OIDC: Added extra userinfo content-type normalisation and test

During review of #5337

Author: ssddanbrown

app/Access/Oidc/OidcUserinfoResponse.php

@@ -11,7 +11,9 @@ class OidcUserinfoResponse implements ProvidesClaims
 
     public function __construct(ResponseInterface $response, string $issuer, array $keys)
     {
-        $contentType = explode(';', $response->getHeader('Content-Type')[0], 2)[0];
+        $contentTypeHeaderValue = $response->getHeader('Content-Type')[0] ?? '';
+        $contentType = strtolower(trim(explode(';', $contentTypeHeaderValue, 2)[0]));
+
         if ($contentType === 'application/json') {
             $this->claims = json_decode($response->getBody()->getContents(), true);
         }

tests/Auth/OidcTest.php

@@ -787,6 +787,20 @@ public function test_userinfo_endpoint_fetch_can_parsed_nested_groups()
         $this->assertTrue($user->hasRole($roleA->id));
     }
 
+    public function test_userinfo_endpoint_response_with_complex_json_content_type_handled()
+    {
+        $userinfoResponseData = [
+            'sub' => OidcJwtHelper::defaultPayload()['sub'],
+            'name' => 'Barry',
+        ];
+        $userinfoResponse = new Response(200, ['Content-Type'  => 'Application/Json ; charset=utf-8'], json_encode($userinfoResponseData));
+        $resp = $this->runLogin(['name' => null], [$userinfoResponse]);
+        $resp->assertRedirect('/');
+
+        $user = User::where('email', OidcJwtHelper::defaultPayload()['email'])->first();
+        $this->assertEquals('Barry', $user->name);
+    }
+
     public function test_userinfo_endpoint_jwks_response_handled()
     {
         $userinfoResponseData = OidcJwtHelper::idToken(['name' => 'Barry Jwks']);