Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork1.7k
Added HMAC-SHA256 Signature Service and NetSuite API#1003
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Open
svonduhn wants to merge8 commits intoscribejava:masterChoose a base branch
base:master
Could not load branches
Branch not found:{{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline, and old review comments may become outdated.
Uh oh!
There was an error while loading.Please reload this page.
Open
Changes fromall commits
Commits
Show all changes
8 commits Select commitHold shift + click to select a range
e37b4cd Added HMAC-SHA256 Signature Service and NetSuite API
svonduhn-chubaa9a27b Merge branch 'master' of git://github.com/scribejava/scribejava into …
svonduhn-chub48a15ce Added NetSuiteExample to README
svonduhn-chub0cdd057 Merge branch 'master' of git://github.com/scribejava/scribejava into …
svonduhn-chub192c17c Merge remote-tracking branch 'upstream/master' into NetSuiteHMAC-SHA256
svonduhn-chubf1abf00 Update NetSuiteExample to a POST request, including an example JSON r…
svonduhn-chubb222f16 Updated NetSuiteExample
svonduhn-chub7f25ab6 Merge branch 'scribejava:master' into NetSuiteHMAC-SHA256
svonduhnFile filter
Filter by extension
Conversations
Failed to load comments.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Jump to
Jump to file
Failed to load files.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Diff view
Diff view
There are no files selected for viewing
1 change: 1 addition & 0 deletionsREADME.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
40 changes: 40 additions & 0 deletionsscribejava-apis/src/main/java/com/github/scribejava/apis/NetSuiteApi.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| package com.github.scribejava.apis; | ||
| import com.github.scribejava.core.builder.api.DefaultApi10a; | ||
| import com.github.scribejava.core.services.HMACSha256SignatureService; | ||
| import com.github.scribejava.core.services.SignatureService; | ||
| public class NetSuiteApi extends DefaultApi10a { | ||
| protected NetSuiteApi() { | ||
| } | ||
| private static class InstanceHolder { | ||
| private static final NetSuiteApi INSTANCE = new NetSuiteApi(); | ||
| } | ||
| public static NetSuiteApi instance() { | ||
| return InstanceHolder.INSTANCE; | ||
| } | ||
| @Override | ||
| public SignatureService getSignatureService() { | ||
| return new HMACSha256SignatureService(); | ||
| } | ||
| @Override | ||
| public String getAccessTokenEndpoint() { | ||
| return null; | ||
| } | ||
| @Override | ||
| public String getRequestTokenEndpoint() { | ||
| return null; | ||
| } | ||
| @Override | ||
| public String getAuthorizationBaseUrl() { | ||
| return null; | ||
| } | ||
| } |
80 changes: 80 additions & 0 deletionsscribejava-apis/src/test/java/com/github/scribejava/apis/examples/NetSuiteExample.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,80 @@ | ||
| package com.github.scribejava.apis.examples; | ||
| import com.fasterxml.jackson.databind.ObjectMapper; | ||
| import com.github.scribejava.apis.NetSuiteApi; | ||
| import com.github.scribejava.core.builder.ServiceBuilder; | ||
| import com.github.scribejava.core.model.OAuth1AccessToken; | ||
| import com.github.scribejava.core.model.OAuthRequest; | ||
| import com.github.scribejava.core.model.Response; | ||
| import com.github.scribejava.core.model.Verb; | ||
| import com.github.scribejava.core.oauth.OAuth10aService; | ||
| import org.apache.http.client.utils.URIBuilder; | ||
| import java.io.IOException; | ||
| import java.util.HashMap; | ||
| import java.util.Map; | ||
| import java.util.concurrent.ExecutionException; | ||
| public class NetSuiteExample { | ||
| private static final ObjectMapper jsonMapper = new ObjectMapper(); | ||
