From e180ead348373382d73e2f3d06a19c2709073e84 Mon Sep 17 00:00:00 2001
From: ThomazFB <thomazfcortez@gmail.com>
Date: Sun, 28 Jan 2024 20:04:25 -0300
Subject: [PATCH 01/10] Add raw challenge JSON data

---
 .../java/org/wordpress/android/fluxc/store/AccountStore.java   | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
index 58cfe4e616..b2bfda27cb 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
@@ -7,6 +7,7 @@
 
 import com.android.volley.Response;
 import com.android.volley.VolleyError;
+import com.google.gson.Gson;
 import com.yarolegovich.wellsql.WellSql;
 
 import org.greenrobot.eventbus.Subscribe;
@@ -359,6 +360,7 @@ public StartWebauthnChallengePayload(String mUserId, String mWebauthnNonce) {
     public static class WebauthnChallengeReceived extends OnChanged<AuthenticationError> {
         public WebauthnChallengeInfo mChallengeInfo;
         public String mUserId;
+        public String mRawChallengeInfoJson;
     }
 
     public static class FinishWebauthnChallengePayload {
@@ -1414,6 +1416,7 @@ private void requestWebauthnChallenge(final StartWebauthnChallengePayload payloa
         mAuthenticator.makeRequest(payload.mUserId, payload.mWebauthnNonce,
                 (Response.Listener<WebauthnChallengeInfo>) info -> {
                     WebauthnChallengeReceived event = new WebauthnChallengeReceived();
+                    event.mRawChallengeInfoJson = new Gson().toJson(info);
                     event.mChallengeInfo = info;
                     event.mUserId = payload.mUserId;
                     emitChange(event);

From c979e6758823cb4997c96db7f03c8047a03f713e Mon Sep 17 00:00:00 2001
From: ThomazFB <thomazfcortez@gmail.com>
Date: Mon, 5 Feb 2024 20:35:11 -0300
Subject: [PATCH 02/10] Adjust WebauthnChallengeRequest to only return the JSON
 string

---
 .../rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt     | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt
index e84f4bbbd9..7e769d9244 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt
@@ -16,9 +16,9 @@ class WebauthnChallengeRequest(
     twoStepNonce: String,
     clientId: String,
     clientSecret: String,
-    listener: Response.Listener<WebauthnChallengeInfo>,
+    listener: Response.Listener<String>,
     errorListener: ErrorListener
-): BaseWebauthnRequest<WebauthnChallengeInfo>(webauthnChallengeEndpointUrl, errorListener, listener) {
+): BaseWebauthnRequest<String>(webauthnChallengeEndpointUrl, errorListener, listener) {
     override val parameters: Map<String, String> = mapOf(
         CLIENT_ID.value to clientId,
         CLIENT_SECRET.value to clientSecret,
@@ -27,8 +27,7 @@ class WebauthnChallengeRequest(
         TWO_STEP_NONCE.value to twoStepNonce
     )
 
-    override fun serializeResponse(response: String): WebauthnChallengeInfo =
-        gson.fromJson(response, WebauthnChallengeInfo::class.java)
+    override fun serializeResponse(response: String) = response
 }
 
 @SuppressWarnings("LongParameterList")

From a18f5b7aea84e982f796d3798af90b6f7c7b7899 Mon Sep 17 00:00:00 2001
From: ThomazFB <thomazfcortez@gmail.com>
Date: Mon, 5 Feb 2024 20:35:32 -0300
Subject: [PATCH 03/10] Adjust WebauthnChallengeReceived payload to only
 contain the raw JSON value

---
 .../fluxc/network/rest/wpcom/auth/Authenticator.java   |  2 +-
 .../wordpress/android/fluxc/store/AccountStore.java    | 10 +++-------
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java
index 59b4cb6a4a..e6256896eb 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java
@@ -129,7 +129,7 @@ public OauthRequest makeRequest(String username, String password, String twoStep
     }
 
     public void makeRequest(String userId, String webauthnNonce,
-                            Response.Listener<WebauthnChallengeInfo> listener,
+                            Response.Listener<String> listener,
                             ErrorListener errorListener) {
         WebauthnChallengeRequest request = new WebauthnChallengeRequest(
                 userId,
diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
index b2bfda27cb..6d471c33cd 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
@@ -358,9 +358,7 @@ public StartWebauthnChallengePayload(String mUserId, String mWebauthnNonce) {
     }
 
