Jan Zickermann
--- a/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/extension/JwtParser.java

+ 17

− 7
+++ b/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/extension/JwtParser.java

+ 17

− 7
 @@ -11,17 +11,27 @@ public class JwtParser {

 	@SneakyThrows
 	public static ReadContext parseBody(String authorizationHeaderValue) {
-		var jwt = authorizationHeaderValue.substring("Bearer ".length());
-		// Step 2: Split the JWT
-		String[] jwtParts = jwt.split("\\.");
+		var jwtParts = splitIntoSignatureAndHeaderAndBody(
+				discardBearerPrefix(authorizationHeaderValue)
+		);
+		var bodyPart = jwtParts[1];
+		return parseJsonPartFromUrlEncodedBase64(bodyPart);
+	}
+
+	private static ReadContext parseJsonPartFromUrlEncodedBase64(String base64EncodedPayload) {
+		return JsonPath.parse(new String(base64UrlDecode(base64EncodedPayload)));
+	}

+	private static String discardBearerPrefix(String authorizationHeaderValue) {
+		return authorizationHeaderValue.substring("Bearer ".length());
+	}
+
+	private static String[] splitIntoSignatureAndHeaderAndBody(String jwt) {
+		var jwtParts =  jwt.split("\\.");
 		if (jwtParts.length != 3) {
 			throw new IllegalArgumentException("Invalid JWT token");
 		}
-
-		// Step 3: Base64Url decode the Payload part
-		var payloadJson = base64UrlDecode(jwtParts[1]);
-		return JsonPath.parse(new String(payloadJson));
+		return jwtParts;
 	}

 	private static byte[] base64UrlDecode(String input) {