[keycloak-user] domain-extension example not working OOTB, need admin-cli scope tweaking

Hi, The domain-extension example used to work out of the box as of KC 3.1.0, but no longer works with KC >= 3.2.0. That's because in 3.1.0 the "admin-cli" client's scope had the "admin" role mapped by default, which is no longer the case for 3.2.0+, hence no "realm_access" field in the JWT token, hence null auth.getToken().getRealmAccess() in ExampleRestResource::checkRealmAdmin(), hence non-working authorization. I think either the 3.1.0 behavior should be restored, or the domain- extension readme should contain a line about the necessary manual tweak to the admin-cli scope. What do you think? Dmitry