Call REST Api using OAuth1.0 to netsuite SuiteTalk on C# application

Question

Now I am trying to connect to rest api of Netsuite SuiteTalk on C# application using RestSharp. But it returns Unauthorized error(401). (Calling api using Postman is working) My code as follows.

public string generateSignature(string httpMethod, string timestamp, string nonce, 
                                        SortedDictionary<string, string> data)
{
        var parameters = new SortedDictionary<string, string>
        {
           {"oauth_consumer_key", mConfig.ConsumerKey},
           { "oauth_token", mConfig.TokenId },
           {"oauth_signature_method", "HMAC-SHA256"},
           {"oauth_timestamp", timestamp},
           {"oauth_nonce", nonce},
           {"oauth_version", "1.0"}
        };
        foreach (KeyValuePair<string, string> elt in data)
        {
             parameters.Add(elt.Key, elt.Value);
        }
        string Signature_Base_String = httpMethod;
        Signature_Base_String = Signature_Base_String.ToUpper();
        Signature_Base_String = Signature_Base_String + "&";
        string PercentEncodedURL = Uri.EscapeDataString(netsuite_base_url);
        Signature_Base_String = Signature_Base_String + PercentEncodedURL;
        Signature_Base_String = Signature_Base_String + "&";
        bool first = true;
        foreach (KeyValuePair<string, string> elt in parameters)
        {
            if (first)
            {
                Signature_Base_String = Signature_Base_String + Uri.EscapeDataString(elt.Key + "=" + elt.Value);
                first = false;
            }
            else
            {
                Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&" + elt.Key + "=" + elt.Value);
            }
        }
        string key = mConfig.ConsumerSecret + "&" + mConfig.TokenSecret;
        string signature = "";
        var encoding = new System.Text.ASCIIEncoding();
        byte[] keyByte = encoding.GetBytes(key);
        byte[] messageBytes = encoding.GetBytes(Signature_Base_String);
        using (var myhmacsha256 = new HMACSHA256(keyByte))
        {
            byte[] hashmessage = myhmacsha256.ComputeHash(messageBytes);
            signature = Uri.EscapeDataString(Convert.ToBase64String(hashmessage));
        }
        return signature;
}
public bool getData()
{
   string timestamp = computeTimestamp();// ((int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds).ToString();
   string nonce = Convert.ToBase64String(Encoding.UTF8.GetBytes(timestamp));// computeNonce();
   var data = new SortedDictionary<string, string>{
         { "q", query}
      };
   string signature = generateSignature("GET", timestamp, nonce, data);
   netSuiteAuthorization = "OAuth " +
        "realm=" + "\""+mConfig.AccountId + "\"" + "," +
        "oauth_consumer_key=" + "\"" + mConfig.ConsumerKey + "\"" + "," +
        "oauth_token=" + "\"" + mConfig.TokenId + "\"" + "," +
        "oauth_signature_method=" + "\"" + SIGNATURE_METHOD + "\"" + "," +
        "oauth_timestamp=" + "\"" + timestamp + "\"" + "," +
        "oauth_nonce=" + "\"" + nonce + "\"" + "," +
        "oauth_version=" + "\"" + "1.0" + "\"" + "," +
        "oauth_signature= " + "\"" + signature + "\"";
       var client = new RestClient(netsuite_base_url);
       var request = new RestRequest(Method.GET);
       request.AddHeader("Authorization", netSuiteAuthorization);
       request.AddHeader("Content-Type", "application/json");
       request.AddQueryParameter("q", query);
       IRestResponse response = client.Execute(request);
       ... do something ....
}

I think signature function is correct. But I can't figure out the reason of 401 error. What am I missing in the code? If anyone has experience, please help me.

Answer 1

i guess realm="account number" is missing, try with updating realm in signature

Answer 2

I finally found the issue. I should not have added the following line

request.AddQueryParameter("q", query);

And when I use netsuite_base_url string, url must be lower case.

Answer 3

Example with: RestSharp version: 108.0.3

Do not need to write code for signature creation. RestSharp does it all for you.

using System;
using RestSharp;
using RestSharp.Authenticators;
using RestSharp.Authenticators.OAuth;
using Newtonsoft.Json;


var client = new RestClient(URL);
var oAuth1 = OAuth1Authenticator.ForAccessToken(
                consumerKey: ConsumerKey,
                consumerSecret: ConsumerSecret,
                token: Token,
                tokenSecret: TokenSecret,
                OAuthSignatureMethod.HmacSha256);
oAuth1.Realm = Realm; // if Realm has otherwise ignore

client.Authenticator = oAuth1;

var request = new RestRequest(URL, Method.Post);
request.AddHeader("Content-Type", "application/json");  
string body = JsonConvert.SerializeObject(bodyObject);
           
request.AddParameter("application/json", body, ParameterType.RequestBody);
var response = client.Execute(request);