libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

moved login screen to patternfly 5 (#25340)

Browse source 
* moved login screen to patternfly 5

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added Feature flag to enable login v2

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* removed the old css and only include logo and background styles

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to experimental

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added login2

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added windows help texts

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
This commit is contained in:
Erik Jan de Wit 2024-01-25 13:45:53 +01:00 committed by GitHub
parent b58f35fb47
commit 28c9f98930
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
26 changed files with 557 additions and 88 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
common/src/main/java/org/keycloak/common/Profile.java
View file

@ -60,6 +60,8 @@ public class Profile {
ADMIN2("New Admin Console", Type.DEFAULT, Feature.ADMIN_API), ADMIN2("New Admin Console", Type.DEFAULT, Feature.ADMIN_API),
LOGIN2("New Login Theme", Type.EXPERIMENTAL),
DOCKER("Docker Registry protocol", Type.DISABLED_BY_DEFAULT), DOCKER("Docker Registry protocol", Type.DISABLED_BY_DEFAULT),
IMPERSONATION("Ability for admins to impersonate users", Type.DEFAULT), IMPERSONATION("Ability for admins to impersonate users", Type.DEFAULT),

1
common/src/test/java/org/keycloak/common/ProfileTest.java
View file

@ -77,6 +77,7 @@ public class ProfileTest {
Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ,
Profile.Feature.DYNAMIC_SCOPES, Profile.Feature.DYNAMIC_SCOPES,
Profile.Feature.DOCKER, Profile.Feature.DOCKER,
Profile.Feature.LOGIN2,
Profile.Feature.MULTI_SITE, Profile.Feature.MULTI_SITE,
Profile.Feature.DECLARATIVE_UI, Profile.Feature.DECLARATIVE_UI,
Profile.Feature.RECOVERY_CODES, Profile.Feature.RECOVERY_CODES,

8
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.unix.approved.txt vendored
View file

@ -67,16 +67,16 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1], [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1], v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
scripts, step-up-authentication, token-exchange, transient-users, scripts, step-up-authentication, token-exchange, transient-users,
update-email, web-authn. update-email, web-authn.

23
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.windows.approved.txt vendored
View file

@ -64,21 +64,22 @@ Feature:
--features <feature> Enables a set of one or more features. Possible values are: account-api[:v1], --features <feature> Enables a set of one or more features. Possible values are: account-api[:v1],
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1], account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1], admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], declarative-ui[:v1], device-flow[:v1], docker[: client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
[:v1], js-adapter[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1], linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1], [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
transient-users[:v1], update-email[:v1], web-authn[:v1]. v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, scripts, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
step-up-authentication, token-exchange, transient-users, update-email, scripts, step-up-authentication, token-exchange, transient-users,
web-authn. update-email, web-authn.
HTTP(S): HTTP(S):

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testExportHelp.unix.approved.txt vendored
View file

@ -62,16 +62,16 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1], [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1], v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
scripts, step-up-authentication, token-exchange, transient-users, scripts, step-up-authentication, token-exchange, transient-users,
update-email, web-authn. update-email, web-authn.
@ -156,4 +156,4 @@ Export:
--users-per-file <number> --users-per-file <number>
Set the number of users per file. It is used only if 'users' is set to Set the number of users per file. It is used only if 'users' is set to
'different_files'. Increasing this number leads to exponentially increasing 'different_files'. Increasing this number leads to exponentially increasing
export times. Default: 50. export times. Default: 50.

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testExportHelpAll.unix.approved.txt vendored
View file

@ -62,16 +62,16 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1], [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1], v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
scripts, step-up-authentication, token-exchange, transient-users, scripts, step-up-authentication, token-exchange, transient-users,
update-email, web-authn. update-email, web-authn.
@ -156,4 +156,4 @@ Export:
--users-per-file <number> --users-per-file <number>
Set the number of users per file. It is used only if 'users' is set to Set the number of users per file. It is used only if 'users' is set to
'different_files'. Increasing this number leads to exponentially increasing 'different_files'. Increasing this number leads to exponentially increasing
export times. Default: 50. export times. Default: 50.

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testImportHelp.unix.approved.txt vendored
View file

@ -62,16 +62,16 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1], [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1], v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
scripts, step-up-authentication, token-exchange, transient-users, scripts, step-up-authentication, token-exchange, transient-users,
update-email, web-authn. update-email, web-authn.
@ -150,4 +150,4 @@ Import:
--file <file> Set the path to a file that will be read. --file <file> Set the path to a file that will be read.
--override <true|false> --override <true|false>
Set if existing data should be overwritten. If set to false, data will be Set if existing data should be overwritten. If set to false, data will be
ignored. Default: true. ignored. Default: true.

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testImportHelpAll.unix.approved.txt vendored
View file

@ -62,16 +62,16 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1], [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1], v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
scripts, step-up-authentication, token-exchange, transient-users, scripts, step-up-authentication, token-exchange, transient-users,
update-email, web-authn. update-email, web-authn.
@ -150,4 +150,4 @@ Import:
--file <file> Set the path to a file that will be read. --file <file> Set the path to a file that will be read.
--override <true|false> --override <true|false>
Set if existing data should be overwritten. If set to false, data will be Set if existing data should be overwritten. If set to false, data will be
ignored. Default: true. ignored. Default: true.

