Thanks Matt. I changed as you suggeted, making my baseString:

POST&http%3A%2F%2Fapi.twitter.com%2F1%2Fusers
%2Flookup.json&oauth_consumer_key%3DaaaaaaaaaaaaT5nsfaBaAg
%26oauth_nonce%3DzIImL4%26oauth_signature_method%3DHMAC-
SHA1%26oauth_timestamp%3D1289231301%26oauth_token%3D2111119-
AFQKivyAAAAAZbTBBBBBjIcf59AAAAAAmMAunpJO%26user_id
%3D21295828%252C20138230%252C15799970%252C12304722%252C39765560

The API now returns:

{"error":"Read-only application cannot POST","request":"\/1\/users\/
lookup.json"}

I've double-checked the application settings and its set to
read&write, which rules out my original thought.

On Nov 8, 3:26 pm, Matt Harris <mhar...@twitter.com> wrote:
> In the basestring the encoded POST parameters are encoded again. This means 
> the %2C for the comma should be encoded too, making it %252C in the 
> basestring.
>
> Give that a try and let us know how it goes.
>
> Best,
> @themattharris
>
> On Nov 7, 2010, at 23:51, EL <lee....@gmail.com> wrote:
>
>
>
> > Still struggling with this. Been playing around with all the
> > parameters but cannot seem to authenticate these requests.
>
> > Anyone able to suggest any cause?
>
> > Thanks
>
> > On Nov 3, 8:47 am, EL <lee....@gmail.com> wrote:
> >> Thanks. I took the square brackets out, but still get back:
>
> >> {"error":"Incorrect signature","request":"\/1\/users\/lookup.json"}
>
> >> TEST_IDS now encodes to:
> >> 21295828%2C20138230%2C15799970%2C12304722%2C39765560
>
> >> and my baseString now comprises of:
>
> >> POST&http%3A%2F%2Fapi.twitter.com%2F1%2Fusers
> >> %2Flookup.json&oauth_consumer_key%3DabigCxu2JyYT5nsfaBaAg%26oauth_nonce
> >> %3DtfNqBN%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
> >> %3D1288773899%26oauth_token%3D14527377-
> >> AFQKivy5CnpuZbTwiKDscjIcf59AuVlg0mMArdwJO%26user_id
> >> %3D40694828%2C20138230%2C15799970%2C12304722%2C39765560
>
> >> Thanks
>
> >> On Nov 2, 4:11 pm, Taylor Singletary <taylorsinglet...@twitter.com>
> >> wrote:
>
> >>> It looks like your TEST_IDS array would turn
> >>> into %5B21495828%2C20128230%2C15798970%2C12374722%2C39745560%5D with the
> >>> code here. You don't need/shouldn't wrap the list of ids in square
> >>> brackets.
>
> >>> Taylor
>
> >>> On Tue, Nov 2, 2010 at 6:46 AM, EL <lee....@gmail.com> wrote:
> >>>> I am attempting to call the batch lookup method (http://
> >>>> dev.twitter.com/doc/get/users/lookup) using JavaScript. I've
> >>>> successfully managed to authorize the user and obtain an Access token
> >>>> etc. and I'm not attempting to make the data request:
>
> >>>> var TEST_IDS =
> >>>> escape("[21495828,20128230,15798970,12374722,39745560]");
> >>>> var LOOKUP_URL = 'http://api.twitter.com/1/users/lookup.json';
> >>>>    var oauth_nonce = getNonce(); //Returns a random nonce. Confirmed
> >>>> as working OK
> >>>>    var newtimestamp = getTimeStamp(); //Confirmed as working OK
> >>>>    var baseString = "POST&http%3A%2F%2Fapi.twitter.com%2F1%2Fusers
> >>>> %2Flookup.json&oauth_consumer_key%3D" + oauth_consumer_key +
> >>>>                "%26oauth_nonce%3D" + oauth_nonce +
> >>>>                "%26oauth_signature_method%3DHMAC-
> >>>> SHA1%26oauth_timestamp%3D" + newtimestamp +
> >>>>                "%26oauth_token%3D" + authentication.oauth_token +
> >>>>                "%26user_id%3D" + TEST_IDS;
>
> >>>>    var oauth_signature_base = oauth_consumer_secret + "&" +
> >>>> authentication.oauth_token_secret;
> >>>>    var oauth_signature = b64_hmac_sha1(oauth_signature_base,
> >>>> baseString);
> >>>>    var key = "oauth_consumer_key=" + oauth_consumer_key;
> >>>>    var method = "&oauth_signature_method=" + oauth_signature_method;
> >>>>    var signature = "&oauth_signature=" + oauth_signature;
> >>>>    var timestamp = "&oauth_timestamp=" + newtimestamp;
> >>>>    var nonce = "&oauth_nonce=" + oauth_nonce;
> >>>>    var oauth_token = "&oauth_token=" + authentication.oauth_token;
> >>>>    var list = "&user_id=" + TEST_IDS;
>
> >>>>    var postdata = key + nonce + signature + method + timestamp +
> >>>> oauth_token + list;
>
> >>>>    //Make our request
> >>>>    var req = new Ajax.Request(LOOKUP_URL, {
> >>>>        method: 'post',
> >>>>        evalJSON: 'true',
> >>>>        postBody: postdata,
> >>>>        contentType: 'application/x-www-form-urlencoded',
> >>>>        onComplete: function(response) {
> >>>>            ListRequestComplete(response);
> >>>>        }
> >>>>    });
>
> >>>> However, the above is returning the following from the API:
>
> >>>> {"error":"Incorrect signature","request":"\/1\/users\/lookup.json"}
>
> >>>> I've confirmed that the authentication object contains the token and
> >>>> token_secret correctly received from the AccessToken process, so I
> >>>> don't know what I'm doing wrong here.
> >>>> Can anyone advise what I'm doing wrong in my signature to make the
> >>>> above request?
>
> >>>> Thanks
>
> >>>> --
> >>>> Twitter developer documentation and resources:http://dev.twitter.com/doc
> >>>> API updates via Twitter:http://twitter.com/twitterapi
> >>>> Issues/Enhancements Tracker:
> >>>>http://code.google.com/p/twitter-api/issues/list
> >>>> Change your membership to this group:
> >>>>http://groups.google.com/group/twitter-development-talk
>
> > --
> > Twitter developer documentation and resources:http://dev.twitter.com/doc
> > API updates via Twitter:http://twitter.com/twitterapi
> > Issues/Enhancements Tracker:http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this 
> > group:http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Reply via email to