The response we are getting back has id_token as null in JSON, however in line 688 of AuthorizationService.java:
response = new TokenResponse.Builder(mRequest).fromResponseJson(json).build();
and
Line 223 in TokenResponse:
setIdToken(JsonUtil.getStringIfDefined(json, KEY_ID_TOKEN));
It parses the null value as a "null" string, which then fails the id token parsing at line 700 of AuthorizationService.java:
idToken = IdToken.from(response.idToken);
The ask is this, first can the bug be fixed to parse this JSON correctly so null values are not parsed as Strings? Then part 2, if a null value is parsed for id_token, to skip the idToken validation as if the id_token was never sent in the response in line 697 of AuthorizationService.java:
if (response.idToken != null) {
It looks like if a null value is sent, a JSONException will be thrown from JsonUtil.java.
Checklist:
https
with App Links for client redirect.Configuration
Issue Description
Our refresh token flow is failing due to:
AuthorizationException: {"type":0,"code":8,"errorDescription":"Unable to parse ID Token"}
Our response:
{ "access_token": "<valid access token>", "refresh_token": "<valid refresh token>", "id_token": null, "scope": "api:read-data api:write-data", "expires_in": 3600, "token_type": "bearer" }
The response we are getting back has id_token as null in JSON, however in line 688 of AuthorizationService.java:
response = new TokenResponse.Builder(mRequest).fromResponseJson(json).build();
and Line 223 in TokenResponse:setIdToken(JsonUtil.getStringIfDefined(json, KEY_ID_TOKEN));
It parses the null value as a "null" string, which then fails the id token parsing at line 700 of AuthorizationService.java:
idToken = IdToken.from(response.idToken);
The ask is this, first can the bug be fixed to parse this JSON correctly so null values are not parsed as Strings? Then part 2, if a null value is parsed for id_token, to skip the idToken validation as if the id_token was never sent in the response in line 697 of AuthorizationService.java:
if (response.idToken != null) {
It looks like if a null value is sent, a JSONException will be thrown from JsonUtil.java.