4 files changed, 27 insertions, 1 deletions

diff --git a/Auth/OpenID/MySQLStore.php b/Auth/OpenID/MySQLStore.php
index 4b2d29d..04dded8 100644
--- a/Auth/OpenID/MySQLStore.php
+++ b/Auth/OpenID/MySQLStore.php
@@ -60,6 +60,9 @@ class Auth_OpenID_MySQLStore extends Auth_OpenID_SQLStore {
 
         $this->sql['get_expired'] =
             "SELECT server_url FROM %s WHERE issued + lifetime < ?";
+
+        $this->sql['clean_nonce'] =
+            "DELETE FROM %s WHERE timestamp < ?";
     }
 
     /**
diff --git a/Auth/OpenID/PostgreSQLStore.php b/Auth/OpenID/PostgreSQLStore.php
index ffbbc69..8babed4 100644
--- a/Auth/OpenID/PostgreSQLStore.php
+++ b/Auth/OpenID/PostgreSQLStore.php
@@ -61,6 +61,9 @@ class Auth_OpenID_PostgreSQLStore extends Auth_OpenID_SQLStore {
                   "INSERT INTO %s (server_url, timestamp, salt) VALUES ".
                   "(?, ?, ?)"
                   ;
+
+        $this->sql['clean_nonce'] =
+            "DELETE FROM %s WHERE timestamp < ?";
     }
 
     /**
diff --git a/Auth/OpenID/SQLStore.php b/Auth/OpenID/SQLStore.php
index 0f58203..4192022 100644
--- a/Auth/OpenID/SQLStore.php
+++ b/Auth/OpenID/SQLStore.php
@@ -35,6 +35,11 @@ require_once 'Auth/OpenID/Nonce.php';
 require_once 'Auth/OpenID.php';
 
 /**
+ * @access private
+ */
+require_once 'Auth/OpenID/Nonce.php';
+
+/**
  * This is the parent class for the SQL stores, which contains the
  * logic common to all of the SQL stores.
  *
@@ -250,7 +255,8 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore {
                               array(
                                     'value' => $this->nonces_table_name,
                                     'keys' => array('nonce_table',
-                                                    'add_nonce')
+                                                    'add_nonce',
+                                                    'clean_nonce')
                                     ),
                               array(
                                     'value' => $this->associations_table_name,
@@ -553,6 +559,17 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore {
 
         return $result;
     }
+
+    function cleanupNonces()
+    {
+        global $Auth_OpenID_SKEW;
+        $v = time() - $Auth_OpenID_SKEW;
+
+        $this->connection->query($this->sql['clean_nonce'], array($v));
+        $num = $this->connection->affectedRows();
+        $this->connection->commit();
+        return $num;
+    }
 }
 
 ?>
diff --git a/Auth/OpenID/SQLiteStore.php b/Auth/OpenID/SQLiteStore.php
index debb5fe..a242f9b 100644
--- a/Auth/OpenID/SQLiteStore.php
+++ b/Auth/OpenID/SQLiteStore.php
@@ -47,6 +47,9 @@ class Auth_OpenID_SQLiteStore extends Auth_OpenID_SQLStore {
 
         $this->sql['add_nonce'] =
             "INSERT INTO %s (server_url, timestamp, salt) VALUES (?, ?, ?)";
+
+        $this->sql['clean_nonce'] =
+            "DELETE FROM %s WHERE timestamp < ?";
     }
 
     /**