Bump version

Mvn begone

.gitattributes

@@ -1,3 +1,3 @@
 src/lib/i18n/generated_kcMessages/* linguist-documentation
-src/bin/build-keycloak-theme/index.ts -linguist-detectable
+src/bin/keycloakify/index.ts -linguist-detectable
 src/bin/install-builtin-keycloak-themes.ts -linguist-detectable

.github/FUNDING.yaml

@@ -0,0 +1,4 @@
+# These are supported funding model platforms
+
+github: [garronej]
+custom: ['https://www.ringerhq.com/experts/garronej']

.github/release.yaml

@@ -0,0 +1,25 @@
+changelog:
+  exclude:
+    labels:
+      - ignore-for-release
+    authors:
+      - octocat
+  categories:
+    - title: Breaking Changes 🛠
+      labels:
+        - breaking
+    - title: Exciting New Features 🎉
+      labels:
+        - feature
+    - title: Fixes 🔧
+      labels:
+        - fix
+    - title: Documentation 🔧
+      labels:
+        - docs
+    - title: CI 👷
+      labels:
+        - ci
+    - title: Other Changes
+      labels:
+        - '*'

.github/workflows/ci.yaml

@@ -9,20 +9,36 @@ on:
 
 jobs:
 
+  test_lint:
+    runs-on: ubuntu-latest
+    if: ${{ !github.event.created && github.repository != 'garronej/ts-ci' }}
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions/setup-node@v3
+    - uses: bahmutov/npm-install@v1
+    - name: If this step fails run 'yarn format' then commit again.
+      run: |
+        PACKAGE_MANAGER=npm
+        if [ -f "./yarn.lock" ]; then
+            PACKAGE_MANAGER=yarn
+        fi
+        $PACKAGE_MANAGER run format:check
   test:
-    runs-on: macos-10.15
+    runs-on: ${{ matrix.os }}
+    needs: test_lint
     strategy:
       matrix:
-        node: [ '15', '14', '13' ]
-    name: Test with Node v${{ matrix.node }}
+        node: [ '14', '15' ,'16', '17' ]
+        os: [ windows-latest, ubuntu-latest ]
+    name: Test with Node v${{ matrix.node }} on ${{ matrix.os }}
     steps:
     - name: Tell if project is using npm or yarn
       id: step1
-      uses: garronej/github_actions_toolkit@v2.2
+      uses: garronej/ts-ci@v2.0.2
       with: 
         action_name: tell_if_project_uses_npm_or_yarn
-    - uses: actions/checkout@v2.3.4
-    - uses: actions/setup-node@v2.1.3
+    - uses: actions/checkout@v3
+    - uses: actions/setup-node@v3
       with:
         node-version: ${{ matrix.node }}
     - uses: bahmutov/npm-install@v1
@@ -36,72 +52,61 @@ jobs:
         npm test
   check_if_version_upgraded:
     name: Check if version upgrade
-    if: github.event_name == 'push'
+    # We run this only if it's a push on the default branch or if it's a PR from a 
+    # branch (meaning not a PR from a fork). It would be more straightforward to test if secrets.NPM_TOKEN is 
+    # defined but GitHub Action don't allow it yet.
+    if: |
+      github.event_name == 'push' || 
+      github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login 
     runs-on: ubuntu-latest
     needs: test
     outputs:
       from_version: ${{ steps.step1.outputs.from_version }}
       to_version: ${{ steps.step1.outputs.to_version }}
-      is_upgraded_version: ${{steps.step1.outputs.is_upgraded_version }}
+      is_upgraded_version: ${{ steps.step1.outputs.is_upgraded_version }}
+      is_pre_release: ${{steps.step1.outputs.is_pre_release }}
     steps:
-    - uses: garronej/github_actions_toolkit@v2.2
+    - uses: garronej/ts-ci@v2.0.2
       id: step1
       with: 
         action_name: is_package_json_version_upgraded
-
-  update_changelog:
-    runs-on: ubuntu-latest
-    needs: check_if_version_upgraded
-    if: needs.check_if_version_upgraded.outputs.is_upgraded_version == 'true'
-    steps:
-    - uses: garronej/github_actions_toolkit@v2.4
-      with:
-        action_name: update_changelog
-        branch: ${{ github.ref }}
+        branch: ${{ github.head_ref || github.ref }}
 
   create_github_release:
     runs-on: ubuntu-latest
+    # We create a release only if the version have been upgraded and we are on the main branch
+    # or if we are on a branch of the repo that has an PR open on main.
+    if: |
+      needs.check_if_version_upgraded.outputs.is_upgraded_version == 'true' &&
+      (
+        github.event_name == 'push' ||
+        needs.check_if_version_upgraded.outputs.is_pre_release == 'true'
+      )
     needs: 
-      - update_changelog
       - check_if_version_upgraded
     steps:
-    - uses: actions/checkout@v2
-      with:
-        ref: ${{ github.ref }}
-    - name: Build GitHub release body
-      id: step1
-      run: |
-        if [ "$FROM_VERSION" = "0.0.0" ]; then
-            echo "::set-output name=body::🚀"
-        else
-            echo "::set-output name=body::📋 [CHANGELOG](https://github.com/$GITHUB_REPOSITORY/blob/v$TO_VERSION/CHANGELOG.md)"
-        fi
-      env: 
-        FROM_VERSION: ${{ needs.check_if_version_upgraded.outputs.from_version }}
-        TO_VERSION: ${{ needs.check_if_version_upgraded.outputs.to_version }}
-    - uses: garronej/action-gh-release@v0.2.0
+    - uses: softprops/action-gh-release@v1
       with:
         name: Release v${{ needs.check_if_version_upgraded.outputs.to_version }}
         tag_name: v${{ needs.check_if_version_upgraded.outputs.to_version }}
-        target_commitish: ${{ github.ref }}
-        body: ${{ steps.step1.outputs.body }}
+        target_commitish: ${{ github.head_ref || github.ref }}
+        generate_release_notes: true
         draft: false
-        prerelease: false
+        prerelease: ${{ needs.check_if_version_upgraded.outputs.is_pre_release == 'true' }}
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 
 
   publish_on_npm:
-    runs-on: macos-10.15
+    runs-on: ubuntu-latest
     needs: 
-      - update_changelog
+      - create_github_release
       - check_if_version_upgraded
     steps:
-    - uses: actions/checkout@v2.3.4
+    - uses: actions/checkout@v3
       with:
         ref: ${{ github.ref }}
-    - uses: actions/setup-node@v2.1.3
+    - uses: actions/setup-node@v3
       with:
-        node-version: '15'
         registry-url: https://registry.npmjs.org/
     - uses: bahmutov/npm-install@v1
     - run: |
@@ -110,7 +115,7 @@ jobs:
             PACKAGE_MANAGER=yarn
         fi
         $PACKAGE_MANAGER run build
-    - run: npx -y -p denoify@0.6.5 denoify_enable_short_npm_import_path
+    - run: npx -y -p denoify@1.2.2 enable_short_npm_import_path
       env:
         DRY_RUN: "0"
     - name: Publishing on NPM
@@ -123,7 +128,12 @@ jobs:
           echo "Can't publish on NPM, You must first create a secret called NPM_TOKEN that contains your NPM auth token. https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets"
           false
         fi
-        npm publish
+        EXTRA_ARGS=""
+        if [ "$IS_PRE_RELEASE" = "true" ]; then
+            EXTRA_ARGS="--tag next"
+        fi
+        npm publish $EXTRA_ARGS
       env:
         NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-        VERSION: ${{ needs.check_if_version_upgraded.outputs.to_version }}
+        VERSION: ${{ needs.check_if_version_upgraded.outputs.to_version }}
+        IS_PRE_RELEASE: ${{ needs.check_if_version_upgraded.outputs.is_pre_release }}

.gitignore

@@ -41,5 +41,12 @@ jspm_packages
 .DS_Store
 
 /dist
+/dist_test
 
 /sample_react_project/
+/.yarn_home/
+
+.idea
+
+/keycloak_email
+/build_keycloak

.prettierignore

@@ -0,0 +1,9 @@
+node_modules/
+/dist/
+/dist_test/
+/CHANGELOG.md
+/.yarn_home/
+/src/test/apps/
+/src/tools/types/
+/sample_react_project
+/build_keycloak/

.prettierrc.json

@@ -0,0 +1,11 @@
+{
+    "printWidth": 150,
+    "tabWidth": 4,
+    "useTabs": false,
+    "semi": true,
+    "singleQuote": false,
+    "quoteProps": "preserve",
+    "trailingComma": "none",
+    "bracketSpacing": true,
+    "arrowParens": "avoid"
+}

