From 5239362951956f130a1ef91d12d6b7d680220104 Mon Sep 17 00:00:00 2001
From: Philip Forget
Date: Thu, 14 Nov 2013 18:02:07 -0500
Subject: pass oauth_timestamp to oauth_provider

---
 rest_framework/authentication.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'rest_framework')

diff --git a/rest_framework/authentication.py b/rest_framework/authentication.py
index cf001a24..bca542eb 100644
--- a/rest_framework/authentication.py
+++ b/rest_framework/authentication.py
@@ -281,7 +281,8 @@ class OAuthAuthentication(BaseAuthentication):
         """
         Checks nonce of request, and return True if valid.
         """
-        return oauth_provider_store.check_nonce(request, oauth_request, oauth_request['oauth_nonce'])
+        return oauth_provider_store.check_nonce(request, oauth_request,
+            oauth_request['oauth_nonce'], oauth_request['oauth_timestamp'])
 
 
 class OAuth2Authentication(BaseAuthentication):
-- 
cgit v1.2.3


From b86765d9c02388f6bb82dbb5824a005e8fe73dec Mon Sep 17 00:00:00 2001
From: Philip Forget
Date: Fri, 15 Nov 2013 12:25:32 -0500
Subject: add auth param to request client calls

---
 rest_framework/tests/test_authentication.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'rest_framework')

diff --git a/rest_framework/tests/test_authentication.py b/rest_framework/tests/test_authentication.py
index a44813b6..fe11423d 100644
--- a/rest_framework/tests/test_authentication.py
+++ b/rest_framework/tests/test_authentication.py
@@ -362,7 +362,8 @@ class OAuthTests(TestCase):
     def test_post_form_with_urlencoded_parameters(self):
         """Ensure POSTing with x-www-form-urlencoded auth parameters passes"""
         params = self._create_authorization_url_parameters()
-        response = self.csrf_client.post('/oauth/', params)
+        auth = self._create_authorization_header()
+        response = self.csrf_client.post('/oauth/', params, HTTP_AUTHORIZATION=auth)
         self.assertEqual(response.status_code, 200)
 
     @unittest.skipUnless(oauth_provider, 'django-oauth-plus not installed')
@@ -424,7 +425,8 @@ class OAuthTests(TestCase):
         read_write_access_token.resource.is_readonly = False
         read_write_access_token.resource.save()
         params = self._create_authorization_url_parameters()
-        response = self.csrf_client.post('/oauth-with-scope/', params)
+        auth = self._create_authorization_header()
+        response = self.csrf_client.post('/oauth-with-scope/', params, HTTP_AUTHORIZATION=auth)
         self.assertEqual(response.status_code, 200)
 
     @unittest.skipUnless(oauth_provider, 'django-oauth-plus not installed')
-- 
cgit v1.2.3