You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The response we are getting back has id_token as null in JSON, however in line 688 of AuthorizationService.java: response = new TokenResponse.Builder(mRequest).fromResponseJson(json).build();
and
Line 223 in TokenResponse: setIdToken(JsonUtil.getStringIfDefined(json, KEY_ID_TOKEN));
It parses the null value as a "null" string, which then fails the id token parsing at line 700 of AuthorizationService.java: idToken = IdToken.from(response.idToken);
The ask is this, first can the bug be fixed to parse this JSON correctly so null values are not parsed as Strings? Then part 2, if a null value is parsed for id_token, to skip the idToken validation as if the id_token was never sent in the response in line 697 of AuthorizationService.java: if (response.idToken != null) {
It looks like if a null value is sent, a JSONException will be thrown from JsonUtil.java.
The text was updated successfully, but these errors were encountered:
Checklist:
https
with App Links for client redirect.Configuration
Issue Description
Our refresh token flow is failing due to:
AuthorizationException: {"type":0,"code":8,"errorDescription":"Unable to parse ID Token"}
Our response:
{ "access_token": "<valid access token>", "refresh_token": "<valid refresh token>", "id_token": null, "scope": "api:read-data api:write-data", "expires_in": 3600, "token_type": "bearer" }
The response we are getting back has id_token as null in JSON, however in line 688 of AuthorizationService.java:
response = new TokenResponse.Builder(mRequest).fromResponseJson(json).build();
and
Line 223 in TokenResponse:
setIdToken(JsonUtil.getStringIfDefined(json, KEY_ID_TOKEN));
It parses the null value as a "null" string, which then fails the id token parsing at line 700 of AuthorizationService.java:
idToken = IdToken.from(response.idToken);
The ask is this, first can the bug be fixed to parse this JSON correctly so null values are not parsed as Strings? Then part 2, if a null value is parsed for id_token, to skip the idToken validation as if the id_token was never sent in the response in line 697 of AuthorizationService.java:
if (response.idToken != null) {
It looks like if a null value is sent, a JSONException will be thrown from JsonUtil.java.
The text was updated successfully, but these errors were encountered: