使用oAuth和C#在Tumblr上发布内容

我正在尝试开发一个简单的应用程序，使用v2 API与Tumblr进行交互。 我能够通过oAuth流程中的每一步（感谢在Twitter上找到的文档）并获得授权和认证的令牌和密钥。 但是当涉及发布时，我得到了401未经授权的错误。这是相关的代码片段：

    private void post_Click(object sender, System.Windows.RoutedEventArgs e)
    {
        url = new Uri("http://api.tumblr.com/v2/blog/*myblog*.tumblr.com/post");

        Random random = new Random();
        nonce = random.Next(1234000, 9999999).ToString();

        TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0);
        timestamp = Convert.ToInt64(ts.TotalSeconds).ToString();

        string method = "POST";

        StringBuilder sb = new StringBuilder();
        sb.AppendFormat("{0}&", method);
        sb.AppendFormat("{0}&", upperCaseUrl(HttpUtility.UrlEncode(url.ToString())));
        sb.AppendFormat("body%3D{0}%26", upperCaseUrl(HttpUtility.UrlEncode(textBox.Text)));
        sb.AppendFormat("oauth_consumer_key%3D{0}%26", consumerKey);
        sb.AppendFormat("oauth_nonce%3D{0}%26", nonce);
        sb.AppendFormat("oauth_signature_method%3D{0}%26", "HMAC-SHA1");
        sb.AppendFormat("oauth_timestamp%3D{0}%26", timestamp);
        sb.AppendFormat("oauth_token%3D{0}%26", token);
        sb.AppendFormat("oauth_version%3D{0}%26", "1.0");
        sb.AppendFormat("type%3D{0}", "text");

        System.Diagnostics.Debug.WriteLine(sb.ToString());

        string signingKey = consumerSecret + '&' + secret;

        HMACSHA1 signing = new HMACSHA1(Encoding.ASCII.GetBytes(signingKey));
        byte[] bytearray = Encoding.ASCII.GetBytes(sb.ToString());
        MemoryStream stream = new MemoryStream(bytearray);
        signature = Convert.ToBase64String(signing.ComputeHash(stream));

        ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

        StringBuilder header = new StringBuilder();
        header.Append("OAuth ");
        header.AppendFormat("oauth_consumer_key=\"{0}\", ", consumerKey);
        header.AppendFormat("oauth_token=\"{0}\", ", token);
        header.AppendFormat("oauth_nonce=\"{0}\", ", nonce);
        header.AppendFormat("oauth_timestamp=\"{0}\", ", timestamp);
        header.AppendFormat("oauth_signature_method=\"{0}\", ", "HMAC-SHA1");
        header.AppendFormat("oauth_version=\"{0}\", ", "1.0");
        header.AppendFormat("oauth_signature=\"{0}\"", upperCaseUrl(HttpUtility.UrlEncode(signature)));

        System.Diagnostics.Debug.WriteLine(header.ToString());

        HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);

        request.Method = WebRequestMethods.Http.Post;

        request.Headers.Add("Authorization", header.ToString());

        try
        {
            HttpWebResponse response = request.GetResponse() as HttpWebResponse;
            StreamReader reader = new StreamReader(response.GetResponseStream());

            if (reader.ReadToEnd() == "201: Created")
            {
                control.Invoke((MethodInvoker)delegate
                {
                    statusText.Text = "Post successfully sent!";
                });
            }
        }
        catch (Exception ex)
        {
            System.Diagnostics.Debug.WriteLine(ex.Message);
        }
    }

当点击按钮时，会调用该函数并从文本框中获取正文。签名部分是正确的，因为它已经在其他服务（Twitter等）中进行了测试，并且仍为Tumblr本身提供有效的签名。授权标头基本上与我用于请求令牌和授权的标头相同，而基础字符串只包含内容类型（在此情况下为文本）和正文，除了oauth_*标准参数。我还使用hueniverse.com上可用的工具检查了代码，但仍然没有发现问题。
也许我遗漏了一些HTTP标头，或者我正在POST错误的请求。有任何想法吗？谢谢。