diff --git a/nonfree/controller/PubSubWriter.cpp b/nonfree/controller/PubSubWriter.cpp
index ae7dcf001..d5193ab28 100644
--- a/nonfree/controller/PubSubWriter.cpp
+++ b/nonfree/controller/PubSubWriter.cpp
@@ -151,53 +151,69 @@ pbmessages::NetworkChange_Network* networkFromJson(const nlohmann::json& j)
 
 	pbmessages::NetworkChange_Network* n = new pbmessages::NetworkChange_Network();
 	try {
-		n->set_network_id(j.value("id", ""));
-		n->set_name(j.value("name", ""));
+		n->set_network_id(OSUtils::jsonString(j["id"], ""));
+		n->set_name(OSUtils::jsonString(j["name"], ""));
 		n->set_capabilities(OSUtils::jsonDump(j.value("capabilities", "[]"), -1));
-		n->set_creation_time(j.value("creationTime", 0));
-		n->set_enable_broadcast(j.value("enableBroadcast", false));
+		n->set_creation_time(OSUtils::jsonInt(j["creationTime"], 0));
+		n->set_enable_broadcast(OSUtils::jsonBool(j["enableBroadcast"], false));
 
 		for (const auto& p : j["ipAssignmentPools"]) {
 			if (p.is_object()) {
 				auto pool = n->add_assignment_pools();
-				pool->set_start_ip(p.value("ipRangeStart", ""));
-				pool->set_end_ip(p.value("ipRangeEnd", ""));
+				pool->set_start_ip(OSUtils::jsonString(p["ipRangeStart"], ""));
+				pool->set_end_ip(OSUtils::jsonString(p["ipRangeEnd"], ""));
 			}
 		}
 
-		n->set_mtu(j.value("mtu", 2800));
-		n->set_multicast_limit(j.value("multicastLimit", 32));
-		n->set_is_private(j.value("private", true));
-		n->set_remote_trace_level(j.value("remoteTraceLevel", 0));
-		n->set_remote_trace_target(j.value("remoteTraceTarget", ""));
-		n->set_revision(j.value("revision", 0));
+		n->set_mtu(OSUtils::jsonInt(j["mtu"], 2800));
+		n->set_multicast_limit(OSUtils::jsonInt(j["multicastLimit"], 32));
+		n->set_is_private(OSUtils::jsonBool(j["private"], true));
+		n->set_remote_trace_level(OSUtils::jsonInt(j["remoteTraceLevel"], 0));
+		n->set_remote_trace_target(OSUtils::jsonString(j["remoteTraceTarget"], ""));
+		n->set_revision(OSUtils::jsonInt(j["revision"], 0));
 
 		for (const auto& p : j["routes"]) {
 			if (p.is_object()) {
 				auto r = n->add_routes();
-				r->set_target(p.value("target", ""));
-				r->set_via(p.value("via", ""));
+				r->set_target(OSUtils::jsonString(p["target"], ""));
+				r->set_via(OSUtils::jsonString(p["via"], ""));
 			}
 		}
+		std::string rules;
+		if (j["rules"].is_array()) {
+			rules = OSUtils::jsonDump(j["rules"], -1);
+		}
+		else {
+			rules = "[]";
+		}
+		n->set_rules(rules);
 
-		n->set_rules("");
-		n->set_tags(OSUtils::jsonDump(j.value("tags", "[]"), -1));
+		std::string tags;
+		if (j["tags"].is_array()) {
+			tags = OSUtils::jsonDump(j["tags"], -1);
+		}
+		else {
+			tags = "[]";
+		}
+		n->set_tags(tags);
 
 		pbmessages::NetworkChange_IPV4AssignMode* v4am = new pbmessages::NetworkChange_IPV4AssignMode();
 		if (j["v4AssignMode"].is_object()) {
-			v4am->set_zt(j["v4AssignMode"].value("zt", false));
+			nlohmann::json am = j["v4AssignMode"];
+			v4am->set_zt(OSUtils::jsonBool(am["zt"], false));
 		}
 		n->set_allocated_ipv4_assign_mode(v4am);
 
 		pbmessages::NetworkChange_IPV6AssignMode* v6am = new pbmessages::NetworkChange_IPV6AssignMode();
 		if (j["v6AssignMode"].is_object()) {
-			v6am->set_zt(j["v6AssignMode"].value("zt", false));
-			v6am->set_six_plane(j["v6AssignMode"].value("6plane", false));
-			v6am->set_rfc4193(j["v6AssignMode"].value("rfc4193", false));
+			nlohmann::json am = j["v6AssignMode"];
+			v6am->set_zt(OSUtils::jsonBool(am["zt"], false));
+			v6am->set_six_plane(OSUtils::jsonBool(am["6plane"], false));
+			v6am->set_rfc4193(OSUtils::jsonBool(am["rfc4193"], false));
 		}
 		n->set_allocated_ipv6_assign_mode(v6am);
 