CHANGELOG.md

@@ -1,560 +0,0 @@
-### **2.0.14** (2021-08-20)  
-  
-- Update tss-react    
-  
-### **2.0.13** (2021-08-04)  
-  
-- Merge pull request #28 from marcmrf/main
-
-fix(mvn): scoped packages compatibility  
-- fix(mvn): scoped packages compatibility    
-  
-### **2.0.12** (2021-07-28)  
-  
-- Merge pull request #27 from jchn-codes/patch-1
-
-add maven to requirements  
-- add maven to requirements  
-- Add #bluehats in the keyworks    
-  
-### **2.0.11** (2021-07-21)  
-  
-- Spaces in file path #22  
-- uptdate dependnecies  
-- Inport specific powerhooks files to reduce bundle size    
-  
-### **2.0.10** (2021-07-16)  
-  
-- Update dependencies    
-  
-### **2.0.9** (2021-07-14)  
-  
-- Fix #21    
-  
-### **2.0.8** (2021-07-12)  
-  
-- Fix previous release  
-- #20: Add def for clientId and name on kcContext.client    
-  
-### **2.0.6** (2021-07-08)  
-  
-- Merge pull request #18 from asashay/add-custom-props-to-theme-properties
-
-Add possibility to add custom properties to theme.properties file  
-- add possibility to add custom properties to theme.properties file    
-  
-### **2.0.5** (2021-07-05)  
-  
-- Fix broken url for big stylesheet #16    
-  
-### **2.0.4** (2021-07-03)  
-  
-- Fix: #7    
-  
-### **2.0.3** (2021-06-30)  
-  
-- Escape double quote in ftl to js conversion #15  
-- Update readme    
-  
-### **2.0.2** (2021-06-28)  
-  
-- Updagte README for implementing non incuded pages    
-  
-### **2.0.1** (2021-06-28)  
-  
-- Update documentation for v2    
-  
-# **2.0.0** (2021-06-28)  
-  
-- Fix last bugs before relasing v2  
-- Implement a mechanism to overload kcContext  
-- Give the option in template to pull the default assets or not  
-- Enable possiblity to support custom pages (without forking keycloakify)  
-- Implement a getter for kcContext  
-- Update README.md    
-  
-# **2.0.0** (2021-06-28)  
-  
-- Fix last bugs before relasing v2  
-- Implement a mechanism to overload kcContext  
-- Give the option in template to pull the default assets or not  
-- Enable possiblity to support custom pages (without forking keycloakify)  
-- Implement a getter for kcContext  
-- Update README.md    
-  
-### **1.2.1** (2021-06-22)  
-  
-- Remove unessesary log    
-  
-## **1.2.0** (2021-06-22)  
-  
-- Generate kcContext automatically :rocket:    
-  
-### **1.1.6** (2021-06-21)  
-  
-- Fix: Alert messages sometimes includes HTML that is not rendered  
-- Update dist    
-  
-### **1.1.5** (2021-06-15)  
-  
-- #11: Provide socials in the register    
-  
-### **1.1.4** (2021-06-15)  
-  
-- Merge pull request #12 from InseeFrLab/email-typo
-
-Fix typo on email  
-- Fix typo on email    
-  
-### **1.1.3** (2021-06-14)  
-  
-- Add missing key in Login for providers    
-  
-### **1.1.2** (2021-06-14)  
-  
-  
-  
-### **1.1.1** (2021-06-14)  
-  
-  
-  
-## **1.1.0** (2021-06-14)  
-  
-- Add login-idp-link-confirm.ftl  
-- Fix login-update-profile.ftl  
-- Add login-update-profile.ftl page  
-- Fix default background bug  
-- Remove unused 'markdown' dependency  
-- Fix warning related to powerhooks_useGlobalState_kcLanguageTag  
-- Update README.md    
-  
-### **1.0.4** (2021-05-28)  
-  
-- Instructions for custom themes with custom components    
-  
-### **1.0.3** (2021-05-23)  
-  
-- Instuction about how to integrate with non CRA projects  
-- Add mention to awesome list    
-  
-### **1.0.2** (2021-05-01)  
-  
-  
-  
-### **1.0.1** (2021-05-01)  
-  
-- Fix: LoginOtp (and not otc)    
-  
-# **1.0.0** (2021-05-01)  
-  
-- #4: Guide for implementing a missing page  
-- Support OTP #4    
-  
-### **0.4.4** (2021-04-29)  
-  
-- Fix previous release    
-  
-### **0.4.3** (2021-04-29)  
-  
-- Add infos about the plugin that defines authorizedMailDomains    
-  
-### **0.4.2** (2021-04-29)  
-  
-- Client side validation of allowed email domains  
-- Support email whitlisting  
-- Restore kickstart video in the readme  
-- Update README.md  
-- Update README.md  
-- Important readme update    
-  
-### **0.4.1** (2021-04-11)  
-  
-- Quietly re-introduce --external-assets  
-- Give example of customization    
-  
-## **0.4.0** (2021-04-09)  
-  
-- Acual support of Therms of services    
-  
-### **0.3.24** (2021-04-08)  
-  
-- Add missing dependency: markdown    
-  
-### **0.3.23** (2021-04-08)  
-  
-- Allow to lazily load therms    
-  
-### **0.3.22** (2021-04-08)  
-  
-- update powerhooks  
-- Support terms and condition  
-- Fix info.ftl  
-- For useKcMessage we prefer returning callbacks with a changing references    
-  
-### **0.3.21** (2021-04-04)  
-  
-- Update powerhooks    
-  
-### **0.3.20** (2021-04-01)  
-  
-- Always catch freemarker errors    
-  
-### **0.3.19** (2021-04-01)  
-  
-- Fix previous release    
-  
-### **0.3.18** (2021-04-01)  
-  
-- Fix error.ftt, Adopt best effort strategy to convert ftl values into JS    
-  
-### **0.3.17** (2021-03-29)  
-  
-- Use push instead of replace in keycloak-js adapter to enable going back    
-  
-### **0.3.15** (2021-03-28)  
-  
-- Remove all reference to --external-assets, broken feature    
-  
-### **0.3.14** (2021-03-28)  
-  
-- Fix standalone mode: imports from js    
-  
-### **0.3.13** (2021-03-26)  
-  
-  
-  
-### **0.3.12** (2021-03-26)  
-  
-- Fix mocksContext    
-  
-### **0.3.11** (2021-03-26)  
-  
-- Fix previous build, improve README    
-  
-### **0.3.10** (2021-03-26)  
-  
-- Handle <style> tag, improve documentation    
-  
-### **0.3.9** (2021-03-25)  
-  
-- Update readme  
-- Document  --external-assets  
-- Update README.md  
-- Update README.md  
-- Update README.md    
-  
-### **0.3.8** (2021-03-22)  
-  
-- Make standalone mode the default    
-  
-### **0.3.7** (2021-03-22)  
-  
-- (test) external asset mode by default    
-  
-### **0.3.6** (2021-03-22)  
-  
-- Fix previous release    
-  
-### **0.3.5** (2021-03-22)  
-  
-- support homepage with urlPath    
-  
-### **0.3.4** (2021-03-22)  
-  
-- Bugfix: Import assets from CSS    
-  
-### **0.3.3** (2021-03-22)  
-  
-- Fix submit not receving correct text    
-  
-### **0.3.2** (2021-03-21)  
-  
-- Fix broken previous release    
-  
-### **0.3.1** (2021-03-21)  
-  
-- kcHeaderClass can be updated after initial mount    
-  
-## **0.3.0** (2021-03-20)  
-  
-- Bump version  
-- Feat: Cary over states using URL search params  
-- Bugfix: with kcHtmlClass    
-  
-### **0.2.10** (2021-03-19)  
-  
-- Remove dependency to denoify    
-  
-### **0.2.9** (2021-03-19)  
-  
-- Update deps and CI workflow    
-  
-### **0.2.8** (2021-03-19)  
-  
-- Bugfix: keycloak_build that grow and grow in size  
-- Add disclaimer about maitainment strategy  
-- Add a note for tested version support    
-  
-### **0.2.7** (2021-03-13)  
-  
-- Bump version  
-- Update README.md  
-- Update README.md    
-  
-### **0.2.6** (2021-03-10)  
-  
-- Fix generated gitignore    
-  
-### **0.2.5** (2021-03-10)  
-  
-- Fix generated .gitignore    
-  
-### **0.2.4** (2021-03-10)  
-  
-- Update README.md    
-  
-### **0.2.3** (2021-03-09)  
-  
-- fix gitignore generation    
-  
-### **0.2.2** (2021-03-08)  
-  
-- Add table of content  
-- Update README.md  
-- Update README.md    
-  
-## **0.2.1** (2021-03-08)  
-  
-- Update ci.yaml  
-- Update readme  
-- Update readme  
-- update deps  
-- Update readme  
-- Add all mocks for testing  
-- many small fixes    
-  
-### **0.1.6** (2021-03-07)  
-  
-- Fix Turkish    
-  
-### **0.1.5** (2021-03-07)  
-  
-- Fix getKcLanguageLabel    
-  
-### **0.1.4** (2021-03-07)  
-  
-  
-  
-### **0.1.3** (2021-03-07)  
-  
-- Implement LoginVerifyEmail  
-- Implement login-reset-password.ftl    
-  
-### **0.1.2** (2021-03-07)  
-  
-- Fix build  
-- Fix build    
-  
-### **0.1.1** (2021-03-06)  
-  
-- Implement Error page  
-- rename pageBasename by pageId  
-- Implement reactive programing for language switching  
-- Add Info page, refactor    
-  
-## **0.1.0** (2021-03-05)  
-  
-- Rename keycloakify    
-  
-### **0.0.33** (2021-03-05)  
-  
-- Fix syncronization with non react pages    
-  
-### **0.0.32** (2021-03-05)  
-  
-- bump version  
-- Add log to tell when we are using react  
-- Fix missing parentesis    
-  
-### **0.0.31** (2021-03-05)  
-  
-- Fix typo  
-- Fix register page 500    
-  
-### **0.0.30** (2021-03-05)  
-  
-- Edit language statistique    
-  
-### **0.0.30** (2021-03-05)  
-  
-- avoid escaping urls  
-- Use default value instead of value  
-- Fix double single quote problem in messages  
-- Fix typo  
-- Fix non editable username  
-- Fix some bugs  
-- Fix Object.deepAssign  
-- Make the dongle to download smaller  
-- Split kcContext among pages  
-- Implement register    
-  
-### **0.0.29** (2021-03-04)  
-  
-- Fix build  
-- Fix i18n  
-- Login appear to be working now  
-- closer but not there yet    
-  
-### **0.0.28** (2021-03-03)  
-  
-- fix build  
-- There is no reason not to let use translations outside of keycloak    
-  
-### **0.0.27** (2021-03-02)  
-  
-- Implement entrypoint    
-  
-### **0.0.26** (2021-03-02)  
-  
-- Login page implemented  
-- Implement login  
-- remove unesseary log    
-  
-### **0.0.25** (2021-03-02)  
-  
-- Fix build and reduce size  
-- Implement the template    
-  
-### **0.0.24** (2021-03-01)  
-  
-- update  
-- update  
-- update    
-  
-### **0.0.23** (2021-03-01)  
-  
-- update    
-  
-### **0.0.23** (2021-03-01)  
-  
-- update  
-- update    
-  
-### **0.0.23** (2021-03-01)  
-  
-- update  
-- update    
-  
-### **0.0.23** (2021-03-01)  
-  
-- update  
-- Handle formatting in translation function    
-  
-### **0.0.22** (2021-02-28)  
-  
-- Split page messages    
-  
-### **0.0.21** (2021-02-28)  
-  
-- Restore yarn file  
-- Multiple fixes  
-- Update deps  
-- Update deps  
-- includes translations  
-- Update README.md  
-- improve docs  
-- update  
-- Update README.md  
-- update  
-- update  
-- update  
-- update    
-  
-### **0.0.20** (2021-02-27)  
-  
-- update  
-- update    
-  
-### **0.0.19** (2021-02-27)  
-  
-- update  
-- update    
-  
-### **0.0.18** (2021-02-23)  
-  
-- Bump version number  
-- Moving on with implementation of the lib  
-- Update readme  
-- Readme eddit  
-- Fixing video link    
-  
-### **0.0.16** (2021-02-23)  
-  
-- Bump version  
-- Give test container credentials    
-  
-### **0.0.14** (2021-02-23)  
-  
-- Bump version number  
-- enable the docker container to be run from the root of the react project    
-  
-### **0.0.13** (2021-02-23)  
-  
-- bump version    
-  
-### **0.0.12** (2021-02-23)  
-  
-- update readme    
-  
-### **0.0.11** (2021-02-23)  
-  
-- Add documentation    
-  
-### **0.0.10** (2021-02-23)  
-  
-- Remove extra closing bracket    
-  
-### **0.0.9** (2021-02-22)  
-  
-- fix container startup script  
-- minor update    
-  
-### **0.0.8** (2021-02-21)  
-  
-- Include theme properties    
-  
-### **0.0.7** (2021-02-21)  
-  
-- fix build  
-- Fix bundle    
-  
-### **0.0.6** (2021-02-21)  
-  
-- Include missing files in the release bundle    
-  
-### **0.0.5** (2021-02-21)  
-  
-- Bump version number  
-- Make the install faster    
-  
-### **0.0.4** (2021-02-21)  
-  
-- Fix script visibility    
-  
-### **0.0.3** (2021-02-21)  
-  
-- Do not run tests on window  
-- Add script for downloading base themes  
-- Generate debug files to be able to test the container  
-- Fix many little bugs  
-- refactor  
-- Almoste there  
-- Things are starting to take form  
-- Seems to be working  
-- First draft  
-- Remove eslint and prettyer    
-  
-### **0.0.2** (2021-02-20)  
-  
-- Update package.json    
-  

CONTRIBUTING.md

@@ -0,0 +1,3 @@
+Looking to contribute? Thank you! PR are more than welcome.
+
+Please refers to [this documentation page](https://docs.keycloakify.dev/contributing) that will help you get started.

README.md

@@ -2,403 +2,186 @@
     <img src="https://user-images.githubusercontent.com/6702424/109387840-eba11f80-7903-11eb-9050-db1dad883f78.png">  
 </p>
 <p align="center">
-    <i>🔏  Create Keycloak themes using React 🔏</i>
+    <i>🔏 Create Keycloak themes using React 🔏</i>
     <br>
     <br>
-    <img src="https://github.com/garronej/keycloakify/workflows/ci/badge.svg?branch=develop">
-    <img src="https://img.shields.io/bundlephobia/minzip/keycloakify">
-    <img src="https://img.shields.io/npm/dw/keycloakify">
-    <img src="https://img.shields.io/npm/l/keycloakify">
-    <img src="https://camo.githubusercontent.com/0f9fcc0ac1b8617ad4989364f60f78b2d6b32985ad6a508f215f14d8f897b8d3/68747470733a2f2f62616467656e2e6e65742f62616467652f547970655363726970742f7374726963742532302546302539462539322541412f626c7565">
+    <a href="https://github.com/garronej/keycloakify/actions">
+      <img src="https://github.com/garronej/keycloakify/workflows/ci/badge.svg?branch=main">
+    </a>
+    <a href="https://bundlephobia.com/package/keycloakify">
+      <img src="https://img.shields.io/bundlephobia/minzip/keycloakify">
+    </a>
+    <a href="https://www.npmjs.com/package/keycloakify">
+      <img src="https://img.shields.io/npm/dm/keycloakify">
+    </a>
+    <a href="https://github.com/garronej/keycloakify/blob/main/LICENSE">
+      <img src="https://img.shields.io/npm/l/keycloakify">
+    </a>
+    <a href="https://github.com/InseeFrLab/keycloakify/blob/729503fe31a155a823f46dd66ad4ff34ca274e0a/tsconfig.json#L14">
+        <img src="https://camo.githubusercontent.com/0f9fcc0ac1b8617ad4989364f60f78b2d6b32985ad6a508f215f14d8f897b8d3/68747470733a2f2f62616467656e2e6e65742f62616467652f547970655363726970742f7374726963742532302546302539462539322541412f626c7565">
+    </a>
     <a href="https://github.com/thomasdarimont/awesome-keycloak">
         <img src="https://awesome.re/mentioned-badge.svg"/>
     </a>
+    <p align="center">
+        <a href="https://www.keycloakify.dev">Home</a>
+        -
+        <a href="https://docs.keycloakify.dev">Documentation</a>
+    </p>
+    <p align="center"> ---- Project starter / Demo setup ---- </p>
+    <p align="center">
+        <a href="https://github.com/garronej/keycloakify-starter">CSS Level customization</a>
+        -
+        <a href="https://github.com/garronej/keycloakify-advanced-starter">Component Level customization</a>
+    </p>
+    <p align="center"> ---- </p>
+
 </p>
 
 <p align="center">
-    <i>Ultimately this build tool generates a Keycloak theme</i>
+    <i>Ultimately this build tool generates a Keycloak theme <a href="https://www.keycloakify.dev">Learn more</a></i>
     <img src="https://user-images.githubusercontent.com/6702424/110260457-a1c3d380-7fac-11eb-853a-80459b65626b.png">
 </p>
 
-**NEW in v2**  
-- It's now possible to implement custom `.ftl` pages.
-- Support for Keycloak plugins that introduce non standard ftl values. 
-  (Like for example [this plugin](https://github.com/micedre/keycloak-mail-whitelisting) that define `authorizedMailDomains` in `register.ftl`).
-# Motivations
-
-Keycloak provides [theme support](https://www.keycloak.org/docs/latest/server_development/#_themes) for web pages. This allows customizing the look and feel of end-user facing pages so they can be integrated with your applications.
-It involves, however, a lot of raw JS/CSS/[FTL]() hacking, and bundling the theme is not exactly straightforward.
-
-Beyond that, if you use Keycloak for a specific app you want your login page to be tightly integrated with it.
-Ideally, you don't want the user to notice when he is being redirected away. 
-
-Trying to reproduce the look and feel of a specific app in another stack is not an easy task not to mention
-the cheer amount of maintenance that it involves.
+> 🗣 V6 have been released 🎉  
+> [It features major improvements](https://github.com/InseeFrLab/keycloakify#600).  
+> Checkout [the migration guide](https://docs.keycloakify.dev/v5-to-v6).
 
