From fea948487d35e2c3acd8af39457b7b981dfc5f7d Mon Sep 17 00:00:00 2001
From: domaz <detta.dominic87@gmail.com>
Date: Tue, 10 Oct 2023 16:23:00 +0200
Subject: [PATCH] fix(#392): avoid to send optional empty scope in a client
 credentials grant

---
 src/OpenIDConnectClient.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/OpenIDConnectClient.php b/src/OpenIDConnectClient.php
index 6aa80b17..e27ebfa0 100644
--- a/src/OpenIDConnectClient.php
+++ b/src/OpenIDConnectClient.php
@@ -810,9 +810,12 @@ public function requestClientCredentialsToken() {
         $post_data = [
             'grant_type'    => $grant_type,
             'client_id'     => $this->clientID,
-            'client_secret' => $this->clientSecret,
-            'scope'         => implode(' ', $this->scopes)
+            'client_secret' => $this->clientSecret
         ];
+        
+        if ($this->scopes) {
+            $post_data['scope'] = implode(' ', $this->scopes);
+        }
 
         // Convert token params to string format
         $post_params = http_build_query($post_data, '', '&', $this->encType);