Merge branch 'develop' into OWP-37_biometrics

onewelcome · Oct 24, 2024 · 175a67d · 175a67d
2 parents 1a21021 + e17867d
commit 175a67d
Show file tree

Hide file tree

Showing 19 changed files with 191 additions and 11 deletions.
diff --git a/android/src/main/kotlin/com/onegini/mobile/sdk/flutter/OneWelcomeWrapperErrors.kt b/android/src/main/kotlin/com/onegini/mobile/sdk/flutter/OneWelcomeWrapperErrors.kt
@@ -30,6 +30,7 @@ enum class OneWelcomeWrapperErrors(val code: Int, val message: String) {
   ),
   CONFIG_ERROR(8059, "Something went wrong while setting the configuration"), // Android only
   BIOMETRIC_AUTHENTICATION_NOT_AVAILABLE(8060, "Biometric authentication is not supported on this device"),
+  ID_TOKEN_NOT_AVAILABLE(8061, "Id Token not available"),
 
   BIOMETRIC_AUTHENTICATION_NOT_IN_PROGRESS(8062, "Biometric Authentication is currently not in progress"), // Android only
 

diff --git a/android/src/main/kotlin/com/onegini/mobile/sdk/flutter/PigeonInterface.kt b/android/src/main/kotlin/com/onegini/mobile/sdk/flutter/PigeonInterface.kt
@@ -35,6 +35,7 @@ import com.onegini.mobile.sdk.flutter.useCases.GetAppToWebSingleSignOnUseCase
 import com.onegini.mobile.sdk.flutter.useCases.GetAuthenticatedUserProfileUseCase
 import com.onegini.mobile.sdk.flutter.useCases.GetBiometricAuthenticatorUseCase
 import com.onegini.mobile.sdk.flutter.useCases.GetIdentityProvidersUseCase
+import com.onegini.mobile.sdk.flutter.useCases.GetIdTokenUseCase
 import com.onegini.mobile.sdk.flutter.useCases.GetPreferredAuthenticatorUseCase
 import com.onegini.mobile.sdk.flutter.useCases.GetRedirectUrlUseCase
 import com.onegini.mobile.sdk.flutter.useCases.GetUserProfilesUseCase
@@ -178,6 +179,9 @@ open class PigeonInterface : UserClientApi, ResourceMethodApi {
   @Inject
   lateinit var biometricDenyAuthRequestUseCase: BiometricDenyAuthenticationRequestUseCase
 
+  @Inject
+  lateinit var getIdTokenUseCase: GetIdTokenUseCase
+
   @Inject
   lateinit var oneginiSDK: OneginiSDK
   override fun startApplication(
@@ -364,6 +368,10 @@ open class PigeonInterface : UserClientApi, ResourceMethodApi {
   override fun biometricDenyAuthenticationRequest(callback: (Result<Unit>) -> Unit) {
     biometricDenyAuthRequestUseCase(callback)
   }
+
+  override fun getIdToken(callback: (Result<String>) -> Unit) {
+    callback(getIdTokenUseCase())
+  }
 }
 
 fun CustomInfo.mapToOwCustomInfo(): OWCustomInfo {

diff --git a/android/src/main/kotlin/com/onegini/mobile/sdk/flutter/pigeonPlugin/Pigeon.gen.kt b/android/src/main/kotlin/com/onegini/mobile/sdk/flutter/pigeonPlugin/Pigeon.gen.kt
@@ -516,6 +516,7 @@ interface UserClientApi {
   fun pinAcceptRegistrationRequest(pin: String, callback: (Result<Unit>) -> Unit)
   /** Browser Registration Callbacks */
   fun cancelBrowserRegistration(callback: (Result<Unit>) -> Unit)
+  fun getIdToken(callback: (Result<String>) -> Unit)
 
   companion object {
     /** The codec used by UserClientApi. */
@@ -1267,6 +1268,24 @@ interface UserClientApi {
           channel.setMessageHandler(null)
         }
       }
+      run {
+        val channel = BasicMessageChannel<Any?>(binaryMessenger, "dev.flutter.pigeon.UserClientApi.getIdToken", codec)
+        if (api != null) {
+          channel.setMessageHandler { _, reply ->
+            api.getIdToken() { result: Result<String> ->
+              val error = result.exceptionOrNull()
+              if (error != null) {
+                reply.reply(wrapError(error))
+              } else {
+                val data = result.getOrNull()
+                reply.reply(wrapResult(data))
+              }
+            }
+          }
+        } else {
+          channel.setMessageHandler(null)
+        }
+      }
     }
   }
 }