-<p align="center">
-    <i>Without keycloakify, users suffers from a harsh context switch, no fronted form pre-validation</i><br>
-    <img src="https://user-images.githubusercontent.com/6702424/108838381-dbbbcf80-75d3-11eb-8ae8-db41563ef9db.gif">
-</p>
-
-Wouldn't it be great if we could just design the login and register pages as if they were part of our app?  
-Here is `keycloakify` for you 🍸
-
-<p align="center">
-    <i> <a href="https://datalab.sspcloud.fr">With keycloakify:</a> </i> 
-    <br>
-    <img src="https://user-images.githubusercontent.com/6702424/114332075-c5e37900-9b45-11eb-910b-48a05b3d90d9.gif">
-</p>  
-
-**TL;DR**: [Here](https://github.com/garronej/keycloakify-demo-app) is a Hello World React project with Keycloakify set up.  
+# Changelog highlights
 
-If you already have a Keycloak custom theme, it can be easily ported to Keycloakify.
-
----
-
-
-- [Motivations](#motivations)
-- [Requirements](#requirements)
-  - [My framework doesn’t seem to be supported, what can I do?](#my-framework-doesnt-seem-to-be-supported-what-can-i-do)
-- [How to use](#how-to-use)
-  - [Setting up the build tool](#setting-up-the-build-tool)
-    - [Changing just the look of the default Keycloak theme](#changing-just-the-look-of-the-default-keycloak-theme)
-    - [Advanced pages configuration](#advanced-pages-configuration)
-    - [Hot reload](#hot-reload)
-  - [Enable loading in a blink of an eye of login pages ⚡ (--external-assets)](#enable-loading-in-a-blink-of-an-eye-of-login-pages----external-assets)
-- [Support for Terms and conditions](#support-for-terms-and-conditions)
-- [Some pages still have the default theme. Why?](#some-pages-still-have-the-default-theme-why)
-- [GitHub Actions](#github-actions)
-- [Limitations](#limitations)
-  - [`process.env.PUBLIC_URL` not supported.](#processenvpublic_url-not-supported)
-  - [`@font-face` importing fonts from the `src/` dir](#font-face-importing-fonts-from-thesrc-dir)
-    - [Example of setup that **won't** work](#example-of-setup-that-wont-work)
-    - [Possible workarounds](#possible-workarounds)
-- [Implement context persistence (optional)](#implement-context-persistence-optional)
-- [Kickstart video](#kickstart-video)
-- [Email domain whitelist](#email-domain-whitelist)
-
-# Requirements 
-
-Tested with the following Keycloak versions: 
-- [11.0.3](https://hub.docker.com/layers/jboss/keycloak/11.0.3/images/sha256-4438f1e51c1369371cb807dffa526e1208086b3ebb9cab009830a178de949782?context=explore)  
-- [12.0.4](https://hub.docker.com/layers/jboss/keycloak/12.0.4/images/sha256-67e0c88e69bd0c7aef972c40bdeb558a974013a28b3668ca790ed63a04d70584?context=explore)  
-- Tests ongoing with [14.0.0](https://hub.docker.com/layers/jboss/keycloak/14.0.0/images/sha256-ca713e87ad163da71ab329010de2464a41ff030a25ae0aef15c1c290252f3d7f?context=explore) 
-
-This tool will be maintained to stay compatible with Keycloak v11 and up, however, the default pages you will get 
-(before you customize it) will always be the ones of Keycloak v11.
-
-This tool assumes you are bundling your app with Webpack (tested with 4.44.2) .
-It assumes there is a `build/` directory at the root of your react project directory containing a `index.html` file
-and a `build/static/` directory generated by webpack. 
-For more information see [this issue](https://github.com/InseeFrLab/keycloakify/issues/5#issuecomment-832296432)
-
-**All this is defaults with [`create-react-app`](https://create-react-app.dev)** (tested with 4.0.3)
-
-- `mvn` ([Maven](https://maven.apache.org/)), `rm`, `mkdir`, `wget`, `unzip` are assumed to be available.
-- `docker` must be up and running when running `yarn keycloak`.
-
-On Windows you'll have to use [WSL](https://docs.microsoft.com/en-us/windows/wsl/install-win10).
-
-## My framework doesn’t seem to be supported, what can I do?  
-
-Currently Keycloakify is only compatible with `create-react-app` apps.
-It doesn’t mean that you can't use Keycloakify if you are using Next.js, Express or any other 
-framework that involves SSR but your Keycloak theme will need to be a standalone project.  
-Find specific instructions about how to get started [**here**](https://github.com/garronej/keycloakify-demo-app#keycloak-theme-only).  
-
-To share your styles between your main app and your login pages you will need to externalize your design system by making it a
-separate module. Checkout [ts_ci](https://github.com/garronej/ts_ci), it can help with that.
-# How to use
-## Setting up the build tool
-
-```bash
-yarn add keycloakify
-```
-
-[`package.json`](https://github.com/garronej/keycloakify-demo-app/blob/main/package.json)
-```json
-"scripts": {
-    "keycloak": "yarn build && build-keycloak-theme",
-}
-```
-
-```bash
-yarn keycloak # generates keycloak-theme.jar
-```
-
-On the console will be printed all the instructions about how to load the generated theme in Keycloak
-
-### Changing just the look of the default Keycloak theme
-
-The first approach is to only customize the style of the default Keycloak login by providing
-your own class names.
-
-If you have created a new React project specifically to create a Keycloak theme and nothing else then
-your index should look something like:  
-
-`src/index.tsx`
-```tsx
-import { App } from "./<wherever>/App";
-import { 
-  KcApp, 
-  defaultKcProps, 
-  getKcContext
-} from "keycloakify";
-import { css } from "tss-react/@emotion/css";
-
-const { kcContext } = getKcContext();
-
-const myClassName = css({ "color": "red" });
-
-reactDom.render(
-        <KcApp 
-            kcContext={kcContext} 
-            {...{
-                ...defaultKcProps,
-                "kcHeaderWrapperClass": myClassName
-            }} 
-        />
-    document.getElementById("root")
-);
-```
-
-If you share a unique project for your app and the Keycloak theme, your index should look
-more like this: 
-
-`src/index.tsx`
-```tsx
-import { App } from "./<wherever>/App";
-import { 
-  KcApp, 
-  defaultKcProps, 
-  getKcContext
-} from "keycloakify";
-import { css } from "tss-react/@emotion/css";
-
-const { kcContext } = getKcContext();
-
-const myClassName = css({ "color": "red" });
-
-reactDom.render(
-    // Unless the app is currently being served by Keycloak 
-    // kcContext is undefined.
-    kcContext !== undefined ? 
-        <KcApp 
-            kcContext={kcContext} 
-            {...{
-                ...defaultKcProps,
-                "kcHeaderWrapperClass": myClassName
-            }} 
-        /> :
-        <App />, // Your actual app
-    document.getElementById("root")
-);
-```
-
-
-<p align="center">
-    <i>result:</i></br>
-    <img src="https://user-images.githubusercontent.com/6702424/114326299-6892fc00-9b34-11eb-8d75-85696e55458f.png">
-</p>
-
-Example of a customization using only CSS: [here](https://github.com/InseeFrLab/onyxia-ui/blob/012639d62327a9a56be80c46e32c32c9497b82db/src/app/components/KcApp.tsx) 
-(the [index.tsx](https://github.com/InseeFrLab/onyxia-ui/blob/012639d62327a9a56be80c46e32c32c9497b82db/src/app/index.tsx#L89-L94) )
-and the result you can expect: 
-
-<p align="center">
-    <i> <a href="https://datalab.sspcloud.fr">Customization using only CSS:</a> </i> 
-    <br>
-    <img src="https://github.com/InseeFrLab/keycloakify/releases/download/v0.3.8/keycloakify_after.gif">
-</p>
-
-### Advanced pages configuration
-
-If you want to go beyond only customizing the CSS you can re-implement some of the 
-pages or event add new ones. 
-
-If you want to go this way checkout the demo setup provided [here](https://github.com/garronej/keycloakify-demo-app/tree/look_and_feel).
-If you prefer a real life example you can checkout [onyxia-web's source](https://github.com/InseeFrLab/onyxia-web/tree/main/src/app/components/KcApp). 
-The web app is in production [here](https://datalab.sspcloud.fr).
-
-Main takeaways are:
-- You must declare your custom pages in the package.json. [example](https://github.com/garronej/keycloakify-demo-app/blob/4eb2a9f63e9823e653b2d439495bda55e5ecc134/package.json#L17-L22)
-- (TS only) You must declare theses page in the type argument of the getter 
-  function for the `kcContext` in order to have the correct typings. [example](https://github.com/garronej/keycloakify-demo-app/blob/4eb2a9f63e9823e653b2d439495bda55e5ecc134/src/KcApp/kcContext.ts#L16-L21)
-- (TS only) If you use Keycloak plugins that defines non standard `.ftl` values
-  (Like for example [this plugin](https://github.com/micedre/keycloak-mail-whitelisting) 
-  that define `authorizedMailDomains` in `register.ftl`) you should 
-  declare theses value to get the type. [example](https://github.com/garronej/keycloakify-demo-app/blob/4eb2a9f63e9823e653b2d439495bda55e5ecc134/src/KcApp/kcContext.ts#L6-L13)
-- You should provide sample data for all the non standard value if you want to be able
-  to debug the page outside of keycloak. [example](https://github.com/garronej/keycloakify-demo-app/blob/4eb2a9f63e9823e653b2d439495bda55e5ecc134/src/KcApp/kcContext.ts#L28-L43)
-
-WARNING: If you chose to go this way use:
-```json
-"dependencies": {
-    "keycloakify": "~X.Y.Z"
-}
-```
-in your `package.json` instead of `^X.Y.Z`. A minor update of Keycloakify might break your app.
-
-### Hot reload
-
-Rebuild the theme each time you make a change to see the result is not practical.
-If you want to test your login screens outside of Keycloak you can mock a given `kcContext`: 
-
-```tsx
-import {
-    KcApp,
-    defaultKcProps,
-    getKcContext
-} from "keycloakify";
-
-const { kcContext } = getKcContext({
-    "mockPageId": "login.ftl"
-});
-
-reactDom.render(
-        <KcApp 
-            kcContext={kcContextMocks.kcLoginContext}
-            {...defaultKcProps} 
-        />
-    document.getElementById("root")
-);
-```
-
-Then `yarn start`, you will see your login page.
-
-Checkout [this concrete example](https://github.com/garronej/keycloakify-demo-app/blob/main/src/index.tsx)
-
-## Enable loading in a blink of an eye of login pages ⚡ (--external-assets)
-
-By default the theme generated is standalone. Meaning that when your users
-reach the login pages all scripts, images and stylesheet are downloaded from the Keycloak server.  
-If you are specifically building a theme to integrate with an app or a website that allows users
-to first browse unauthenticated before logging in, you will get a significant 
-performance boost if you jump through those hoops:
-
-- Provide the url of your app in the `homepage` field of package.json. [ex](https://github.com/garronej/keycloakify-demo-app/blob/7847cc70ef374ab26a6cc7953461cf25603e9a6d/package.json#L2)
-- Build the theme using `npx build-keycloak-theme --external-assets` [ex](https://github.com/garronej/keycloakify-demo-app/blob/7847cc70ef374ab26a6cc7953461cf25603e9a6d/.github/workflows/ci.yaml#L21)
-- Enable [long-term assets caching](https://create-react-app.dev/docs/production-build/#static-file-caching) on the server hosting your app.
-- Make sure not to build your app and the keycloak theme separately
-  and remember to update the Keycloak theme every time you update your app.
-- Be mindful that if your app is down your login pages are down as well.
-
-Checkout a complete setup [here](https://github.com/garronej/keycloakify-demo-app#about-keycloakify)
-
-# Support for Terms and conditions
-
-[Many organizations have a requirement that when a new user logs in for the first time, they need to agree to the terms and conditions of the website.](https://www.keycloak.org/docs/4.8/server_admin/#terms-and-conditions).
+## 6.11.0
 
-First you need to enable the required action on the Keycloak server admin console:  
-![image](https://user-images.githubusercontent.com/6702424/114280501-dad2e600-9a39-11eb-9c39-a225572dd38a.png)
+-   You no longer need to have Maven installed to build the theme. Thanks to @lordvlad, [see PR](https://github.com/InseeFrLab/keycloakify/pull/239).
+-   Feature new build options: [`bundler`](https://docs.keycloakify.dev/build-options#keycloakify.bundler), [`groupId`](https://docs.keycloakify.dev/build-options#keycloakify.groupid), [`artifactId`](https://docs.keycloakify.dev/build-options#keycloakify.artifactid), [`version`](https://docs.keycloakify.dev/build-options#version).  
+    Theses options can be user to customize the output name of the .jar. You can use environnement variables to overrides the values read in the package.json. Thanks to @lordvlad.
 
