Closed weierophinney closed 3 years ago
This package is considered feature-complete, and is now in security-only maintenance mode, following a decision by the Technical Steering Committee. If you have a security issue, please follow our security reporting guidelines. If you wish to take on the role of maintainer, please nominate yourself
If you are looking for an actively maintained package alternative, we recommend:
Hello. When I tried to connect with ZendOAuth to Jira, I was always getting the same error, something like
oauth_problem=nonce_used
. That meant thatoauth_nonce
value was already used for other request.I checked out and found that requests to service provider are sending in cycle to find preffered request style - code.
Maybe it is okay, but request params generation happens before cycle (here and here)
So
oauth_nonce
in request cycle never changes as it should: http://oauth.net/core/1.0a/#nonceThis makes ZendOAuth unusable with some service providers (like Jira) that strictly checks
oauth_nonce
to be unique for each request.Originally posted by @binary-data at https://github.com/zendframework/ZendOAuth/issues/29