; var netsuite_authorization = headerWithRealm.Authorization; console.log(netsuite_authorization); nlapiRequestURL(netsuite_url, null, {"Authorization": netsuite_authorization, "Content-Type": "text/plain" })