r-lib · hadley · Dec 4, 2018 · Nov 24, 2018 · Nov 24, 2018 · Nov 24, 2018
diff --git a/NEWS.md b/NEWS.md
@@ -1,5 +1,7 @@
 # httr 1.3.1.9000
 
+* New demo about OAuth1 One-legged using Noun Project API (@cderv, #548)
+
 * Facebook OAuth demo updated to use device flow (#510). This allows you to
   continue using the FB api from R under their new security policy.
 

diff --git a/demo/00Index b/demo/00Index
@@ -1,4 +1,5 @@
 connection-sharing  Demonstration of how connection sharing saves time
+oauth1-nounproject  Using noun project api with OAuth 1.0 one-legged
 oauth1-twitter      Using twitter api with OAuth 1.0
 oauth1-yahoo        Using yahoo api with OAuth 1.0
 oauth1-withings     Using withings api with OAuth 1.0

diff --git a/demo/oauth1-nounproject.r b/demo/oauth1-nounproject.r
@@ -0,0 +1,43 @@
+library(httr)
+
+# Noun Project has an API secured with OAuth 1.0a One-legged. A client key and a
+# secret must be used to sign requests when accessing the API. This is an
+# exemple using OAuth 1.0a One legged auth mechanism
+# http://oauthbible.com/#oauth-10a-one-legged
+
+# 1. Register an application to get required keys:
+# https://thenounproject.com/accounts/login/?next=/developers/apps/
+nouns_app <- oauth_app("noun_project",
+  key = rstudioapi::askForPassword(),
+  secret = rstudioapi::askForPassword()
+)
+
+# 2. Each request must be signed using the app key and secret
+#    see ?oauth_signature for more information on signature
+url <- "http://api.thenounproject.com/icon/15"
+signature <- oauth_signature(url, method = "GET", app = nouns_app)
+res <- GET(url, oauth_header(signature))
+stop_for_status(res)
+content(res)
+
+# 3. Create a wrapper function to sign each request more easily
+get_nouns_api <- function(endpoint,
+                          baseurl = "http://api.thenounproject.com/",
+                          app = nouns_app,
+                          ...) {
+  url <- modify_url(baseurl, path = endpoint)
+  info <- oauth_signature(url, app = app)
+  header_oauth <- oauth_header(info)
+  GET(url, header_oauth, ...)
+}
+res <- get_nouns_api("collections")
+stop_for_status(res)
+content(res)
+
+# 4. Signing request requires the METHOD used. If the API has a POST for
+# example, you must take it into account.
+url <- "http://api.thenounproject.com/notify/publish?test=1"
+signature <- oauth_signature(url, method = "POST", app = nouns_app)
+res <- POST(url, oauth_header(signature), body = list(icons = 15), encode = "json")
+stop_for_status(res)
+content(res)
diff --git a/demo/oauth2-facebook.r b/demo/oauth2-facebook.r
@@ -49,7 +49,7 @@ token <- content(resp)$access_token
 # 3. Use API
 req <- GET("https://graph.facebook.com/v2.3/me", query = list(
   fields = "name,picture",
-  access_token = token)
-)
+  access_token = token
+))
 stop_for_status(req)
 str(content(req))