-Then to load your own therms of services using [like this](https://github.com/garronej/keycloakify-demo-app/blob/8168c928a66605f2464f9bd28a4dc85fb0a231f9/src/index.tsx#L42-L66).
+## 6.10.0
 
-# Some pages still have the default theme. Why?
+-   Widows compat (thanks to @lordvlad, [see PR](https://github.com/InseeFrLab/keycloakify/pull/226)). WSL is no longer required 🎉
 
-This project only support out of the box the most common user facing pages of Keycloak login.  
-[Here](https://user-images.githubusercontent.com/6702424/116787906-227fe700-aaa7-11eb-92ee-22e7673717c2.png) is the complete list of pages (you get them after running `yarn test`)
-and [here](https://github.com/InseeFrLab/keycloakify/tree/main/src/lib/components) are the pages currently implemented by this module.  
-If you need to customize pages that are not supported yet or if you need to implement some non standard `.ftl` pages please refer to [Advanced pages configuration](#advanced-pages-configuration).
+## 6.8.4
 
-# GitHub Actions
+-   `@emotion/react` is no longer a peer dependency of Keycloakify.
 
-![image](https://user-images.githubusercontent.com/6702424/114286938-47aea600-9a63-11eb-936e-17159e8826e8.png)
+## 6.8.0
 
-[Here is a demo repo](https://github.com/garronej/keycloakify-demo-app) to show how to automate
-the building and publishing of the theme (the .jar file).
-# Limitations
-## `process.env.PUBLIC_URL` not supported.
+-   It is now possible to pass a custom `<Template />` component as a prop to `<KcApp />` and every
+    individual page (`<Login />`, `<RegisterUserProfile />`, ...) it enables to customize only the header and footer for
+    example without having to switch to a full-component level customization. [See issue](https://github.com/InseeFrLab/keycloakify/issues/191).
 
-You won't be able to [import things from your public directory **in your JavaScript code**](https://create-react-app.dev/docs/using-the-public-folder/#adding-assets-outside-of-the-module-system). 
-(This isn't recommended anyway).
+## 6.7.0
 
+-   Add support for `webauthn-authenticate.ftl` thanks to [@mstrodl](https://github.com/Mstrodl)'s hacktoberfest [PR](https://github.com/InseeFrLab/keycloakify/pull/185).
 
+## 6.6.0
 
-## `@font-face` importing fonts from the `src/` dir
+-   Add support for `login-password.ftl` thanks to [@mstrodl](https://github.com/Mstrodl)'s hacktoberfest [PR](https://github.com/InseeFrLab/keycloakify/pull/184).
 
-If you are building the theme with [--external-assets](#enable-loading-in-a-blink-of-a-eye-of-login-pages-) 
-this limitation doesn't apply, you can import fonts however you see fit.
+## 6.5.0
 
-### Example of setup that **won't** work 
+-   Add support for `login-username.ftl` thanks to [@mstrodl](https://github.com/Mstrodl)'s hacktoberfest [PR](https://github.com/InseeFrLab/keycloakify/pull/183).
 
-- We have a `fonts/` directory in `src/`
-- We import the font like this [`src: url("/fonts/my-font.woff2") format("woff2");`](https://github.com/garronej/keycloakify-demo-app/blob/07d54a3012ef354ee12b1374c6f7ad1cb125d56b/src/fonts.scss#L4) in a `.scss` a file.  
+## 6.4.0
 
-### Possible workarounds  
+-   You can now optionally pass a `doFetchDefaultThemeResources: boolean` prop to every page component and the default `<KcApp />`
+    This enables you to prevent the default CSS and JS that comes with the builtin Keycloak theme to be downloaded.  
+    You'll get [a black slate](https://user-images.githubusercontent.com/6702424/192619083-4baa5df4-4a21-4ec7-8e28-d200d1208299.png).
 
-- Use [`--external-assets`](#enable-loading-in-a-blink-of-a-eye-of-login-pages-).
-- If it is possible, use Google Fonts or any other font provider.
-- If you want to host your font recommended approach is to move your fonts into the `public` 
-directory and to place your `@font-face` statements in the `public/index.html`.  
-Example [here](https://github.com/InseeFrLab/onyxia-ui/blob/0e3a04610cfe872ca71dad59e05ced8f785dee4b/public/index.html#L6-L51).  
-- You can also [use non relative url](https://github.com/garronej/keycloakify-demo-app/blob/2de8a9eb6f5de9c94f9cd3991faad0377e63268c/src/fonts.scss#L16) but don't forget [`Access-Control-Allow-Origin`](https://github.com/garronej/keycloakify-demo-app/blob/2de8a9eb6f5de9c94f9cd3991faad0377e63268c/nginx.conf#L17-L19).
+## 6.0.0
 
-# Implement context persistence (optional)
+-   Bundle size drastically reduced, locals and component dynamically loaded.
+-   First print much quicker, use of React.lazy() everywhere.
+-   Real i18n API.
+-   Actual documentation for build options.
 
-If, before logging in, a user has selected a specific language 
-you don't want it to be reset to default when the user gets redirected to
-the login or register pages.  
-  
-Same goes for the dark mode, you don't want, if the user had it enabled
-to show the login page with light themes.  
-  
-The problem is that you are probably using `localStorage` to persist theses values across
-reload but, as the Keycloak pages are not served on the same domain that the rest of your
-app you won't be able to carry over states using `localStorage`.  
+Checkout [the migration guide](https://docs.keycloakify.dev/v5-to-v6)
 
-The only reliable solution is to inject parameters into the URL before
-redirecting to Keycloak. We integrate with 
-[`keycloak-js`](https://github.com/keycloak/keycloak-documentation/blob/master/securing_apps/topics/oidc/javascript-adapter.adoc), 
-by providing you a way to tell `keycloak-js` that you would like to inject
-some search parameters before redirecting.  
+## 5.8.0
 
-The method also works with [`@react-keycloak/web`](https://www.npmjs.com/package/@react-keycloak/web) (use the `initOptions`).
+-   [React.lazy()](https://reactjs.org/docs/code-splitting.html#reactlazy) support 🎉. [#141](https://github.com/InseeFrLab/keycloakify/issues/141)
 
-You can implement your own mechanism to pass the states in the URL and
-restore it on the other side but we recommend using `powerhooks/useGlobalState`
-from the library [`powerhooks`](https://www.powerhooks.dev) that provide an elegant
-way to handle states such as `isDarkModeEnabled` or `selectedLanguage`.
+## 5.7.0
 
-Let's modify [the example](https://github.com/keycloak/keycloak-documentation/blob/master/securing_apps/topics/oidc/javascript-adapter.adoc) from the official `keycloak-js` documentation to
-enables the states of `useGlobalStates` to be injected in the URL before redirecting.  
-Note that the states are automatically restored on the other side by `powerhooks`
+-   Feat `logout-confirm.ftl`. [PR](https://github.com/InseeFrLab/keycloakify/pull/120)
 
-```typescript
-import keycloak_js from "keycloak-js";
-import { injectGlobalStatesInSearchParams } from "powerhooks/useGlobalState";
-import { createKeycloakAdapter } from "keycloakify";
+## 5.6.4
 
-//...
+Fix `login-verify-email.ftl` page. [Before](https://user-images.githubusercontent.com/6702424/177436014-0bad22c4-5bfb-45bb-8fc9-dad65143cd0c.png) - [After](https://user-images.githubusercontent.com/6702424/177435797-ec5d7db3-84cf-49cb-8efc-3427a81f744e.png)
 
-const keycloakInstance = keycloak_js({
-    "url": "http://keycloak-server/auth",
-    "realm": "myrealm",
-    "clientId": "myapp"
-});
+## v5.6.0
 
-keycloakInstance.init({
-    "onLoad": 'check-sso',
-    "silentCheckSsoRedirectUri": window.location.origin + "/silent-check-sso.html",
-    "adapter": createKeycloakAdapter({
-        "transformUrlBeforeRedirect": injectGlobalStatesInSearchParams,
-        keycloakInstance
-    })
-});
+Add support for `login-config-totp.ftl` page [#127](https://github.com/InseeFrLab/keycloakify/pull/127).
 
-//...
-```
+## v5.3.0
 
-If you really want to go the extra miles and avoid having the white
-flash of the blank html before the js bundle have been evaluated
-[here is a snippet](https://github.com/InseeFrLab/onyxia-ui/blob/a77eb502870cfe6878edd0d956c646d28746d053/public/index.html#L5-L54) that you can place in your `public/index.html` if you are using `powerhooks/useGlobalState`.
+Rename `keycloak_theme_email` to `keycloak_email`.  
+If you already had a `keycloak_theme_email` you should rename it `keycloak_email`.
 
-# Kickstart video
+## v5.0.0
 
-*NOTE: keycloak-react-theming was renamed keycloakify since this video was recorded*
-[![kickstart_video](https://user-images.githubusercontent.com/6702424/108877866-f146ee80-75ff-11eb-8120-003b3c5f6dd8.png)](https://youtu.be/xTz0Rj7i2v8)
+[Migration guide](https://github.com/garronej/keycloakify-demo-app/blob/a5b6a50f24bc25e082931f5ad9ebf47492acd12a/src/index.tsx#L46-L63)  
+New i18n system.  
+Import of terms and services have changed. [See example](https://github.com/garronej/keycloakify-demo-app/blob/a5b6a50f24bc25e082931f5ad9ebf47492acd12a/src/index.tsx#L46-L63).
 
-# Email domain whitelist
+## v4.10.0
 
-If you want to restrict the emails domain that can register, you can use [this plugin](https://github.com/micedre/keycloak-mail-whitelisting) 
-and `kcRegisterContext["authorizedMailDomains"]` to validate on.
+Add `login-idp-link-email.ftl` page [See PR](https://github.com/InseeFrLab/keycloakify/pull/92).
+
+## v4.8.0
+
+[Email template customization.](#email-template-customization)
+
+## v4.7.4
+
+**M1 Mac** support (for testing locally with a dockerized Keycloak).
+
+## v4.7.2
+
+> WARNING: This is broken.  
+> Testing with local Keycloak container working with M1 Mac. Thanks to [@eduardosanzb](https://github.com/InseeFrLab/keycloakify/issues/43#issuecomment-975699658).  
+> Be aware: When running M1s you are testing with Keycloak v15 else the local container spun will be a Keycloak v16.1.0.
+
+## v4.7.0
+
+Register with user profile enabled: Out of the box `options` validator support.  
+[Example](https://user-images.githubusercontent.com/6702424/158911163-81e6bbe8-feb0-4dc8-abff-de199d7a678e.mov)
+
+## v4.6.0
+
+`tss-react` and `powerhooks` are no longer peer dependencies of `keycloakify`.
+After updating Keycloakify you can remove `tss-react` and `powerhooks` from your dependencies if you don't use them explicitly.
+
+## v4.5.3
+
+There is a new recommended way to setup highly customized theme. See [here](https://github.com/garronej/keycloakify-demo-app/blob/look_and_feel/src/KcApp/KcApp.tsx).  
+Unlike with [the previous recommended method](https://github.com/garronej/keycloakify-demo-app/blob/a51660578bea15fb3e506b8a2b78e1056c6d68bb/src/KcApp/KcApp.tsx),
+with this new method your theme wont break on minor Keycloakify update.
+
+## v4.3.0
+
+Feature [`login-update-password.ftl`](https://user-images.githubusercontent.com/6702424/147517600-6191cf72-93dd-437b-a35c-47180142063e.png).  
+Every time a page is added it's a breaking change for non CSS-only theme.  
+Change [this](https://github.com/garronej/keycloakify-demo-app/blob/df664c13c77ce3c53ac7df0622d94d04e76d3f9f/src/KcApp/KcApp.tsx#L17) and [this](https://github.com/garronej/keycloakify-demo-app/blob/df664c13c77ce3c53ac7df0622d94d04e76d3f9f/src/KcApp/KcApp.tsx#L37) to update.
+
+## v4
+
+-   Out of the box [frontend form validation](#user-profile-and-frontend-form-validation) 🥳
+-   Improvements (and breaking changes in `import { useKcMessage } from "keycloakify"`.
+
+## v3
+
+No breaking changes except that `@emotion/react`, [`tss-react`](https://www.npmjs.com/package/tss-react) and [`powerhooks`](https://www.npmjs.com/package/powerhooks) are now `peerDependencies` instead of being just dependencies.  
+It's important to avoid problem when using `keycloakify` alongside [`mui`](https://mui.com) and
+[when passing params from the app to the login page](https://github.com/InseeFrLab/keycloakify#implement-context-persistence-optional).
+
+## v2.5
+
+-   Feature [Use advanced message](https://github.com/InseeFrLab/keycloakify/blob/59f106bf9e210b63b190826da2bf5f75fc8b7644/src/lib/i18n/useKcMessage.tsx#L53-L66)
+    and [`messagesPerFields`](https://github.com/InseeFrLab/keycloakify/blob/59f106bf9e210b63b190826da2bf5f75fc8b7644/src/lib/getKcContext/KcContextBase.ts#L70-L75) (implementation [here](https://github.com/InseeFrLab/keycloakify/blob/59f106bf9e210b63b190826da2bf5f75fc8b7644/src/bin/build-keycloak-theme/generateFtl/common.ftl#L130-L189))
+-   Test container now uses Keycloak version `15.0.2`.
+
+## v2
+
+-   It's now possible to implement custom `.ftl` pages.
+-   Support for Keycloak plugins that introduce non standard ftl values.
+    (Like for example [this plugin](https://github.com/micedre/keycloak-mail-whitelisting) that define `authorizedMailDomains` in `register.ftl`).

