- changed status to open
Hard to get IDTokenClaimsSet from JWT
The OIDCAccessTokenResponse.getIDToken() and AuthenticationRequest.getIDTokenHint() methods both return an ID token as a JWT. The best way to read the claims from an ID token seems to be to convert it to an IDTokenClaimsSet, but the code to do this is rather obtuse:
JWT jwt = foo();
IDTokenClaimsSet claims = new IDTokenClaimsSet(new JWTClaimsSet(jwt.getJWTClaimsSet()));
The new JWTClaimsSet is needed because getJWTClaimsSet() returns a ReadOnlyJWTClaimsSet, while the IDTokenClaimsSet constructor requires an JWTClaimsSet.
The constructor IDTokenClaimsSet(final JWTClaimsSet jwtClaimsSet) simply invokes the toJSONObject() method, which is declared in ReadOnlyJWTClaimsSet. Could this constructor be modified to accept a ReadOnlyJWTClaimsSet instead?
Comments (3)
-
-
- changed status to resolved
Switched constructor to ReadOnlyJWTClaimsSet, see commit 0473240.
-
The change is now on Maven Central as version 4.2 of the SDK.
Thanks for suggesting this!
- Log in to comment
Good catch!