update for keycloak 12.0.0

4 years ago · 5fc6103398
parent fe378dca00
commit 5fc6103398
4 changed files with 112 additions and 157 deletions
--- a/account/index.ftl
+++ b/account/index.ftl
@ -45,7 +45,8 @@
                isLinkedAccountsEnabled : ${realm.identityFederationEnabled?c},
                isEventsEnabled : ${isEventsEnabled?c},
                isMyResourcesEnabled : ${(realm.userManagedAccessAllowed && isAuthorizationEnabled)?c},
-                isTotpConfigured : ${isTotpConfigured?c}
+                isTotpConfigured : ${isTotpConfigured?c},
+                deleteAccountAllowed : ${deleteAccountAllowed?c}
            }

            var availableLocales = [];
@ -109,20 +110,20 @@
            </#list>
        </#if>

-        <link rel="stylesheet" type="text/css" href="${resourceUrl}/public/base.css"/>
-        <link rel="stylesheet" type="text/css" href="${resourceUrl}/public/app.css"/>
+        <link rel="stylesheet" type="text/css" href="${resourceCommonUrl}/web_modules/@patternfly/react-core/dist/styles/base.css"/>
+        <link rel="stylesheet" type="text/css" href="${resourceCommonUrl}/web_modules/@patternfly/react-core/dist/styles/app.css"/>
        <link href="${resourceUrl}/public/layout.css" rel="stylesheet"/>
    </head>

    <body>

        <script>
-            var keycloak = Keycloak({
+            const keycloak = Keycloak({
                authServerUrl: authUrl,
                realm: realm,
                clientId: 'account-console'
            });
-            keycloak.init({onLoad: 'check-sso', pkceMethod: 'S256'}).success(function(authenticated) {
+            keycloak.init({onLoad: 'check-sso', pkceMethod: 'S256', promiseType: 'native'}).then((authenticated) => {
                isReactLoading = true;
                toggleReact();
                if (!keycloak.authenticated) {
@ -136,8 +137,7 @@
                }

                loadjs("/Main.js");
-
-            }).error(function() {
+            }).catch(() => {
                alert('failed to initialize keycloak');
            });
        </script>
@ -278,3 +278,4 @@

    </body>
 </html>
+
--- a/login/denied-auth.ftl
+++ b/login/denied-auth.ftl
@ -0,0 +1,12 @@
+<@layout.registrationLayout displayMessage=false; section>
+    <#if section = "header">
+       Access denied 
+    <#elseif section = "form">
+        <div id="kc-error-message">
+            <p class="instruction">${description}</p>
+            <#if client?? && client.baseUrl?has_content>
+                <p><a id="backToApplication" href="${client.baseUrl}">${kcSanitize(msg("backToApplication"))?no_esc}</a></p>
+            </#if>
+        </div>
+    </#if>
+</@layout.registrationLayout>
--- a/login/register.ftl
+++ b/login/register.ftl
@ -1,73 +1,120 @@
 <#import "template.ftl" as layout>
-<@layout.registrationLayout; section>
+<@layout.registrationLayout displayMessage=!messagesPerField.existsError('firstName','lastName','email','username','password','password-confirm'); section>
    <#if section = "header">
        ${msg("registerTitle")}
    <#elseif section = "form">
        <form id="kc-register-form" class="${properties.kcFormClass!}" action="${url.registrationAction}" method="post">
-            <div class="${properties.kcFormGroupClass!} ${messagesPerField.printIfExists('firstName',properties.kcFormGroupErrorClass!)}">
+            <div class="${properties.kcFormGroupClass!}">
                <div class="${properties.kcLabelWrapperClass!}">
                    <label for="firstName" class="${properties.kcLabelClass!}">${msg("firstName")}</label>
                </div>
                <div class="${properties.kcInputWrapperClass!}">
-                    <input type="text" id="firstName" class="${properties.kcInputClass!}" name="firstName" value="${(register.formData.firstName!'')}" />
+                    <input type="text" id="firstName" class="${properties.kcInputClass!}" name="firstName"
+                           value="${(register.formData.firstName!'')}"
+                           aria-invalid="<#if messagesPerField.existsError('firstName')>true</#if>"
+                    />
+
+                    <#if messagesPerField.existsError('firstName')>
+                        <span id="input-error-firstname" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
+                            ${kcSanitize(messagesPerField.get('firstName'))?no_esc}
+                        </span>
+                    </#if>
                </div>
            </div>

-            <div class="${properties.kcFormGroupClass!} ${messagesPerField.printIfExists('lastName',properties.kcFormGroupErrorClass!)}">
+            <div class="${properties.kcFormGroupClass!}">
                <div class="${properties.kcLabelWrapperClass!}">
                    <label for="lastName" class="${properties.kcLabelClass!}">${msg("lastName")}</label>
                </div>
                <div class="${properties.kcInputWrapperClass!}">
-                    <input type="text" id="lastName" class="${properties.kcInputClass!}" name="lastName" value="${(register.formData.lastName!'')}" />
+                    <input type="text" id="lastName" class="${properties.kcInputClass!}" name="lastName"
+                           value="${(register.formData.lastName!'')}"
+                           aria-invalid="<#if messagesPerField.existsError('lastName')>true</#if>"
+                    />
+
+                    <#if messagesPerField.existsError('lastName')>
+                        <span id="input-error-lastname" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
+                            ${kcSanitize(messagesPerField.get('lastName'))?no_esc}
+                        </span>
+                    </#if>
                </div>
            </div>

-            <div class="${properties.kcFormGroupClass!} ${messagesPerField.printIfExists('email',properties.kcFormGroupErrorClass!)}">
+            <div class="${properties.kcFormGroupClass!}">
                <div class="${properties.kcLabelWrapperClass!}">
                    <label for="email" class="${properties.kcLabelClass!}">${msg("email")}</label>
                </div>
                <div class="${properties.kcInputWrapperClass!}">
-                    <input type="text" id="email" class="${properties.kcInputClass!}" name="email" value="${(register.formData.email!'')}" autocomplete="email" />
+                    <input type="text" id="email" class="${properties.kcInputClass!}" name="email"
+                           value="${(register.formData.email!'')}" autocomplete="email"
+                           aria-invalid="<#if messagesPerField.existsError('email')>true</#if>"
+                    />
+
+                    <#if messagesPerField.existsError('email')>
+                        <span id="input-error-email" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
+                            ${kcSanitize(messagesPerField.get('email'))?no_esc}
+                        </span>
+                    </#if>
                </div>
            </div>

-          <#if !realm.registrationEmailAsUsername>
-            <div class="${properties.kcFormGroupClass!} ${messagesPerField.printIfExists('username',properties.kcFormGroupErrorClass!)}">
-                <div class="${properties.kcLabelWrapperClass!}">
-                    <label for="username" class="${properties.kcLabelClass!}">${msg("username")}</label>
-                </div>
-                <div class="${properties.kcInputWrapperClass!}">
-                    <input type="text" id="username" class="${properties.kcInputClass!}" name="username" value="${(register.formData.username!'')}" autocomplete="username" />
+            <#if !realm.registrationEmailAsUsername>
+                <div class="${properties.kcFormGroupClass!}">
+                    <div class="${properties.kcLabelWrapperClass!}">
+                        <label for="username" class="${properties.kcLabelClass!}">${msg("username")}</label>
+                    </div>
+                    <div class="${properties.kcInputWrapperClass!}">
+                        <input type="text" id="username" class="${properties.kcInputClass!}" name="username"
+                               value="${(register.formData.username!'')}" autocomplete="username"
+                               aria-invalid="<#if messagesPerField.existsError('username')>true</#if>"
+                        />
+
+                        <#if messagesPerField.existsError('username')>
+                            <span id="input-error-username" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
+                                ${kcSanitize(messagesPerField.get('username'))?no_esc}
+                            </span>
+                        </#if>
+                    </div>
                </div>
-            </div>
-          </#if>
+            </#if>