package.json

@@ -1,6 +1,6 @@
 {
     "name": "keycloakify",
-    "version": "2.0.14",
+    "version": "6.11.0",
     "description": "Keycloak theme generator for Reacts app",
     "repository": {
         "type": "git",
@@ -9,24 +9,38 @@
     "main": "dist/lib/index.js",
     "types": "dist/lib/index.d.ts",
     "scripts": {
-        "clean": "rimraf dist/",
-        "build": "yarn clean && tsc && yarn grant-exec-perms && yarn copy-files",
+        "build": "rimraf dist/ && tsc -p src/bin && tsc -p src/lib && yarn grant-exec-perms && yarn copy-files dist/",
+        "build:test": "rimraf dist_test/ && tsc -p src/test && yarn copy-files dist_test/",
         "grant-exec-perms": "node dist/bin/tools/grant-exec-perms.js",
-        "test": "node dist/test/bin && node dist/test/lib",
-        "copy-files": "copyfiles -u 1 src/**/*.ftl src/**/*.xml src/**/*.js dist/",
-        "generate-messages": "node dist/bin/generate-i18n-messages.js"
+        "copy-files": "copyfiles -u 1 src/**/*.ftl",
+        "pretest": "yarn build:test",
+        "test": "node dist_test/test/bin && node dist_test/test/lib",
+        "generate-messages": "node dist/bin/generate-i18n-messages.js",
+        "link_in_test_app": "node dist/bin/link_in_test_app.js",
+        "_format": "prettier '**/*.{ts,tsx,json,md}'",
+        "format": "yarn _format --write",
+        "format:check": "yarn _format --list-different"
     },
     "bin": {
-        "build-keycloak-theme": "dist/bin/build-keycloak-theme/index.js",
-        "install-builtin-keycloak-themes": "dist/bin/install-builtin-keycloak-themes.js"
+        "keycloakify": "dist/bin/keycloakify/index.js",
+        "create-keycloak-email-directory": "dist/bin/create-keycloak-email-directory.js",
+        "download-builtin-keycloak-theme": "dist/bin/download-builtin-keycloak-theme.js"
+    },
+    "lint-staged": {
+        "*.{ts,tsx,json,md}": [
+            "prettier --write"
+        ]
+    },
+    "husky": {
+        "hooks": {
+            "pre-commit": "lint-staged -v"
+        }
     },
     "author": "u/garronej",
     "license": "MIT",
     "files": [
         "src/",
-        "!src/test/",
         "dist/",
-        "!dist/test/",
         "!dist/tsconfig.tsbuildinfo"
     ],
     "keywords": [
@@ -40,26 +54,40 @@
         "register"
     ],
     "homepage": "https://github.com/garronej/keycloakify",
+    "peerDependencies": {
+        "react": "^16.8.0 || ^17.0.0 || ^18.0.0"
+    },
     "devDependencies": {
-        "@types/node": "^10.0.0",
-        "@types/react": "^17.0.0",
+        "@babel/core": "^7.0.0",
+        "@types/memoizee": "^0.4.7",
+        "@types/minimist": "^1.2.2",
+        "@types/node": "^17.0.25",
+        "@types/react": "18.0.9",
         "copyfiles": "^2.4.1",
+        "husky": "^4.3.8",
+        "lint-staged": "^11.0.0",
+        "prettier": "^2.3.0",
         "properties-parser": "^0.3.1",
-        "react": "^17.0.1",
+        "react": "18.1.0",
         "rimraf": "^3.0.2",
-        "typescript": "^4.2.3",
-        "ts-toolbelt": "^9.6.0"
+        "@emotion/react": "^11.10.4",
+        "typescript": "^4.2.3"
     },
     "dependencies": {
+        "@octokit/rest": "^18.12.0",
         "cheerio": "^1.0.0-rc.5",
-        "evt": "2.0.0-beta.27",
-        "minimal-polyfills": "^2.2.1",
-        "path": "^0.12.7",
-        "powerhooks": "^0.7.1",
+        "cli-select": "^1.1.2",
+        "evt": "^2.4.13",
+        "memoizee": "^0.4.15",
+        "minimal-polyfills": "^2.2.2",
+        "minimist": "^1.2.6",
+        "path-browserify": "^1.0.1",
+        "powerhooks": "^0.22.1",
         "react-markdown": "^5.0.3",
+        "rfc4648": "^1.5.2",
         "scripting-tools": "^0.19.13",
-        "tss-react": "^0.7.3",
-        "@emotion/react": "^11.4.1",
-        "tsafe": "^0.4.1"
+        "tsafe": "^1.4.2",
+        "tss-react": "4.4.1-rc.0",
+        "zod": "^3.17.10"
     }
 }

renovate.json

@@ -0,0 +1,27 @@
+{
+    "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+    "baseBranches": ["main", "landingpage"],
+    "extends": ["config:base"],
+    "dependencyDashboard": false,
+    "bumpVersion": "patch",
+    "rangeStrategy": "bump",
+    "ignorePaths": [".github/**"],
+    "branchPrefix": "renovate_",
+    "vulnerabilityAlerts": {
+        "enabled": false
+    },
+    "packageRules": [
+        {
+            "packagePatterns": ["*"],
+            "excludePackagePatterns": ["powerhooks", "tsafe", "evt"],
+            "enabled": false
+        },
+        {
+            "packagePatterns": ["powerhooks", "tsafe", "evt"],
+            "matchUpdateTypes": ["minor", "patch"],
+            "automerge": true,
+            "automergeType": "branch",
+            "groupName": "garronej_modules_update"
+        }
+    ]
+}

src/bin/build-keycloak-theme/build-keycloak-theme.ts

@@ -1,127 +0,0 @@
-import { generateKeycloakThemeResources } from "./generateKeycloakThemeResources";
-import { generateJavaStackFiles } from "./generateJavaStackFiles";
-import { join as pathJoin, relative as pathRelative, basename as pathBasename } from "path";
-import * as child_process from "child_process";
-import { generateDebugFiles, containerLaunchScriptBasename } from "./generateDebugFiles";
-import { URL } from "url";
-
-type ParsedPackageJson = {
-    name: string;
-    version: string;
-    homepage?: string;
-};
-
-const reactProjectDirPath = process.cwd();
-
-const doUseExternalAssets = process.argv[2]?.toLowerCase() === "--external-assets";
-
-const parsedPackageJson: ParsedPackageJson = require(pathJoin(reactProjectDirPath, "package.json"));
-
-export const keycloakThemeBuildingDirPath = pathJoin(reactProjectDirPath, "build_keycloak");
-
-function sanitizeThemeName(name: string) {
-    return name.replace(/^@(.*)/, '$1').split('/').join('-');
-}
-
-export function main() {
-    console.log("🔏 Building the keycloak theme...⌚");
-
-    const extraPagesId: string[] = (parsedPackageJson as any)["keycloakify"]?.["extraPages"] ?? [];
-    const extraThemeProperties: string[] = (parsedPackageJson as any)["keycloakify"]?.["extraThemeProperties"] ?? [];
-    const themeName = sanitizeThemeName(parsedPackageJson.name);
-
-    generateKeycloakThemeResources({
-        keycloakThemeBuildingDirPath,
-        "reactAppBuildDirPath": pathJoin(reactProjectDirPath, "build"),
-        themeName,
-        ...(() => {
-
-            const url = (() => {
-
-                const { homepage } = parsedPackageJson;
-
-                return homepage === undefined ?
-                    undefined :
-                    new URL(homepage);
-
-            })();
-
-            return {
-                "urlPathname":
-                    url === undefined ?
-                        "/" :
-                        url.pathname.replace(/([^/])$/, "$1/"),
-                "urlOrigin": !doUseExternalAssets ? undefined : (() => {
-
-                    if (url === undefined) {
-                        console.error("ERROR: You must specify 'homepage' in your package.json");
-                        process.exit(-1);
-                    }
-
-                    return url.origin;
-
-                })()
-
-            };
-
-        })(),
-        extraPagesId,
-        extraThemeProperties
-    });
-
-    const { jarFilePath } = generateJavaStackFiles({
-        version: parsedPackageJson.version,
-        themeName,
-        homepage: parsedPackageJson.homepage,
-        keycloakThemeBuildingDirPath
-    });
-
-    child_process.execSync(
-        "mvn package",
-        { "cwd": keycloakThemeBuildingDirPath }
-    );
-
-    generateDebugFiles({
-        keycloakThemeBuildingDirPath,
-        themeName
-    });
-
-    console.log([
-        '',
-        `✅ Your keycloak theme has been generated and bundled into ./${pathRelative(reactProjectDirPath, jarFilePath)} 🚀`,
-        `It is to be placed in "/opt/jboss/keycloak/standalone/deployments" in the container running a jboss/keycloak Docker image. (Tested with 11.0.3)`,
-        '',
-        'Using Helm (https://github.com/codecentric/helm-charts), edit to reflect:',
-        '',
-        'value.yaml: ',
-        '    extraInitContainers: |',
-        '        - name: realm-ext-provider',
-        '          image: curlimages/curl',
-        '          imagePullPolicy: IfNotPresent',
-        '          command:',
-        '            - sh',
-        '          args:',
-        '            - -c',
-        `            - curl -L -f -S -o /extensions/${pathBasename(jarFilePath)} https://AN.URL.FOR/${pathBasename(jarFilePath)}`,
-        '          volumeMounts:',
-        '            - name: extensions',
-        '              mountPath: /extensions',
-        '        ',
-        '        extraVolumeMounts: |',
-        '            - name: extensions',
-        '              mountPath: /opt/jboss/keycloak/standalone/deployments',
-        '',
-        '',
-        'To test your theme locally, with hot reloading, you can spin up a Keycloak container image with the theme loaded by running:',
-        '',
-        `👉 $ ./${pathRelative(reactProjectDirPath, pathJoin(keycloakThemeBuildingDirPath, containerLaunchScriptBasename))} 👈`,
-        '',
-        'To enable the theme within keycloak log into the admin console ( 👉 http://localhost:8080 username: admin, password: admin 👈), create a realm (called "myrealm" for example),',
-        `go to your realm settings, click on the theme tab then select ${themeName}.`,
-        `More details: https://www.keycloak.org/getting-started/getting-started-docker`,
-        '',
-        'Once your container is up and configured 👉 http://localhost:8080/auth/realms/myrealm/account 👈',
-        '',
-    ].join("\n"));
-
-}

src/bin/build-keycloak-theme/ftlValuesGlobalName.ts

@@ -1,2 +0,0 @@
-
-export const ftlValuesGlobalName = "kcContext";

