From 35154db50f73b700298312ec8d80956e66b5fb08 Mon Sep 17 00:00:00 2001 From: Stan Silvert Date: Wed, 25 Apr 2018 15:04:12 -0400 Subject: [PATCH] KEYCLOAK-7123: l10n dropdowns (#5170) * KEYCLOAK-7196: Add kc_locale to keycloak.js * KEYCLOAK-7123: Localization dropdowns * Update keycloak-service to latest keycloak.js --- .../oidc/js/src/main/resources/keycloak.d.ts | 990 +++++++++--------- .../resources/account/AccountConsole.java | 17 +- .../account/messages/messages_en.properties | 13 +- .../theme/keycloak-preview/account/index.ftl | 36 +- .../app/keycloak-service/keycloak.d.ts | 29 +- .../app/keycloak-service/keycloak.js | 10 + .../app/top-nav/top-nav.component.html | 6 + .../app/top-nav/top-nav.component.ts | 10 +- 8 files changed, 577 insertions(+), 534 deletions(-) diff --git a/adapters/oidc/js/src/main/resources/keycloak.d.ts b/adapters/oidc/js/src/main/resources/keycloak.d.ts index 2a1c46dde6..567d3f5376 100644 --- a/adapters/oidc/js/src/main/resources/keycloak.d.ts +++ b/adapters/oidc/js/src/main/resources/keycloak.d.ts @@ -1,495 +1,495 @@ -/* - * MIT License - * - * Copyright 2017 Brett Epps - * - * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and - * associated documentation files (the "Software"), to deal in the Software without restriction, including - * without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the - * following conditions: - * - * The above copyright notice and this permission notice shall be included in all copies or substantial - * portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT - * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN - * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, - * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE - * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - */ -export as namespace Keycloak; - -export = Keycloak; - -/** - * Creates a new Keycloak client instance. - * @param config Path to a JSON config file or a plain config object. - */ -declare function Keycloak(config?: string|{}): Keycloak.KeycloakInstance; - -declare namespace Keycloak { - type KeycloakAdapterName = 'cordova'|'default' | any; - type KeycloakOnLoad = 'login-required'|'check-sso'; - type KeycloakResponseMode = 'query'|'fragment'; - type KeycloakResponseType = 'code'|'id_token token'|'code id_token token'; - type KeycloakFlow = 'standard'|'implicit'|'hybrid'; - - interface KeycloakInitOptions { - /** - * @private Undocumented. - */ - useNonce?: boolean; - - /** - * Allows to use different adapter: - * - * - {string} default - using browser api for redirects - * - {string} cordova - using cordova plugins - * - {function} - allows to provide custom function as adapter. - */ - adapter?: KeycloakAdapterName; - - /** - * Specifies an action to do on load. - */ - onLoad?: KeycloakOnLoad; - - /** - * Set an initial value for the token. - */ - token?: string; - - /** - * Set an initial value for the refresh token. - */ - refreshToken?: string; - - /** - * Set an initial value for the id token (only together with `token` or - * `refreshToken`). - */ - idToken?: string; - - /** - * Set an initial value for skew between local time and Keycloak server in - * seconds (only together with `token` or `refreshToken`). - */ - timeSkew?: number; - - /** - * Set to enable/disable monitoring login state. - * @default true - */ - checkLoginIframe?: boolean; - - /** - * Set the interval to check login state (in seconds). - * @default 5 - */ - checkLoginIframeInterval?: number; - - /** - * Set the OpenID Connect response mode to send to Keycloak upon login. - * @default fragment After successful authentication Keycloak will redirect - * to JavaScript application with OpenID Connect parameters - * added in URL fragment. This is generally safer and - * recommended over query. - */ - responseMode?: KeycloakResponseMode; - - /** - * Set the OpenID Connect flow. - * @default standard - */ - flow?: KeycloakFlow; - } - - interface KeycloakLoginOptions { - /** - * @private Undocumented. - */ - scope?: string; - - /** - * Specifies the uri to redirect to after login. - */ - redirectUri?: string; - - /** - * By default the login screen is displayed if the user is not logged into - * Keycloak. To only authenticate to the application if the user is already - * logged in and not display the login page if the user is not logged in, set - * this option to `'none'`. To always require re-authentication and ignore - * SSO, set this option to `'login'`. - */ - prompt?: 'none'|'login'; - - /** - * If value is `'register'` then user is redirected to registration page, - * otherwise to login page. - */ - action?: 'register'; - - /** - * Used just if user is already authenticated. Specifies maximum time since - * the authentication of user happened. If user is already authenticated for - * longer time than `'maxAge'`, the SSO is ignored and he will need to - * authenticate again. - */ - maxAge?: number; - - /** - * Used to pre-fill the username/email field on the login form. - */ - loginHint?: string; - - /** - * Used to tell Keycloak which IDP the user wants to authenticate with. - */ - idpHint?: string; - - /** - * Sets the 'ui_locales' query param in compliance with section 3.1.2.1 - * of the OIDC 1.0 specification. - */ - locale?: string; - - /** - * Specifies the desired Keycloak locale for the UI. This differs from - * the locale param in that it tells the Keycloak server to set a cookie and update - * the user's profile to a new preferred locale. - */ - kcLocale?: string; - } - - type KeycloakPromiseCallback = (result: T) => void; - - interface KeycloakPromise { - /** - * Function to call if the promised action succeeds. - */ - success(callback: KeycloakPromiseCallback): KeycloakPromise; - - /** - * Function to call if the promised action throws an error. - */ - error(callback: KeycloakPromiseCallback): KeycloakPromise; - } - - interface KeycloakError { - error: string; - error_description: string; - } - - interface KeycloakAdapter { - login(options?: KeycloakLoginOptions): KeycloakPromise; - logout(options?: any): KeycloakPromise; - register(options?: KeycloakLoginOptions): KeycloakPromise; - accountManagement(): KeycloakPromise; - redirectUri(options: { redirectUri: string; }, encodeHash: boolean): string; - } - - interface KeycloakProfile { - id?: string; - username?: string; - email?: string; - firstName?: string; - lastName?: string; - enabled?: boolean; - emailVerified?: boolean; - totp?: boolean; - createdTimestamp?: number; - } - - // export interface KeycloakUserInfo {} - - /** - * A client for the Keycloak authentication server. - * @see {@link https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/javascript-adapter.html|Keycloak JS adapter documentation} - */ - interface KeycloakInstance { - /** - * Is true if the user is authenticated, false otherwise. - */ - authenticated?: boolean; - - /** - * The user id. - */ - subject?: string; - - /** - * Response mode passed in init (default value is `'fragment'`). - */ - responseMode?: KeycloakResponseMode; - - /** - * Response type sent to Keycloak with login requests. This is determined - * based on the flow value used during initialization, but can be overridden - * by setting this value. - */ - responseType?: KeycloakResponseType; - - /** - * Flow passed in init. - */ - flow?: KeycloakFlow; - - /** - * The realm roles associated with the token. - */ - realmAccess?: { roles: string[] }; - - /** - * The resource roles associated with the token. - */ - resourceAccess?: string[]; - - /** - * The base64 encoded token that can be sent in the Authorization header in - * requests to services. - */ - token?: string; - - /** - * The parsed token as a JavaScript object. - */ - tokenParsed?: { - exp?: number; - iat?: number; - nonce?: string; - sub?: string; - session_state?: string; - realm_access?: { roles: string[] }; - resource_access?: string[]; - }; - - /** - * The base64 encoded refresh token that can be used to retrieve a new token. - */ - refreshToken?: string; - - /** - * The parsed refresh token as a JavaScript object. - */ - refreshTokenParsed?: { nonce?: string }; - - /** - * The base64 encoded ID token. - */ - idToken?: string; - - /** - * The parsed id token as a JavaScript object. - */ - idTokenParsed?: { nonce?: string }; - - /** - * The estimated time difference between the browser time and the Keycloak - * server in seconds. This value is just an estimation, but is accurate - * enough when determining if a token is expired or not. - */ - timeSkew?: number; - - /** - * @private Undocumented. - */ - loginRequired?: boolean; - - /** - * @private Undocumented. - */ - authServerUrl?: string; - - /** - * @private Undocumented. - */ - realm?: string; - - /** - * @private Undocumented. - */ - clientId?: string; - - /** - * @private Undocumented. - */ - clientSecret?: string; - - /** - * @private Undocumented. - */ - redirectUri?: string; - - /** - * @private Undocumented. - */ - sessionId?: string; - - /** - * @private Undocumented. - */ - profile?: KeycloakProfile; - - /** - * @private Undocumented. - */ - userInfo?: {}; // KeycloakUserInfo; - - /** - * Called when the adapter is initialized. - */ - onReady?(authenticated?: boolean): void; - - /** - * Called when a user is successfully authenticated. - */ - onAuthSuccess?(): void; - - /** - * Called if there was an error during authentication. - */ - onAuthError?(errorData: KeycloakError): void; - - /** - * Called when the token is refreshed. - */ - onAuthRefreshSuccess?(): void; - - /** - * Called if there was an error while trying to refresh the token. - */ - onAuthRefreshError?(): void; - - /** - * Called if the user is logged out (will only be called if the session - * status iframe is enabled, or in Cordova mode). - */ - onAuthLogout?(): void; - - /** - * Called when the access token is expired. If a refresh token is available - * the token can be refreshed with Keycloak#updateToken, or in cases where - * it's not (ie. with implicit flow) you can redirect to login screen to - * obtain a new access token. - */ - onTokenExpired?(): void; - - /** - * Called to initialize the adapter. - * @param initOptions Initialization options. - * @returns A promise to set functions to be invoked on success or error. - */ - init(initOptions: KeycloakInitOptions): KeycloakPromise; - - /** - * Redirects to login form. - * @param options Login options. - */ - login(options?: KeycloakLoginOptions): KeycloakPromise; - - /** - * Redirects to logout. - * @param options Logout options. - * @param options.redirectUri Specifies the uri to redirect to after logout. - */ - logout(options?: any): KeycloakPromise; - - /** - * Redirects to registration form. - * @param options Supports same options as Keycloak#login but `action` is - * set to `'register'`. - */ - register(options?: any): KeycloakPromise; - - /** - * Redirects to the Account Management Console. - */ - accountManagement(): KeycloakPromise; - - /** - * Returns the URL to login form. - * @param options Supports same options as Keycloak#login. - */ - createLoginUrl(options?: KeycloakLoginOptions): string; - - /** - * Returns the URL to logout the user. - * @param options Logout options. - * @param options.redirectUri Specifies the uri to redirect to after logout. - */ - createLogoutUrl(options?: any): string; - - /** - * Returns the URL to registration page. - * @param options Supports same options as Keycloak#createLoginUrl but - * `action` is set to `'register'`. - */ - createRegisterUrl(options?: KeycloakLoginOptions): string; - - /** - * Returns the URL to the Account Management Console. - */ - createAccountUrl(): string; - - /** - * Returns true if the token has less than `minValidity` seconds left before - * it expires. - * @param minValidity If not specified, `0` is used. - */ - isTokenExpired(minValidity?: number): boolean; - - /** - * If the token expires within `minValidity` seconds, the token is refreshed. - * If the session status iframe is enabled, the session status is also - * checked. - * @returns A promise to set functions that can be invoked if the token is - * still valid, or if the token is no longer valid. - * @example - * ```js - * keycloak.updateToken(5).success(function(refreshed) { - * if (refreshed) { - * alert('Token was successfully refreshed'); - * } else { - * alert('Token is still valid'); - * } - * }).error(function() { - * alert('Failed to refresh the token, or the session has expired'); - * }); - */ - updateToken(minValidity: number): KeycloakPromise; - - /** - * Clears authentication state, including tokens. This can be useful if - * the application has detected the session was expired, for example if - * updating token fails. Invoking this results in Keycloak#onAuthLogout - * callback listener being invoked. - */ - clearToken(): void; - - /** - * Returns true if the token has the given realm role. - * @param role A realm role name. - */ - hasRealmRole(role: string): boolean; - - /** - * Returns true if the token has the given role for the resource. - * @param role A role name. - * @param resource If not specified, `clientId` is used. - */ - hasResourceRole(role: string, resource?: string): boolean; - - /** - * Loads the user's profile. - * @returns A promise to set functions to be invoked on success or error. - */ - loadUserProfile(): KeycloakPromise; - - /** - * @private Undocumented. - */ - loadUserInfo(): KeycloakPromise<{}, void>; - } -} +/* + * MIT License + * + * Copyright 2017 Brett Epps + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and + * associated documentation files (the "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the + * following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial + * portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +export as namespace Keycloak; + +export = Keycloak; + +/** + * Creates a new Keycloak client instance. + * @param config Path to a JSON config file or a plain config object. + */ +declare function Keycloak(config?: string|{}): Keycloak.KeycloakInstance; + +declare namespace Keycloak { + type KeycloakAdapterName = 'cordova'|'default' | any; + type KeycloakOnLoad = 'login-required'|'check-sso'; + type KeycloakResponseMode = 'query'|'fragment'; + type KeycloakResponseType = 'code'|'id_token token'|'code id_token token'; + type KeycloakFlow = 'standard'|'implicit'|'hybrid'; + + interface KeycloakInitOptions { + /** + * @private Undocumented. + */ + useNonce?: boolean; + + /** + * Allows to use different adapter: + * + * - {string} default - using browser api for redirects + * - {string} cordova - using cordova plugins + * - {function} - allows to provide custom function as adapter. + */ + adapter?: KeycloakAdapterName; + + /** + * Specifies an action to do on load. + */ + onLoad?: KeycloakOnLoad; + + /** + * Set an initial value for the token. + */ + token?: string; + + /** + * Set an initial value for the refresh token. + */ + refreshToken?: string; + + /** + * Set an initial value for the id token (only together with `token` or + * `refreshToken`). + */ + idToken?: string; + + /** + * Set an initial value for skew between local time and Keycloak server in + * seconds (only together with `token` or `refreshToken`). + */ + timeSkew?: number; + + /** + * Set to enable/disable monitoring login state. + * @default true + */ + checkLoginIframe?: boolean; + + /** + * Set the interval to check login state (in seconds). + * @default 5 + */ + checkLoginIframeInterval?: number; + + /** + * Set the OpenID Connect response mode to send to Keycloak upon login. + * @default fragment After successful authentication Keycloak will redirect + * to JavaScript application with OpenID Connect parameters + * added in URL fragment. This is generally safer and + * recommended over query. + */ + responseMode?: KeycloakResponseMode; + + /** + * Set the OpenID Connect flow. + * @default standard + */ + flow?: KeycloakFlow; + } + + interface KeycloakLoginOptions { + /** + * @private Undocumented. + */ + scope?: string; + + /** + * Specifies the uri to redirect to after login. + */ + redirectUri?: string; + + /** + * By default the login screen is displayed if the user is not logged into + * Keycloak. To only authenticate to the application if the user is already + * logged in and not display the login page if the user is not logged in, set + * this option to `'none'`. To always require re-authentication and ignore + * SSO, set this option to `'login'`. + */ + prompt?: 'none'|'login'; + + /** + * If value is `'register'` then user is redirected to registration page, + * otherwise to login page. + */ + action?: 'register'; + + /** + * Used just if user is already authenticated. Specifies maximum time since + * the authentication of user happened. If user is already authenticated for + * longer time than `'maxAge'`, the SSO is ignored and he will need to + * authenticate again. + */ + maxAge?: number; + + /** + * Used to pre-fill the username/email field on the login form. + */ + loginHint?: string; + + /** + * Used to tell Keycloak which IDP the user wants to authenticate with. + */ + idpHint?: string; + + /** + * Sets the 'ui_locales' query param in compliance with section 3.1.2.1 + * of the OIDC 1.0 specification. + */ + locale?: string; + + /** + * Specifies the desired Keycloak locale for the UI. This differs from + * the locale param in that it tells the Keycloak server to set a cookie and update + * the user's profile to a new preferred locale. + */ + kcLocale?: string; + } + + type KeycloakPromiseCallback = (result: T) => void; + + interface KeycloakPromise { + /** + * Function to call if the promised action succeeds. + */ + success(callback: KeycloakPromiseCallback): KeycloakPromise; + + /** + * Function to call if the promised action throws an error. + */ + error(callback: KeycloakPromiseCallback): KeycloakPromise; + } + + interface KeycloakError { + error: string; + error_description: string; + } + + interface KeycloakAdapter { + login(options?: KeycloakLoginOptions): KeycloakPromise; + logout(options?: any): KeycloakPromise; + register(options?: KeycloakLoginOptions): KeycloakPromise; + accountManagement(): KeycloakPromise; + redirectUri(options: { redirectUri: string; }, encodeHash: boolean): string; + } + + interface KeycloakProfile { + id?: string; + username?: string; + email?: string; + firstName?: string; + lastName?: string; + enabled?: boolean; + emailVerified?: boolean; + totp?: boolean; + createdTimestamp?: number; + } + + // export interface KeycloakUserInfo {} + + /** + * A client for the Keycloak authentication server. + * @see {@link https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/javascript-adapter.html|Keycloak JS adapter documentation} + */ + interface KeycloakInstance { + /** + * Is true if the user is authenticated, false otherwise. + */ + authenticated?: boolean; + + /** + * The user id. + */ + subject?: string; + + /** + * Response mode passed in init (default value is `'fragment'`). + */ + responseMode?: KeycloakResponseMode; + + /** + * Response type sent to Keycloak with login requests. This is determined + * based on the flow value used during initialization, but can be overridden + * by setting this value. + */ + responseType?: KeycloakResponseType; + + /** + * Flow passed in init. + */ + flow?: KeycloakFlow; + + /** + * The realm roles associated with the token. + */ + realmAccess?: { roles: string[] }; + + /** + * The resource roles associated with the token. + */ + resourceAccess?: string[]; + + /** + * The base64 encoded token that can be sent in the Authorization header in + * requests to services. + */ + token?: string; + + /** + * The parsed token as a JavaScript object. + */ + tokenParsed?: { + exp?: number; + iat?: number; + nonce?: string; + sub?: string; + session_state?: string; + realm_access?: { roles: string[] }; + resource_access?: string[]; + }; + + /** + * The base64 encoded refresh token that can be used to retrieve a new token. + */ + refreshToken?: string; + + /** + * The parsed refresh token as a JavaScript object. + */ + refreshTokenParsed?: { nonce?: string }; + + /** + * The base64 encoded ID token. + */ + idToken?: string; + + /** + * The parsed id token as a JavaScript object. + */ + idTokenParsed?: { nonce?: string }; + + /** + * The estimated time difference between the browser time and the Keycloak + * server in seconds. This value is just an estimation, but is accurate + * enough when determining if a token is expired or not. + */ + timeSkew?: number; + + /** + * @private Undocumented. + */ + loginRequired?: boolean; + + /** + * @private Undocumented. + */ + authServerUrl?: string; + + /** + * @private Undocumented. + */ + realm?: string; + + /** + * @private Undocumented. + */ + clientId?: string; + + /** + * @private Undocumented. + */ + clientSecret?: string; + + /** + * @private Undocumented. + */ + redirectUri?: string; + + /** + * @private Undocumented. + */ + sessionId?: string; + + /** + * @private Undocumented. + */ + profile?: KeycloakProfile; + + /** + * @private Undocumented. + */ + userInfo?: {}; // KeycloakUserInfo; + + /** + * Called when the adapter is initialized. + */ + onReady?(authenticated?: boolean): void; + + /** + * Called when a user is successfully authenticated. + */ + onAuthSuccess?(): void; + + /** + * Called if there was an error during authentication. + */ + onAuthError?(errorData: KeycloakError): void; + + /** + * Called when the token is refreshed. + */ + onAuthRefreshSuccess?(): void; + + /** + * Called if there was an error while trying to refresh the token. + */ + onAuthRefreshError?(): void; + + /** + * Called if the user is logged out (will only be called if the session + * status iframe is enabled, or in Cordova mode). + */ + onAuthLogout?(): void; + + /** + * Called when the access token is expired. If a refresh token is available + * the token can be refreshed with Keycloak#updateToken, or in cases where + * it's not (ie. with implicit flow) you can redirect to login screen to + * obtain a new access token. + */ + onTokenExpired?(): void; + + /** + * Called to initialize the adapter. + * @param initOptions Initialization options. + * @returns A promise to set functions to be invoked on success or error. + */ + init(initOptions: KeycloakInitOptions): KeycloakPromise; + + /** + * Redirects to login form. + * @param options Login options. + */ + login(options?: KeycloakLoginOptions): KeycloakPromise; + + /** + * Redirects to logout. + * @param options Logout options. + * @param options.redirectUri Specifies the uri to redirect to after logout. + */ + logout(options?: any): KeycloakPromise; + + /** + * Redirects to registration form. + * @param options Supports same options as Keycloak#login but `action` is + * set to `'register'`. + */ + register(options?: any): KeycloakPromise; + + /** + * Redirects to the Account Management Console. + */ + accountManagement(): KeycloakPromise; + + /** + * Returns the URL to login form. + * @param options Supports same options as Keycloak#login. + */ + createLoginUrl(options?: KeycloakLoginOptions): string; + + /** + * Returns the URL to logout the user. + * @param options Logout options. + * @param options.redirectUri Specifies the uri to redirect to after logout. + */ + createLogoutUrl(options?: any): string; + + /** + * Returns the URL to registration page. + * @param options Supports same options as Keycloak#createLoginUrl but + * `action` is set to `'register'`. + */ + createRegisterUrl(options?: KeycloakLoginOptions): string; + + /** + * Returns the URL to the Account Management Console. + */ + createAccountUrl(): string; + + /** + * Returns true if the token has less than `minValidity` seconds left before + * it expires. + * @param minValidity If not specified, `0` is used. + */ + isTokenExpired(minValidity?: number): boolean; + + /** + * If the token expires within `minValidity` seconds, the token is refreshed. + * If the session status iframe is enabled, the session status is also + * checked. + * @returns A promise to set functions that can be invoked if the token is + * still valid, or if the token is no longer valid. + * @example + * ```js + * keycloak.updateToken(5).success(function(refreshed) { + * if (refreshed) { + * alert('Token was successfully refreshed'); + * } else { + * alert('Token is still valid'); + * } + * }).error(function() { + * alert('Failed to refresh the token, or the session has expired'); + * }); + */ + updateToken(minValidity: number): KeycloakPromise; + + /** + * Clears authentication state, including