diff --git a/android/src/main/kotlin/com/onegini/mobile/sdk/flutter/useCases/GetIdTokenUseCase.kt b/android/src/main/kotlin/com/onegini/mobile/sdk/flutter/useCases/GetIdTokenUseCase.kt
@@ -0,0 +1,17 @@
+package com.onegini.mobile.sdk.flutter.useCases
+
+import com.onegini.mobile.sdk.flutter.OneWelcomeWrapperErrors.ID_TOKEN_NOT_AVAILABLE
+import com.onegini.mobile.sdk.flutter.OneginiSDK
+import com.onegini.mobile.sdk.flutter.helpers.SdkError
+import javax.inject.Inject
+import javax.inject.Singleton
+
+@Singleton
+class GetIdTokenUseCase @Inject constructor(private val oneginiSDK: OneginiSDK) {
+  operator fun invoke(): Result<String> {
+    oneginiSDK.oneginiClient.userClient.idToken?.let { idtoken ->
+      return Result.success(idtoken)
+    }
+    return Result.failure(SdkError(ID_TOKEN_NOT_AVAILABLE).pigeonError())
+  }
+}
diff --git a/android/src/test/java/com/onegini/mobile/sdk/GetIdTokenUseCaseTests.kt b/android/src/test/java/com/onegini/mobile/sdk/GetIdTokenUseCaseTests.kt
@@ -0,0 +1,44 @@
+package com.onegini.mobile.sdk
+
+import com.onegini.mobile.sdk.flutter.OneWelcomeWrapperErrors.*
+import com.onegini.mobile.sdk.flutter.OneginiSDK
+import com.onegini.mobile.sdk.flutter.SdkErrorAssert
+import com.onegini.mobile.sdk.flutter.useCases.GetIdTokenUseCase
+import org.junit.Assert
+import org.junit.Before
+import org.junit.Test
+import org.junit.runner.RunWith
+import org.mockito.Answers
+import org.mockito.Mock
+import org.mockito.junit.MockitoJUnitRunner
+import org.mockito.kotlin.whenever
+
+@RunWith(MockitoJUnitRunner::class)
+class GetIdTokenUseCaseTests {
+  @Mock(answer = Answers.RETURNS_DEEP_STUBS)
+  lateinit var oneginiSdk: OneginiSDK
+
+  private lateinit var getIdTokenUseCase: GetIdTokenUseCase
+
+  @Before
+  fun attach() {
+    getIdTokenUseCase = GetIdTokenUseCase(oneginiSdk)
+  }
+
+  @Test
+  fun `When the idToken is null, Then should return error as ID_TOKEN_NOT_AVAILABLE`() {
+    whenever(oneginiSdk.oneginiClient.userClient.idToken).thenReturn(null)
+
+    val result = getIdTokenUseCase().exceptionOrNull()
+    SdkErrorAssert.assertEquals(ID_TOKEN_NOT_AVAILABLE, result)
+  }
+
+  @Test
+  fun `When the idToken exists, Then should return the idToken`() {
+    whenever(oneginiSdk.oneginiClient.userClient.idToken).thenReturn("test id token")
+
+    val result = getIdTokenUseCase()
+
+    Assert.assertEquals(result.getOrNull(), "test id token")
+  }
+}
diff --git a/...le/android/app/src/main/kotlin/com/onegini/mobile/onegini_example/OneginiConfigModel.java b/...le/android/app/src/main/kotlin/com/onegini/mobile/onegini_example/OneginiConfigModel.java
@@ -13,11 +13,11 @@ public class OneginiConfigModel implements OneginiClientConfigModel {
   private final String appVersion = "1.1.0";
   private final String baseURL = "https://mobile-security-proxy.test.onegini.com";
   private final String resourceBaseURL = "https://mobile-security-proxy.test.onegini.com/resources/";
-  private final String keystoreHash = "b416223e7d1779f156bc81113fa748ca109e58492e09006d72fc34ecd4a0187b";
+  private final String keystoreHash = "8295209ea429be2cd6eb57a2d0c91c718314392b415799ab852e9e7b81aae986";
   private final int maxPinFailures = 3;
   private final String serverPublicKey = "7890DAAA329A2443B757B48A0DEFE6D5C5EAEE87C23209AA0C1F51B87C963406";
   private final String serverType = "access";
-  private final String serverVersion = "0809c19";
+  private final String serverVersion = "fe2674a";
 
   public String getAppIdentifier() {
     return appIdentifier;

diff --git a/example/android/app/src/main/res/raw/keystore.bks b/example/android/app/src/main/res/raw/keystore.bks
diff --git a/example/ios/Configuration/OneginiConfigModel.m b/example/ios/Configuration/OneginiConfigModel.m
@@ -6,14 +6,14 @@ @implementation OneginiConfigModel
 