| // Replace these with your own account id, consumer key, consumer secret, token id, token secret and restlet domain | ||
| private static final String ACCOUNT_ID = "your_account_id"; | ||
| private static final String CONSUMER_KEY = "your_consumer_key"; | ||
| private static final String CONSUMER_SECRET = "your_consumer_secret"; | ||
| private static final String TOKEN_ID = "your_token_id"; | ||
| private static final String TOKEN_SECRET = "your_token_secret"; | ||
| private static final String RESTLET_DOMAIN = "YOUR-ACCOUNT-ID.restlets.api.netsuite.com"; | ||
| private static final String RESTLET_PATH = "/app/site/hosting/restlet.nl"; | ||
| private static final String SCRIPT = "script"; | ||
| private static final String DEPLOY = "deploy"; | ||
| private static final String PROTECTED_RESOURCE_URL = new URIBuilder() | ||
| .setScheme("https") | ||
| .setHost(RESTLET_DOMAIN) | ||
| .setPath(RESTLET_PATH) | ||
| .addParameter(SCRIPT, "your_restlet_script_id") | ||
| .addParameter(DEPLOY, "your_restlet_deploy_id") | ||
| .toString(); | ||
| private NetSuiteExample() { | ||
| } | ||
| @SuppressWarnings("PMD.SystemPrintln") | ||
| public static void main(String... args) throws IOException, InterruptedException, ExecutionException { | ||
| final OAuth10aService service = new ServiceBuilder(CONSUMER_KEY) | ||
| .apiSecret(CONSUMER_SECRET) | ||
| .build(NetSuiteApi.instance()); | ||
| System.out.println("=== NetSuite's OAuth (Token-based Authorization) ==="); | ||
| System.out.println(); | ||
| final OAuth1AccessToken accessToken = new OAuth1AccessToken(TOKEN_ID, TOKEN_SECRET); | ||
| // Now let's go and ask for a protected resource! | ||
| System.out.println("Now we're going to access a protected resource..."); | ||
| final OAuthRequest request = new OAuthRequest(Verb.POST, PROTECTED_RESOURCE_URL); | ||
| request.setRealm(ACCOUNT_ID); | ||
| service.signRequest(accessToken, request); | ||
| request.addHeader("Content-Type", "application/json"); | ||
| Map<String, String> requestMap = new HashMap<>(); | ||
| requestMap.put("message", "your request body for POST and PUT"); | ||
| String jsonRequestBody = jsonMapper.writer().writeValueAsString(requestMap); | ||
| request.setPayload(jsonRequestBody); | ||
| System.out.println("Request body to send:"); | ||
| System.out.println(jsonRequestBody); | ||
| System.out.println(); | ||
| try (Response response = service.execute(request)) { | ||
| System.out.println("Got it! Let's see what we found..."); | ||
| System.out.println(); | ||
| System.out.println(response.getCode()); | ||
| System.out.println(response.getBody()); | ||
| } | ||
| System.out.println(); | ||
| System.out.println("That's it man! Go and build something awesome with ScribeJava! :)"); | ||
| } | ||
| } |
53 changes: 53 additions & 0 deletions...va-core/src/main/java/com/github/scribejava/core/services/HMACSha256SignatureService.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| package com.github.scribejava.core.services; | ||
| import com.github.scribejava.core.base64.Base64; | ||
| import com.github.scribejava.core.exceptions.OAuthSignatureException; | ||
| import com.github.scribejava.core.utils.OAuthEncoder; | ||
| import com.github.scribejava.core.utils.Preconditions; | ||
| import java.nio.charset.StandardCharsets; | ||
| import java.security.InvalidKeyException; | ||
| import java.security.NoSuchAlgorithmException; | ||
| import javax.crypto.Mac; | ||
| import javax.crypto.spec.SecretKeySpec; | ||
| /** | ||
| * HMAC-SHA256 implementation of {@link SignatureService} | ||
| */ | ||
| public class HMACSha256SignatureService implements SignatureService { | ||
| private static final String EMPTY_STRING = ""; | ||
| private static final String CARRIAGE_RETURN = "\r\n"; | ||
| private static final String HMAC_SHA256 = "HmacSHA256"; | ||
| private static final String METHOD = "HMAC-SHA256"; | ||
