Skip to content

[auth] Add NonceUtil for JWT nonce extraction and id_token field to UberToken#277

Merged
partha-uber merged 2 commits into
mainfrom
sirker-nonce-util
Jun 26, 2026
Merged

[auth] Add NonceUtil for JWT nonce extraction and id_token field to UberToken#277
partha-uber merged 2 commits into
mainfrom
sirker-nonce-util

Conversation

@partha-uber

Copy link
Copy Markdown
Contributor

Summary:

  • Intent:

    • Provide a reusable utility for extracting the `nonce` claim from a JWT `id_token` payload without signature verification, matching the approach in the iOS SDK.
    • Add the `id_token` field to `UberToken` so PKCE flows can receive and inspect it.
  • Changes:

    • New `NonceUtil.extractNonceFromIdToken()` — decodes the base64url payload segment and returns the `nonce` claim; returns null on malformed input.
    • Added `idToken` field to `UberToken`.
    • `NonceUtilTest` covers nonce-present, nonce-absent, malformed JWT, two-segment token, and invalid base64 cases.

🤖 Generated with Claude Code

Co-Authored-By: Claude [email protected]

@partha-uber partha-uber merged commit 3f5e1b4 into main Jun 26, 2026
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants