Make OAuth scope optional (strimzi#30)

* Make scope optional

Signed-off-by: klalafaryan <konstantin.lalafaryan@blacklane.com>

* Add comment

Signed-off-by: klalafaryan <konstantin.lalafaryan@blacklane.com>

* Improve the comment

Signed-off-by: klalafaryan <konstantin.lalafaryan@blacklane.com>

Author: klalafaryan

oauth-common/src/main/java/io/strimzi/kafka/oauth/common/OAuthAuthenticator.java

@@ -102,10 +102,9 @@ private static TokenInfo post(URI tokenEndpointUri, SSLSocketFactory socketFacto
             throw new IllegalStateException("Invalid response from authorization server: no expires_in");
         }
 
+        // Some OAuth2 authorization servers don't provide scope in this level,
+        // therefore we don't need to make it mandatory
         JsonNode scope = result.get("scope");
-        if (scope == null) {
-            throw new IllegalStateException("Invalid response from authorization server: no scope");
-        }
 
         if (isJWT) {
             // try introspect token
@@ -116,7 +115,7 @@ private static TokenInfo post(URI tokenEndpointUri, SSLSocketFactory socketFacto
             }
         }
 
-        return new TokenInfo(token.asText(), scope.asText(), "undefined", now, now + expiresIn.asLong() * 1000L);
+        return new TokenInfo(token.asText(), scope != null ? scope.asText() : null, "undefined", now, now + expiresIn.asLong() * 1000L);
     }
 
     public static String base64encode(String value) {