TokenResponse JSON parsing null values as "null" strings

[Brian-Durham]

Checklist:

• [x] I am using the latest release
• [x] I searched for existing GitHub issues
• [x] I read the documentation
• [x] I verified the client configuration matches the information in the identity provider (or I am using dynamic client registration)
• [x] I am either using a custom URI scheme or https with App Links for client redirect.
• [ ] I can reproduce the issue in the demo app (optional)

Configuration

• Version: 0.11.1
• Integration: Android native Kotlin/Java
• Identity provider: Ping

Issue Description

Our refresh token flow is failing due to: AuthorizationException: {"type":0,"code":8,"errorDescription":"Unable to parse ID Token"}

Our response: { "access_token": "<valid access token>", "refresh_token": "<valid refresh token>", "id_token": null, "scope": "api:read-data api:write-data", "expires_in": 3600, "token_type": "bearer" }

The response we are getting back has id_token as null in JSON, however in line 688 of AuthorizationService.java: response = new TokenResponse.Builder(mRequest).fromResponseJson(json).build(); and Line 223 in TokenResponse: setIdToken(JsonUtil.getStringIfDefined(json, KEY_ID_TOKEN));

It parses the null value as a "null" string, which then fails the id token parsing at line 700 of AuthorizationService.java: idToken = IdToken.from(response.idToken);

The ask is this, first can the bug be fixed to parse this JSON correctly so null values are not parsed as Strings? Then part 2, if a null value is parsed for id_token, to skip the idToken validation as if the id_token was never sent in the response in line 697 of AuthorizationService.java: if (response.idToken != null) { It looks like if a null value is sent, a JSONException will be thrown from JsonUtil.java.