     public static class WebauthnChallengeReceived extends OnChanged<AuthenticationError> {
-        public WebauthnChallengeInfo mChallengeInfo;
-        public String mUserId;
-        public String mRawChallengeInfoJson;
+        public String response;
     }
 
     public static class FinishWebauthnChallengePayload {
@@ -1414,11 +1412,9 @@ private void handleSentAuthEmail(final AuthEmailResponsePayload payload) {
 
     private void requestWebauthnChallenge(final StartWebauthnChallengePayload payload) {
         mAuthenticator.makeRequest(payload.mUserId, payload.mWebauthnNonce,
-                (Response.Listener<WebauthnChallengeInfo>) info -> {
+                (Response.Listener<String>) response -> {
                     WebauthnChallengeReceived event = new WebauthnChallengeReceived();
-                    event.mRawChallengeInfoJson = new Gson().toJson(info);
-                    event.mChallengeInfo = info;
-                    event.mUserId = payload.mUserId;
+                    event.response = response;
                     emitChange(event);
                 },
                 error -> {

From 38cdf7b08584ab189969cd982972f72bb67aa345 Mon Sep 17 00:00:00 2001
From: ThomazFB <thomazfcortez@gmail.com>
Date: Mon, 5 Feb 2024 20:36:26 -0300
Subject: [PATCH 04/10] Remove unused WebauthnModels

---
 .../rest/wpcom/auth/webauthn/WebauthnModels.kt    | 15 ---------------
 1 file changed, 15 deletions(-)

diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/WebauthnModels.kt b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/WebauthnModels.kt
index b0d4876d84..1f31fb1402 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/WebauthnModels.kt
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/WebauthnModels.kt
@@ -2,21 +2,6 @@ package org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn
 
 import com.google.gson.annotations.SerializedName
 
-class WebauthnChallengeInfo(
-    val challenge: String,
-    val rpId: String,
-    val allowCredentials: List<WebauthnCredentialResponse>,
-    val timeout: Int,
-    @SerializedName("two_step_nonce")
-    val twoStepNonce: String
-)
-
-class WebauthnCredentialResponse(
-    val type: String,
-    val id: String,
-    val transports: List<String>
-)
-
 class WebauthnToken(
     @SerializedName("bearer_token")
     val bearerToken: String

From cefe42a87d2796f43086938f3c4c3e981a97ca7e Mon Sep 17 00:00:00 2001
From: ThomazFB <thomazfcortez@gmail.com>
Date: Mon, 5 Feb 2024 20:37:36 -0300
Subject: [PATCH 05/10] Fix build issues

---
 .../android/fluxc/network/rest/wpcom/auth/Authenticator.java     | 1 -
 .../java/org/wordpress/android/fluxc/store/AccountStore.java     | 1 -
 2 files changed, 2 deletions(-)

diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java
index e6256896eb..39e46b56eb 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java
@@ -24,7 +24,6 @@
 import org.wordpress.android.fluxc.network.rest.wpcom.WPComGsonRequest;
 import org.wordpress.android.fluxc.network.rest.wpcom.WPComGsonRequest.WPComErrorListener;
 import org.wordpress.android.fluxc.network.rest.wpcom.WPComGsonRequest.WPComGsonNetworkError;
-import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.WebauthnChallengeInfo;
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.WebauthnChallengeRequest;
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.WebauthnToken;
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.WebauthnTokenRequest;
diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
index 6d471c33cd..c9fc8a23dc 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
@@ -43,7 +43,6 @@
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.Authenticator.OauthResponse;
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.Authenticator.Token;
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.Authenticator.TwoFactorResponse;
-import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.WebauthnChallengeInfo;
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.WebauthnToken;
 import org.wordpress.android.fluxc.network.xmlrpc.XMLRPCRequest.XmlRpcErrorType;
 import org.wordpress.android.fluxc.persistence.AccountSqlUtils;

From a89ebbafc1f73ce066b2798e2d2282ee241bb1a9 Mon Sep 17 00:00:00 2001
From: ThomazFB <thomazfcortez@gmail.com>
Date: Mon, 5 Feb 2024 20:39:57 -0300
Subject: [PATCH 06/10] Refactor WebauthnToken class declaration

