summaryrefslogtreecommitdiffstats
path: root/src/DotNetOAuth/Messaging/Bindings/NonceMemoryStore.cs
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOAuth/Messaging/Bindings/NonceMemoryStore.cs')
-rw-r--r--src/DotNetOAuth/Messaging/Bindings/NonceMemoryStore.cs6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/DotNetOAuth/Messaging/Bindings/NonceMemoryStore.cs b/src/DotNetOAuth/Messaging/Bindings/NonceMemoryStore.cs
index 05e0f13..98b93ff 100644
--- a/src/DotNetOAuth/Messaging/Bindings/NonceMemoryStore.cs
+++ b/src/DotNetOAuth/Messaging/Bindings/NonceMemoryStore.cs
@@ -56,6 +56,12 @@ namespace DotNetOAuth.Messaging.Bindings {
/// <see cref="StandardExpirationBindingElement.MaximumMessageAge"/> property.
/// </remarks>
public bool StoreNonce(string nonce, DateTime timestamp) {
+ if (timestamp.ToUniversalTime() + this.maximumMessageAge < DateTime.UtcNow) {
+ // The expiration binding element should have taken care of this, but perhaps
+ // it's at the boundary case. We should fail just to be safe.
+ return false;
+ }
+
// TODO: implement actual nonce checking.
Logger.Warn("Nonce checking not implemented yet.");
return true;