"oauth_nonce" parameter doesn't change beetwen requests but it should

[binary-data]

Hello. When I tried to connect with ZendOAuth to Jira, I was always getting the same error, something like oauth_problem=nonce_used. That meant that oauth_nonce value was already used for other request.

I checked out and found that requests to service provider are sending in cycle to find preffered request style - code.

Maybe it is okay, but request params generation happens before cycle (here and here)

So oauth_nonce in request cycle never changes as it should: http://oauth.net/core/1.0a/#nonce

This makes ZendOAuth unusable with some service providers (like Jira) that strictly checks oauth_nonce to be unique for each request.

[weierophinney]

This repository has been closed and moved to laminas/laminas-oauth; a new issue has been opened at https://github.com/laminas/laminas-oauth/issues/1.