Those aren't base strings. Use the OAuth Base String validator @ <http://quonos.nl/oauthTester/>
By the way: I'm not sure about logging in with E-Mail addresses. It may work, and it may not. Tom On 10/5/10 8:27 PM, Gary wrote: > Hi, > > I'm also having this problem. I cannot login using the user's email. > AFAIK, I am encoding according to the documentation. I encode the > post body and then encode again when I create the signature base > string. > > Assume: > screen name: myscrname > password: m...@password <--- note I added @ to the password just > to see if there was something about @ which was causing the problem > email: m...@somewhere.com > > ======================================= > Using the screen name to login works fine: > > Post body > --------------- > x_auth_mode=client_auth&x_auth_password=my > %40password&x_auth_username=myscrname > > Sig base string > ---------------------- > oauth_consumer_key%3Daaaaaaaaaaaaaaaaaaaaa%26oauth_nonce > %3D3u988u37Acy3GkQWd6tJKrY3fPTefe2QYIL2WXb1R3gWP > %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp > %3D1286237702%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth > %26x_auth_password%3Dmy%2540password%26x_auth_username%3Dmyscrname > > > ======================================= > Using the email to login fails: > > Post body > --------------- > x_auth_mode=client_auth&x_auth_password=my > %40password&x_auth_username=me%40somewhere.com > > Sig base string > ---------------------- > oauth_consumer_key%3Daaaaaaaaaaaaaaaaaaaaa%26oauth_nonce > %3Dwwsim7hj1bfMylHARpmLwQerWjJJu4Y7kgzz8jCdY3Cv6%26oauth_signature_method > %3DHMAC-SHA1%26oauth_timestamp%3D1286237782%26oauth_version > %3D1.0%26x_auth_mode%3Dclient_auth%26x_auth_password%3Dmy%2540password > %26x_auth_username%3Dme%2540somewhere.com > > > > > On Aug 30, 7:17 am, Taylor Singletary <taylorsinglet...@twitter.com> > wrote: >> Hi Joe, >> >> Email can be accepted, as long as it is properly encoded. A URL encoded POST >> body by definition means that you'll already have to escape characters like >> the "@" symbol for your POST body -- then for your signature base string, >> it'll have to be encoded again. >> >> Most Twitter users sign in with their screen name and password. Do you have >> a use case where users are predominantly using their email address? >> >> Taylor >> >> On Mon, Aug 30, 2010 at 1:10 AM, joe <joe.chan...@gmail.com> wrote: >>> Hi guys, >> >>> I have a question about getting access token. >>> Can I use email address as the username? When x_auth_username = >>> "x...@xxx.com", always a error msg returned: "Failed to validate oauth >>> signature and token". But if user input username, there is no problem >>> at all. >>> So can anybody tell whether email address is accepted? Thanks a lot. >> >>> Joe >> >>> -- >>> Twitter developer documentation and resources:http://dev.twitter.com/doc >>> API updates via Twitter:http://twitter.com/twitterapi >>> Issues/Enhancements Tracker: >>> http://code.google.com/p/twitter-api/issues/list >>> Change your membership to this group: >>> http://groups.google.com/group/twitter-development-talk?hl=en > -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk