From f9f9a313b3f9f7199721eb435d855e814a92f59e Mon Sep 17 00:00:00 2001
From: Pedro Igor <pigor.craveiro@gmail.com>
Date: Tue, 29 Oct 2024 17:34:01 -0300
Subject: [PATCH] make sure error dialog is shown at the account console when
 declining terms

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
---
 .../admin/messages/messages_en.properties         |  6 +-----
 js/libs/ui-shared/src/context/KeycloakContext.tsx | 10 ++++++++--
 .../resources/account/AccountConsole.java         | 15 ++++++++++-----
 3 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties b/js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties
index 1497862548..c1495d6bfa 100644
--- a/js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties
+++ b/js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties
@@ -3273,15 +3273,11 @@ groupDuplicated=Group duplicated
 duplicateAGroup=Duplicate group
 couldNotFetchClientRoleMappings=Could not fetch client role mappings\: {{error}}
 duplicateGroupWarning=Duplication of groups with a large number of subgroups is not supported. Please ensure that the group you are duplicating does not have a large number of subgroups.
-<<<<<<< HEAD
 showMemberships=Show memberships
 showMembershipsTitle={{username}} Group Memberships
 noGroupMembershipsText=This user is not a member of any groups.
 noGroupMemberships=No memberships
 termsAndConditionsDeclined=You need to accept the Terms and Conditions to continue
-=======
-termsAndConditionsDeclined=You need to accept the Terms and Conditions to continue
 somethingWentWrong=Something went wrong
 somethingWentWrongDescription=Sorry, an unexpected error has occurred.
-tryAgain=Try again
->>>>>>> a163063cc4 (always try and translate the error message)
+tryAgain=Try again
\ No newline at end of file
diff --git a/js/libs/ui-shared/src/context/KeycloakContext.tsx b/js/libs/ui-shared/src/context/KeycloakContext.tsx
index d266688474..2948765681 100644
--- a/js/libs/ui-shared/src/context/KeycloakContext.tsx
+++ b/js/libs/ui-shared/src/context/KeycloakContext.tsx
@@ -79,8 +79,14 @@ export const KeycloakProvider = <T extends BaseEnvironment>({
     calledOnce.current = true;
   }, [keycloak]);
 
-  if (error) {
-    return <ErrorPage error={error} />;
+  const searchParams = new URLSearchParams(window.location.search);
+
+  if (error || searchParams.get("error_description")) {
+    return (
+      <ErrorPage
+        error={error ? error : searchParams.get("error_description")}
+      />
+    );
   }
 
   if (!init) {
diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java
index 60221e2a29..a5896e6225 100644
--- a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java
+++ b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java
@@ -3,7 +3,9 @@ package org.keycloak.services.resources.account;
 import jakarta.ws.rs.GET;
 import jakarta.ws.rs.Path;
 import jakarta.ws.rs.PathParam;
+import jakarta.ws.rs.ServerErrorException;
 import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
 import jakarta.ws.rs.core.UriBuilder;
 import org.jboss.resteasy.reactive.NoCache;
 import org.keycloak.OAuth2Constants;
@@ -109,6 +111,10 @@ public class AccountConsole implements AccountResourceProvider {
             return redirectToLogin(path);
         }
 
+        return renderAccountConsole();
+    }
+
+    private Response renderAccountConsole() throws IOException, FreeMarkerException {
         final var serverUriInfo = session.getContext().getUri(UrlType.FRONTEND);
         final var serverBaseUri = serverUriInfo.getBaseUri();
         // Strip any trailing slashes from the URL.
@@ -250,11 +256,10 @@ public class AccountConsole implements AccountResourceProvider {
         if (!queryParameters.isEmpty()) {
             String error = queryParameters.getFirst(OAuth2Constants.ERROR);
             if (error != null) {
-                uriBuilder.queryParam(OAuth2Constants.ERROR, error);
-
-                String errorDescription = queryParameters.getFirst(OAuth2Constants.ERROR_DESCRIPTION);
-                if (errorDescription != null) {
-                    uriBuilder.queryParam(OAuth2Constants.ERROR_DESCRIPTION, errorDescription);
+                try {
+                    return renderAccountConsole();
+                } catch (IOException | FreeMarkerException e) {
+                    throw new ServerErrorException(Status.INTERNAL_SERVER_ERROR);
                 }
             }
         }