tokens. This can be useful if + * the application has detected the session was expired, for example if + * updating token fails. Invoking this results in Keycloak#onAuthLogout + * callback listener being invoked. + */ + clearToken(): void; + + /** + * Returns true if the token has the given realm role. + * @param role A realm role name. + */ + hasRealmRole(role: string): boolean; + + /** + * Returns true if the token has the given role for the resource. + * @param role A role name. + * @param resource If not specified, `clientId` is used. + */ + hasResourceRole(role: string, resource?: string): boolean; + + /** + * Loads the user's profile. + * @returns A promise to set functions to be invoked on success or error. + */ + loadUserProfile(): KeycloakPromise; + + /** + * @private Undocumented. + */ + loadUserInfo(): KeycloakPromise<{}, void>; + } +} diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java index 0c66292664..4eed9944af 100644 --- a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java +++ b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java @@ -89,9 +89,7 @@ public class AccountConsole { map.put("authUrl", session.getContext().getContextPath()); map.put("baseUrl", session.getContext().getContextPath() + "/realms/" + realm.getName() + "/account"); - map.put("realm", realm.getName()); - map.put("isRegistrationEmailAsUsername", realm.isRegistrationEmailAsUsername()); - map.put("isEditUserNameAllowed", realm.isEditUsernameAllowed()); + map.put("realm", realm); map.put("resourceUrl", Urls.themeRoot(baseUri).getPath() + "/account/" + theme.getName()); map.put("resourceVersion", Version.RESOURCES_VERSION); @@ -108,7 +106,7 @@ public class AccountConsole { Properties messages = theme.getMessages(locale); map.put("msg", new MessageFormatterMethod(locale, messages)); map.put("msgJSON", messagesToJsonString(messages)); - + map.put("supportedLocales", supportedLocales(messages)); map.put("properties", theme.getProperties()); FreeMarkerUtil freeMarkerUtil = new FreeMarkerUtil(); @@ -118,7 +116,16 @@ public class AccountConsole { return builder.build(); } } - + + private Map supportedLocales(Properties messages) throws IOException { + Map supportedLocales = new HashMap<>(); + for (String l : realm.getSupportedLocales()) { + String label = messages.getProperty("locale_" + l, l); + supportedLocales.put(l, label); + } + return supportedLocales; + } + private String messagesToJsonString(Properties props) { if (props == null) return ""; diff --git a/themes/src/main/resources/theme/base/account/messages/messages_en.properties b/themes/src/main/resources/theme/base/account/messages/messages_en.properties index 124496c13e..ec7852ffec 100755 --- a/themes/src/main/resources/theme/base/account/messages/messages_en.properties +++ b/themes/src/main/resources/theme/base/account/messages/messages_en.properties @@ -4,6 +4,7 @@ doLogOutAllSessions=Log out all sessions doRemove=Remove doAdd=Add doSignOut=Sign Out +doLogIn=Log In editAccountHtmlTitle=Edit Account personalInfoHtmlTitle=Personal Info @@ -210,18 +211,18 @@ permissionRequestion=Permission Requestion permission=Permission shares=share(s) -locale_ca=Catal\u00E0 +locale_ca=Catal\u00e0 locale_de=Deutsch locale_en=English -locale_es=Espa\u00F1ol +locale_es=Espa\u00f1ol locale_fr=Fran\u00e7ais locale_it=Italian -locale_ja=\u65E5\u672C\u8A9E +locale_ja=\u65e5\u672c\u8a9e locale_nl=Nederlands locale_no=Norsk locale_lt=Lietuvi\u0173 -locale_pt-BR=Portugu\u00EAs (Brasil) -locale_ru=\u0420\u0443\u0441\u0441\u043A\u0438\u0439 -locale_sk=Sloven\u010Dina +locale_pt-BR=Portugu\u00eas (Brasil) +locale_ru=\u0420\u0443\u0441\u0441\u043a\u0438\u0439 +locale_sk=Sloven\u010dina locale_sv=Svenska locale_zh-CN=\u4e2d\u6587\u7b80\u4f53 diff --git a/themes/src/main/resources/theme/keycloak-preview/account/index.ftl b/themes/src/main/resources/theme/keycloak-preview/account/index.ftl index b5e12ef082..02dc9df82b 100644 --- a/themes/src/main/resources/theme/keycloak-preview/account/index.ftl +++ b/themes/src/main/resources/theme/keycloak-preview/account/index.ftl @@ -6,10 +6,16 @@