 + (NSArray *)certificates
 {
-	return @[@"MIIDzTCCArWgAwIBAgIQCjeHZF5ftIwiTv0b7RQMPDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDEyNzEyNDgwOFoXDTI0MTIzMTIzNTk1OVowSjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEENsb3VkZmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkZmxhcmUgSW5jIEVDQyBDQS0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj7+7Te9hRsTJc9QkT+DuHM5ss1FxL2ruTAUJd9NyYqSb16OCAWgwggFkMB0GA1UdDgQWBBSlzjfq67B1DpRniLRF+tkkEIeWHzAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmwwbQYDVR0gBGYwZDA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAAUkHd0bsCrrmNaF4zlNXmtXnYJX/OvoMaJXkGUFvhZEOFp3ArnPEELG4ZKk40Un+ABHLGioVplTVI+tnkDB0A+21w0LOEhsUCxJkAZbZB2LzEgwLt4I4ptJIsCSDBFelpKU1fwg3FZs5ZKTv3ocwDfjhUkV+ivhdDkYD7fa86JXWGBPzI6UAPxGezQxPk1HgoE6y/SJXQ7vTQ1unBuCJN0yJV0ReFEQPaA1IwQvZW+cwdFD19Ae8zFnWSfda9J1CZMRJCQUzym+5iPDuI9yP+kHyCREU3qzuWFloUwOxkgAyXVjBYdwRVKD05WdRerw6DEdfgkfCv4+3ao8XnTSrLE=", @"MIIFjDCCA3SgAwIBAgINAgO8UKMnU/CRgCLt8TANBgkqhkiG9w0BAQsFADBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAwMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFQNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOC8CSMvy2Hr7LZp676yrpE1ls+/rL3smUW3N4Q6E8tEFhaKIaHoe5qs6DZdU9/oVIBi1WoSlsGSMg2EiWrifnyI1+dYGX5XNq+OuhcbX2c0IQYhTDNTpvsPNiz4ZbU88ULZduPsHTL9h7zePGslcXdc8MxiIGvdKpv/QzjBZXwxRBPZWP6oK/GGD3Fod+XedcFibMwsHSuPZIQa4wVd90LBFf7gQPd6iI01eVWsvDEjUGxwwLbYuyA0P921IbkBBq2tgwrYnF92a/Z8V76wB7KoBlcVfCA0SoMB4aQnzXjKCtb7yPIox2kozru/oPcgkwlsE3FUa2em9NbhMIaWukCAwEAAaOCAXYwggFyMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU1fyeDd8eyt0Il5duK8VfxSv17LgwHwYDVR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcwAoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsME0GA1UdIARGMEQwOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3BraS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAgEAbGMn7iPf5VJoTYFmkYXffWXlWzcxCCayB12avrHKAbmtv5139lEd15jFC0mhe6HX02jlRA+LujbdQoJ30o3d9T/768gHmJPuWtC1Pd5LHC2MTex+jHv+TkD98LSzWQIQUVzjwCv9twZIUX4JXj8P3Kf+l+d5xQ5EiXjFaVkpoJo6SDYpppSTVS24R7XplrWfB82mqz4yisCGg8XBQcifLzWODcAHeuGsyWW1y4qn3XHYYWU5hKwyPvd6NvFWn1epQW1akKfbOup1gAxjC2l0bwdMFfM3KKUZpG719iDNY7J+xCsJdYna0Twuck82GqGeRNDNm6YjCD+XoaeeWqX3CZStXXZdKFbRGmZRUQd73j2wyO8weiQtvrizhvZL9/C1T//Oxvn2PyonCA8JPiNax+NCLXo25D2YlmA5mOrR22Mq63gJsU4hs463zj6S8ZVcpDnQwCvIUxX10i+CzQZ0Z5mQdzcKly3FHB700FvpFePqAgnIE9cTcGW/+4ibWiW+dwnhp2pOEXW5Hk3xABtqZnmOw27YbaIiom0F+yzy8VDloNHYnzV9/HCrWSoC8b6w0/H4zRK5aiWQW+OFIOb12stAHBk0IANhd7p/SA9JCynr52Fkx2PRR+sc4e6URu85c8zuTyuN3PtYp7NlIJmVuftVb9eWbpQ99HqSjmMd320="]; //Base64Certificates
+	return @[@"MIIDzTCCArWgAwIBAgIQCjeHZF5ftIwiTv0b7RQMPDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDEyNzEyNDgwOFoXDTI0MTIzMTIzNTk1OVowSjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEENsb3VkZmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkZmxhcmUgSW5jIEVDQyBDQS0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj7+7Te9hRsTJc9QkT+DuHM5ss1FxL2ruTAUJd9NyYqSb16OCAWgwggFkMB0GA1UdDgQWBBSlzjfq67B1DpRniLRF+tkkEIeWHzAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmwwbQYDVR0gBGYwZDA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAAUkHd0bsCrrmNaF4zlNXmtXnYJX/OvoMaJXkGUFvhZEOFp3ArnPEELG4ZKk40Un+ABHLGioVplTVI+tnkDB0A+21w0LOEhsUCxJkAZbZB2LzEgwLt4I4ptJIsCSDBFelpKU1fwg3FZs5ZKTv3ocwDfjhUkV+ivhdDkYD7fa86JXWGBPzI6UAPxGezQxPk1HgoE6y/SJXQ7vTQ1unBuCJN0yJV0ReFEQPaA1IwQvZW+cwdFD19Ae8zFnWSfda9J1CZMRJCQUzym+5iPDuI9yP+kHyCREU3qzuWFloUwOxkgAyXVjBYdwRVKD05WdRerw6DEdfgkfCv4+3ao8XnTSrLE=", @"MIICnzCCAiWgAwIBAgIQf/MZd5csIkp2FV0TttaF4zAKBggqhkjOPQQDAzBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjQwHhcNMjMxMjEzMDkwMDAwWhcNMjkwMjIwMTQwMDAwWjA7MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMQwwCgYDVQQDEwNXRTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARvzTr+Z1dHTCEDhUDCR127WEcPQMFcF4XGGTfn1XzthkubgdnXGhOlCgP4mMTG6J7/EFmPLCaY9eYmJbsPAvpWo4H+MIH7MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUkHeSNWfE/6jMqeZ72YB5e8yT+TgwHwYDVR0jBBgwFoAUgEzW63T/STaj1dj8tT7FavCUHYwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzAChhhodHRwOi8vaS5wa2kuZ29vZy9yNC5jcnQwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2MucGtpLmdvb2cvci9yNC5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwCgYIKoZIzj0EAwMDaAAwZQIxAOcCq1HW90OVznX+0RGU1cxAQXomvtgM8zItPZCuFQ8jSBJSjz5keROv9aYsAm5VsQIwJonMaAFi54mrfhfoFNZEfuNMSQ6/bIBiNLiyoX46FohQvKeIoJ99cx7sUkFN7uJW"]; //Base64Certificates
 }
 
