From 317ab3760b256ae1fcf883dd4ab74ac29a007cdd Mon Sep 17 00:00:00 2001
From: hrbrmstr <bob@rud.is>
Date: Mon, 15 Feb 2021 12:00:47 -0500
Subject: [PATCH] initial commit

---
 .Rbuildignore       |   1 +
 DESCRIPTION         |  12 +++--
 LICENSE             |   2 +
 LICENSE.md          |  21 +++++++++
 NAMESPACE           |   4 ++
 R/aaa.R             |   1 +
 R/api-key.R         |  34 ++++++++++++++
 R/ip-lookup.R       |  27 +++++++++++
 R/qradar-package.R  |  10 ++++-
 R/tidy.R            |  13 ++++++
 R/whois.R           |  37 +++++++++++++++
 README.Rmd          |  10 +++++
 README.md           | 127 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 man/qr_api_key.Rd   |  20 +++++++++
 man/qr_ip_lookup.Rd |  22 +++++++++
 man/qr_tidy.Rd      |  21 +++++++++
 man/qr_whois.Rd     |  22 +++++++++
 man/qradar.Rd       |   8 +++-
 18 files changed, 384 insertions(+), 8 deletions(-)
 create mode 100644 LICENSE
 create mode 100644 LICENSE.md
 create mode 100644 R/aaa.R
 create mode 100644 R/api-key.R
 create mode 100644 R/ip-lookup.R
 create mode 100644 R/tidy.R
 create mode 100644 R/whois.R
 create mode 100644 README.md
 create mode 100644 man/qr_api_key.Rd
 create mode 100644 man/qr_ip_lookup.Rd
 create mode 100644 man/qr_tidy.Rd
 create mode 100644 man/qr_whois.Rd

diff --git a/.Rbuildignore b/.Rbuildignore
index c9a5c92..19cdbd8 100644
--- a/.Rbuildignore
+++ b/.Rbuildignore
@@ -19,3 +19,4 @@
 ^CRAN-RELEASE$
 ^appveyor\.yml$
 ^tools$
+^LICENSE\.md$
diff --git a/DESCRIPTION b/DESCRIPTION
index bf6672b..930c98a 100644
--- a/DESCRIPTION
+++ b/DESCRIPTION
@@ -1,6 +1,6 @@
 Package: qradar
 Type: Package
-Title: qradar title goes here otherwise CRAN checks fail
+Title: Gather Autonomous System, IP Address, and Routing Information from Qrator Radar
 Version: 0.1.0
 Date: 2021-02-15
 Authors@R: c(
@@ -8,15 +8,19 @@ Authors@R: c(
            comment = c(ORCID = "0000-0001-5670-2640"))
   )
 Maintainer: Bob Rudis <bob@rud.is>
-Description: A good description goes here otherwise CRAN checks fail.
+Description: Qrator has an API (<https://api.radar.qrator.net/>) that can
+    be queried for information on autonomous systems, IP addresses, and 
+    various internet routing metadata. Tools are provided to perform these
+    queries and retrieve resultsets. Note that an account is needed to 
+    generate the free API key which is required for all API calls.
 URL: https://git.rud.is/hrbrmstr/qradar
 BugReports: https://git.rud.is/hrbrmstr/qradar/issues
 Encoding: UTF-8
-License: AGPL
+License: MIT + file LICENSE
 Suggests: 
     covr, tinytest
 Depends: 
-    R (>= 3.5.0)
+    R (>= 3.6.0)
 Imports: 
     httr,
     jsonlite
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..f51d1b2
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,2 @@
+YEAR: 2021
+COPYRIGHT HOLDER: Bob Rudis
diff --git a/LICENSE.md b/LICENSE.md
new file mode 100644
index 0000000..c2304a0
--- /dev/null
+++ b/LICENSE.md
@@ -0,0 +1,21 @@
+# MIT License
+
+Copyright (c) 2021 Bob Rudis
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/NAMESPACE b/NAMESPACE
index 5b4b9ae..e7bd20b 100644
--- a/NAMESPACE
+++ b/NAMESPACE
@@ -1,4 +1,8 @@
 # Generated by roxygen2: do not edit by hand
 
+export(qr_api_key)
+export(qr_ip_lookup)
+export(qr_tidy)
+export(qr_whois)
 import(httr)
 importFrom(jsonlite,fromJSON)
diff --git a/R/aaa.R b/R/aaa.R
new file mode 100644
index 0000000..1507c03
--- /dev/null
+++ b/R/aaa.R
@@ -0,0 +1 @@
+.qradar_ua <- "Mozilla/5.0 (Compatible; r-qradar/1.0; https://gitlab.com/hrbrmstr/qradar)"
\ No newline at end of file
diff --git a/R/api-key.R b/R/api-key.R
new file mode 100644
index 0000000..6c82520
--- /dev/null
+++ b/R/api-key.R
@@ -0,0 +1,34 @@
+#' Get or set QRATOR_RADAR_API_KEY value
+#'
+#' The API wrapper functions in this package all rely on a Qrator Radar API
+#' key residing in the environment variable \code{QRATOR_RADAR_API_KEY}. The
+#' easiest way to accomplish this is to set it in the `\code{.Renviron}` file in your
+#' home directory.