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt vendored
View file

@ -92,16 +92,16 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1], [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1], v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
scripts, step-up-authentication, token-exchange, transient-users, scripts, step-up-authentication, token-exchange, transient-users,
update-email, web-authn. update-email, web-authn.
@ -293,4 +293,4 @@ Security:
Do NOT start the server using this command when deploying to production. Do NOT start the server using this command when deploying to production.
Use 'kc.sh start-dev --help-all' to list all available options, including build Use 'kc.sh start-dev --help-all' to list all available options, including build
options. options.

16
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt vendored
View file

@ -92,19 +92,19 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], par[: linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
v1], preview, recovery-codes[:v1], scripts[:v1], step-up-authentication[: [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
v1], token-exchange[:v1], transient-users[:v1], update-email[:v1], web-authn v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, scripts, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
step-up-authentication, token-exchange, transient-users, update-email, scripts, step-up-authentication, token-exchange, transient-users,
web-authn. update-email, web-authn.
Hostname: Hostname:

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt vendored
View file

@ -92,16 +92,16 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1], [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1], v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
scripts, step-up-authentication, token-exchange, transient-users, scripts, step-up-authentication, token-exchange, transient-users,
update-email, web-authn. update-email, web-authn.
@ -293,4 +293,4 @@ Security:
Do NOT start the server using this command when deploying to production. Do NOT start the server using this command when deploying to production.
Use 'kc.sh start-dev --help-all' to list all available options, including build Use 'kc.sh start-dev --help-all' to list all available options, including build
options. options.

16
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.windows.approved.txt vendored
View file

@ -92,19 +92,19 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], par[: linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
v1], preview, recovery-codes[:v1], scripts[:v1], step-up-authentication[: [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
v1], token-exchange[:v1], transient-users[:v1], update-email[:v1], web-authn v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, scripts, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
step-up-authentication, token-exchange, transient-users, update-email, scripts, step-up-authentication, token-exchange, transient-users,
web-authn. update-email, web-authn.
Hostname: Hostname:

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.unix.approved.txt vendored
View file

@ -93,16 +93,16 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1], [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1], v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
scripts, step-up-authentication, token-exchange, transient-users, scripts, step-up-authentication, token-exchange, transient-users,
update-email, web-authn. update-email, web-authn.
@ -298,4 +298,4 @@ By default, this command tries to update the server configuration by running a
$ kc.sh start '--optimized' $ kc.sh start '--optimized'
By doing that, the server should start faster based on any previous By doing that, the server should start faster based on any previous
configuration you have set when manually running the 'build' command. configuration you have set when manually running the 'build' command.

16
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.windows.approved.txt vendored
View file

@ -93,19 +93,19 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], par[: linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
v1], preview, recovery-codes[:v1], scripts[:v1], step-up-authentication[: [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
v1], token-exchange[:v1], transient-users[:v1], update-email[:v1], web-authn v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, scripts, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
step-up-authentication, token-exchange, transient-users, update-email, scripts, step-up-authentication, token-exchange, transient-users,
web-authn. update-email, web-authn.
Hostname: Hostname:

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.unix.approved.txt vendored
View file

@ -93,16 +93,16 @@ Feature:
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1],
device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], device-flow[:v1], docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1],
hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1], hostname[:v1], impersonation[:v1], js-adapter[:v1], kerberos[:v1],
linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:v1], linkedin-oauth[:v1], login2[:v1], multi-site[:v1], offline-session-preloading
oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1], [:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], scripts[:
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1], v1], step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1]. update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes,
scripts, step-up-authentication, token-exchange, transient-users, scripts, step-up-authentication, token-exchange, transient-users,
update-email, web-authn. update-email, web-authn.
@ -298,4 +298,4 @@ By default, this command tries to update the server configuration by running a
$ kc.sh start '--optimized' $ kc.sh start '--optimized'
By doing that, the server should start faster based on any previous By doing that, the server should start faster based on any previous
configuration you have set when manually running the 'build' command. configuration you have set when manually running the 'build' command.

8
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.windows.approved.txt vendored
View file

@ -92,16 +92,16 @@ Feature:
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1], admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], device-flow[:v1], client-secret-rotation[:v1], client-types[:v1], declarative-ui[:v1], device-flow[:v1],
docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation docker[:v1], dpop[:v1], dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation
[:v1], js-adapter[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1], [:v1], js-adapter[:v1], kerberos[:v1], linkedin-oauth[:v1], login2[:v1],
offline-session-preloading[:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1], offline-session-preloading[:v1], oid4vc-vci[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1], recovery-codes[:v1], scripts[:v1], step-up-authentication[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1]. token-exchange[:v1], transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature> --features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api, Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2, account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, client-types, authorization, ciba, client-policies, client-secret-rotation, client-types,
declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips, declarative-ui, device-flow, docker, dpop, dynamic-scopes, fips,
impersonation, js-adapter, kerberos, linkedin-oauth, multi-site, impersonation, js-adapter, kerberos, linkedin-oauth, login2, multi-site,
offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, scripts, offline-session-preloading, oid4vc-vci, par, preview, recovery-codes, scripts,
step-up-authentication, token-exchange, transient-users, update-email, step-up-authentication, token-exchange, transient-users, update-email,
web-authn. web-authn.

2
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelp.unix.approved.txt vendored
View file

@ -208,4 +208,4 @@ By default, this command tries to update the server configuration by running a
$ kc.sh start '--optimized' $ kc.sh start '--optimized'
By doing that, the server should start faster based on any previous By doing that, the server should start faster based on any previous
configuration you have set when manually running the 'build' command. configuration you have set when manually running the 'build' command.