 + (NSDictionary *)configuration
 {
     return @{
-             @"ONGServerType" : @"Access",
-             @"ONGServerVersion" : @"0809c19",
+             @"ONGServerType" : @"access",
+             @"ONGServerVersion" : @"2c7ca57",
              @"ONGAppIdentifier" : @"FlutterExampleApp",
              @"ONGAppPlatform" : @"ios",
              @"ONGAppVersion" : @"1.1.0",

diff --git a/example/lib/screens/auth_screen.dart b/example/lib/screens/auth_screen.dart
@@ -21,6 +21,7 @@ class AuthScreen extends StatefulWidget {
 }
 
 class _AuthScreenState extends State<AuthScreen> {
+  final List<String> DEFAULT_SCOPES = ["read", "openid", "profile", "phone", "email"];
   bool isLoading = false;
   bool isStatelessChecked = false;
   List<StreamSubscription<OWEvent>>? registrationSubscriptions;
@@ -54,12 +55,12 @@ class _AuthScreenState extends State<AuthScreen> {
         registrationResponse =
             await Onegini.instance.userClient.registerStatelessUser(
           null,
-          ["read"],
+          DEFAULT_SCOPES,
         );
       } else {
         registrationResponse = await Onegini.instance.userClient.registerUser(
           null,
-          ["read"],
+          DEFAULT_SCOPES,
         );
       }
       Navigator.pushAndRemoveUntil(
@@ -82,15 +83,14 @@ class _AuthScreenState extends State<AuthScreen> {
     var registrationResponse;
     try {
       if (isStatelessChecked) {
-        registrationResponse =
-            await Onegini.instance.userClient.registerStatelessUser(
+        registrationResponse = await Onegini.instance.userClient.registerStatelessUser(
           identityProviderId,
-          ["read"],
+          DEFAULT_SCOPES,
         );
       } else {
         registrationResponse = await Onegini.instance.userClient.registerUser(
           identityProviderId,
-          ["read"],
+          DEFAULT_SCOPES,
         );
       }
       Navigator.pushAndRemoveUntil(

diff --git a/example/lib/screens/user_screen.dart b/example/lib/screens/user_screen.dart
@@ -1,7 +1,9 @@
 import 'dart:async';
+import 'dart:convert';
 
 import 'package:flutter/material.dart';
 import 'package:flutter/services.dart';
+import 'package:jwt_decoder/jwt_decoder.dart';
 import 'package:onegini/errors/error_codes.dart';
 import 'package:onegini/events/onewelcome_events.dart';
 import 'package:onegini/model/request_details.dart';
@@ -356,6 +358,21 @@ class Home extends StatelessWidget {
     showFlutterToast(accessToken);
   }
 
+  showIdToken(BuildContext context) async {
+    try {
+      var idToken = await Onegini.instance.userClient.getIdToken();
+      showFlutterToast(getFormattedUserInfo(idToken));
+    } on PlatformException catch (error) {
+      showFlutterToast(error.message);
+    }
+  }
+
+  getFormattedUserInfo(String idToken) {
+    Map<String, dynamic> decodedToken = JwtDecoder.decode(idToken);
+    JsonEncoder encoder = new JsonEncoder.withIndent('  ');
+    return(encoder.convert(decodedToken));
+  }
+
   performUnauthenticatedRequest() async {
     try {
       final response = await Onegini.instance.resourcesMethods
@@ -412,6 +429,12 @@ class Home extends StatelessWidget {
                 },
                 child: Text('Access Token'),
               ),
+              ElevatedButton(
+                onPressed: () {
+                  showIdToken(context);
+                },
+                child: Text('ID Token'),
+              ),
               ElevatedButton(
                 onPressed: () {
                   performUnauthenticatedRequest();

diff --git a/example/pubspec.yaml b/example/pubspec.yaml
@@ -27,6 +27,7 @@ dependencies:
   fluttertoast: ^8.0.9
   qr_code_scanner: ^1.0.1
   url_launcher: ^6.0.3
+  jwt_decoder: ^2.0.1
 
 dev_dependencies:
   flutter_test:

diff --git a/ios/Classes/NativeBridge/Errors/ErrorMapper.swift b/ios/Classes/NativeBridge/Errors/ErrorMapper.swift
@@ -21,6 +21,7 @@ enum OneWelcomeWrapperError {
     case actionNotAllowedCustomRegistrationCancel
     case actionNotAllowedBrowserRegistrationCancel
     case biometricAuthenticationNotAvailable
+    case idTokenNotAvailable
 
     func code() -> Int {
         switch self {
@@ -60,6 +61,8 @@ enum OneWelcomeWrapperError {
             return 8058
         case .biometricAuthenticationNotAvailable:
             return 8060
+        case .idTokenNotAvailable:
+            return 8061
         }
     }
 
@@ -101,6 +104,8 @@ enum OneWelcomeWrapperError {
             return "Canceling the Browser registration right now is not allowed. Registration is not in progress or pin creation has already started."
         case .biometricAuthenticationNotAvailable:
             return "Biometric authentication is not supported on this device."
+        case .idTokenNotAvailable:
+            return "Id token not available."
         }
     }
 }

