5

我试图从openpaths.cc中提取我的位置数据以将其与 R 一起使用。API 使用 OAuth 并在此处进行了记录,但是,它仅提供了 Python 中的示例。

在查看了如何在 R 中处理 OAuth(我几乎不熟悉)之后,我发现了 ROAuth,因此我使用了提供的使用示例作为基础。

根据 API 文档,所有请求的端点是https://openpaths.cc/api/1,并且我有我的访问密钥和访问密钥,所以我天真地将它们插入到cKey, cSecret, reqURL, accessURL,authURLtestURL, 但只收到“错误请求”作为结果credentials$handshake()线。

reqURL <- "https://openpaths.cc/api/1"
accessURL <- "https://openpaths.cc/api/1"
authURL <- "https://openpaths.cc/api/1"
cKey <- "key"
cSecret <- "secret"
testURL <- "https://openpaths.cc/api/1"
credentials <- OAuthFactory$new(consumerKey=cKey,
                                consumerSecret=cSecret,
                                requestURL=reqURL,
                                accessURL=accessURL,
                                authURL=authURL,
                                needsVerifier=TRUE)
credentials$handshake()
## the GET isn’t strictly necessary as that’s the default
credentials$OAuthRequest(testURL, "GET")

虽然我觉得我不知道自己在做什么,但我至少验证了 ROAuth 能够使用 HMAC-SHA1 方法,这是 openpaths 所要求的。

编辑:我安装了 ROAuth 0.9.3 版

EDIT2:在了解httr之后,我认为这可能是该任务的合适库,但是我仍然无法产生任何可用的结果,因为通过创建令牌oauth1.0_token只会再次导致Bad request。我认为我的主要问题是 openpaths.cc 缺少 API 文档。有了所有这些工具,我仍然不知道如何正确使用它们。

4

2 回答 2

0

这是我所得到的。我收到“400 Not Authorized”,可能是因为我的 openpaths 帐户没有连接到foursquare,也可能是代码有问题。请尝试一下!

所需软件包:

library(RCurl)
library(digest)
library(base64)

一些功能借用/改编自ROAuth

## Get a random sequence of characters.
## Nonce - number used only once.
genNonce <- function(len = 15L + sample(1:16, 1L)) {
  els <- c(letters, LETTERS, 0:9, "_")
  paste(sample(els, len, replace = TRUE), collapse = "")
}

## this function is derived from utils::URLencode
## Characters not in the unreserved character set ([RFC3986] section 2.3) MUST be encoded
##   unreserved = ALPHA, DIGIT, '-', '.', '_', '~'
## cf. http://oauth.net/core/1.0/#encoding_parameters
encodeURI <- function(URI, ...) {
  if (!is.character(URI)) {
    URI
  } else {
    OK <- "[^-A-Za-z0-9_.~]"
    x <- strsplit(URI, "")[[1L]]
    z <- grep(OK, x)
    if (length(z)) {
      y <- sapply(x[z], function(x) paste("%", toupper(as.character(charToRaw(x))),
                                          sep = "", collapse = ""))
      x[z] <- y
    }
      paste(x, collapse = "")
  }
}

## we escape the values of the parameters in a special way that escapes
## the resulting % prefix in the escaped characters, e.g. %20 becomes
## %2520 as %25 is the escape for %
## cf. http://tools.ietf.org/html/rfc5849#section-3.4.1.3.2
normalizeParams <- function(params, escapeFun) {
  names(params) <- sapply(names(params), escapeFun, post.amp = TRUE)
  params <- sapply(params, escapeFun, post.amp = TRUE)
  ## If two or more parameters share the same name, they are sorted by their value.
  params <- params[order(names(params), params)]
  return(paste(names(params), params, sep = "=", collapse = "&"))
}

## From Ozaki Toru's code at https://gist.github.com/586468
signWithHMAC <- function(key, data) {
  blockSize <- 64
  hashlength <- 20
  innerpad   <- rawToBits(as.raw(rep(0x36, blockSize)))
  outerpad   <- rawToBits(as.raw(rep(0x5C, blockSize)))
  zero       <- rep(0 ,64)

  HexdigestToDigest <- function(digest) {
    as.raw(strtoi(substring(digest, (1:hashlength)*2-1,
                            (1:hashlength)*2), base=16))
  }

  mac <- function(pad, text) {
    HexdigestToDigest(digest(append(packBits(xor(key, pad)), text),
                             algo='sha1', serialize=FALSE))
  }

  if(nchar(key) >= 64) {
    keyDigested <- digest(key, algo="sha1", serialize=FALSE)
    key <- intToUtf8(strtoi(HexdigestToDigest(keyDigested), base=16))
  }
  key <- rawToBits(as.raw(append(utf8ToInt(key), zero)[1:blockSize]))

  base64(mac(outerpad, mac(innerpad, charToRaw(data))))[1]
}

## Sign an request made up of the URL, the parameters as a named character
## vector the consumer key and secret and the token and token secret.
signRequest  <- function(uri, consumerKey, consumerSecret, params=character(), 
                         oauthKey = "", oauthSecret = "", httpMethod = "GET",
                         nonce = genNonce(),
                         timestamp = Sys.time()) {
  httpMethod <- toupper(httpMethod)

  params["oauth_nonce"] <- nonce
  params["oauth_timestamp"] <- as.integer(timestamp)
  params["oauth_consumer_key"] <- consumerKey
  params["oauth_signature_method"] <- 'HMAC-SHA1'
  params["oauth_version"] <- '1.0'
  if(oauthKey != "") params["oauth_token"] <- oauthKey
  odat <- paste(
      encodeURI(httpMethod), encodeURI(uri), 
      encodeURI(normalizeParams(params, encodeURI), post.amp = TRUE),
      sep = "&"
  )
  okey <- encodeURI(consumerSecret)
  if(oauthSecret != "") okey <- paste(okey, encodeURI(oauthSecret), sep = "&")

  params["oauth_signature"] <- signWithHMAC(okey, odat)
  return(params)
}

现在此函数尝试在 openpaths 网站上复制示例:

openpaths <- function(
    access_key=getOption("openpaths.access_key"), 
    secret_key=getOption("openpaths.secret_key"), 
    curl=getCurlHandle()) {

    uri <- 'https://openpaths.cc/api/1'
    params <- signRequest(uri, consumerKey=access_key, consumerSecret=secret_key)
    oa_header <- paste(names(params), params, sep="=", collapse=",")
    ret <- getURL(
        uri,
        curl=curl,
        .opts=list(
            header=TRUE,
            verbose=TRUE,
            httpheader=c(Authorization=paste("OAuth ", oa_header, sep="")),
            ssl.verifypeer = TRUE, 
            ssl.verifyhost = TRUE, 
            cainfo = system.file("CurlSSL", "cacert.pem", package = "RCurl")
        )
    )
    return(ret)
}
于 2014-02-27T01:01:51.573 回答
0

我在这个问题上取得了一些进展,尽管由于网站的脆弱性以及他们使用的自定义 OAuth 流程而具有挑战性。首先,您需要安装 httr 的开发版本 - 这会导出一些以前的内部函数。

devtools::install_github("hadley/httr")

OpenPaths 的不寻常之处在于应用程序机密和密钥与令牌和令牌机密相同。这意味着我们需要编写一个自定义的身份验证头:

library(httr)

app <- oauth_app("OpenPaths", "JSLEKAPZIMFVFROHBDT4KNBVSI")
#> Using secret stored in environment variable OPENPATHS_CONSUMER_SECRET

# Implement custom header for 2-leg authentication, and oauth_body_hash 
auth_header <- function(url, method = "GET") {
  oauth_signature(url, method, app, app$key, app$secret,
    # Use sha1 of empty string since http request body is empty
    body_hash = "da39a3ee5e6b4b0d3255bfef95601890afd80709")  
}

然后您可以使用它来签署您的请求。这对我来说目前失败了,因为该网站似乎(再次)关闭。

url <- "https://openpaths.cc/api/1"
r <- GET(url, oauth_header(auth_header(url)))
stop_for_status(r)
content(r)
于 2014-04-23T13:32:06.833 回答