src/bin/build-keycloak-theme/generateDebugFiles/generateDebugFiles.ts

@@ -1,74 +0,0 @@
-
-import * as fs from "fs";
-import { join as pathJoin, dirname as pathDirname, basename as pathBasename } from "path";
-
-export const containerLaunchScriptBasename = "start_keycloak_testing_container.sh";
-
-/** Files for being able to run a hot reload keycloak container */
-export function generateDebugFiles(
-    params: {
-        themeName: string;
-        keycloakThemeBuildingDirPath: string;
-    }
-) {
-
-    const { themeName, keycloakThemeBuildingDirPath } = params;
-
-    fs.writeFileSync(
-        pathJoin(keycloakThemeBuildingDirPath, "Dockerfile"),
-        Buffer.from(
-            [
-                "FROM jboss/keycloak:11.0.3",
-                "",
-                "USER root",
-                "",
-                "WORKDIR /",
-                "",
-                "ADD configuration /opt/jboss/keycloak/standalone/configuration/",
-                "",
-                'ENTRYPOINT [ "/opt/jboss/tools/docker-entrypoint.sh" ]',
-            ].join("\n"),
-            "utf8"
-        )
-    );
-
-    const dockerImage = `${themeName}/keycloak-hot-reload`;
-    const containerName = "keycloak-testing-container";
-
-    fs.writeFileSync(
-        pathJoin(keycloakThemeBuildingDirPath, containerLaunchScriptBasename),
-        Buffer.from(
-            [
-                "#!/bin/bash",
-                "",
-                `cd ${keycloakThemeBuildingDirPath}`,
-                "",
-                `docker rm ${containerName} || true`,
-                "",
-                `docker build . -t ${dockerImage}`,
-                "",
-                "docker run \\",
-                "	-p 8080:8080 \\",
-                `	--name ${containerName} \\`,
-                "	-e KEYCLOAK_USER=admin \\",
-                "	-e KEYCLOAK_PASSWORD=admin \\",
-                `	-v ${pathJoin(keycloakThemeBuildingDirPath, "src", "main", "resources", "theme", themeName)
-                }:/opt/jboss/keycloak/themes/${themeName}:rw \\`,
-                `	-it ${dockerImage}:latest`,
-                ""
-            ].join("\n"),
-            "utf8"
-        ),
-        { "mode": 0o755 }
-    );
-
-    const standaloneHaFilePath = pathJoin(keycloakThemeBuildingDirPath, "configuration", "standalone-ha.xml");
-
-    try { fs.mkdirSync(pathDirname(standaloneHaFilePath)); } catch { }
-
-    fs.writeFileSync(
-        standaloneHaFilePath,
-        fs.readFileSync(pathJoin(__dirname, pathBasename(standaloneHaFilePath)))
-    );
-
-}

src/bin/build-keycloak-theme/generateDebugFiles/index.ts

@@ -1 +0,0 @@
-export * from "./generateDebugFiles";

