Update README.md

remove /auth from Keycloak URL

README.md

@@ -56,6 +56,11 @@ OAUTH_KEYCLOAK_CLIENT_SECRET=my_bearer_client_secret
 ###< Abel_keycloak_bearer_only_adapter ###
 ...
 ```
+> Since Keycloak 17 the default distribution is now powered by **Quarkus**, while the legacy **WildFly** powered distribution will still be around until June 2022 <br>
+> The new distribution introduces a number of breaking changes, including: <br>
+> - `/auth` removed from the default context path <br>
+> ⚠️ **If you are using a legacy version make sure to include /auth in OAUTH_KEYCLOAK_ISSUER** <br>
+> Example: `keycloak:8080/auth`
 
 In case of using Keycloak with Docker locally replace **issuer** value with your keycloak container reference in the network
 
@@ -103,3 +108,4 @@ To configure keycloak to work with this bundle, [here](./Resources/docs/keycloak
 | V1.0.1                                                | >=4.0.0   <5.0.0   |
 | V1.1.* (uses old authentication systeme with guard)   | >=5.0.0   <6.0.0   |
 | V1.2.* (uses new authentication systeme)              | >=5.3.0   <6.0.0   |
+| V1.3.*                                                | =6.0.*             |

Security/User/KeycloakBearerUserProvider.php

@@ -100,7 +100,7 @@ class KeycloakBearerUserProvider implements UserProviderInterface{
             'base_uri' => $this->issuer,
         ]);
 
-        $response = $client->post('/auth/realms/'.$this->realm.'/protocol/openid-connect/token/introspect', [
+        $response = $client->post('/realms/'.$this->realm.'/protocol/openid-connect/token/introspect', [
             'auth' => [$this->client_id, $this->client_secret],
             'form_params' => [
                 'token' => $accessToken,