+#'
+#' @param force force setting a new Qrator Radar API key for the current environment?
+#' @return atomic character vector containing the Qrator Radar API key
+#' @export
+qr_api_key <- function(force = FALSE) {
+
+  env <- Sys.getenv('QRATOR_RADAR_API_KEY')
+  if (!identical(env, "") && !force) return(env)
+
+  if (!interactive()) {
+    stop("Please set env var QRATOR_RADAR_API_KEY to your Qrator Radar API key",
+      call. = FALSE)
+  }
+
+  message("Couldn't find env var QRATOR_RADAR_API_KEY See ?QRATOR_RADAR_API_KEY for more details.")
+  message("Please enter your API key and press enter:")
+  pat <- readline(": ")
+
+  if (identical(pat, "")) {
+    stop("Qrator Radar API key entry failed", call. = FALSE)
+  }
+
+  message("Updating QRATOR_RADAR_API_KEY env var to PAT")
+  Sys.setenv(QRATOR_RADAR_API_KEY = pat)
+
+  pat
+
+}
diff --git a/R/ip-lookup.R b/R/ip-lookup.R
new file mode 100644
index 0000000..77601a2
--- /dev/null
+++ b/R/ip-lookup.R
@@ -0,0 +1,27 @@
+#' Get list of Prefixes/ASNs for selected IP
+#'
+#' @param ip IP to lookup
+#' @param api_key your Qrator Radar API key; see [qr_api_key()].
+#' @return list (use [qr_tidy()] to turn the raw API result into a data frame)
+#' @export
+#' @examples
+#' qr_tidy(qr_ip_lookup("17.253.144.10"))
+qr_ip_lookup <- function(ip, api_key = qr_api_key()) {
+
+  httr::GET(
+    url = "https://api.radar.qrator.net/v1/lookup/ip",
+    httr::add_headers(`QRADAR-API-KEY` = api_key),
+    httr::user_agent(.qradar_ua),
+    query = list(query = ip[1])
+  ) -> res
+
+  httr::stop_for_status(res)
+
+  out <- httr::content(res, as = "text", encoding = "UTF-8")
+  out <- jsonlite::fromJSON(out)
+
+  class(out) <- c("qr_ip", "list")
+
+  out
+
+}
diff --git a/R/qradar-package.R b/R/qradar-package.R
index 8542a4b..da30849 100644
--- a/R/qradar-package.R
+++ b/R/qradar-package.R
@@ -1,5 +1,11 @@
-#' ...
-#' 
+#' Gather Autonomous System, IP Address, and Routing Information from Qrator Radar
+#'
+#' Qrator has an API (<https://api.radar.qrator.net/>) that can
+#' be queried for information on autonomous systems, IP addresses, and
+#' various internet routing metadata. Tools are provided to perform these
+#' queries and retrieve resultsets. Note that an account is needed to
+#' generate the free API key which is required for all API calls
+#'
 #' @md
 #' @name qradar
 #' @keywords internal
diff --git a/R/tidy.R b/R/tidy.R
new file mode 100644
index 0000000..a127c47
--- /dev/null
+++ b/R/tidy.R
@@ -0,0 +1,13 @@
+#' Turn a Qrator Radar raw API result into a data frame
+#'
+#' @param res raw QRator Radar API result from the query functions in
+#'        this package.