-		nlohmann::json jdns = j.value("dns", nullptr);
+		nlohmann::json jdns = j["dns"];
 		if (jdns.is_object()) {
 			pbmessages::NetworkChange_DNS* dns = new pbmessages::NetworkChange_DNS();
 			dns->set_domain(jdns.value("domain", ""));
@@ -210,16 +226,17 @@ pbmessages::NetworkChange_Network* networkFromJson(const nlohmann::json& j)
 			n->set_allocated_dns(dns);
 		}
 
-		n->set_sso_enabled(j.value("ssoEnabled", false));
-		if (j.value("ssoEnabled", false)) {
-			n->set_sso_provider(j.value("provider", ""));
-			n->set_sso_client_id(j.value("clientId", ""));
-			n->set_sso_authorization_endpoint(j.value("authorizationEndpoint", ""));
-			n->set_sso_issuer(j.value("issuer", ""));
-			n->set_sso_provider(j.value("provider", ""));
+		n->set_sso_enabled(OSUtils::jsonBool(j["ssoEnabled"], false));
+		nlohmann::json ssocfg = j["ssoConfig"];
+		if (ssocfg.is_object()) {
+			n->set_sso_provider(OSUtils::jsonString(ssocfg["provider"], ""));
+			n->set_sso_client_id(OSUtils::jsonString(ssocfg["clientId"], ""));
+			n->set_sso_authorization_endpoint(OSUtils::jsonString(ssocfg["authorizationEndpoint"], ""));
+			n->set_sso_issuer(OSUtils::jsonString(ssocfg["issuer"], ""));
+			n->set_sso_provider(OSUtils::jsonString(ssocfg["provider"], ""));
 		}
 
-		n->set_rules_source(j.value("rulesSource", ""));
+		n->set_rules_source(OSUtils::jsonString(j["rulesSource"], ""));
 	}
 	catch (const std::exception& e) {
 		fprintf(stderr, "Exception parsing network JSON: %s\n", e.what());
@@ -258,12 +275,11 @@ pbmessages::MemberChange_Member* memberFromJson(const nlohmann::json& j)
 
