aboutsummaryrefslogtreecommitdiffstats
path: root/rest_framework
diff options
context:
space:
mode:
Diffstat (limited to 'rest_framework')
-rw-r--r--rest_framework/authentication.py3
-rw-r--r--rest_framework/tests/test_authentication.py6
2 files changed, 6 insertions, 3 deletions
diff --git a/rest_framework/authentication.py b/rest_framework/authentication.py
index cf001a24..bca542eb 100644
--- a/rest_framework/authentication.py
+++ b/rest_framework/authentication.py
@@ -281,7 +281,8 @@ class OAuthAuthentication(BaseAuthentication):
"""
Checks nonce of request, and return True if valid.
"""
- return oauth_provider_store.check_nonce(request, oauth_request, oauth_request['oauth_nonce'])
+ return oauth_provider_store.check_nonce(request, oauth_request,
+ oauth_request['oauth_nonce'], oauth_request['oauth_timestamp'])
class OAuth2Authentication(BaseAuthentication):
diff --git a/rest_framework/tests/test_authentication.py b/rest_framework/tests/test_authentication.py
index a44813b6..fe11423d 100644
--- a/rest_framework/tests/test_authentication.py
+++ b/rest_framework/tests/test_authentication.py
@@ -362,7 +362,8 @@ class OAuthTests(TestCase):
def test_post_form_with_urlencoded_parameters(self):
"""Ensure POSTing with x-www-form-urlencoded auth parameters passes"""
params = self._create_authorization_url_parameters()
- response = self.csrf_client.post('/oauth/', params)
+ auth = self._create_authorization_header()
+ response = self.csrf_client.post('/oauth/', params, HTTP_AUTHORIZATION=auth)
self.assertEqual(response.status_code, 200)
@unittest.skipUnless(oauth_provider, 'django-oauth-plus not installed')
@@ -424,7 +425,8 @@ class OAuthTests(TestCase):
read_write_access_token.resource.is_readonly = False
read_write_access_token.resource.save()
params = self._create_authorization_url_parameters()
- response = self.csrf_client.post('/oauth-with-scope/', params)
+ auth = self._create_authorization_header()
+ response = self.csrf_client.post('/oauth-with-scope/', params, HTTP_AUTHORIZATION=auth)
self.assertEqual(response.status_code, 200)
@unittest.skipUnless(oauth_provider, 'django-oauth-plus not installed')
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-12 14:08:20 +0000