Reason for this fix: communication against a more strict OAuth server will deny the requests due to possible replay attack, as the same nonce token is used for the request/access & actual call for the resource.
I didn't solve this inside the Signature class because I think that class should not do anything by itself.
Only fixed this for Two Legged Oauth, but perhaps we should fix this in all places where a Signature class is instantiated.
(If the logic is to be moved inside the Signature class, note that several unit tests will fail.)
Reason for this fix: communication against a more strict OAuth server will deny the requests due to possible replay attack, as the same nonce token is used for the request/access & actual call for the resource.
I didn't solve this inside the Signature class because I think that class should not do anything by itself.
Only fixed this for Two Legged Oauth, but perhaps we should fix this in all places where a Signature class is instantiated.
(If the logic is to be moved inside the Signature class, note that several unit tests will fail.)