src/bin/build-keycloak-theme/generateDebugFiles/standalone-ha.xml

@@ -1,666 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-
-<server xmlns="urn:jboss:domain:13.0">
-    <extensions>
-        <extension module="org.jboss.as.clustering.infinispan"/>
-        <extension module="org.jboss.as.clustering.jgroups"/>
-        <extension module="org.jboss.as.connector"/>
-        <extension module="org.jboss.as.deployment-scanner"/>
-        <extension module="org.jboss.as.ee"/>
-        <extension module="org.jboss.as.ejb3"/>
-        <extension module="org.jboss.as.jaxrs"/>
-        <extension module="org.jboss.as.jmx"/>
-        <extension module="org.jboss.as.jpa"/>
-        <extension module="org.jboss.as.logging"/>
-        <extension module="org.jboss.as.mail"/>
-        <extension module="org.jboss.as.modcluster"/>
-        <extension module="org.jboss.as.naming"/>
-        <extension module="org.jboss.as.remoting"/>
-        <extension module="org.jboss.as.security"/>
-        <extension module="org.jboss.as.transactions"/>
-        <extension module="org.jboss.as.weld"/>
-        <extension module="org.keycloak.keycloak-server-subsystem"/>
-        <extension module="org.wildfly.extension.bean-validation"/>
-        <extension module="org.wildfly.extension.core-management"/>
-        <extension module="org.wildfly.extension.elytron"/>
-        <extension module="org.wildfly.extension.io"/>
-        <extension module="org.wildfly.extension.microprofile.config-smallrye"/>
-        <extension module="org.wildfly.extension.microprofile.health-smallrye"/>
-        <extension module="org.wildfly.extension.microprofile.metrics-smallrye"/>
-        <extension module="org.wildfly.extension.request-controller"/>
-        <extension module="org.wildfly.extension.security.manager"/>
-        <extension module="org.wildfly.extension.undertow"/>
-    </extensions>
-    <management>
-        <security-realms>
-            <security-realm name="ManagementRealm">
-                <authentication>
-                    <local default-user="$local" skip-group-loading="true"/>
-                    <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
-                </authentication>
-                <authorization map-groups-to-roles="false">
-                    <properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
-                </authorization>
-            </security-realm>
-            <security-realm name="ApplicationRealm">
-                <server-identities>
-                    <ssl>
-                        <keystore path="application.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/>
-                    </ssl>
-                </server-identities>
-                <authentication>
-                    <local default-user="$local" allowed-users="*" skip-group-loading="true"/>
-                    <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
-                </authentication>
-                <authorization>
-                    <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
-                </authorization>
-            </security-realm>
-        </security-realms>
-        <audit-log>
-            <formatters>
-                <json-formatter name="json-formatter"/>
-            </formatters>
-            <handlers>
-                <file-handler name="file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/>
-            </handlers>
-            <logger log-boot="true" log-read-only="false" enabled="false">
-                <handlers>
-                    <handler name="file"/>
-                </handlers>
-            </logger>
-        </audit-log>
-        <management-interfaces>
-            <http-interface security-realm="ManagementRealm">
-                <http-upgrade enabled="true"/>
-                <socket-binding http="management-http"/>
-            </http-interface>
-        </management-interfaces>
-        <access-control provider="simple">
-            <role-mapping>
-                <role name="SuperUser">
-                    <include>
-                        <user name="$local"/>
-                    </include>
-                </role>
-            </role-mapping>
-        </access-control>
-    </management>
-    <profile>
-        <subsystem xmlns="urn:jboss:domain:logging:8.0">
-            <console-handler name="CONSOLE">
-                <formatter>
-                    <named-formatter name="COLOR-PATTERN"/>
-                </formatter>
-            </console-handler>
-            <logger category="com.arjuna">
-                <level name="WARN"/>
-            </logger>
-            <logger category="io.jaegertracing.Configuration">
-                <level name="WARN"/>
-            </logger>
-            <logger category="org.jboss.as.config">
-                <level name="DEBUG"/>
-            </logger>
-            <logger category="sun.rmi">
-                <level name="WARN"/>
-            </logger>
-            <logger category="org.keycloak">
-                <level name="${env.KEYCLOAK_LOGLEVEL:INFO}"/>
-            </logger>
-            <root-logger>
-                <level name="${env.ROOT_LOGLEVEL:INFO}"/>
-                <handlers>
-                    <handler name="CONSOLE"/>
-                </handlers>
-            </root-logger>
-            <formatter name="PATTERN">
-                <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
-            </formatter>
-            <formatter name="COLOR-PATTERN">
-                <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
-            </formatter>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:bean-validation:1.0"/>
-        <subsystem xmlns="urn:jboss:domain:core-management:1.0"/>
-        <subsystem xmlns="urn:jboss:domain:datasources:6.0">
-            <datasources>
-                <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true" statistics-enabled="${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}}">
-                    <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
-                    <driver>h2</driver>
-                    <security>
-                        <user-name>sa</user-name>
-                        <password>sa</password>
-                    </security>
-                </datasource>
-                <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true" statistics-enabled="${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}}">
-                    <connection-url>jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE</connection-url>
-                    <driver>h2</driver>
-                    <pool>
-                        <max-pool-size>100</max-pool-size>
-                    </pool>
-                    <security>
-                        <user-name>sa</user-name>
-                        <password>sa</password>
-                    </security>
-                </datasource>
-                <drivers>
-                    <driver name="h2" module="com.h2database.h2">
-                        <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
-                    </driver>
-                </drivers>
-            </datasources>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0">
-            <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:ee:5.0">
-            <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>
-            <concurrent>
-                <context-services>
-                    <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="true"/>
-                </context-services>
-                <managed-thread-factories>
-                    <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/>
-                </managed-thread-factories>
-                <managed-executor-services>
-                    <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/>
-                </managed-executor-services>
-                <managed-scheduled-executor-services>
-                    <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/>
-                </managed-scheduled-executor-services>
-            </concurrent>
-            <default-bindings context-service="java:jboss/ee/concurrency/context/default" datasource="java:jboss/datasources/ExampleDS" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:ejb3:7.0">
-            <session-bean>
-                <stateless>
-                    <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
-                </stateless>
-                <stateful default-access-timeout="5000" cache-ref="distributable" passivation-disabled-cache-ref="simple"/>
-                <singleton default-access-timeout="5000"/>
-            </session-bean>
-            <pools>
-                <bean-instance-pools>
-                    <strict-max-pool name="mdb-strict-max-pool" derive-size="from-cpu-count" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
-                    <strict-max-pool name="slsb-strict-max-pool" derive-size="from-worker-pools" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
-                </bean-instance-pools>
-            </pools>
-            <caches>
-                <cache name="simple"/>
-                <cache name="distributable" passivation-store-ref="infinispan" aliases="passivating clustered"/>
-            </caches>
-            <passivation-stores>
-                <passivation-store name="infinispan" cache-container="ejb" max-size="10000"/>
-            </passivation-stores>
-            <async thread-pool-name="default"/>
-            <timer-service thread-pool-name="default" default-data-store="default-file-store">
-                <data-stores>
-                    <file-data-store name="default-file-store" path="timer-service-data" relative-to="jboss.server.data.dir"/>
-                </data-stores>
-            </timer-service>
-            <remote connector-ref="http-remoting-connector" thread-pool-name="default">
-                <channel-creation-options>
-                    <option name="MAX_OUTBOUND_MESSAGES" value="1234" type="remoting"/>
-                </channel-creation-options>
-            </remote>
-            <thread-pools>
-                <thread-pool name="default">
-                    <max-threads count="10"/>
-                    <keepalive-time time="60" unit="seconds"/>
-                </thread-pool>
-            </thread-pools>
-            <default-security-domain value="other"/>
-            <default-missing-method-permissions-deny-access value="true"/>
-            <statistics enabled="${wildfly.ejb3.statistics-enabled:${wildfly.statistics-enabled:false}}"/>
-            <log-system-exceptions value="true"/>
-        </subsystem>
-        <subsystem xmlns="urn:wildfly:elytron:10.0" final-providers="combined-providers" disallowed-providers="OracleUcrypto">
-            <providers>
-                <aggregate-providers name="combined-providers">
-                    <providers name="elytron"/>
-                    <providers name="openssl"/>
-                </aggregate-providers>
-                <provider-loader name="elytron" module="org.wildfly.security.elytron"/>
-                <provider-loader name="openssl" module="org.wildfly.openssl"/>
-            </providers>
-            <audit-logging>
-                <file-audit-log name="local-audit" path="audit.log" relative-to="jboss.server.log.dir" format="JSON"/>
-            </audit-logging>
-            <security-domains>
-                <security-domain name="ApplicationDomain" default-realm="ApplicationRealm" permission-mapper="default-permission-mapper">
-                    <realm name="ApplicationRealm" role-decoder="groups-to-roles"/>
-                    <realm name="local"/>
-                </security-domain>
-                <security-domain name="ManagementDomain" default-realm="ManagementRealm" permission-mapper="default-permission-mapper">
-                    <realm name="ManagementRealm" role-decoder="groups-to-roles"/>
-                    <realm name="local" role-mapper="super-user-mapper"/>
-                </security-domain>
-            </security-domains>
-            <security-realms>
-                <identity-realm name="local" identity="$local"/>
-                <properties-realm name="ApplicationRealm">
-                    <users-properties path="application-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ApplicationRealm"/>
-                    <groups-properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
-                </properties-realm>
-                <properties-realm name="ManagementRealm">
-                    <users-properties path="mgmt-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ManagementRealm"/>
-                    <groups-properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
-                </properties-realm>
-            </security-realms>
-            <mappers>
-                <simple-permission-mapper name="default-permission-mapper" mapping-mode="first">
-                    <permission-mapping>
-                        <principal name="anonymous"/>
-                        <permission-set name="default-permissions"/>
-                    </permission-mapping>
-                    <permission-mapping match-all="true">
-                        <permission-set name="login-permission"/>
-                        <permission-set name="default-permissions"/>
-                    </permission-mapping>
-                </simple-permission-mapper>
-                <constant-realm-mapper name="local" realm-name="local"/>
-                <simple-role-decoder name="groups-to-roles" attribute="groups"/>
-                <constant-role-mapper name="super-user-mapper">
-                    <role name="SuperUser"/>
-                </constant-role-mapper>
-            </mappers>
-            <permission-sets>
-                <permission-set name="login-permission">
-                    <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/>
-                </permission-set>
-                <permission-set name="default-permissions">
-                    <permission class-name="org.wildfly.extension.batch.jberet.deployment.BatchPermission" module="org.wildfly.extension.batch.jberet" target-name="*"/>
-                    <permission class-name="org.wildfly.transaction.client.RemoteTransactionPermission" module="org.wildfly.transaction.client"/>
-                    <permission class-name="org.jboss.ejb.client.RemoteEJBPermission" module="org.jboss.ejb-client"/>
-                </permission-set>
-            </permission-sets>
-            <http>
-                <http-authentication-factory name="management-http-authentication" security-domain="ManagementDomain" http-server-mechanism-factory="global">
-                    <mechanism-configuration>
-                        <mechanism mechanism-name="DIGEST">
-                            <mechanism-realm realm-name="ManagementRealm"/>
-                        </mechanism>
-                    </mechanism-configuration>
-                </http-authentication-factory>
-                <provider-http-server-mechanism-factory name="global"/>
-            </http>
-            <sasl>
-                <sasl-authentication-factory name="application-sasl-authentication" sasl-server-factory="configured" security-domain="ApplicationDomain">
-                    <mechanism-configuration>
-                        <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
-                        <mechanism mechanism-name="DIGEST-MD5">
-                            <mechanism-realm realm-name="ApplicationRealm"/>
-                        </mechanism>
-                    </mechanism-configuration>
-                </sasl-authentication-factory>
-                <sasl-authentication-factory name="management-sasl-authentication" sasl-server-factory="configured" security-domain="ManagementDomain">
-                    <mechanism-configuration>
-                        <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
-                        <mechanism mechanism-name="DIGEST-MD5">
-                            <mechanism-realm realm-name="ManagementRealm"/>
-                        </mechanism>
-                    </mechanism-configuration>
-                </sasl-authentication-factory>
-                <configurable-sasl-server-factory name="configured" sasl-server-factory="elytron">
-                    <properties>
-                        <property name="wildfly.sasl.local-user.default-user" value="$local"/>
-                    </properties>
-                </configurable-sasl-server-factory>
-                <mechanism-provider-filtering-sasl-server-factory name="elytron" sasl-server-factory="global">
-                    <filters>
-                        <filter provider-name="WildFlyElytron"/>
-                    </filters>
-                </mechanism-provider-filtering-sasl-server-factory>
-                <provider-sasl-server-factory name="global"/>
-            </sasl>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:infinispan:10.0">
-            <cache-container name="keycloak" module="org.keycloak.keycloak-model-infinispan">
-                <transport lock-timeout="60000"/>
-                <local-cache name="realms">
-                    <object-memory size="10000"/>
-                </local-cache>
-                <local-cache name="users">
-                    <object-memory size="10000"/>
-                </local-cache>
-                <local-cache name="authorization">
-                    <object-memory size="10000"/>
-                </local-cache>
-                <local-cache name="keys">
-                    <object-memory size="1000"/>
-                    <expiration max-idle="3600000"/>
-                </local-cache>
-                <replicated-cache name="work"/>
-                <distributed-cache name="sessions" owners="1"/>
-                <distributed-cache name="authenticationSessions" owners="1"/>
-                <distributed-cache name="offlineSessions" owners="1"/>
-                <distributed-cache name="clientSessions" owners="1"/>
-                <distributed-cache name="offlineClientSessions" owners="1"/>
-                <distributed-cache name="loginFailures" owners="1"/>
-                <distributed-cache name="actionTokens" owners="2">
-                    <object-memory size="-1"/>
-                    <expiration interval="300000" max-idle="-1"/>
-                </distributed-cache>
-            </cache-container>
-            <cache-container name="server" aliases="singleton cluster" default-cache="default" module="org.wildfly.clustering.server">
-                <transport lock-timeout="60000"/>
-                <replicated-cache name="default">
-                    <transaction mode="BATCH"/>
-                </replicated-cache>
-            </cache-container>
-            <cache-container name="web" default-cache="dist" module="org.wildfly.clustering.web.infinispan">
-                <transport lock-timeout="60000"/>
-                <replicated-cache name="sso">
-                    <locking isolation="REPEATABLE_READ"/>
-                    <transaction mode="BATCH"/>
-                </replicated-cache>
-                <distributed-cache name="dist">
-                    <locking isolation="REPEATABLE_READ"/>
-                    <transaction mode="BATCH"/>
-                    <file-store/>
-                </distributed-cache>
-                <distributed-cache name="routing"/>
-            </cache-container>
-            <cache-container name="ejb" aliases="sfsb" default-cache="dist" module="org.wildfly.clustering.ejb.infinispan">
-                <transport lock-timeout="60000"/>
-                <distributed-cache name="dist">
-                    <locking isolation="REPEATABLE_READ"/>
-                    <transaction mode="BATCH"/>
-                    <file-store/>
-                </distributed-cache>
-            </cache-container>
-            <cache-container name="hibernate" module="org.infinispan.hibernate-cache">
-                <transport lock-timeout="60000"/>
-                <local-cache name="local-query">
-                    <object-memory size="10000"/>
-                    <expiration max-idle="100000"/>
-                </local-cache>
-                <invalidation-cache name="entity">
-                    <transaction mode="NON_XA"/>
-                    <object-memory size="10000"/>
-                    <expiration max-idle="100000"/>
-                </invalidation-cache>
-                <replicated-cache name="timestamps"/>
-            </cache-container>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:io:3.0">
-            <worker name="default"/>
-            <buffer-pool name="default"/>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:jaxrs:2.0"/>
-        <subsystem xmlns="urn:jboss:domain:jca:5.0">
-            <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
-            <bean-validation enabled="true"/>
-            <default-workmanager>
-                <short-running-threads>
-                    <core-threads count="50"/>
-                    <queue-length count="50"/>
-                    <max-threads count="50"/>
-                    <keepalive-time time="10" unit="seconds"/>
-                </short-running-threads>
-                <long-running-threads>
-                    <core-threads count="50"/>
-                    <queue-length count="50"/>
-                    <max-threads count="50"/>
-                    <keepalive-time time="10" unit="seconds"/>
-                </long-running-threads>
-            </default-workmanager>
-            <cached-connection-manager/>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:jgroups:8.0">
-            <channels default="ee">
-                <channel name="ee" stack="udp" cluster="ejb"/>
-            </channels>
-            <stacks>
-                <stack name="udp">
-                    <transport type="UDP" socket-binding="jgroups-udp"/>
-                    <protocol type="PING"/>
-                    <protocol type="MERGE3"/>
-                    <socket-protocol type="FD_SOCK" socket-binding="jgroups-udp-fd"/>
-                    <protocol type="FD_ALL"/>
-                    <protocol type="VERIFY_SUSPECT"/>
-                    <protocol type="pbcast.NAKACK2"/>
-                    <protocol type="UNICAST3"/>
-                    <protocol type="pbcast.STABLE"/>
-                    <protocol type="pbcast.GMS"/>
-                    <protocol type="UFC"/>
-                    <protocol type="MFC"/>
-                    <protocol type="FRAG3"/>
-                </stack>
-                <stack name="tcp">
-                    <transport type="TCP" socket-binding="jgroups-tcp"/>
-                    <socket-protocol type="MPING" socket-binding="jgroups-mping"/>
-                    <protocol type="MERGE3"/>
-                    <socket-protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/>
-                    <protocol type="FD_ALL"/>
-                    <protocol type="VERIFY_SUSPECT"/>
-                    <protocol type="pbcast.NAKACK2"/>
-                    <protocol type="UNICAST3"/>
-                    <protocol type="pbcast.STABLE"/>
-                    <protocol type="pbcast.GMS"/>
-                    <protocol type="MFC"/>
-                    <protocol type="FRAG3"/>
-                </stack>
-            </stacks>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:jmx:1.3">
-            <expose-resolved-model/>
-            <expose-expression-model/>
-            <remoting-connector/>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:jpa:1.1">
-            <jpa default-datasource="" default-extended-persistence-inheritance="DEEP"/>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
-            <web-context>auth</web-context>
-            <providers>
-                <provider>
-                    classpath:${jboss.home.dir}/providers/*
-                </provider>
-            </providers>
-            <master-realm-name>master</master-realm-name>
-            <scheduled-task-interval>900</scheduled-task-interval>
-            <theme>
-                <staticMaxAge>-1</staticMaxAge>
-                <cacheThemes>false</cacheThemes>
-                <cacheTemplates>false</cacheTemplates>
-                <welcomeTheme>${env.KEYCLOAK_WELCOME_THEME:keycloak}</welcomeTheme>
-                <default>${env.KEYCLOAK_DEFAULT_THEME:keycloak}</default>
-                <dir>${jboss.home.dir}/themes</dir>
-            </theme>
-            <spi name="eventsStore">
-                <provider name="jpa" enabled="true">
-                    <properties>
-                        <property name="exclude-events" value="[&quot;REFRESH_TOKEN&quot;]"/>
-                    </properties>
-                </provider>
-            </spi>
-            <spi name="userCache">
-                <provider name="default" enabled="true"/>
-            </spi>
-            <spi name="userSessionPersister">
-                <default-provider>jpa</default-provider>
-            </spi>
-            <spi name="timer">
-                <default-provider>basic</default-provider>
-            </spi>
-            <spi name="connectionsHttpClient">
-                <provider name="default" enabled="true"/>
-            </spi>
-            <spi name="connectionsJpa">
-                <provider name="default" enabled="true">
-                    <properties>
-                        <property name="dataSource" value="java:jboss/datasources/KeycloakDS"/>
-                        <property name="initializeEmpty" value="true"/>
-                        <property name="migrationStrategy" value="update"/>
-                        <property name="migrationExport" value="${jboss.home.dir}/keycloak-database-update.sql"/>
-                    </properties>
-                </provider>
-            </spi>
-            <spi name="realmCache">
-                <provider name="default" enabled="true"/>
-            </spi>
-            <spi name="connectionsInfinispan">
-                <default-provider>default</default-provider>
-                <provider name="default" enabled="true">
-                    <properties>
-                        <property name="cacheContainer" value="java:jboss/infinispan/container/keycloak"/>
-                    </properties>
-                </provider>
-            </spi>
-            <spi name="jta-lookup">
-                <default-provider>${keycloak.jta.lookup.provider:jboss}</default-provider>
-                <provider name="jboss" enabled="true"/>
-            </spi>
-            <spi name="publicKeyStorage">
-                <provider name="infinispan" enabled="true">
-                    <properties>
-                        <property name="minTimeBetweenRequests" value="10"/>
-                    </properties>
-                </provider>
-            </spi>
-            <spi name="x509cert-lookup">
-                <default-provider>${keycloak.x509cert.lookup.provider:default}</default-provider>
-                <provider name="default" enabled="true"/>
-            </spi>
-            <spi name="hostname">
-                <default-provider>${keycloak.hostname.provider:default}</default-provider>
-                <provider name="default" enabled="true">
-                    <properties>
-                        <property name="frontendUrl" value="${keycloak.frontendUrl:}"/>
-                        <property name="forceBackendUrlToFrontendUrl" value="false"/>
-                    </properties>
-                </provider>
-                <provider name="fixed" enabled="true">
-                    <properties>
-                        <property name="hostname" value="${keycloak.hostname.fixed.hostname:localhost}"/>
-                        <property name="httpPort" value="${keycloak.hostname.fixed.httpPort:-1}"/>
-                        <property name="httpsPort" value="${keycloak.hostname.fixed.httpsPort:-1}"/>
-                        <property name="alwaysHttps" value="${keycloak.hostname.fixed.alwaysHttps:false}"/>
-                    </properties>
-                </provider>
-            </spi>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:mail:4.0">
-            <mail-session name="default" jndi-name="java:jboss/mail/Default">
-                <smtp-server outbound-socket-binding-ref="mail-smtp"/>
-            </mail-session>
-        </subsystem>
-        <subsystem xmlns="urn:wildfly:microprofile-config-smallrye:1.0"/>
-        <subsystem xmlns="urn:wildfly:microprofile-health-smallrye:2.0" security-enabled="false" empty-liveness-checks-status="${env.MP_HEALTH_EMPTY_LIVENESS_CHECKS_STATUS:UP}" empty-readiness-checks-status="${env.MP_HEALTH_EMPTY_READINESS_CHECKS_STATUS:UP}"/>
-        <subsystem xmlns="urn:wildfly:microprofile-metrics-smallrye:2.0" security-enabled="false" exposed-subsystems="*" prefix="${wildfly.metrics.prefix:wildfly}"/>
-        <subsystem xmlns="urn:jboss:domain:modcluster:5.0">
-            <proxy name="default" advertise-socket="modcluster" listener="ajp">
-                <dynamic-load-provider>
-                    <load-metric type="cpu"/>
-                </dynamic-load-provider>
-            </proxy>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:naming:2.0">
-            <remote-naming/>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:remoting:4.0">
-            <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:request-controller:1.0"/>
-        <subsystem xmlns="urn:jboss:domain:security:2.0">
-            <security-domains>
-                <security-domain name="other" cache-type="default">
-                    <authentication>
-                        <login-module code="Remoting" flag="optional">
-                            <module-option name="password-stacking" value="useFirstPass"/>
-                        </login-module>
-                        <login-module code="RealmDirect" flag="required">
-                            <module-option name="password-stacking" value="useFirstPass"/>
-                        </login-module>
-                    </authentication>
-                </security-domain>
-                <security-domain name="jboss-web-policy" cache-type="default">
-                    <authorization>
-                        <policy-module code="Delegating" flag="required"/>
-                    </authorization>
-                </security-domain>
-                <security-domain name="jaspitest" cache-type="default">
-                    <authentication-jaspi>
-                        <login-module-stack name="dummy">
-                            <login-module code="Dummy" flag="optional"/>
-                        </login-module-stack>
-                        <auth-module code="Dummy"/>
-                    </authentication-jaspi>
-                </security-domain>
-                <security-domain name="jboss-ejb-policy" cache-type="default">
-                    <authorization>
-                        <policy-module code="Delegating" flag="required"/>
-                    </authorization>
-                </security-domain>
-            </security-domains>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:security-manager:1.0">
-            <deployment-permissions>
-                <maximum-set>
-                    <permission class="java.security.AllPermission"/>
-                </maximum-set>
-            </deployment-permissions>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:transactions:5.0">
-            <core-environment node-identifier="${jboss.tx.node.id:1}">
-                <process-id>
-                    <uuid/>
-                </process-id>
-            </core-environment>
-            <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
-            <coordinator-environment statistics-enabled="${wildfly.transactions.statistics-enabled:${wildfly.statistics-enabled:false}}"/>
-            <object-store path="tx-object-store" relative-to="jboss.server.data.dir"/>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:undertow:11.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">
-            <buffer-cache name="default"/>
-            <server name="default-server">
-                <ajp-listener name="ajp" socket-binding="ajp"/>
-                <http-listener name="default" read-timeout="30000" socket-binding="http" redirect-socket="https" proxy-address-forwarding="${env.PROXY_ADDRESS_FORWARDING:false}" enable-http2="true"/>
-                <https-listener name="https" read-timeout="30000" socket-binding="https" proxy-address-forwarding="${env.PROXY_ADDRESS_FORWARDING:false}" security-realm="ApplicationRealm" enable-http2="true"/>
-                <host name="default-host" alias="localhost">
-                    <location name="/" handler="welcome-content"/>
-                    <http-invoker security-realm="ApplicationRealm"/>
-                </host>
-            </server>
-            <servlet-container name="default">
-                <jsp-config/>
-                <websockets/>
-            </servlet-container>
-            <handlers>
-                <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
-            </handlers>
-        </subsystem>
-        <subsystem xmlns="urn:jboss:domain:weld:4.0"/>
-    </profile>
-    <interfaces>
-        <interface name="management">
-            <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
-        </interface>
-        <interface name="private">
-            <inet-address value="${jboss.bind.address.private:127.0.0.1}"/>
-        </interface>
-        <interface name="public">
-            <inet-address value="${jboss.bind.address:127.0.0.1}"/>
-        </interface>
-    </interfaces>
-    <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
-        <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
-        <socket-binding name="http" port="${jboss.http.port:8080}"/>
-        <socket-binding name="https" port="${jboss.https.port:8443}"/>
-        <socket-binding name="jgroups-mping" interface="private" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45700"/>
-        <socket-binding name="jgroups-tcp" interface="private" port="7600"/>
-        <socket-binding name="jgroups-tcp-fd" interface="private" port="57600"/>
-        <socket-binding name="jgroups-udp" interface="private" port="55200" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45688"/>
-        <socket-binding name="jgroups-udp-fd" interface="private" port="54200"/>
-        <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
-        <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
-        <socket-binding name="modcluster" multicast-address="${jboss.modcluster.multicast.address:224.0.1.105}" multicast-port="23364"/>
-        <socket-binding name="txn-recovery-environment" port="4712"/>
-        <socket-binding name="txn-status-manager" port="4713"/>
-        <outbound-socket-binding name="mail-smtp">
-            <remote-destination host="localhost" port="25"/>
-        </outbound-socket-binding>
-    </socket-binding-group>
-</server>

