Signature Base String Oddities %252C?


#1

So I’m trying to get user information for 3 users. Here is the example GET

https://api.twitter.com/1.1/users/lookup.json?user_id=59111737,48485771,41754227

Using the OAuth tool it tells me that the signature base string should be the following:

GET&https%3A%2F%2Fapi.twitter.com%2F1.1%2Fusers%2Flookup.json&oauth_consumer_key%3DoKmllzrSUFacB5TvKNZ5DA%26oauth_nonce%3Daf8516d0b02d79d4faa6b588868b32cc%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1370998796%26oauth_token%3D59111737-kwHDrz74IDYkldcpuLqaA4BvzxrLQnYStdIEuy5g%26oauth_version%3D1.0%26user_id%3D59111737%252C%252048485771%252C%252041754227

I understand how it works as I’ve used this plenty of times and had success. However, when I try to send a comma separated list the signature base puts a %252C between each number. I’m not sure how I’m supposed to come up with the same base. Doing a Uri.EscapeDataString on the query would yield just a %25 between each number. Where is this 2C coming from???

Thanks,

  • jeff

#2

The base string components wind up being encoded twice. The comma is encoded as %2C when the individual parameter values are encoded. Then that gets converted to %252C when the entire list of sorted parameters is encoded again. So it sounds like you’re not encoding the comma correctly when encoding each parameter value.