diff --git a/lib/class-wp-json-authentication-oauth1.php b/lib/class-wp-json-authentication-oauth1.php
index d4edc5f..41cbece 100644
--- a/lib/class-wp-json-authentication-oauth1.php
+++ b/lib/class-wp-json-authentication-oauth1.php
@@ -557,7 +557,7 @@ protected function check_oauth_signature( $consumer, $oauth_params, $token = nul
 		if (substr($request_uri_path, 0, strlen($home_url_path)) == $home_url_path) {
 			$request_uri_path = substr($request_uri_path, strlen($home_url_path));
 		}
-		$base_request_uri = rawurlencode( get_home_url( null, $request_uri_path ) );
+		$base_request_uri = get_home_url( null, $request_uri_path );
 
 		// get the signature provided by the consumer and remove it from the parameters prior to checking the signature
 		$consumer_signature = rawurldecode( $params['oauth_signature'] );
@@ -573,7 +573,7 @@ protected function check_oauth_signature( $consumer, $oauth_params, $token = nul
 		$query_string = $this->create_signature_string( $params );
 
 		$token = (array) $token;
-		$string_to_sign = $http_method . '&' . $base_request_uri . '&' . $query_string;
+		$string_to_sign = $http_method . '&' . rawurlencode( $base_request_uri ) . '&' . rawurlencode( $query_string );
 		$key_parts = array(
 			$consumer->secret,
 			( $token ? $token['secret'] : '' )
@@ -610,7 +610,7 @@ protected function check_oauth_signature( $consumer, $oauth_params, $token = nul
 	 * @return string         Signature string
 	 */
 	public function create_signature_string( $params ) {
-		return implode( '%26', $this->join_with_equals_sign( $params ) ); // join with ampersand
+		return implode( '&', $this->join_with_equals_sign( $params ) ); // join with ampersand
 	}
 
 	/**
@@ -630,8 +630,8 @@ public function join_with_equals_sign( $params, $query_params = array(), $key =
 				if ( $key ) {
 					$param_key = $key . '[' . $param_key . ']'; // Handle multi-dimensional array
 				}
-				$string = $param_key . '=' . $param_value; // join with equals sign
-				$query_params[] = urlencode( $string );
+				$string = rawurlencode( $param_key ) . '=' . rawurlencode( $param_value ); // join with equals sign
+				$query_params[] = $string;
 			}
 		}
 		return $query_params;