2
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelpAll.unix.approved.txt vendored
View file

@ -208,4 +208,4 @@ By default, this command tries to update the server configuration by running a
$ kc.sh start '--optimized' $ kc.sh start '--optimized'
By doing that, the server should start faster based on any previous By doing that, the server should start faster based on any previous
configuration you have set when manually running the 'build' command. configuration you have set when manually running the 'build' command.

4
server-spi/src/main/java/org/keycloak/theme/ThemeSelectorProvider.java
View file

@ -56,6 +56,10 @@ public interface ThemeSelectorProvider extends Provider {
return DEFAULT_V2; return DEFAULT_V2;
} }
if ((type == Theme.Type.LOGIN) && Profile.isFeatureEnabled(Profile.Feature.LOGIN2)) {
return DEFAULT_V2;
}
return DEFAULT; return DEFAULT;
} }

6
services/src/main/java/org/keycloak/services/resources/admin/info/ServerInfoAdminResource.java
View file

@ -232,8 +232,10 @@ public class ServerInfoAdminResource {
!Profile.isFeatureEnabled(Profile.Feature.ACCOUNT2); !Profile.isFeatureEnabled(Profile.Feature.ACCOUNT2);
boolean filterAdminV2 = (type == Theme.Type.ADMIN) && boolean filterAdminV2 = (type == Theme.Type.ADMIN) &&
!Profile.isFeatureEnabled(Profile.Feature.ADMIN2); !Profile.isFeatureEnabled(Profile.Feature.ADMIN2);
boolean filterLoginV2 = (type == Theme.Type.LOGIN) &&
if (filterAccountV2 || filterAdminV2) { !Profile.isFeatureEnabled(Profile.Feature.LOGIN2);
if (filterAccountV2 || filterAdminV2 || filterLoginV2) {
filteredNames.remove("keycloak.v2"); filteredNames.remove("keycloak.v2");
filteredNames.remove("rh-sso.v2"); filteredNames.remove("rh-sso.v2");
} }

2
themes/src/main/resources/META-INF/keycloak-themes.json
View file

@ -7,6 +7,6 @@
"types": [ "login", "common", "email", "welcome" ] "types": [ "login", "common", "email", "welcome" ]
}, { }, {
"name" : "keycloak.v2", "name" : "keycloak.v2",
"types": [ "account", "admin" ] "types": [ "account", "admin", "login" ]
}] }]
} }

189
themes/src/main/resources/theme/keycloak.v2/login/login.ftl Executable file
View file

