Second API call failing


I am calling the lookup.json API with 100 screen names. It works fine on the first GET or POST (tried both methods) but on the second set of 100 it fails. I tried this with even 1 screen name and the second one fails. I have also tried using the second 100 bypassing the first 100 and it worked but then the third call fails. Any idea of what would be going wrong?


What fails about the request?


I get the generic “The remote server returned an error: (401) Unauthorized.” error.


Are you using OAuth 1.0A to connect? Does it only fail when you use a “,” character in the URL or POST body? Make sure you’re encoding it correctly – API v1.1 is pretty strict about character encoding and you’ll want to make sure the query string or POST body has “%2C” instead of the literal “,” character. In the OAuth signature base string this encoding is escaped again.


All the commas are getting encoded so they show as %2C. I am using the API v1.1 and the OAuth 1.0. It works when I call the lookup with 100 names the first time. I then go through and build a second set of 100 names and make a second call. This is when it fails. I can change it to be just 1 name or 25 names. The second time i run through the loop it fails when doing the call.


This is the code that i am looping through. The string status is set to the new set of screen names each time through the loop. I am currently just trying to do 25 at a time.

                    status = status.Substring(0, status.Length - 1);

                    //The next step is to generate an encrypted oAuth signature which Twitter will use to validate the request. To do this, all of the request data is concatenated into a particular format as follows.
                    var baseFormat = "count=25&oauth_consumer_key={0}&oauth_nonce={1}&oauth_signature_method={2}" +
                        //                            "&oauth_timestamp={3}&oauth_token={4}&oauth_version={5}&screen_name={6}";

                    var baseString = string.Format(baseFormat,

                    baseString = string.Concat("POST&", Uri.EscapeDataString(resource_url),
                                 "&", Uri.EscapeDataString(baseString));
                    //Using this base string, we then encrypt the data using a composite of the secret keys and the HMAC-SHA1 algorithm.

                    var compositeKey = string.Concat(Uri.EscapeDataString(oauth_consumer_secret),
                                            "&", Uri.EscapeDataString(oauth_token_secret));

                    string oauth_signature;
                    using (HMACSHA1 hasher = new HMACSHA1(ASCIIEncoding.ASCII.GetBytes(compositeKey)))
                        oauth_signature = Convert.ToBase64String(
                    //The oAuth signature is then used to generate the Authentication header. This requires concatenating the public keys and the token generated above into the following format.

                    var headerFormat = "OAuth oauth_nonce=\"{0}\", oauth_signature_method=\"{1}\", " +
                                       "oauth_timestamp=\"{2}\", oauth_consumer_key=\"{3}\", " +
                                       "oauth_token=\"{4}\", oauth_signature=\"{5}\", " +

                    var authHeader = string.Format(headerFormat,
                    //We are now ready to send the request, which is the easy part. Note, we must also disable the Expect: 100-Continue header using the ServicePointManager. Without this code, .NET sends the header by default, which is not supported by Twitter.

                    //            var postBody = "screen_name=" + Uri.EscapeDataString(status);
                    string postBody = "screen_name=" + Uri.EscapeDataString(status);

                    ServicePointManager.Expect100Continue = false;

                    resource_url += "?" + postBody + "&count=25";
                    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(resource_url);
                    request.Headers.Add("Authorization", authHeader);
                    request.Method = "POST";
                    request.ContentType = "application/x-www-form-urlencoded";
                    var response = (HttpWebResponse)request.GetResponse();
                    var reader = new StreamReader(response.GetResponseStream());
                    string objText = reader.ReadToEnd();


I think i figured out the error. The resource_url variable was not getting reset properly.