GoogleOAuthService: Decode JWTs as UTF-8

Change-Id: I7430de510f3883715ec0654fca615e52d5cbdb40
diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/GoogleOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/GoogleOAuthService.java
index b63ba33..997db0d 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/oauth/GoogleOAuthService.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/GoogleOAuthService.java
@@ -154,13 +154,21 @@
     throw new IOException(String.format("Invalid JSON '%s': not a JSON Object", userJson));
   }
 
-  private JsonObject retrieveJWTToken(OAuthToken token) {
+  private JsonObject retrieveJWTToken(OAuthToken token) throws IOException {
     JsonElement idToken = JSON.newGson().fromJson(token.getRaw(), JsonElement.class);
     if (idToken != null && idToken.isJsonObject()) {
       JsonObject idTokenObj = idToken.getAsJsonObject();
       JsonElement idTokenElement = idTokenObj.get("id_token");
       if (idTokenElement != null && !idTokenElement.isJsonNull()) {
-        String payload = decodePayload(idTokenElement.getAsString());
+        String payload;
+        try {
+          payload = decodePayload(idTokenElement.getAsString());
+        } catch (UnsupportedEncodingException e) {
+          throw new IOException(
+              String.format(
+                  "%s support is required to interact with JWTs", StandardCharsets.UTF_8.name()),
+              e);
+        }
         if (!Strings.isNullOrEmpty(payload)) {
           JsonElement tokenJsonElement = JSON.newGson().fromJson(payload, JsonElement.class);
           if (tokenJsonElement.isJsonObject()) {
@@ -189,13 +197,13 @@
    * @param idToken Base64 encoded tripple, separated with dot
    * @return openid_id part of payload, when contained, null otherwise
    */
-  private static String decodePayload(String idToken) {
+  private static String decodePayload(String idToken) throws UnsupportedEncodingException {
     Preconditions.checkNotNull(idToken);
     String[] jwtParts = idToken.split("\\.");
     Preconditions.checkState(jwtParts.length == 3);
     String payloadStr = jwtParts[1];
     Preconditions.checkNotNull(payloadStr);
-    return new String(Base64.decodeBase64(payloadStr));
+    return new String(Base64.decodeBase64(payloadStr), StandardCharsets.UTF_8.name());
   }
 
   @Override