Reject oauth nonces over a day old

app/models/oauth_nonce.rb

@@ -6,7 +6,8 @@ class OauthNonce < ActiveRecord::Base
 
   # Remembers a nonce and it's associated timestamp. It returns false if it has already been used
   def self.remember(nonce, timestamp)
-    oauth_nonce = OauthNonce.create(:nonce => nonce, :timestamp => timestamp)
+    return false if Time.now.to_i - timestamp.to_i > 86400
+    oauth_nonce = OauthNonce.create(:nonce => nonce, :timestamp => timestamp.to_i)
     return false if oauth_nonce.new_record?
     oauth_nonce
   end

test/models/oauth_nonce_test.rb

@@ -8,7 +8,7 @@ class OauthNonceTest < ActiveSupport::TestCase
   # string and timestamp.
   def test_nonce_uniqueness
     string = "0123456789ABCDEF"
-    timestamp = Time.now
+    timestamp = Time.now.to_i
 
     nonce1 = OauthNonce.remember(string, timestamp)
     assert_not_equal false, nonce1, "First nonce should be unique. Check your test database is empty."
@@ -16,4 +16,16 @@ class OauthNonceTest < ActiveSupport::TestCase
     nonce2 = OauthNonce.remember(string, timestamp)
     assert_equal false, nonce2, "Shouldn't be able to remember the same nonce twice."
   end
+
+  ##
+  # nonces that are not current should be rejected
+  def test_nonce_not_current
+    string = "0123456789ABCDEF"
+
+    nonce1 = OauthNonce.remember(string, Time.now.to_i - 86430)
+    assert_equal false, nonce1, "Nonces over a day in the past should be rejected"
+
+    nonce2 = OauthNonce.remember(string, Time.now.to_i - 86370)
+    assert_not_equal false, nonce2, "Nonces under a day in the past should be rejected"
+  end
 end