---
 .../rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt    | 6 ++++++
 .../network/rest/wpcom/auth/webauthn/WebauthnModels.kt    | 8 --------
 2 files changed, 6 insertions(+), 8 deletions(-)
 delete mode 100644 fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/WebauthnModels.kt

diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt
index 7e769d9244..ff31c7a4f4 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt
@@ -2,6 +2,7 @@ package org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn
 
 import com.android.volley.Response
 import com.android.volley.Response.ErrorListener
+import com.google.gson.annotations.SerializedName
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.BaseWebauthnRequest.WebauthnRequestParameters.AUTH_TYPE
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.BaseWebauthnRequest.WebauthnRequestParameters.CLIENT_DATA
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.BaseWebauthnRequest.WebauthnRequestParameters.CLIENT_ID
@@ -54,3 +55,8 @@ class WebauthnTokenRequest(
     override fun serializeResponse(response: String): WebauthnToken =
         gson.fromJson(response, WebauthnToken::class.java)
 }
+
+class WebauthnToken(
+    @SerializedName("bearer_token")
+    val bearerToken: String
+)
diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/WebauthnModels.kt b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/WebauthnModels.kt
deleted file mode 100644
index 1f31fb1402..0000000000
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/WebauthnModels.kt
+++ /dev/null
@@ -1,8 +0,0 @@
-package org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn
-
-import com.google.gson.annotations.SerializedName
-
-class WebauthnToken(
-    @SerializedName("bearer_token")
-    val bearerToken: String
-)

From c90fcf6d3afebf46a12604d5d91bf3bdd581d14c Mon Sep 17 00:00:00 2001
From: ThomazFB <thomazfcortez@gmail.com>
Date: Mon, 5 Feb 2024 20:51:52 -0300
Subject: [PATCH 07/10] Fix checkstyle issues

---
 .../java/org/wordpress/android/fluxc/store/AccountStore.java     | 1 -
 1 file changed, 1 deletion(-)

diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
index c9fc8a23dc..d40fd7e0ab 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
@@ -7,7 +7,6 @@
 
 import com.android.volley.Response;
 import com.android.volley.VolleyError;
-import com.google.gson.Gson;
 import com.yarolegovich.wellsql.WellSql;
 
 import org.greenrobot.eventbus.Subscribe;

From dc509ff8ae180a2def114fafc3bdeeea1a715791 Mon Sep 17 00:00:00 2001
From: ThomazFB <thomazfcortez@gmail.com>
Date: Tue, 6 Feb 2024 17:12:47 -0300
Subject: [PATCH 08/10] Restore user ID info to WebauthnChallengeReceived

---
 .../java/org/wordpress/android/fluxc/store/AccountStore.java    | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
index d40fd7e0ab..64836b5816 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
@@ -357,6 +357,7 @@ public StartWebauthnChallengePayload(String mUserId, String mWebauthnNonce) {
 
     public static class WebauthnChallengeReceived extends OnChanged<AuthenticationError> {
         public String response;
+        public String mUserId;
     }
 
     public static class FinishWebauthnChallengePayload {
@@ -1412,6 +1413,7 @@ private void requestWebauthnChallenge(final StartWebauthnChallengePayload payloa
         mAuthenticator.makeRequest(payload.mUserId, payload.mWebauthnNonce,
                 (Response.Listener<String>) response -> {
                     WebauthnChallengeReceived event = new WebauthnChallengeReceived();
+                    event.mUserId = payload.mUserId;
                     event.response = response;
                     emitChange(event);
                 },

From 74496eaa72afaa369722972f7518821f500a81cf Mon Sep 17 00:00:00 2001
From: ThomazFB <thomazfcortez@gmail.com>
Date: Tue, 6 Feb 2024 17:21:33 -0300
Subject: [PATCH 09/10] Adjust WebauthnChallengeRequest to return a JSONObject

