using System.Security.Cryptography;
using System.Collections.Generic;
Uri uri = new Uri("https://4622785-sb1.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=1119&deploy=1");
OAuthBase req = new OAuthBase();
String timestamp = req.GenerateTimeStamp();
String nonce = req.GenerateNonce();
String ckey = "79ba39958bef93cbbda0f55e477b1732c70a97a1f55655d7539dfe694cac4721";
String csecret = "df38e6c1dc2834fb9cf6e1f3409cb25e4309cda9af8aeb8d9a5ac1403983b31a";
String tkey = "4fe3c80fbe27bad8eb52a511f41d667d6ac1976be3fc000175c02670a620afb8";
String tsecret = "499c14da0463b4b37b7ccd569ce567c98ca53be3755386312d6924f3d358306f";
String signature = req.GenerateSignature(uri, ckey, csecret, tkey, tsecret, "GET", timestamp, nonce, out norm, out norm1);
if(signature.Contains("+")) {
signature = signature.Replace("+", "%2B");
String header = "Authorization: OAuth ";
header += "oauth_signature=\"" + signature + "\",";
header += "oauth_version=\"1.0\",";
header += "oauth_nonce=\"" + nonce + "\",";
header += "oauth_signature_method=\"HMAC-SHA1\",";
header += "oauth_consumer_key=\"" + ckey + "\",";
header += "oauth_token=\"" + tkey + "\",";
header += "oauth_timestamp=\"" + timestamp + "\",";
header += "realm=\"4622785_SB1\"";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://4622785-sb1.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=1119&deploy=1");
request.ContentType = "application/json";
request.Headers.Add(header);
WebResponse response = request.GetResponse();
HttpWebResponse httpResponse = (HttpWebResponse)response;
Stream receiveStream = response.GetResponseStream();
StreamReader readStream = new StreamReader( receiveStream );
Console.WriteLine( "Response stream received." );
Console.WriteLine( readStream.ReadToEnd() );
public enum SignatureTypes {
protected class QueryParameter {
private string name = null;
private string value = null;
public QueryParameter(string name, string value) {
protected class QueryParameterComparer : IComparer<QueryParameter> {
#region IComparer<QueryParameter> Members
public int Compare(QueryParameter x, QueryParameter y) {
return string.Compare(x.Value, y.Value);
return string.Compare(x.Name, y.Name);
protected const string OAuthVersion = "1.0";
protected const string OAuthParameterPrefix = "oauth_";
protected const string OAuthConsumerKeyKey = "oauth_consumer_key";
protected const string OAuthCallbackKey = "oauth_callback";
protected const string OAuthVersionKey = "oauth_version";
protected const string OAuthSignatureMethodKey = "oauth_signature_method";
protected const string OAuthSignatureKey = "oauth_signature";
protected const string OAuthTimestampKey = "oauth_timestamp";
protected const string OAuthNonceKey = "oauth_nonce";
protected const string OAuthTokenKey = "oauth_token";
protected const string OAuthTokenSecretKey = "oauth_token_secret";
protected const string HMACSHA1SignatureType = "HMAC-SHA1";
protected const string PlainTextSignatureType = "PLAINTEXT";
protected const string RSASHA1SignatureType = "RSA-SHA1";
protected Random random = new Random();
protected string unreservedChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.~";
private string ComputeHash(HashAlgorithm hashAlgorithm, string data) {
if (hashAlgorithm == null) {
throw new ArgumentNullException("hashAlgorithm");
if (string.IsNullOrEmpty(data)) {
throw new ArgumentNullException("data");
byte[] dataBuffer = System.Text.Encoding.ASCII.GetBytes(data);
byte[] hashBytes = hashAlgorithm.ComputeHash(dataBuffer);
return Convert.ToBase64String(hashBytes);
private List<QueryParameter> GetQueryParameters(string parameters) {
if (parameters.StartsWith("?")) {
parameters = parameters.Remove(0, 1);
List<QueryParameter> result = new List<QueryParameter>();
if (!string.IsNullOrEmpty(parameters)) {
string[] p = parameters.Split('&');
foreach (string s in p) {
if (!string.IsNullOrEmpty(s) && !s.StartsWith(OAuthParameterPrefix)) {
if (s.IndexOf('=') > -1) {
string[] temp = s.Split('=');
result.Add(new QueryParameter(temp[0], temp[1]));
result.Add(new QueryParameter(s, string.Empty));
protected string UrlEncode(string value) {
StringBuilder result = new StringBuilder();
foreach (char symbol in value) {
if (unreservedChars.IndexOf(symbol) != -1) {
result.Append('%' + String.Format("{0:X2}", (int)symbol));
return result.ToString();
protected string NormalizeRequestParameters(IList<QueryParameter> parameters) {
StringBuilder sb = new StringBuilder();
for (int i = 0; i < parameters.Count; i++) {
sb.AppendFormat("{0}={1}", p.Name, p.Value);
if (i < parameters.Count - 1) {
public string GenerateSignatureBase(Uri url, string consumerKey, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, string signatureType, out string normalizedUrl, out string normalizedRequestParameters) {
if (tokenSecret == null) {
tokenSecret = string.Empty;
if (string.IsNullOrEmpty(consumerKey)) {
throw new ArgumentNullException("consumerKey");
if (string.IsNullOrEmpty(httpMethod)) {
throw new ArgumentNullException("httpMethod");
if (string.IsNullOrEmpty(signatureType)) {
throw new ArgumentNullException("signatureType");
normalizedRequestParameters = null;
List<QueryParameter> parameters = GetQueryParameters(url.Query);
parameters.Add(new QueryParameter(OAuthVersionKey, OAuthVersion));
parameters.Add(new QueryParameter(OAuthNonceKey, nonce));
parameters.Add(new QueryParameter(OAuthTimestampKey, timeStamp));
parameters.Add(new QueryParameter(OAuthSignatureMethodKey, signatureType));
parameters.Add(new QueryParameter(OAuthConsumerKeyKey, consumerKey));
if (!string.IsNullOrEmpty(token)) {
parameters.Add(new QueryParameter(OAuthTokenKey, token));
parameters.Sort(new QueryParameterComparer());
normalizedUrl = string.Format("{0}://{1}", url.Scheme, url.Host);
if (!((url.Scheme == "http" && url.Port == 80) || (url.Scheme == "https" && url.Port == 443)))
normalizedUrl += ":" + url.Port;
normalizedUrl += url.AbsolutePath;
normalizedRequestParameters = NormalizeRequestParameters(parameters);
StringBuilder signatureBase = new StringBuilder();
signatureBase.AppendFormat("{0}&", httpMethod.ToUpper());
signatureBase.AppendFormat("{0}&", UrlEncode(normalizedUrl));
signatureBase.AppendFormat("{0}", UrlEncode(normalizedRequestParameters));
return signatureBase.ToString();
public string GenerateSignatureUsingHash(string signatureBase, HashAlgorithm hash) {
return ComputeHash(hash, signatureBase);
public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, out string normalizedUrl, out string normalizedRequestParameters) {
return GenerateSignature(url, consumerKey, consumerSecret, token, tokenSecret, httpMethod, timeStamp, nonce, SignatureTypes.HMACSHA1, out normalizedUrl, out normalizedRequestParameters);
public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, SignatureTypes signatureType, out string normalizedUrl, out string normalizedRequestParameters) {
normalizedRequestParameters = null;
case SignatureTypes.PLAINTEXT:
return HttpUtility.UrlEncode(string.Format("{0}&{1}", consumerSecret, tokenSecret));
case SignatureTypes.HMACSHA1:
string signatureBase = GenerateSignatureBase(url, consumerKey, token, tokenSecret, httpMethod, timeStamp, nonce, HMACSHA1SignatureType, out normalizedUrl, out normalizedRequestParameters);
HMACSHA1 hmacsha1 = new HMACSHA1();
hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}&{1}", UrlEncode(consumerSecret), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret)));
return GenerateSignatureUsingHash(signatureBase, hmacsha1);
case SignatureTypes.RSASHA1:
throw new NotImplementedException();
throw new ArgumentException("Unknown signature type", "signatureType");
public virtual string GenerateTimeStamp() {
TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0);
return Convert.ToInt64(ts.TotalSeconds).ToString();
public virtual string GenerateNonce() {
return random.Next(123400, 9999999).ToString();