@ -0,0 +1,189 @@
<#import "pf-5-template.ftl" as layout>
<@layout.registrationLayout displayMessage=!messagesPerField.existsError('username','password') displayInfo=realm.password && realm.registrationAllowed && !registrationDisabled??; section>
<#if section = "header">
${msg("loginAccountTitle")}
<#elseif section = "form">
<div id="kc-form">
<div id="kc-form-wrapper">
<#if realm.password>
<form id="kc-form-login" class="pf-v5-c-form" onsubmit="login.disabled = true; return true;" action="${url.loginAction}" method="post">
<#if !usernameHidden??>
<div class="${properties.kcFormGroupClass!}">
<label for="username" class="${properties.kcLabelClass!}"><#if !realm.loginWithEmailAllowed>${msg("username")}<#elseif !realm.registrationEmailAsUsername>${msg("usernameOrEmail")}<#else>${msg("email")}</#if></label>
<span class="${properties.kcInputClass!} ${messagesPerField.existsError('username','password')?then('pf-m-error', '')}">
<input tabindex="1" id="username" name="username" value="${(login.username!'')}" type="text" autofocus autocomplete="off"
aria-invalid="<#if messagesPerField.existsError('username','password')>true</#if>"
/>
<#if messagesPerField.existsError('username','password')>
<span class="pf-v5-c-form-control__utilities">
<span class="pf-v5-c-form-control__icon pf-m-status">
<i class="fas fa-exclamation-circle" aria-hidden="true"></i>
</span>
</span>
</#if>
</span>
<#if messagesPerField.existsError('username','password')>
<span id="input-error" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
${kcSanitize(messagesPerField.getFirstError('username','password'))?no_esc}
</span>
</#if>
</div>
</#if>
<div class="${properties.kcFormGroupClass!}">
<label for="password" class="${properties.kcLabelClass!}">${msg("password")}</label>
<div class="${properties.kcInputGroup!}">
<span class="${properties.kcInputClass!}">
<input tabindex="2" id="password" name="password" type="password" autocomplete="off"
aria-invalid="<#if messagesPerField.existsError('username','password')>true</#if>"
/>
</span>
<button class="${properties.kcFormPasswordVisibilityButtonClass!}" type="button" aria-label="${msg('showPassword')}"
aria-controls="password" data-password-toggle
data-icon-show="${properties.kcFormPasswordVisibilityIconShow!}" data-icon-hide="${properties.kcFormPasswordVisibilityIconHide!}"
data-label-show="${msg('showPassword')}" data-label-hide="${msg('hidePassword')}">
<i class="${properties.kcFormPasswordVisibilityIconShow!}" aria-hidden="true"></i>
</button>
</div>
<#if usernameHidden?? && messagesPerField.existsError('username','password')>
<span id="input-error" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
${kcSanitize(messagesPerField.getFirstError('username','password'))?no_esc}
</span>
</#if>
</div>
<div class="${properties.kcFormGroupClass!} ${properties.kcFormSettingClass!}">
<div id="kc-form-options">
<#if realm.rememberMe && !usernameHidden??>
<div class="checkbox">
<label>
<#if login.rememberMe??>
<input tabindex="3" id="rememberMe" name="rememberMe" type="checkbox" checked> ${msg("rememberMe")}
<#else>
<input tabindex="3" id="rememberMe" name="rememberMe" type="checkbox"> ${msg("rememberMe")}
</#if>
</label>
</div>
</#if>
</div>
<div class="${properties.kcFormOptionsWrapperClass!}">
<#if realm.resetPasswordAllowed>
<span><a tabindex="5" href="${url.loginResetCredentialsUrl}">${msg("doForgotPassword")}</a></span>
</#if>
</div>
</div>
<div id="kc-form-buttons" class="${properties.kcFormGroupClass!}">
<input type="hidden" id="id-hidden-input" name="credentialId" <#if auth.selectedCredential?has_content>value="${auth.selectedCredential}"</#if>/>
<input tabindex="4" class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonBlockClass!} ${properties.kcButtonLargeClass!}" name="login" id="kc-login" type="submit" value="${msg("doLogIn")}"/>
</div>
</form>
</#if>
</div>
</div>
<script type="module" src="${url.resourcesPath}/js/passwordVisibility.js"></script>
<#elseif section = "info" >
<#if realm.password && realm.registrationAllowed && !registrationDisabled??>
<div id="kc-registration-container">
<div id="kc-registration">
<span>${msg("noAccount")} <a tabindex="6"
href="${url.registrationUrl}">${msg("doRegister")}</a></span>
</div>
</div>
</#if>
<#elseif section = "socialProviders" >
<#if realm.password && social.providers??>
<div id="kc-social-providers" class="${properties.kcFormSocialAccountSectionClass!}">
<ul class="${properties.kcFormSocialAccountListClass!} <#if social.providers?size gt 3>${properties.kcFormSocialAccountListGridClass!}</#if>">
<#list social.providers as p>
<li class="${properties.kcFormSocialAccountListItmeClass!}">
<a id="social-${p.alias}" class="${properties.kcFormSocialAccountListButtonClass!} <#if social.providers?size gt 3>${properties.kcFormSocialAccountGridItem!}</#if>" aria-label="${p.displayName}"
type="button" href="${p.loginUrl}">
<#if p.iconClasses?has_content>
<#switch p.alias>
<#case "google">
<svg aria-hidden="true" viewBox="0 0 488 512">
<path d="M488 261.8C488 403.3 391.1 504 248 504 110.8 504 0 393.2 0 256S110.8 8 248 8c66.8 0 123 24.5 166.3 64.9l-67.5 64.9C258.5 52.6 94.3 116.6 94.3 256c0 86.5 69.1 156.6 153.7 156.6 98.2 0 135-70.4 140.8-106.9H248v-85.3h236.1c2.3 12.7 3.9 24.9 3.9 41.4z"/>
</svg>
<#break>
<#case "github">
<svg aria-hidden="true" viewBox="0 0 496 512">
<path d="M165.9 397.4c0 2-2.3 3.6-5.2 3.6-3.3.3-5.6-1.3-5.6-3.6 0-2 2.3-3.6 5.2-3.6 3-.3 5.6 1.3 5.6 3.6zm-31.1-4.5c-.7 2 1.3 4.3 4.3 4.9 2.6 1 5.6 0 6.2-2s-1.3-4.3-4.3-5.2c-2.6-.7-5.5.3-6.2 2.3zm44.2-1.7c-2.9.7-4.9 2.6-4.6 4.9.3 2 2.9 3.3 5.9 2.6 2.9-.7 4.9-2.6 4.6-4.6-.3-1.9-3-3.2-5.9-2.9zM244.8 8C106.1 8 0 113.3 0 252c0 110.9 69.8 205.8 169.5 239.2 12.8 2.3 17.3-5.6 17.3-12.1 0-6.2-.3-40.4-.3-61.4 0 0-70 15-84.7-29.8 0 0-11.4-29.1-27.8-36.6 0 0-22.9-15.7 1.6-15.4 0 0 24.9 2 38.6 25.8 21.9 38.6 58.6 27.5 72.9 20.9 2.3-16 8.8-27.1 16-33.7-55.9-6.2-112.3-14.3-112.3-110.5 0-27.5 7.6-41.3 23.6-58.9-2.6-6.5-11.1-33.3 2.6-67.9 20.9-6.5 69 27 69 27 20-5.6 41.5-8.5 62.8-8.5s42.8 2.9 62.8 8.5c0 0 48.1-33.6 69-27 13.7 34.7 5.2 61.4 2.6 67.9 16 17.7 25.8 31.5 25.8 58.9 0 96.5-58.9 104.2-114.8 110.5 9.2 7.9 17 22.9 17 46.4 0 33.7-.3 75.4-.3 83.6 0 6.5 4.6 14.4 17.3 12.1C428.2 457.8 496 362.9 496 252 496 113.3 383.5 8 244.8 8zM97.2 352.9c-1.3 1-1 3.3.7 5.2 1.6 1.6 3.9 2.3 5.2 1 1.3-1 1-3.3-.7-5.2-1.6-1.6-3.9-2.3-5.2-1zm-10.8-8.1c-.7 1.3.3 2.9 2.3 3.9 1.6 1 3.6.7 4.3-.7.7-1.3-.3-2.9-2.3-3.9-2-.6-3.6-.3-4.3.7zm32.4 35.6c-1.6 1.3-1 4.3 1.3 6.2 2.3 2.3 5.2 2.6 6.5 1 1.3-1.3.7-4.3-1.3-6.2-2.2-2.3-5.2-2.6-6.5-1zm-11.4-14.7c-1.6 1-1.6 3.6 0 5.9 1.6 2.3 4.3 3.3 5.6 2.3 1.6-1.3 1.6-3.9 0-6.2-1.4-2.3-4-3.3-5.6-2z"/>
</svg>
<#break>
<#case "facebook">
<svg aria-hidden="true" viewBox="0 0 448 512">
<path d="M448 56.7v398.5c0 13.7-11.1 24.7-24.7 24.7H309.1V306.5h58.2l8.7-67.6h-67v-43.2c0-19.6 5.4-32.9 33.5-32.9h35.8v-60.5c-6.2-.8-27.4-2.7-52.2-2.7-51.6 0-87 31.5-87 89.4v49.9h-58.4v67.6h58.4V480H24.7C11.1 480 0 468.9 0 455.3V56.7C0 43.1 11.1 32 24.7 32h398.5c13.7 0 24.8 11.1 24.8 24.7z"/>
</svg>
<#break>
<#case "gitlab">
<svg aria-hidden="true" viewBox="0 0 512 512">
<path d="M29.782 199.732L256 493.714 8.074 309.699c-6.856-5.142-9.712-13.996-7.141-21.993l28.849-87.974zm75.405-174.806c-3.142-8.854-15.709-8.854-18.851 0L29.782 199.732h131.961L105.187 24.926zm56.556 174.806L256 493.714l94.257-293.982H161.743zm349.324 87.974l-28.849-87.974L256 493.714l247.926-184.015c6.855-5.142 9.711-13.996 7.141-21.993zm-85.404-262.78c-3.142-8.854-15.709-8.854-18.851 0l-56.555 174.806h131.961L425.663 24.926z"/>
</svg>
<#break>
<#case "linkedin">
<#case "linkedin-openid-connect">
<svg aria-hidden="true" viewBox="0 0 448 512">
<path d="M416 32H31.9C14.3 32 0 46.5 0 64.3v383.4C0 465.5 14.3 480 31.9 480H416c17.6 0 32-14.5 32-32.3V64.3c0-17.8-14.4-32.3-32-32.3zM135.4 416H69V202.2h66.5V416zm-33.2-243c-21.3 0-38.5-17.3-38.5-38.5S80.9 96 102.2 96c21.2 0 38.5 17.3 38.5 38.5 0 21.3-17.2 38.5-38.5 38.5zm282.1 243h-66.4V312c0-24.8-.5-56.7-34.5-56.7-34.6 0-39.9 27-39.9 54.9V416h-66.4V202.2h63.7v29.2h.9c8.9-16.8 30.6-34.5 62.9-34.5 67.2 0 79.7 44.3 79.7 101.9V416z"/>
</svg>
<#break>
<#case "openshift-v3">
<#case "openshift-v4">
<svg viewBox="116 0 100 100" aria-hidden="true">
<path d="M145.7,45.3l-16.1,5.8c0.2,2.6,0.6,5.1,1.3,7.6l15.3-5.6C145.7,50.6,145.5,47.9,145.7,45.3M216.7,27.5c-1.1-2.3-2.4-4.5-3.9-6.6l-16.1,5.8c1.9,1.9,3.4,4.1,4.7,6.4L216.7,27.5zM181.4,23c3.3,1.6,6.2,3.7,8.7,6.2l16.1-5.8c-4.4-6.2-10.5-11.5-17.9-14.9c-22.9-10.7-50.3-0.7-61,22.2c-3.5,7.4-4.8,15.3-4.1,23l16.1-5.8c0.3-3.5,1.1-7,2.7-10.3C148.7,22.5,166.4,16,181.4,23M131.9,58.4l-15.3,5.6c1.4,5.6,3.8,10.8,7.2,15.5l16-5.8C135.8,69.4,133,64.1,131.9,58.4M198.5,52.3c-0.3,3.5-1.1,7-2.7,10.3C188.8,77.5,171,84,156.1,77c-3.3-1.6-6.3-3.7-8.7-6.2l-16,5.8c4.4,6.2,10.5,11.5,17.9,14.9c22.9,10.7,50.3,0.7,61-22.2c3.5-7.4,4.7-15.3,4.1-22.9L198.5,52.3zM202.4,32.7l-15.3,5.6c2.8,5.1,4.2,10.9,3.7,16.8l16-5.8C206.5,43.5,204.9,37.9,202.4,32.7"></path>