+#' @return data frame
+#' @export
+#' @examples
+#' qr_tidy(qr_ip_lookup("17.253.144.10"))
+qr_tidy <- function(res) {
+
+  res$data
+
+}
\ No newline at end of file
diff --git a/R/whois.R b/R/whois.R
new file mode 100644
index 0000000..d5c5588
--- /dev/null
+++ b/R/whois.R
@@ -0,0 +1,37 @@
+#' Retrieve the raw WHOIS record for a given autonomous system
+#'
+#' @param asn autonomous system number; should be just the number but
+#'        the function will also work if the input is prefixed with
+#'        "AS" or "as"
+#' @return character
+#' @export
+#' @examples
+#' qr_whois("7015")
+qr_whois <- function(asn) {
+
+  asn <- gsub("[^[:digit:]]", "", as.character(asn[1]))
+
+  httr::GET(
+    url = sprintf("https://radar.qrator.net/as%s/getwhois", asn),
+    httr::add_headers(
+      `Connection` = "keep-alive",
+      `Accept` = "application/json, text/javascript, */*; q=0.01",
+      `User-Agent` = "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_3_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.47 Safari/537.36 Edg/89.0.774.27",
+      `X-Requested-With` = "XMLHttpRequest",
+      `Sec-Fetch-Site` = "same-origin",
+      `Sec-Fetch-Mode` = "cors",
+      `Sec-Fetch-Dest` = "empty",
+      `Referer` = "https://radar.qrator.net/as7015/whois",
+      `Accept-Language` = "en-US,en;q=0.9"
+    ),
+    httr::set_cookies(QRADARSESSION = "k9so4i4k4opvr92kf0psa0sm85") # good until 2072
+  ) -> res
+
+  httr::stop_for_status(res)
+
+  out <- httr::content(res, as = "text", encoding = "UTF-8")
+  out <- jsonlite::fromJSON(out)
+
+  out$entry
+
+}
\ No newline at end of file
diff --git a/README.Rmd b/README.Rmd
index 4139135..a7ebd16 100644
--- a/README.Rmd
+++ b/README.Rmd
@@ -23,6 +23,10 @@ The following functions are implemented:
 hrbrpkghelpr::describe_ingredients()
 ```
 
+## TODO
+
+The rest of [the API](https://api.radar.qrator.net/).
+
 ## Installation
 
 ```{r install-ex, results='asis', echo=FALSE, cache=FALSE}
@@ -39,6 +43,12 @@ packageVersion("qradar")
 
 ```
 
+```{r ex-01}
+qr_tidy(qr_ip_lookup("17.253.144.10"))
+
+cat(qr_whois("7015"))
+```
+
 ## qradar Metrics
 
 ```{r cloc, echo=FALSE}
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..ab7de90
--- /dev/null
+++ b/README.md
@@ -0,0 +1,127 @@
+
+[![Project Status: Active – The project has reached a stable, usable
+state and is being actively
+developed.](https://www.repostatus.org/badges/latest/active.svg)](https://www.repostatus.org/#active)
+[![Signed
+by](https://img.shields.io/badge/Keybase-Verified-brightgreen.svg)](https://keybase.io/hrbrmstr)
+![Signed commit
+%](https://img.shields.io/badge/Signed_Commits-100%25-lightgrey.svg)
+[![Linux build
+Status](https://travis-ci.org/hrbrmstr/qradar.svg?branch=master)](https://travis-ci.org/hrbrmstr/qradar)  
+![Minimal R
+Version](https://img.shields.io/badge/R%3E%3D-3.6.0-blue.svg)
+![License](https://img.shields.io/badge/License-MIT-blue.svg)
+
+# qradar
+
+Gather Autonomous System, IP Address, and Routing Information from
+Qrator Radar
+
+## Description
+
+Qrator has an API (<https://api.radar.qrator.net/>) that can be queried
+for information on autonomous systems, IP addresses, and various
+internet routing metadata. Tools are provided to perform these queries
+and retrieve resultsets. Note that an account is needed to generate the
+free API key which is required for all API calls.
