From 8f65feb334bb5412158631ce22f6a87d42027470 Mon Sep 17 00:00:00 2001
From: Johannes Wikman <jwikman@users.noreply.github.com>
Date: Thu, 14 Nov 2024 22:03:17 +0100
Subject: [PATCH 1/2] OAuth2.GetClaims() #2296

---
 .../App/OAuth2/OAuth2.Codeunit.al             | 10 ++++++++++
 .../App/OAuth2/OAuth2Impl.Codeunit.al         | 20 +++++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/src/System Application/App/OAuth2/OAuth2.Codeunit.al b/src/System Application/App/OAuth2/OAuth2.Codeunit.al
index 04a019407f..0e8afadae8 100644
--- a/src/System Application/App/OAuth2/OAuth2.Codeunit.al	
+++ b/src/System Application/App/OAuth2/OAuth2.Codeunit.al	
@@ -1503,6 +1503,16 @@ codeunit 501 OAuth2
         OAuth2Impl.AcquireOnBehalfOfTokensByTokenCache(ClientId, ClientSecret, LoginHint, RedirectURL, Scopes, TokenCache, AccessToken, IdToken, NewTokenCache);
     end;
 
+    /// <summary>
+    /// Gets the Claims Set from a JSON Web Token (JWT).
+    /// </summary>
+    /// <param name="JWT">The JSON Web Token.</param>
+    /// <returns>The JWT Claims Set.</returns>
+    procedure GetClaims(JWT: SecretText) Result: JsonObject
+    begin
+        exit(OAuth2Impl.GetClaims(JWT));
+    end;
+
     /// <summary>
     /// Get the last error message that happened during acquiring of an access token.
     /// </summary>
diff --git a/src/System Application/App/OAuth2/OAuth2Impl.Codeunit.al b/src/System Application/App/OAuth2/OAuth2Impl.Codeunit.al
index 1150fb0bb9..b26fcf5044 100644
--- a/src/System Application/App/OAuth2/OAuth2Impl.Codeunit.al	
+++ b/src/System Application/App/OAuth2/OAuth2Impl.Codeunit.al	
@@ -6,6 +6,7 @@
 namespace System.Security.Authentication;
 
 using System;
+using System.Text;
 using System.Environment;
 using System.Utilities;
 
@@ -1427,6 +1428,25 @@ codeunit 502 OAuth2Impl
         IdToken := CompoundToken.IdToken;
     end;
 
+    [NonDebuggable]
+    procedure GetClaims(JWT: SecretText) Result: JsonObject
+    var
+        Base64Convert: Codeunit "Base64 Convert";
+        PlainTextJWT: Text;
+        Base64Text: Text;
+    begin
+        if JWT.IsEmpty() then
+            exit;
+        PlainTextJWT := JWT.Unwrap();
+        if PlainTextJWT.Split('.').Count() < 3 then
+            exit;
+        Base64Text := PlainTextJWT.Split('.').Get(2);
+        Base64Text := Base64Text.Replace('-', '+').Replace('_', '/');
+        if StrLen(Base64Text) mod 4 <> 0 then
+            Base64Text := PadStr(Base64Text, StrLen(Base64Text) + (4 - StrLen(Base64Text) mod 4), '=');
+        Result.ReadFrom(Base64Convert.FromBase64(Base64Text))
+    end;
+
     procedure GetLastErrorMessage(): Text
     begin
         exit(AuthFlow.LastErrorMessage());

From 335c4e4c2b9ee8baef076d48b49bed4cc7c95605 Mon Sep 17 00:00:00 2001
From: Johannes Wikman <jwikman@users.noreply.github.com>
Date: Fri, 15 Nov 2024 16:39:56 +0100
Subject: [PATCH 2/2] OAuth2 dependency on Base64 Convert

---
 src/System Application/App/OAuth2/app.json | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/System Application/App/OAuth2/app.json b/src/System Application/App/OAuth2/app.json
index 5452d847eb..091d11f220 100644
--- a/src/System Application/App/OAuth2/app.json	
+++ b/src/System Application/App/OAuth2/app.json	
@@ -34,6 +34,12 @@
       "name": "Environment Information",
       "publisher": "Microsoft",
       "version": "26.0.0.0"
+    },
+    {
+      "id": "0846d207-5dec-4c1b-afd8-6a25e1e14b9d",
+      "name": "Base64 Convert",
+      "publisher": "Microsoft",
+      "version": "26.0.0.0"
     }
   ],
   "screenshots": [],
@@ -51,4 +57,4 @@
     "includeSourceInSymbolFile": true
   },
   "target": "OnPrem"
-}
+}
\ No newline at end of file