Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

One legged OAuth1 #542

Closed
brennanpincardiff opened this issue Oct 8, 2018 · 13 comments · Fixed by #548
Closed

One legged OAuth1 #542

brennanpincardiff opened this issue Oct 8, 2018 · 13 comments · Fixed by #548
Labels
feature a feature request or enhancement oauth 🏓 wip work in progress

Comments

@brennanpincardiff
Copy link

Sorry but I can't seem to make httr work with the Noun Project API).
The site suggests a very simple access based just on the key and the secret.

My R code is as follows:

 token <- oauth1.0_token(
      endpoint = oauth_endpoint(
          request = "http://api.thenounproject.com/",
          authorize = "http://api.thenounproject.com/icon/15",
          access = "http://api.thenounproject.com/icon/15"),
      app = oauth_app(
          appname = "nounprojectR",
          key = key,
          secret = secret))

It opens a browser window but gives a
"Bad Request
Missing OAuth parameters"
response.

This seems like it should be a really simple problem - like a gap between how httr and the API are handling the key and secret - perhaps API is not recognising the text of the key for some reason.

I imagine I'm doing something really stupid but I'm really at my wits end trying to make this work and would love a bit of help if anybody recognises the problem.

Thanks,
Paul
@brennanpincardiff

This comment has been minimized.

Sign in to view
@jennybc

This comment has been minimized.

Sign in to view
@cderv

This comment has been minimized.

Sign in to view
@cderv
Copy link
Contributor

cderv commented Oct 18, 2018

Not sure the one legged Oauth1 is a feature include in httr yet.

Ok I was wrong and jump to conclusion too quickly. here is how to do it but it is advanced use because completely undocumented example I think.

For the Oauth1 API of NOUNS you need to get the signature using you key and secret. There is no exchange of token so no oauth dance. The function to get the signature is oauth_signature, then you need to pass this information in the header of you GET request. oauth_header is here to help. You need to do this for each requested url. To show how it works, I made a custom function that get the oauth signature before doing the GET request.

nouns_app <- httr::oauth_app("nouns_api", Sys.getenv("NOUNS_API_KEY"), Sys.getenv("NOUNS_API_SECRET"))

get_nouns_api <- function(endpoint, baseurl = "http://api.thenounproject.com/", app = nouns_app) {
  url <- httr::modify_url(baseurl, path = endpoint)
  info <- httr::oauth_signature(url, app = app)
  header_oauth <- httr::oauth_header(info)
  httr::GET(url, header_oauth)
}

res <- get_nouns_api("icon/15")
httr::status_code(res)
#> [1] 200
str(httr::content(res), 1)
#> List of 1
#>  $ icon:List of 23
res <- get_nouns_api("collections")
httr::status_code(res)
#> [1] 200
str(httr::content(res), 1)
#> List of 1
#>  $ collections:List of 50

Created on 2018-10-18 by the reprex package (v0.2.1)

With this, you'll be able to complete you nounsapi 📦 . I am willing to help by doing a PR there if you want.

@cderv

This comment has been minimized.

Sign in to view
@brennanpincardiff

This comment has been minimized.

Sign in to view
@jennybc

This comment has been minimized.

Sign in to view
@cderv

This comment has been minimized.

Sign in to view
@brennanpincardiff brennanpincardiff changed the title Using Noun Project API... One legged Oauth1 API - use case with Noun Project API... Oct 22, 2018
brennanpincardiff added a commit to brennanpincardiff/nounprojectR that referenced this issue Oct 22, 2018
@brennanpincardiff
Implementing authorisation in R thanks to Christophe Dervieux @cderv
cf32a35 
…on Github in response to this issue: r-lib/httr#542.

Dividing functions into three groups for different stages.
Writing tests.
DaveParr pushed a commit to CaRdiffR/nounprojectR that referenced this issue Oct 23, 2018
@brennanpincardiff @DaveParr
Implementing authorisation in R thanks to Christophe Dervieux @cderv
76be9e8 
…on Github in response to this issue: r-lib/httr#542. (#6)

Dividing functions into three groups for different stages.
Writing tests.
@dokato dokato mentioned this issue Oct 24, 2018
Closed
@hadley hadley added feature a feature request or enhancement oauth 🏓 labels Nov 21, 2018
@hadley
Copy link
Member

hadley commented Nov 21, 2018

httr is coming back to life, so if you're still interested in this I'd love to hear suggestions as the best way forward.

@hadley hadley changed the title One legged Oauth1 API - use case with Noun Project API... One legged OAuth1 Nov 22, 2018
@hadley
Copy link
Member

hadley commented Nov 22, 2018

Having fully read this issue, it seems like maybe this is a documentation problem?

Also is this the same issue as #323?

@cderv
Copy link
Contributor

cderv commented Nov 23, 2018

All the functions where already in httr - oauth_signature and oauth_header - but it was need to know not clear how to use it because signature oauth is no so common now with Oauth2. It may be possible that there is another way to do it in httr :)
Looking at this internal function for example

httr/R/oauth-init.R

Lines 18 to 21 in 976289a

oauth_sig <- function(url, method, token = NULL, token_secret = NULL, private_key = NULL, ...) {
oauth_header(oauth_signature(url, method, app, token, token_secret, private_key,
other_params = c(list(...), oauth_callback = oauth_callback())))
}

It implements two steps from what I came up with for Nouns API. I don't know if it should be exported.

So Yes I think also this is something that needs to be more documented as it works assuming you know how to do it. Do you think a vignette is better than a new demo file in /demo ?

Also, I think the issue is different in #323 as it involves a token - so init_oauth1, which is different from here where no token is needed.

@brennanpincardiff
Copy link
Author

Adding a little more documentation, and an example, would help, I think.
I got very bogged down in how the app worked with the other httr functions.
Annoyingly, it was easier to implement in python.... :-(

@hadley
Copy link
Member

hadley commented Nov 23, 2018

I think another demo is probably adequate. I don't want to invest too much time in this because we're planning to work on httr2 later next year, and it'll have a completely revamped OAuth system.

cderv added a commit to cderv/httr that referenced this issue Nov 24, 2018
@cderv
add a demo for one-legged OAuth1
1f6bdcf 
using Noun Project API (r-lib#542)
@cderv cderv mentioned this issue Nov 24, 2018
Merged
@hadley hadley added the wip work in progress label Dec 4, 2018
hadley pushed a commit that referenced this issue Dec 4, 2018
@cderv @hadley
Add demo for one-legged OAuth1 using Noun Project API (#548)
e21943e 
Fixes #542
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature a feature request or enhancement oauth 🏓 wip work in progress
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

add a demo for one-legged OAuth1 using Noun Project API cderv/httr
4 participants
@hadley @jennybc @cderv @brennanpincardiff