+
+## What’s Inside The Tin
+
+The following functions are implemented:
+
+-   `qr_api_key`: Get or set QRATOR\_RADAR\_API\_KEY value
+-   `qr_ip_lookup`: Get list of Prefixes/ASNs for selected IP
+-   `qr_tidy`: Turn a Qrator Radar raw API result into a data frame
+-   `qr_whois`: Retrieve the raw WHOIS record for a given autonomous
+    system
+
+## TODO
+
+The rest of [the API](https://api.radar.qrator.net/).
+
+## Installation
+
+``` r
+remotes::install_git("https://git.rud.is/hrbrmstr/qradar.git")
+# or
+remotes::install_gitlab("hrbrmstr/qradar")
+# or
+remotes::install_bitbucket("hrbrmstr/qradar")
+# or
+remotes::install_github("hrbrmstr/qradar")
+```
+
+NOTE: To use the ‘remotes’ install options you will need to have the
+[{remotes} package](https://github.com/r-lib/remotes) installed.
+
+## Usage
+
+``` r
+library(qradar)
+
+# current version
+packageVersion("qradar")
+## [1] '0.1.0'
+```
+
+``` r
+qr_tidy(qr_ip_lookup("17.253.144.10"))
+##    id              name short_descr          prefix as_num       found_ips
+## 1 714 APPLE-ENGINEERING                  17.0.0.0/8    714 {17.253.144.10}
+## 2 714 APPLE-ENGINEERING                17.128.0.0/9    714 {17.253.144.10}
+## 3 714 APPLE-ENGINEERING               17.253.0.0/16    714 {17.253.144.10}
+## 4 714 APPLE-ENGINEERING             17.253.144.0/21    714 {17.253.144.10}
+
+cat(qr_whois("7015"))
+## ASNumber:       7015
+## ASName:         COMCAST-7015
+## ASHandle:       AS7015
+## RegDate:        2001-12-20
+## Updated:        2021-01-25
+## Ref:            https://rdap.arin.net/registry/autnum/7015
+## 
+## OrgName:        Comcast Cable Communications, LLC
+## OrgId:          CCCS
+## Address:        1800 Bishops Gate Blvd
+## City:           Mt Laurel
+## StateProv:      NJ
+## PostalCode:     08054
+## Country:        US
+## RegDate:        2001-09-18
+## Updated:        2020-11-18
+## Ref:            https://rdap.arin.net/registry/entity/CCCS
+## 
+## OrgTechHandle: IC161-ARIN
+## OrgTechName:   Comcast Cable Communications Inc
+## OrgTechPhone:  +1-856-317-7200
+## OrgTechEmail:  CNIPEO-Ip-registration@cable.comcast.com
+## OrgTechRef:    https://rdap.arin.net/registry/entity/IC161-ARIN
+## 
+## OrgRoutingHandle: ROUTI25-ARIN
+## OrgRoutingName:   Routing
+## OrgRoutingPhone:  +1-856-317-7200
+## OrgRoutingEmail:  routing@comcast.com
+## OrgRoutingRef:    https://rdap.arin.net/registry/entity/ROUTI25-ARIN
+## 
+## OrgAbuseHandle: NAPO-ARIN
+## OrgAbuseName:   Network Abuse and Policy Observance
+## OrgAbusePhone:  +1-888-565-4329
+## OrgAbuseEmail:  abuse@comcast.net
+## OrgAbuseRef:    https://rdap.arin.net/registry/entity/NAPO-ARIN
+```
+
+## qradar Metrics
+
+| Lang | \# Files |  (%) | LoC |  (%) | Blank lines |  (%) | \# Lines | (%) |
+|:-----|---------:|-----:|----:|-----:|------------:|-----:|---------:|----:|
+| R    |        7 | 0.44 |  60 | 0.43 |          23 | 0.27 |       49 | 0.3 |
+| Rmd  |        1 | 0.06 |  10 | 0.07 |          19 | 0.23 |       32 | 0.2 |
+| SUM  |        8 | 0.50 |  70 | 0.50 |          42 | 0.50 |       81 | 0.5 |
+
+clock Package Metrics for qradar
+
+## Code of Conduct
+
+Please note that this project is released with a Contributor Code of
+Conduct. By participating in this project you agree to abide by its
+terms.
diff --git a/man/qr_api_key.Rd b/man/qr_api_key.Rd
new file mode 100644
index 0000000..d5daa81
--- /dev/null
+++ b/man/qr_api_key.Rd
@@ -0,0 +1,20 @@
+% Generated by roxygen2: do not edit by hand
+% Please edit documentation in R/api-key.R
+\name{qr_api_key}
+\alias{qr_api_key}
+\title{Get or set QRATOR_RADAR_API_KEY value}
+\usage{
+qr_api_key(force = FALSE)
+}
+\arguments{
+\item{force}{force setting a new Qrator Radar API key for the current environment?}
+}
+\value{
+atomic character vector containing the Qrator Radar API key
+}
+\description{
+The API wrapper functions in this package all rely on a Qrator Radar API
+key residing in the environment variable \code{QRATOR_RADAR_API_KEY}. The
+easiest way to accomplish this is to set it in the \verb{\code{.Renviron}} file in your
+home directory.
+}
diff --git a/man/qr_ip_lookup.Rd b/man/qr_ip_lookup.Rd
new file mode 100644
index 0000000..7daf53d
--- /dev/null
+++ b/man/qr_ip_lookup.Rd
@@ -0,0 +1,22 @@
+% Generated by roxygen2: do not edit by hand
+% Please edit documentation in R/ip-lookup.R
+\name{qr_ip_lookup}
+\alias{qr_ip_lookup}
+\title{Get list of Prefixes/ASNs for selected IP}
+\usage{
+qr_ip_lookup(ip, api_key = qr_api_key())
+}
+\arguments{
+\item{ip}{IP to lookup}
+
+\item{api_key}{your Qrator Radar API key; see \code{\link[=qr_api_key]{qr_api_key()}}.}
+}
+\value{
+list (use \code{\link[=qr_tidy]{qr_tidy()}} to turn the raw API result into a data frame)
+}
+\description{
+Get list of Prefixes/ASNs for selected IP
+}
+\examples{
+qr_tidy(qr_ip_lookup("17.253.144.10"))
+}
diff --git a/man/qr_tidy.Rd b/man/qr_tidy.Rd
new file mode 100644
index 0000000..3fd755a
--- /dev/null
+++ b/man/qr_tidy.Rd
@@ -0,0 +1,21 @@
+% Generated by roxygen2: do not edit by hand
+% Please edit documentation in R/tidy.R
+\name{qr_tidy}
+\alias{qr_tidy}
+\title{Turn a Qrator Radar raw API result into a data frame}
+\usage{
+qr_tidy(res)
+}
+\arguments{
+\item{res}{raw QRator Radar API result from the query functions in
+this package.}
+}
+\value{
+data frame
+}
+\description{
+Turn a Qrator Radar raw API result into a data frame
+}
+\examples{
+qr_tidy(qr_ip_lookup("17.253.144.10"))
+}
diff --git a/man/qr_whois.Rd b/man/qr_whois.Rd
new file mode 100644
index 0000000..2807807
--- /dev/null
+++ b/man/qr_whois.Rd
@@ -0,0 +1,22 @@
+% Generated by roxygen2: do not edit by hand
+% Please edit documentation in R/whois.R
+\name{qr_whois}
+\alias{qr_whois}
+\title{Retrieve the raw WHOIS record for a given autonomous system}
+\usage{
+qr_whois(asn)
+}
+\arguments{
+\item{asn}{autonomous system number; should be just the number but
+the function will also work if the input is prefixed with
+"AS" or "as"}
+}
+\value{
+character
+}
+\description{
+Retrieve the raw WHOIS record for a given autonomous system
+}
+\examples{
+qr_whois("7015")
+}
diff --git a/man/qradar.Rd b/man/qradar.Rd
index 72b1c73..86f7107 100644
--- a/man/qradar.Rd
+++ b/man/qradar.Rd
@@ -4,9 +4,13 @@
 \name{qradar}
 \alias{qradar}
 \alias{qradar-package}
-\title{...}
+\title{Gather Autonomous System, IP Address, and Routing Information from Qrator Radar}
 \description{
-A good description goes here otherwise CRAN checks fail.
+Qrator has an API (\url{https://api.radar.qrator.net/}) that can
+be queried for information on autonomous systems, IP addresses, and
+various internet routing metadata. Tools are provided to perform these
+queries and retrieve resultsets. Note that an account is needed to
+generate the free API key which is required for all API calls
 }
 \seealso{
 Useful links: