Generate a OAuth 1.0 Signature or Store a Code Response in a User Defined Variable

Overview

Generating an OAuth 1.0 signature is required when authenticating API requests that use OAuth-based security mechanisms.

In eZintegrations, Python Operations can be used to generate OAuth signatures dynamically and store them in a user-defined variable using the Responsedata array.

This approach is useful when the script output is independent of the incoming data and must be generated programmatically.

When to Use

Use this method when a Python script needs to generate authentication headers or tokens without relying on incoming payload data.

• Generating OAuth 1.0 authorization headers
• Creating pre-request authentication signatures
• Storing dynamic tokens in workflow variables
• Authenticating third-party API requests
• Executing independent utility scripts

How It Works

The script initializes an empty Responsedata array to store generated output.

It calculates the OAuth timestamp, nonce, and signature using HMAC-SHA256. The final authorization string is formatted and appended to Responsedata for downstream use.

This generated signature can be used in API headers or pre-request scripts.

Python Operation Code

The following script generates an OAuth 1.0 signature and stores the authorization header in a user-defined variable.

Responsedata = []

import datetime
import random
import string
import hashlib
import base64
import hmac
import urllib.parse

request_method = 'POST'
url = 'https://xxxxxxxxxxx.suitetalk.api.netsuite.com/services/rest/query/v1/suiteql'

oauth_consumer_id = 'xxxxxxxxxxx'
oauth_consumer_key = 'xxxxxxxxxxx'
oauth_consumer_secret = 'xxxxxxxxxxx'

oauth_token = 'xxxxxxxxxxx'
oauth_token_secret = 'xxxxxxxxxxx'

oauth_signature_method = 'HMAC-SHA256'

oauth_timestamp = str(int(datetime.datetime.now().timestamp()))
oauth_nonce = ''.join(random.choices(string.ascii_letters + string.digits, k=11))
oauth_version = '1.0'

normalized_request_method = request_method.replace(' ', '')
normalized_string_url = urllib.parse.quote(url, safe='')

normalized_params = {
    'oauth_consumer_key': oauth_consumer_key,
    'oauth_token': oauth_token,
    'oauth_signature_method': oauth_signature_method,
    'oauth_timestamp': oauth_timestamp,
    'oauth_nonce': oauth_nonce,
    'oauth_version': oauth_version
}

sorted_params = dict(sorted(normalized_params.items()))

normalized_string_parmas = [k + '=' + v for k, v in sorted_params.items()]
normalized_string_parmas = '&'.join(normalized_string_parmas)
normalized_string_parmas.replace(' ', '')

normalized_string_parmas = urllib.parse.quote(normalized_string_parmas, safe='')

base_string = request_method + '&' + normalized_string_url + '&' + normalized_string_parmas
base_string = str.encode(base_string)

signature_key = oauth_consumer_secret + '&' + oauth_token_secret
signature_key = str.encode(signature_key)

oauth_signature = hmac.new(signature_key, base_string, hashlib.sha256)
oauth_signature = base64.b64encode(oauth_signature.digest())
oauth_signature = oauth_signature.decode('UTF-8')

oauth_signature = urllib.parse.quote(oauth_signature, safe='')

signature = (
    'OAuth realm="' + oauth_consumer_id + '",'
    'oauth_consumer_key="' + oauth_consumer_key + '",'
    'oauth_token="' + oauth_token + '",'
    'oauth_signature_method="' + oauth_signature_method + '",'
    'oauth_timestamp="' + oauth_timestamp + '",'
    'oauth_nonce="' + oauth_nonce + '",'
    'oauth_version="' + oauth_version + '",'
    'oauth_signature="' + oauth_signature + '"'
)

Responsedata.append({"authorization": signature})

Sample Output

After execution, the generated OAuth signature is stored in the Responsedata array.

{
  "items": [
    {
      "authorization": "OAuth realm=\"xxxxxxxxxxx\",oauth_consumer_key=\"xxxxxxxxxxxxx\",oauth_token=\"xxxxxxxxxxxxxxx\",oauth_signature_method=\"HMAC-SHA256\",oauth_timestamp=\"1691760038\",oauth_nonce=\"unDhRpo4S\",oauth_version=\"1.0\",oauth_signature=\"s%2B18C8ehMc2PkUB1%2FuTTgKpqPqU148BlWiuYlgg%3D\""
    }
  ]
}

How to Use

Follow these steps to generate and store OAuth signatures in eZintegrations.

1. Open the Python Code Operation editor.
2. Paste the OAuth signature generation script.
3. Replace placeholder credentials with valid values.
4. Ensure Responsedata is initialized at the start.
5. Save and deploy the workflow.
6. Use the generated authorization value in API requests.

Use Case Example

This approach is commonly used in pre-request scripts for secured APIs.

• Authentication: OAuth 1.0
• API Type: NetSuite REST SuiteQL
• Generated Field: Authorization Header
• Usage: Secure API request execution

Troubleshooting

• Verify that all OAuth credentials are valid.
• Ensure system time is synchronized for timestamp accuracy.
• Check for incorrect URL encoding.
• Confirm HMAC-SHA256 is supported in the environment.
• Review signature format if authentication fails.

Frequently Asked Questions

Why is Responsedata initialized as an empty array?

Responsedata is used to store script-generated output that is independent of incoming data.

What is the purpose of the nonce value?

The nonce prevents replay attacks by ensuring each request is unique.

Can this script be used for GET requests?

Yes. The request_method variable can be changed to GET if required.

Is this script dependent on incoming data?

No. The script generates authentication data independently.

Where is the generated signature used?

It is typically used as the Authorization header in secured API requests.

Notes

• Keep OAuth credentials confidential.
• Do not expose secrets in production logs.
• Rotate credentials periodically.
• Test authentication flows in staging environments.
• Avoid hardcoding secrets in shared scripts.