Skip to content

Commit

Permalink
added comment in IdToken.java
Browse files Browse the repository at this point in the history
  • Loading branch information
SayazhanBos committed Apr 10, 2024
1 parent 4674134 commit d1a4418
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion library/java/net/openid/appauth/IdToken.java
Original file line number Diff line number Diff line change
Expand Up @@ -167,7 +167,8 @@ public static IdToken from(String token) throws JSONException, IdTokenException
throw new IdTokenException("ID token must have both header and claims section");
}

// We ignore header contents, but parse it to check that it is structurally valid JSON
// We are using headers to get nonce field from it and also parse it to check that it is
// structurally valid JSON
JSONObject headers = parseJwtSection(sections[0]);
JSONObject claims = parseJwtSection(sections[1]);

Expand All @@ -182,6 +183,9 @@ public static IdToken from(String token) throws JSONException, IdTokenException
}
final Long expiration = claims.getLong(KEY_EXPIRATION);
final Long issuedAt = claims.getLong(KEY_ISSUED_AT);
// First it try to take the nonce field from the claims, and if there is no nonce field,
// it will try to take it from headers.
// When it is working with Azure the nonce field coming in the headers.
String tempNonce = JsonUtil.getStringIfDefined(claims, KEY_NONCE);
if (tempNonce == null) {
tempNonce = JsonUtil.getStringIfDefined(headers, KEY_NONCE);
Expand Down

0 comments on commit d1a4418

Please sign in to comment.