</svg>
<#break>
<#case "stackoverflow">
<svg viewBox="0 0 384 512" aria-hidden="true">
<path d="M290.7 311L95 269.7 86.8 309l195.7 41zm51-87L188.2 95.7l-25.5 30.8 153.5 128.3zm-31.2 39.7L129.2 179l-16.7 36.5L293.7 300zM262 32l-32 24 119.3 160.3 32-24zm20.5 328h-200v39.7h200zm39.7 80H42.7V320h-40v160h359.5V320h-40z"></path>
</svg>
<#break>
<#case "twitter">
<svg viewBox="0 0 512 512" aria-hidden="true">
<path d="M459.37 151.716c.325 4.548.325 9.097.325 13.645 0 138.72-105.583 298.558-298.558 298.558-59.452 0-114.68-17.219-161.137-47.106 8.447.974 16.568 1.299 25.34 1.299 49.055 0 94.213-16.568 130.274-44.832-46.132-.975-84.792-31.188-98.112-72.772 6.498.974 12.995 1.624 19.818 1.624 9.421 0 18.843-1.3 27.614-3.573-48.081-9.747-84.143-51.98-84.143-102.985v-1.299c13.969 7.797 30.214 12.67 47.431 13.319-28.264-18.843-46.781-51.005-46.781-87.391 0-19.492 5.197-37.36 14.294-52.954 51.655 63.675 129.3 105.258 216.365 109.807-1.624-7.797-2.599-15.918-2.599-24.04 0-57.828 46.782-104.934 104.934-104.934 30.213 0 57.502 12.67 76.67 33.137 23.715-4.548 46.456-13.32 66.599-25.34-7.798 24.366-24.366 44.833-46.132 57.827 21.117-2.273 41.584-8.122 60.426-16.243-14.292 20.791-32.161 39.308-52.628 54.253z"></path>
</svg>
<#break>
<#case "microsoft">
<svg viewBox="0 0 448 512" aria-hidden="true">
<path d="M0 32h214.6v214.6H0V32zm233.4 0H448v214.6H233.4V32zM0 265.4h214.6V480H0V265.4zm233.4 0H448V480H233.4V265.4z"></path>
</svg>
<#break>
<#case "bitbucket">
<svg viewBox="0 0 512 512" aria-hidden="true">
<path d="M22.2 32A16 16 0 0 0 6 47.8a26.35 26.35 0 0 0 .2 2.8l67.9 412.1a21.77 21.77 0 0 0 21.3 18.2h325.7a16 16 0 0 0 16-13.4L505 50.7a16 16 0 0 0-13.2-18.3 24.58 24.58 0 0 0-2.8-.2L22.2 32zm285.9 297.8h-104l-28.1-147h157.3l-25.2 147z"></path>
</svg>
<#break>
<#case "instagram">
<svg viewBox="0 0 448 512" aria-hidden="true">
<path d="M224.1 141c-63.6 0-114.9 51.3-114.9 114.9s51.3 114.9 114.9 114.9S339 319.5 339 255.9 287.7 141 224.1 141zm0 189.6c-41.1 0-74.7-33.5-74.7-74.7s33.5-74.7 74.7-74.7 74.7 33.5 74.7 74.7-33.6 74.7-74.7 74.7zm146.4-194.3c0 14.9-12 26.8-26.8 26.8-14.9 0-26.8-12-26.8-26.8s12-26.8 26.8-26.8 26.8 12 26.8 26.8zm76.1 27.2c-1.7-35.9-9.9-67.7-36.2-93.9-26.2-26.2-58-34.4-93.9-36.2-37-2.1-147.9-2.1-184.9 0-35.8 1.7-67.6 9.9-93.9 36.1s-34.4 58-36.2 93.9c-2.1 37-2.1 147.9 0 184.9 1.7 35.9 9.9 67.7 36.2 93.9s58 34.4 93.9 36.2c37 2.1 147.9 2.1 184.9 0 35.9-1.7 67.7-9.9 93.9-36.2 26.2-26.2 34.4-58 36.2-93.9 2.1-37 2.1-147.8 0-184.8zM398.8 388c-7.8 19.6-22.9 34.7-42.6 42.6-29.5 11.7-99.5 9-132.1 9s-102.7 2.6-132.1-9c-19.6-7.8-34.7-22.9-42.6-42.6-11.7-29.5-9-99.5-9-132.1s-2.6-102.7 9-132.1c7.8-19.6 22.9-34.7 42.6-42.6 29.5-11.7 99.5-9 132.1-9s102.7-2.6 132.1 9c19.6 7.8 34.7 22.9 42.6 42.6 11.7 29.5 9 99.5 9 132.1s2.7 102.7-9 132.1z"></path>
</svg>
<#break>
<#case "paypal">
<svg viewBox="0 0 384 512" aria-hidden="true">
<path d="M111.4 295.9c-3.5 19.2-17.4 108.7-21.5 134-.3 1.8-1 2.5-3 2.5H12.3c-7.6 0-13.1-6.6-12.1-13.9L58.8 46.6c1.5-9.6 10.1-16.9 20-16.9 152.3 0 165.1-3.7 204 11.4 60.1 23.3 65.6 79.5 44 140.3-21.5 62.6-72.5 89.5-140.1 90.3-43.4.7-69.5-7-75.3 24.2zM357.1 152c-1.8-1.3-2.5-1.8-3 1.3-2 11.4-5.1 22.5-8.8 33.6-39.9 113.8-150.5 103.9-204.5 103.9-6.1 0-10.1 3.3-10.9 9.4-22.6 140.4-27.1 169.7-27.1 169.7-1 7.1 3.5 12.9 10.6 12.9h63.5c8.6 0 15.7-6.3 17.4-14.9.7-5.4-1.1 6.1 14.4-91.3 4.6-22 14.3-19.7 29.3-19.7 71 0 126.4-28.8 142.9-112.3 6.5-34.8 4.6-71.4-23.8-92.6z"></path>
</svg>
<#break>
<#default>
<svg viewBox="0 0 512 512" aria-hidden="true">
<path d="M239.1 6.3l-208 78c-18.7 7-31.1 25-31.1 45v225.1c0 18.2 10.3 34.8 26.5 42.9l208 104c13.5 6.8 29.4 6.8 42.9 0l208-104c16.3-8.1 26.5-24.8 26.5-42.9V129.3c0-20-12.4-37.9-31.1-44.9l-208-78C262 2.2 250 2.2 239.1 6.3zM256 68.4l192 72v1.1l-192 78-192-78v-1.1l192-72zm32 356V275.5l160-65v133.9l-160 80z"/>
</svg>
</#switch>
<#else>
<span class="${properties.kcFormSocialAccountNameClass!}">${p.displayName!}</span>
</#if>
</a>
</li>
</#list>
</ul>
</div>
</#if>
</#if>
</@layout.registrationLayout>