---
 .../fluxc/network/rest/wpcom/auth/Authenticator.java       | 2 +-
 .../rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt     | 7 ++++---
 .../org/wordpress/android/fluxc/store/AccountStore.java    | 7 ++++---
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java
index 39e46b56eb..26103b1c23 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/Authenticator.java
@@ -128,7 +128,7 @@ public OauthRequest makeRequest(String username, String password, String twoStep
     }
 
     public void makeRequest(String userId, String webauthnNonce,
-                            Response.Listener<String> listener,
+                            Response.Listener<JSONObject> listener,
                             ErrorListener errorListener) {
         WebauthnChallengeRequest request = new WebauthnChallengeRequest(
                 userId,
diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt
index ff31c7a4f4..c9e6f0a43e 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/network/rest/wpcom/auth/webauthn/VolleyWebauthnRequests.kt
@@ -3,6 +3,7 @@ package org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn
 import com.android.volley.Response
 import com.android.volley.Response.ErrorListener
 import com.google.gson.annotations.SerializedName
+import org.json.JSONObject
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.BaseWebauthnRequest.WebauthnRequestParameters.AUTH_TYPE
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.BaseWebauthnRequest.WebauthnRequestParameters.CLIENT_DATA
 import org.wordpress.android.fluxc.network.rest.wpcom.auth.webauthn.BaseWebauthnRequest.WebauthnRequestParameters.CLIENT_ID
@@ -17,9 +18,9 @@ class WebauthnChallengeRequest(
     twoStepNonce: String,
     clientId: String,
     clientSecret: String,
-    listener: Response.Listener<String>,
+    listener: Response.Listener<JSONObject>,
     errorListener: ErrorListener
-): BaseWebauthnRequest<String>(webauthnChallengeEndpointUrl, errorListener, listener) {
+): BaseWebauthnRequest<JSONObject>(webauthnChallengeEndpointUrl, errorListener, listener) {
     override val parameters: Map<String, String> = mapOf(
         CLIENT_ID.value to clientId,
         CLIENT_SECRET.value to clientSecret,
@@ -28,7 +29,7 @@ class WebauthnChallengeRequest(
         TWO_STEP_NONCE.value to twoStepNonce
     )
 
-    override fun serializeResponse(response: String) = response
+    override fun serializeResponse(response: String) = JSONObject(response)
 }
 
 @SuppressWarnings("LongParameterList")
diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
index 64836b5816..bc50f2bc4e 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
@@ -11,6 +11,7 @@
 
 import org.greenrobot.eventbus.Subscribe;
 import org.greenrobot.eventbus.ThreadMode;
+import org.json.JSONObject;
 import org.wordpress.android.fluxc.Dispatcher;
 import org.wordpress.android.fluxc.Payload;
 import org.wordpress.android.fluxc.action.AccountAction;
@@ -356,7 +357,7 @@ public StartWebauthnChallengePayload(String mUserId, String mWebauthnNonce) {
     }
 
     public static class WebauthnChallengeReceived extends OnChanged<AuthenticationError> {
-        public String response;
+        public JSONObject mJsonResponse;
         public String mUserId;
     }
 
@@ -1411,10 +1412,10 @@ private void handleSentAuthEmail(final AuthEmailResponsePayload payload) {
 
     private void requestWebauthnChallenge(final StartWebauthnChallengePayload payload) {
         mAuthenticator.makeRequest(payload.mUserId, payload.mWebauthnNonce,
-                (Response.Listener<String>) response -> {
+                (Response.Listener<JSONObject>) response -> {
                     WebauthnChallengeReceived event = new WebauthnChallengeReceived();
                     event.mUserId = payload.mUserId;
-                    event.response = response;
+                    event.mJsonResponse = response;
                     emitChange(event);
                 },
                 error -> {

From f6fb4448d6d2d46fb24c9a7f44944413cac241d6 Mon Sep 17 00:00:00 2001
From: ThomazFB <thomazfcortez@gmail.com>
Date: Tue, 6 Feb 2024 17:25:12 -0300
Subject: [PATCH 10/10] Add webauthn nonce property field back to
 WebauthnChallengeReceived

---
 .../org/wordpress/android/fluxc/store/AccountStore.java     | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
index bc50f2bc4e..7e8e63c328 100644
--- a/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
+++ b/fluxc/src/main/java/org/wordpress/android/fluxc/store/AccountStore.java
@@ -357,8 +357,14 @@ public StartWebauthnChallengePayload(String mUserId, String mWebauthnNonce) {
     }
 
     public static class WebauthnChallengeReceived extends OnChanged<AuthenticationError> {
+        private static final String TWO_STEP_NONCE_KEY = "two_step_nonce";
+
         public JSONObject mJsonResponse;
         public String mUserId;
+
+        public String getWebauthnNonce() {
+            return mJsonResponse.optString(TWO_STEP_NONCE_KEY);
+        }
     }
 
     public static class FinishWebauthnChallengePayload {