diff --git a/ios/Classes/NativeBridge/ModuleExtensions/OneginiModuleSwift+Auth.swift b/ios/Classes/NativeBridge/ModuleExtensions/OneginiModuleSwift+Auth.swift
@@ -98,4 +98,11 @@ extension OneginiModuleSwift {
         }
         return .success(accessToken)
     }
+
+    func getIdToken() -> Result<String, FlutterError> {
+        guard let idToken = SharedUserClient.instance.idToken else {
+            return .failure(FlutterError(.idTokenNotAvailable))
+        }
+        return .success(idToken)
+    }
 }
diff --git a/ios/Classes/Pigeon.gen.swift b/ios/Classes/Pigeon.gen.swift
@@ -480,6 +480,7 @@ protocol UserClientApi {
   func pinAcceptRegistrationRequest(pin: String, completion: @escaping (Result<Void, Error>) -> Void)
   /// Browser Registration Callbacks
   func cancelBrowserRegistration(completion: @escaping (Result<Void, Error>) -> Void)
+  func getIdToken(completion: @escaping (Result<String, Error>) -> Void)
 }
 
 /// Generated setup class from Pigeon to handle messages through the `binaryMessenger`.
@@ -1145,6 +1146,21 @@ class UserClientApiSetup {
     } else {
       cancelBrowserRegistrationChannel.setMessageHandler(nil)
     }
+    let getIdTokenChannel = FlutterBasicMessageChannel(name: "dev.flutter.pigeon.UserClientApi.getIdToken", binaryMessenger: binaryMessenger, codec: codec)
+    if let api = api {
+      getIdTokenChannel.setMessageHandler { _, reply in
+        api.getIdToken() { result in
+          switch result {
+            case .success(let res):
+              reply(wrapResult(res))
+            case .failure(let error):
+              reply(wrapError(error))
+          }
+        }
+      }
+    } else {
+      getIdTokenChannel.setMessageHandler(nil)
+    }
   }
 }
 private class ResourceMethodApiCodecReader: FlutterStandardReader {

diff --git a/ios/Classes/SwiftOneginiPlugin.swift b/ios/Classes/SwiftOneginiPlugin.swift
@@ -278,6 +278,10 @@ public class SwiftOneginiPlugin: NSObject, FlutterPlugin, UserClientApi, Resourc
         completion(OneginiModuleSwift.sharedInstance.getAccessToken().mapError { $0 })
     }
 
+    func getIdToken(completion: @escaping (Result<String, Error>) -> Void) {
+        completion(OneginiModuleSwift.sharedInstance.getIdToken().mapError { $0 })
+    }
+
     func getRedirectUrl(completion: @escaping (Result<String, Error>) -> Void) {
         completion(OneginiModuleSwift.sharedInstance.getRedirectUrl().mapError { $0 })
     }

diff --git a/lib/errors/error_codes.dart b/lib/errors/error_codes.dart
@@ -38,6 +38,7 @@ class WrapperErrorCodes {
   static const String configError = "8059";
 
   static const String biometricAuthenticationNotAvailable = "8060";
+  static const String idTokenNotAvailable = "8061";
 }
 
 const String networkConnectivityProblem = "9000";

diff --git a/lib/onegini.gen.dart b/lib/onegini.gen.dart
@@ -1413,6 +1413,32 @@ class UserClientApi {
       return;
     }
   }
+
+  Future<String> getIdToken() async {
+    final BasicMessageChannel<Object?> channel = BasicMessageChannel<Object?>(
+        'dev.flutter.pigeon.UserClientApi.getIdToken', codec,
+        binaryMessenger: _binaryMessenger);
+    final List<Object?>? replyList = await channel.send(null) as List<Object?>?;
+    if (replyList == null) {
+      throw PlatformException(
+        code: 'channel-error',
+        message: 'Unable to establish connection on channel.',
+      );
+    } else if (replyList.length > 1) {
+      throw PlatformException(
+        code: replyList[0]! as String,
+        message: replyList[1] as String?,
+        details: replyList[2],
+      );
+    } else if (replyList[0] == null) {
+      throw PlatformException(
+        code: 'null-error',
+        message: 'Host platform returned null value for non-null return value.',
+      );
+    } else {
+      return (replyList[0] as String?)!;
+    }
+  }
 }
 
 class _ResourceMethodApiCodec extends StandardMessageCodec {

diff --git a/lib/user_client.dart b/lib/user_client.dart
@@ -142,6 +142,11 @@ class UserClient {
       String profileId, List<String>? scopes) async {
     await api.authenticateUserImplicitly(profileId, scopes);
   }
+
+  // Get ID Token
+  Future<String> getIdToken() async {
+    return await api.getIdToken();
+  }
 }
 
 // TODO We could also get rid of this but leave this for now.