219
themes/src/main/resources/theme/keycloak.v2/login/pf-5-template.ftl Normal file
View file

@ -0,0 +1,219 @@
<#macro registrationLayout bodyClass="" displayInfo=false displayMessage=true displayRequiredFields=false>
<!DOCTYPE html>
<html class="${properties.kcHtmlClass!}"<#if realm.internationalizationEnabled> lang="${locale.currentLanguageTag}"</#if>>
<head>
<meta charset="utf-8">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="robots" content="noindex, nofollow">
<#if properties.meta?has_content>
<#list properties.meta?split(' ') as meta>
<meta name="${meta?split('==')[0]}" content="${meta?split('==')[1]}"/>
</#list>
</#if>
<title>${msg("loginTitle",(realm.displayName!''))}</title>
<link rel="icon" href="${url.resourcesPath}/img/favicon.ico" />
<#if properties.stylesCommon?has_content>
<#list properties.stylesCommon?split(' ') as style>
<link href="${url.resourcesCommonPath}/${style}" rel="stylesheet" />
</#list>
</#if>
<#if properties.styles?has_content>
<#list properties.styles?split(' ') as style>
<link href="${url.resourcesPath}/${style}" rel="stylesheet" />
</#list>
</#if>
<#if properties.scripts?has_content>
<#list properties.scripts?split(' ') as script>
<script src="${url.resourcesPath}/${script}" type="text/javascript"></script>
</#list>
</#if>
<#if scripts??>
<#list scripts as script>
<script src="${script}" type="text/javascript"></script>
</#list>
</#if>
<#if authenticationSession??>
<script type="module">
import { checkCookiesAndSetTimer } from "${url.resourcesPath}/js/authChecker.js";
checkCookiesAndSetTimer(
"${authenticationSession.authSessionId}",
"${authenticationSession.tabId}",
"${url.ssoLoginInOtherTabsUrl}"
);
</script>
</#if>
</head>
<body id="keycloak-bg" class="${properties.kcBodyClass!}">
<div id="kc-header" class="${properties.kcHeaderClass!}">
<div id="kc-header-wrapper"
class="${properties.kcHeaderWrapperClass!}">${kcSanitize(msg("loginTitleHtml",(realm.displayNameHtml!'')))?no_esc}</div>
</div>
</div>
<div class="pf-v5-c-login"
x-data="{
open: false,
toggle() {
if (this.open) {
return this.close()
}
this.$refs.button.focus()
this.open = true
},
close(focusAfter) {
if (! this.open) return
this.open = false
focusAfter && focusAfter.focus()
}
}"
x-on:keydown.escape.prevent.stop="close($refs.button)"
x-on:focusin.window="! $refs.panel?.contains($event.target) && close()"
x-id="['language-select']"
>
<main class="pf-v5-c-login__main">
<header class="pf-v5-c-login__main-header">
<h1 class="pf-v5-c-title pf-m-3xl"><#nested "header"></h1>
<#if realm.internationalizationEnabled && locale.supported?size gt 1>
<div class="pf-v5-c-login__main-header-utilities">
<div class="pf-v5-c-select">
<span id="login-select-label" hidden>Choose one</span>
<button
x-ref="button"
x-on:click="toggle()"
:aria-expanded="open"
:aria-controls="$id('language-select')"
class="pf-v5-c-select__toggle"
type="button"
id="login-select-toggle"
aria-haspopup="true"
aria-labelledby="login-select-label login-select-toggle"
>
<div class="pf-v5-c-select__toggle-wrapper">
<span class="pf-v5-c-select__toggle-text">${locale.current}</span>
</div>
<span class="pf-v5-c-select__toggle-arrow">
<i class="fas fa-caret-down" aria-hidden="true"></i>
</span>
</button>
<ul
class="pf-v5-c-select__menu"
:id="$id('language-select')"
x-on:click.outside="close($refs.button)"
role="listbox"
aria-labelledby="login-select-label"
x-transition.origin.top.left
x-ref="panel"
x-show="open"
style="display: none;"
>
<#list locale.supported as l>
<li role="presentation">
<button class="pf-v5-c-select__menu-item ${(locale.current == l.label)?then('pf-m-selected', '')}"
aria-selected="${(locale.current == l.label)?string}"
role="option" onclick="window.location = '${l.url}'">
${l.label}
<#if locale.current == l.label>
<span class="pf-v5-c-select__menu-item-icon">
<i class="fas fa-check" aria-hidden="true"></i>
</span>
</#if>
</button>
</li>
</#list>
</ul>
</div>
</div>
</#if>
</header>
<div class="pf-v5-c-login__main-body">
<#if !(auth?has_content && auth.showUsername() && !auth.showResetCredentials())>
<#if displayRequiredFields>
<div class="${properties.kcContentWrapperClass!}">
<div class="${properties.kcLabelWrapperClass!} subtitle">
<span class="pf-v5-c-helper-text__item-text"><span class="pf-v5-c-form__label-required">*</span> ${msg("requiredFields")}</span>
</div>
</div>
</#if>
<#else>
<#if displayRequiredFields>
<div class="${properties.kcContentWrapperClass!}">
<div class="${properties.kcLabelWrapperClass!} subtitle">
<span class="subtitle"><span class="required">*</span> ${msg("requiredFields")}</span>
</div>
<div class="col-md-10">
<#nested "show-username">
<div id="kc-username" class="${properties.kcFormGroupClass!}">
<label id="kc-attempted-username">${auth.attemptedUsername}</label>
<a id="reset-login" href="${url.loginRestartFlowUrl}" aria-label="${msg('restartLoginTooltip')}">
<div class="kc-login-tooltip">
<i class="${properties.kcResetFlowIcon!}"></i>
<span class="kc-tooltip-text">${msg("restartLoginTooltip")}</span>
</div>
</a>
</div>
</div>
</div>
<#else>
<#nested "show-username">
<div id="kc-username" class="${properties.kcFormGroupClass!}">
<label id="kc-attempted-username">${auth.attemptedUsername}</label>
<a id="reset-login" href="${url.loginRestartFlowUrl}" aria-label="${msg('restartLoginTooltip')}">
<div class="kc-login-tooltip">
<i class="${properties.kcResetFlowIcon!}"></i>
<span class="kc-tooltip-text">${msg("restartLoginTooltip")}</span>
</div>
</a>
</div>
</#if>
</#if>
<#-- App-initiated actions should not see warning messages about the need to complete the action -->
<#-- during login. -->
<#if displayMessage && message?has_content && (message.type != 'warning' || !isAppInitiatedAction??)>
<div class="${properties.kcAlertClass!} pf-v5-c-alert pf-m-${(message.type = 'error')?then('danger', message.type)}">
<div class="pf-v5-c-alert__icon">
<#if message.type = 'success'><span class="${properties.kcFeedbackSuccessIcon!}"></span></#if>
<#if message.type = 'warning'><span class="${properties.kcFeedbackWarningIcon!}"></span></#if>
<#if message.type = 'error'><span class="${properties.kcFeedbackErrorIcon!}"></span></#if>
<#if message.type = 'info'><span class="${properties.kcFeedbackInfoIcon!}"></span></#if>
</div>
<span class="${properties.kcAlertTitleClass!}">${kcSanitize(message.summary)?no_esc}</span>
</div>
</#if>
<#nested "form">
<#if auth?has_content && auth.showTryAnotherWayLink()>
<form id="kc-select-try-another-way-form" action="${url.loginAction}" method="post">
<div class="${properties.kcFormGroupClass!}">
<input type="hidden" name="tryAnotherWay" value="on"/>
<a href="#" id="try-another-way"
onclick="document.forms['kc-select-try-another-way-form'].submit();return false;">${msg("doTryAnotherWay")}</a>
</div>
</form>
</#if>
<#if displayInfo>
<div id="kc-info" class="${properties.kcSignUpClass!}">
<div id="kc-info-wrapper" class="${properties.kcInfoAreaWrapperClass!}">
<#nested "info">
</div>
</div>
</#if>
</div>
<footer class="pf-v5-c-login__main-footer">
<#nested "socialProviders">
</footer>
</main>
</div>
</body>
</html>
</#macro>

