Merge branch 'master' into master

.gitignore

@@ -1,5 +1,4 @@
 /build
 /vendor
 composer.phar
-composer.lock
-.DS_Store
+composer.lock

.travis.yml

@@ -6,7 +6,6 @@ php:
   - 5.6
   - 7.0
   - 7.1
-  - hhvm
 
 matrix:
   include:

README.md

@@ -166,6 +166,7 @@ Please see [CONTRIBUTING](https://github.com/stevenmaguire/oauth2-keycloak/blob/
 ## Credits
 
 - [Steven Maguire](https://github.com/stevenmaguire)
+- [Martin Stefan](https://github.com/mstefan21)
 - [All Contributors](https://github.com/stevenmaguire/oauth2-keycloak/contributors)
 
 

src/Provider/Keycloak.php

@@ -10,6 +10,7 @@
 use League\OAuth2\Client\Tool\BearerAuthorizationTrait;
 use Psr\Http\Message\ResponseInterface;
 use Stevenmaguire\OAuth2\Client\Provider\Exception\EncryptionConfigurationException;
+use UnexpectedValueException;
 
 class Keycloak extends AbstractProvider
 {
@@ -174,9 +175,21 @@ protected function getBaseUrlWithRealm()
      */
     protected function getDefaultScopes()
     {
-        return ['name', 'email'];
+        return ['profile', 'email'];
     }
 
+    /**
+     * Returns the string that should be used to separate scopes when building
+     * the URL for requesting an access token.
+     *
+     * @return string Scope separator, defaults to ','
+     */
+    protected function getScopeSeparator()
+    {
+        return ' ';
+    }
+
+
     /**
      * Check a provider response for errors.
      *
@@ -210,11 +223,18 @@ protected function createResourceOwner(array $response, AccessToken $token)
      *
      * @param  AccessToken $token
      * @return KeycloakResourceOwner
+     * @throws EncryptionConfigurationException
      */
     public function getResourceOwner(AccessToken $token)
     {
         $response = $this->fetchResourceOwnerDetails($token);
 
+        // We are always getting an array. We have to check if it is
+        // the array we created
+        if (array_key_exists('jwt', $response)) {
+            $response = $response['jwt'];
+        }
+
         $response = $this->decryptResponse($response);
 
         return $this->createResourceOwner($response, $token);
@@ -276,4 +296,30 @@ public function usesEncryption()
     {
         return (bool) $this->encryptionAlgorithm && $this->encryptionKey;
     }
+
+    /**
+     * Parses the response according to its content-type header.
+     *
+     * @throws UnexpectedValueException
+     * @param  ResponseInterface $response
+     * @return array
+     */
+    protected function parseResponse(ResponseInterface $response)
+    {
+        // We have a problem with keycloak when the userinfo responses
+        // with a jwt token
+        // Because it just return a jwt as string with the header
+        // application/jwt
+        // This can't be parsed to a array
+        // Dont know why this function only allow an array as return value...
+        $content = (string) $response->getBody();
+        $type = $this->getContentType($response);
+
+        if (strpos($type, 'jwt') !== false) {
+            // Here we make the temporary array
+            return ['jwt' => $content];
+        }
+
+        return parent::parseResponse($response);
+    }
 }