| /** | ||
| * {@inheritDoc} | ||
| */ | ||
| @Override | ||
| public String getSignature(String baseString, String apiSecret, String tokenSecret) { | ||
| try { | ||
| Preconditions.checkEmptyString(baseString, "Base string can't be null or empty string"); | ||
| Preconditions.checkNotNull(apiSecret, "Api secret can't be null"); | ||
| return doSign(baseString, OAuthEncoder.encode(apiSecret) + '&' + OAuthEncoder.encode(tokenSecret)); | ||
| } catch (NoSuchAlgorithmException | InvalidKeyException | RuntimeException e) { | ||
| throw new OAuthSignatureException(baseString, e); | ||
| } | ||
| } | ||
| private String doSign(String toSign, String keyString) throws NoSuchAlgorithmException, InvalidKeyException { | ||
| final SecretKeySpec key = new SecretKeySpec(keyString.getBytes(StandardCharsets.UTF_8), HMAC_SHA256); | ||
| final Mac mac = Mac.getInstance(HMAC_SHA256); | ||
| mac.init(key); | ||
| final byte[] bytes = mac.doFinal(toSign.getBytes(StandardCharsets.UTF_8)); | ||
| return Base64.encode(bytes).replace(CARRIAGE_RETURN, EMPTY_STRING); | ||
| } | ||
| /** | ||
| * {@inheritDoc} | ||
| */ | ||
| @Override | ||
| public String getSignatureMethod() { | ||
| return METHOD; | ||
| } | ||
| } |
73 changes: 73 additions & 0 deletions...ore/src/test/java/com/github/scribejava/core/services/HMACSha256SignatureServiceTest.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| package com.github.scribejava.core.services; | ||
| import com.github.scribejava.core.exceptions.OAuthException; | ||
| import org.junit.Before; | ||
| import org.junit.Test; | ||
| import org.junit.function.ThrowingRunnable; | ||
| import static org.junit.Assert.assertEquals; | ||
| import static org.junit.Assert.assertThrows; | ||
| public class HMACSha256SignatureServiceTest { | ||
| private HMACSha256SignatureService service; | ||
| @Before | ||
| public void setUp() { | ||
| service = new HMACSha256SignatureService(); | ||
| } | ||
| @Test | ||
| public void shouldReturnSignatureMethodString() { | ||
| final String expected = "HMAC-SHA256"; | ||
| assertEquals(expected, service.getSignatureMethod()); | ||
| } | ||
| @Test | ||
| public void shouldReturnSignature() { | ||
| final String apiSecret = "apiSecret"; | ||
| final String tokenSecret = "tokenSecret"; | ||
| final String baseString = "baseString"; | ||
| final String signature = "xDJIQbKJTwGumZFvSG1V3ctym2tz6kD8fKGWPr5ImPU="; | ||
| assertEquals(signature, service.getSignature(baseString, apiSecret, tokenSecret)); | ||
| } | ||
| @Test | ||
| public void shouldThrowExceptionIfBaseStringIsNull() { | ||
| assertThrows(OAuthException.class, new ThrowingRunnable() { | ||
| @Override | ||
| public void run() { | ||
| service.getSignature(null, "apiSecret", "tokenSecret"); | ||
| } | ||
| }); | ||
| } | ||
| @Test | ||
| public void shouldThrowExceptionIfBaseStringIsEmpty() { | ||
| assertThrows(OAuthException.class, new ThrowingRunnable() { | ||
| @Override | ||
| public void run() { | ||
| service.getSignature(" ", "apiSecret", "tokenSecret"); | ||
| } | ||
| }); | ||
| } | ||
| @Test | ||
| public void shouldThrowExceptionIfApiSecretIsNull() { | ||
| assertThrows(OAuthException.class, new ThrowingRunnable() { | ||
| @Override | ||
| public void run() { | ||
| service.getSignature("baseString", null, "tokenSecret"); | ||
| } | ||
| }); | ||
| } | ||
| @Test | ||
| public void shouldNotThrowExceptionIfApiSecretIsEmpty() { | ||
| final String apiSecret = " "; | ||
| final String tokenSecret = "tokenSecret"; | ||
| final String baseString = "baseString"; | ||
| final String signature = "VRZvKmNIgbjfwPOoCPEvxFUV23v0BopcE6OE9P2Odz0="; | ||
| assertEquals(signature, service.getSignature(baseString, apiSecret, tokenSecret)); | ||
| } | ||
| } |
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.