24
themes/src/main/resources/theme/keycloak.v2/login/resources/css/styles.css Normal file
View file

@ -0,0 +1,24 @@
/* Patternfly CSS places a "bg-login.jpg" as the background on this ".login-pf" class.
This clashes with the "keycloak-bg.png' background defined on the body below.
Therefore the Patternfly background must be set to none. */
.login-pf {
background: none;
}
.login-pf body {
background: url("../img/keycloak-bg.png") no-repeat center center fixed;
background-size: cover;
height: 100%;
}
div.kc-logo-text {
background-image: url(../img/keycloak-logo-text.png);
background-repeat: no-repeat;
height: 63px;
width: 300px;
margin: 0 auto;
}
div.kc-logo-text span {
display: none;
}

5
themes/src/main/resources/theme/keycloak.v2/login/resources/script/cdn.min.js vendored Normal file
View file

File diff suppressed because one or more lines are too long

22
themes/src/main/resources/theme/keycloak.v2/login/theme.properties Normal file
View file

@ -0,0 +1,22 @@
parent=keycloak
import=common/keycloak
styles=css/styles.css
stylesCommon=node_modules/@patternfly-v5/patternfly/patternfly.min.css node_modules/@patternfly-v5/patternfly/patternfly-addons.css
scripts=script/cdn.min.js
kcFormGroupClass=pf-v5-c-form__group
kcLabelClass=pf-v5-c-form__label
kcInputClass=pf-v5-c-form-control
kcInputGroup=pf-v5-c-input-group
kcInputErrorMessageClass=pf-v5-c-helper-text__item pf-m-error pf-v5-c-form__label-required kc-feedback-text
kcFormPasswordVisibilityButtonClass=pf-v5-c-button pf-m-control
kcButtonClass=pf-v5-c-button
kcCommonLogoIdP=pf-v5-c-login__main-footer-links-item
kcFormSocialAccountListClass=pf-v5-c-login__main-footer-links
kcFormSocialAccountListItmeClass=pf-v5-c-login__main-footer-links-item
kcFormSocialAccountListButtonClass=pf-v5-c-login__main-footer-links-item-link
kcLogoIdP-linkedin-openid-connect=fa fa-linkedin