            <#if passwordRequired??>
-            <div class="${properties.kcFormGroupClass!} ${messagesPerField.printIfExists('password',properties.kcFormGroupErrorClass!)}">
-                <div class="${properties.kcLabelWrapperClass!}">
-                    <label for="password" class="${properties.kcLabelClass!}">${msg("password")}</label>
-                </div>
-                <div class="${properties.kcInputWrapperClass!}">
-                    <input type="password" id="password" class="${properties.kcInputClass!}" name="password" autocomplete="new-password"/>
-                </div>
-            </div>
+                <div class="${properties.kcFormGroupClass!}">
+                    <div class="${properties.kcLabelWrapperClass!}">
+                        <label for="password" class="${properties.kcLabelClass!}">${msg("password")}</label>
+                    </div>
+                    <div class="${properties.kcInputWrapperClass!}">
+                        <input type="password" id="password" class="${properties.kcInputClass!}" name="password"
+                               autocomplete="new-password"
+                               aria-invalid="<#if messagesPerField.existsError('password','password-confirm')>true</#if>"
+                        />

-            <div class="${properties.kcFormGroupClass!} ${messagesPerField.printIfExists('password-confirm',properties.kcFormGroupErrorClass!)}">
-                <div class="${properties.kcLabelWrapperClass!}">
-                    <label for="password-confirm" class="${properties.kcLabelClass!}">${msg("passwordConfirm")}</label>
-                </div>
-                <div class="${properties.kcInputWrapperClass!}">
-                    <input type="password" id="password-confirm" class="${properties.kcInputClass!}" name="password-confirm" />
+                        <#if messagesPerField.existsError('password')>
+                            <span id="input-error-password" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
+                                ${kcSanitize(messagesPerField.get('password'))?no_esc}
+                            </span>
+                        </#if>
+                    </div>
                </div>
-            </div>
-            </#if>

-            <#if recaptchaRequired??>
-            <div class="form-group">
-                <div class="${properties.kcInputWrapperClass!}">
-                    <div class="g-recaptcha" data-size="compact" data-sitekey="${recaptchaSiteKey}"></div>
+                <div class="${properties.kcFormGroupClass!}">
+                    <div class="${properties.kcLabelWrapperClass!}">
+                        <label for="password-confirm"
+                               class="${properties.kcLabelClass!}">${msg("passwordConfirm")}</label>
+                    </div>
+                    <div class="${properties.kcInputWrapperClass!}">
+                        <input type="password" id="password-confirm" class="${properties.kcInputClass!}"
+                               name="password-confirm"
+                               aria-invalid="<#if messagesPerField.existsError('password-confirm')>true</#if>"
+                        />
+
+                        <#if messagesPerField.existsError('password-confirm')>
+                            <span id="input-error-password-confirm" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
+                                ${kcSanitize(messagesPerField.get('password-confirm'))?no_esc}
+                            </span>
+                        </#if>
+                    </div>
                </div>
-            </div>
            </#if>