 	pbmessages::MemberChange_Member* m = new pbmessages::MemberChange_Member();
 	try {
-		m->set_network_id(j.value("networkId", ""));
-		m->set_device_id(j.value("id", ""));
-		m->set_identity(j.value("identity", ""));
-		m->set_authorized(j.value("authorized", false));
+		m->set_network_id(OSUtils::jsonString(j["nwid"], ""));
+		m->set_device_id(OSUtils::jsonString(j["id"], ""));
+		m->set_identity(OSUtils::jsonString(j["identity"], ""));
+		m->set_authorized(OSUtils::jsonBool(j["authorized"], false));
 		if (j["ipAssignments"].is_array()) {
-			fprintf(stderr, "memberFromJSON: has ipAssignments\n");
 			for (const auto& addr : j["ipAssignments"]) {
 				if (addr.is_string()) {
 					auto a = m->add_ip_assignments();
@@ -272,70 +288,42 @@ pbmessages::MemberChange_Member* memberFromJson(const nlohmann::json& j)
 				}
 			}
 		}
-		else {
-			fprintf(stderr, "memberFromJSON: no ipAssignments\n");
-		}
-		fprintf(stderr, "ipAssignments set\n");
-		m->set_active_bridge(j.value("activeBridge", false));
-		fprintf(stderr, "activeBridge set\n");
+		m->set_active_bridge(OSUtils::jsonBool(j["activeBridge"], false));
 		if (j["tags"].is_array()) {
-			fprintf(stderr, "memberFromJSON: has tags\n");
 			nlohmann::json tags = j["tags"];
 			std::string tagsStr = OSUtils::jsonDump(tags, -1);
 			m->set_tags(tagsStr);
-			fprintf(stderr, "tags set\n");
 		}
 		else {
-			fprintf(stderr, "memberFromJSON: no tags\n");
 			nlohmann::json tags = nlohmann::json::array();
 			std::string tagsStr = OSUtils::jsonDump(tags, -1);
 			m->set_tags(tagsStr);
-			fprintf(stderr, "tags set\n");
 		}
 		if (j["capabilities"].is_array()) {
-			fprintf(stderr, "memberFromJSON: has capabilities\n");
 			nlohmann::json caps = j["capabilities"];
 			std::string capsStr = OSUtils::jsonDump(caps, -1);
 			m->set_capabilities(capsStr);
-			fprintf(stderr, "capabilities set\n");
 		}
 		else {
-			fprintf(stderr, "memberFromJSON: no capabilities\n");
 			nlohmann::json caps = nlohmann::json::array();
 			std::string capsStr = OSUtils::jsonDump(caps, -1);
 			m->set_capabilities(capsStr);
-			fprintf(stderr, "capabilities set\n");
 		}
-		m->set_creation_time(j.value("creationTime", 0));
-		fprintf(stderr, "creationTime set\n");
-		m->set_no_auto_assign_ips(j.value("noAutoAssignIps", false));
-		fprintf(stderr, "noAutoAssignIps set\n");
-		m->set_revision(j.value("revision", 0));
-		fprintf(stderr, "revision set\n");
-		m->set_last_authorized_time(j.value("lastAuthorizedTime", 0));
-		fprintf(stderr, "lastAuthorizedTime set\n");
-		m->set_last_deauthorized_time(j.value("lastDeauthorizedTime", 0));
-		fprintf(stderr, "lastDeauthorizedTime set\n");
+		m->set_creation_time(OSUtils::jsonInt(j["creationTime"], 0));
+		m->set_no_auto_assign_ips(OSUtils::jsonBool(j["noAutoAssignIps"], false));
+		m->set_revision(OSUtils::jsonInt(j["revision"], 0));
+		m->set_last_authorized_time(OSUtils::jsonInt(j["lastAuthorizedTime"], 0));
+		m->set_last_deauthorized_time(OSUtils::jsonInt(j["lastDeauthorizedTime"], 0));
 		m->set_last_authorized_credential_type(OSUtils::jsonString(j["lastAuthorizedCredentialType"], ""));
-		fprintf(stderr, "lastAuthorizedCredentialType set\n");
 		m->set_last_authorized_credential(OSUtils::jsonString(j["lastAuthorizedCredential"], ""));
-		fprintf(stderr, "lastAuthorizedCredential set\n");
-		m->set_version_major(j.value("versionMajor", 0));
-		fprintf(stderr, "versionMajor set\n");
-		m->set_version_minor(j.value("versionMinor", 0));
-		fprintf(stderr, "versionMinor set\n");
-		m->set_version_rev(j.value("versionRev", 0));
-		fprintf(stderr, "versionRev set\n");
-		m->set_version_protocol(j.value("versionProtocol", 0));
-		fprintf(stderr, "versionProtocol set\n");
-		m->set_remote_trace_level(j.value("remoteTraceLevel", 0));
-		fprintf(stderr, "remoteTraceLevel set\n");
+		m->set_version_major(OSUtils::jsonInt(j["versionMajor"], 0));
+		m->set_version_minor(OSUtils::jsonInt(j["versionMinor"], 0));
+		m->set_version_rev(OSUtils::jsonInt(j["versionRev"], 0));
+		m->set_version_protocol(OSUtils::jsonInt(j["versionProtocol"], 0));
+		m->set_remote_trace_level(OSUtils::jsonInt(j["remoteTraceLevel"], 0));
 		m->set_remote_trace_target(OSUtils::jsonString(j["remoteTraceTarget"], ""));
-		fprintf(stderr, "remoteTraceTarget set\n");
-		m->set_sso_exempt(j.value("ssoExempt", false));
-		fprintf(stderr, "ssoExempt set\n");
-		m->set_auth_expiry_time(j.value("authExpiryTime", 0));
-		fprintf(stderr, "authExpiryTime set\n");
+		m->set_sso_exempt(OSUtils::jsonBool(j["ssoExempt"], false));
+		m->set_auth_expiry_time(OSUtils::jsonInt(j["authExpiryTime"], 0));
 	}
 	catch (const std::exception& e) {
 		fprintf(stderr, "Exception parsing member JSON: %s\n", e.what());