user/me endpoint Error since updating v1 plugin

[hefejeff]

For some reason this one endpoint stopped working after updating. Here is the response I get.

[ { "code": "json_oauth1_nonce_already_used", "message": "Invalid nonce - nonce has already been used" } ]

Any clues would be greatly appriciated.

[cyga]

+1.

After number of logins and start to return same error as above. It goes away after some time (after 3 days for sure).

It works if I comment check code:

cyga@cyga-laptop:~/dev/wordpress/OAuth1$ git diff
diff --git a/lib/class-wp-rest-oauth1.php b/lib/class-wp-rest-oauth1.php
index 268001f..ceb6a6f 100644
--- a/lib/class-wp-rest-oauth1.php
+++ b/lib/class-wp-rest-oauth1.php
@@ -779,8 +779,10 @@ class WP_REST_OAuth1 {
                if ( empty( $used_nonces ) )
                        $used_nonces = array();
 
-               if ( in_array( $nonce, $used_nonces ) )
-                       return new WP_Error( 'json_oauth1_nonce_already_used', __( 'Invalid nonce - nonce has already been used', 'rest_oauth1' ), array( 'status' => 401 ) );
+        // gives permanent error for WP API call to /users/me after login
+        // appears after 2nd-3rd login. untill some time will pass
+               //if ( in_array( $nonce, $used_nonces ) )
+               //      return new WP_Error( 'json_oauth1_nonce_already_used', __( 'Invalid nonce - nonce has already been used', 'rest_oauth1' ), array( 'status' => 401 ) );
 
                $used_nonces[ $timestamp ] = $nonce;
                

So, the questions are:

• Why is it supposed so? Am I doing smth wrong?
• How is nonce auto-changed after one call to API? If it's changed at all.