            <#if captchaRequired??>
@ -82,6 +129,14 @@
            </div>
            </#if>

+            <#if recaptchaRequired??>
+                <div class="form-group">
+                    <div class="${properties.kcInputWrapperClass!}">
+                        <div class="g-recaptcha" data-size="compact" data-sitekey="${recaptchaSiteKey}"></div>
+                    </div>
+                </div>
+            </#if>
+
            <div class="${properties.kcFormGroupClass!}">
                <div id="kc-form-options" class="${properties.kcFormOptionsClass!}">
                    <div class="${properties.kcFormOptionsWrapperClass!}">
--- a/login/webauthn-authenticate.ftl
+++ b/login/webauthn-authenticate.ftl
@ -1,113 +0,0 @@
-    <#import "template.ftl" as layout>
-    <@layout.registrationLayout showAnotherWayIfPresent=false; section>
-    <#if section = "title">
-     title
-    <#elseif section = "header">
-        ${kcSanitize(msg("webauthn-login-title"))?no_esc}
-    <#elseif section = "form">
-
-    <form id="webauth" class="${properties.kcFormClass!}" action="${url.loginAction}" method="post">
-        <div class="${properties.kcFormGroupClass!}">
-            <input type="hidden" id="clientDataJSON" name="clientDataJSON"/>
-            <input type="hidden" id="authenticatorData" name="authenticatorData"/>
-            <input type="hidden" id="signature" name="signature"/>
-            <input type="hidden" id="credentialId" name="credentialId"/>
-            <input type="hidden" id="userHandle" name="userHandle"/>
-            <input type="hidden" id="error" name="error"/>
-        </div>
-    </form>
-
-    <#if authenticators??>
-        <form id="authn_select" class="${properties.kcFormClass!}">
-            <#list authenticators.authenticators as authenticator>
-                <input type="hidden" name="authn_use_chk" value="${authenticator.credentialId}"/>
-            </#list>
-        </form>
-    </#if>
-
-    <script type="text/javascript" src="${url.resourcesCommonPath}/node_modules/jquery/dist/jquery.min.js"></script>
-    <script type="text/javascript" src="${url.resourcesPath}/js/base64url.js"></script>
-    <script type="text/javascript">
-
-        window.onload = () => {
-            let isUserIdentified = ${isUserIdentified};
-            if (!isUserIdentified) {
-                doAuthenticate([]);
-                return;
-            }
-            checkAllowCredentials();
-        };
-
-        function checkAllowCredentials() {
-            let allowCredentials = [];
-            let authn_use = document.forms['authn_select'].authn_use_chk;
-
-            if (authn_use !== undefined) {
-                if (authn_use.length === undefined) {
-                    allowCredentials.push({
-                        id: base64url.decode(authn_use.value, {loose: true}),
-                        type: 'public-key',
-                    });
-                } else {
-                    for (let i = 0; i < authn_use.length; i++) {
-                        allowCredentials.push({
-                            id: base64url.decode(authn_use[i].value, {loose: true}),
-                            type: 'public-key',
-                        });
-                    }
-                }
-            }
-            doAuthenticate(allowCredentials);
-        }
-
-
-    function doAuthenticate(allowCredentials) {
-        let challenge = "${challenge}";
-        let userVerification = "${userVerification}";
-        let rpId = "${rpId}";
-        let publicKey = {
-            rpId : rpId,
-            challenge: base64url.decode(challenge, { loose: true })
-        };
-
-        if (allowCredentials.length) {
-            publicKey.allowCredentials = allowCredentials;
-        }
-
-        if (userVerification !== 'not specified') publicKey.userVerification = userVerification;
-
-        if (window.PublicKeyCredential === undefined || typeof window.PublicKeyCredential !== "function") {
-            $("#error").val("WebAuthn is not supported by this Browser");
-            $("#webauth").submit();
-            return;
-        }
-
-        navigator.credentials.get({publicKey})
-            .then((result) => {
-                window.result = result;
-
-                let clientDataJSON = result.response.clientDataJSON;
-                let authenticatorData = result.response.authenticatorData;
-                let signature = result.response.signature;
-
-                $("#clientDataJSON").val(base64url.encode(new Uint8Array(clientDataJSON), { pad: false }));
-                $("#authenticatorData").val(base64url.encode(new Uint8Array(authenticatorData), { pad: false }));
-                $("#signature").val(base64url.encode(new Uint8Array(signature), { pad: false }));
-                $("#credentialId").val(result.id);
-                if(result.response.userHandle) {
-                    $("#userHandle").val(base64url.encode(new Uint8Array(result.response.userHandle), { pad: false }));
-                }
-                $("#webauth").submit();
-            })
-            .catch((err) => {
-                $("#error").val(err);
-                $("#webauth").submit();
-            })
-        ;
-    }
-
-    </script>
-    <#elseif section = "info">
-
-    </#if>
-    </@layout.registrationLayout>