src/bin/build-keycloak-theme/generateFtl/Object.deepAssign.js

@@ -1,28 +0,0 @@
-
-Object.defineProperty(
-    Object,
-    "deepAssign",
-    {
-        "value": function callee(target, source) {
-            Object.keys(source).forEach(function (key) {
-                var value = source[key];
-                if (target[key] === undefined) {
-                    target[key] = value;
-                    return;
-                }
-                if (value instanceof Object) {
-                    if (value instanceof Array) {
-                        value.forEach(function (entry) {
-                            target[key].push(entry);
-                        });
-                        return;
-                    }
-                    callee(target[key], value);
-                    return;
-                }
-                target[key] = value;
-            });
-            return target;
-        }
-    }
-);

src/bin/build-keycloak-theme/generateFtl/common.ftl

@@ -1,192 +0,0 @@
-<script>const _= 
-<#macro objectToJson object depth>
-    <@compress>
-
-        <#local isHash = false>
-        <#attempt>
-            <#local isHash = object?is_hash || object?is_hash_ex>
-        <#recover>
-            /* can't evaluate if object is hash */
-            undefined
-            <#return>
-        </#attempt>
-        <#if isHash>
-
-            <#local keys = "">
-
-            <#attempt>
-                <#local keys = object?keys>
-            <#recover>
-                /* can't list keys of object */
-                undefined
-                <#return>
-            </#attempt>
-
-            {${'\n'}
-
-            <#list keys as key>
-
-                <#if key == "class">
-                    /* skipping "class" property of object */
-                    <#continue>
-                </#if>
-
-                <#local value = "">
-
-                <#attempt>
-                    <#local value = object[key]>
-                <#recover>
-                    /* couldn't dereference ${key} of object */
-                    <#continue>
-                </#attempt>
-
-                <#if depth gt 4>
-                    /* Avoid calling recustively too many times depth: ${depth}, key: ${key} */
-                    <#continue>
-                </#if>
-
-                "${key}": <@objectToJson object=value depth=depth+1/>,
-
-            </#list>
-
-            }${'\n'}
-
-            <#return>
-
-        </#if>
-
-
-        <#local isMethod = "">
-        <#attempt>
-            <#local isMethod = object?is_method>
-        <#recover>
-            /* can't test if object is a method */
-            undefined
-            <#return>
-        </#attempt>
-
-        <#if isMethod>
-            undefined
-            <#return>
-        </#if>
-
-
-
-        <#local isBoolean = "">
-        <#attempt>
-            <#local isBoolean = object?is_boolean>
-        <#recover>
-            /* can't test if object is a boolean */
-            undefined
-            <#return>
-        </#attempt>
-
-        <#if isBoolean>
-            ${object?c}
-            <#return>
-        </#if>
-
-
-        <#local isEnumerable = "">
-        <#attempt>
-            <#local isEnumerable = object?is_enumerable>
-        <#recover>
-            /* can't test if object is enumerable */
-            undefined
-            <#return>
-        </#attempt>
-
-        <#if isEnumerable>
-
-            [${'\n'}
-
-            <#list object as item>
-
-                <@objectToJson object=item depth=depth+1/>,
-
-            </#list>
-
-            ]${'\n'}
-
-            <#return>
-        </#if>
-
-
-        <#attempt>
-            "${object?replace('"', '\\"')?no_esc}"
-        <#recover>
-            /* couldn't convert into string non hash, non method, non boolean, non enumerable object */
-            undefined;
-            <#return>
-        </#attempt>
-
-
-    </@compress>
-</#macro>
-
-(()=>{
-
-    //Removing all the undefined
-    const obj = JSON.parse(JSON.stringify(<@objectToJson object=.data_model depth=0 />));
-
-    //Freemarker values that can't be automatically converted into a JavaScript object.
-    Object.deepAssign(
-        obj,
-        { 
-            "messagesPerField": {
-                "printIfExists": function (key, x) {
-                    switch(key){
-                        case "userLabel": return (function (){
-                            <#attempt>
-                                return "${messagesPerField.printIfExists('userLabel','1')}" ? x : undefined;
-                            <#recover>
-                            </#attempt>
-                        })();
-                        case "username": return (function (){
-                            <#attempt>
-                                return "${messagesPerField.printIfExists('username','1')}" ? x : undefined;
-                            <#recover>
-                            </#attempt>
-                        })();
-                        case "email": return (function (){
-                            <#attempt>
-                                return "${messagesPerField.printIfExists('email','1')}" ? x : undefined;
-                            <#recover>
-                            </#attempt>
-                        })();
-                        case "firstName": return (function (){
-                            <#attempt>
-                                return "${messagesPerField.printIfExists('firstName','1')}" ? x : undefined;
-                            <#recover>
-                            </#attempt>
-                        })();
-                        case "lastName": return (function (){
-                            <#attempt>
-                                return "${messagesPerField.printIfExists('lastName','1')}" ? x : undefined;
-                            <#recover>
-                            </#attempt>
-                        })();
-                        case "password": return (function (){
-                            <#attempt>
-                                return "${messagesPerField.printIfExists('password','1')}" ? x : undefined;
-                            <#recover>
-                            </#attempt>
-                        })();
-                        case "password-confirm": return (function (){
-                            <#attempt>
-                                return "${messagesPerField.printIfExists('password-confirm','1')}" ? x : undefined;
-                            <#recover>
-                            </#attempt>
-                        })();
-                    }
-                }
-            },
-            "msg": function(){ throw new Error("use import { useKcMessage } from 'keycloakify'"); },
-        }
-    );
-
-    return obj;
-
-})()
-
-</script>

src/bin/build-keycloak-theme/generateFtl/generateFtl.ts

@@ -1,170 +0,0 @@
-
-
-import cheerio from "cheerio";
-import {
-    replaceImportsFromStaticInJsCode,
-    replaceImportsInInlineCssCode,
-    generateCssCodeToDefineGlobals
-} from "../replaceImportFromStatic";
-import fs from "fs";
-import { join as pathJoin } from "path";
-import { objectKeys } from "tsafe/objectKeys";
-import { ftlValuesGlobalName } from "../ftlValuesGlobalName";
-
-export const pageIds = [
-    "login.ftl", "register.ftl", "info.ftl",
-    "error.ftl", "login-reset-password.ftl",
-    "login-verify-email.ftl", "terms.ftl",
-    "login-otp.ftl", "login-update-profile.ftl",
-    "login-idp-link-confirm.ftl"
-] as const;
-
-export type PageId = typeof pageIds[number];
-
-function loadAdjacentFile(fileBasename: string) {
-    return fs.readFileSync(pathJoin(__dirname, fileBasename))
-        .toString("utf8");
-};
-
-
-export function generateFtlFilesCodeFactory(
-    params: {
-        cssGlobalsToDefine: Record<string, string>;
-        indexHtmlCode: string;
-        urlPathname: string;
-        urlOrigin: undefined | string;
-    }
-) {
-
-    const { cssGlobalsToDefine, indexHtmlCode, urlPathname, urlOrigin } = params;
-
-    const $ = cheerio.load(indexHtmlCode);
-
-    $("script:not([src])").each((...[, element]) => {
-
-        const { fixedJsCode } = replaceImportsFromStaticInJsCode({
-            "jsCode": $(element).html()!,
-            urlOrigin
-        });
-
-        $(element).text(fixedJsCode);
-
-    });
-
-    $("style").each((...[, element]) => {
-
-        const { fixedCssCode } = replaceImportsInInlineCssCode({
-            "cssCode": $(element).html()!,
-            "urlPathname": params.urlPathname,
-            urlOrigin
-        });
-
-        $(element).text(fixedCssCode);
-
-    });
-
-    ([
-        ["link", "href"],
-        ["script", "src"],
-    ] as const).forEach(([selector, attrName]) =>
-        $(selector).each((...[, element]) => {
-
-            const href = $(element).attr(attrName);
-
-            if (href === undefined) {
-                return;
-            }
-
-            $(element).attr(
-                attrName,
-                urlOrigin !== undefined ?
-                    href.replace(/^\//, `${urlOrigin}/`) :
-                    href.replace(
-                        new RegExp(`^${urlPathname.replace(/\//g, "\\/")}`),
-                        "${url.resourcesPath}/build/"
-                    )
-            );
-
-        })
-    );
-
-    //FTL is no valid html, we can't insert with cheerio, we put placeholder for injecting later.
-    const ftlPlaceholders = {
-        '{ "x": "vIdLqMeOed9sdLdIdOxdK0d" }': loadAdjacentFile("common.ftl")
-            .match(/^<script>const _=((?:.|\n)+)<\/script>[\n]?$/)![1],
-        '<!-- xIdLqMeOedErIdLsPdNdI9dSlxI -->':
-            [
-                '<#if scripts??>',
-                '    <#list scripts as script>',
-                '        <script src="${script}" type="text/javascript"></script>',
-                '    </#list>',
-                '</#if>'
-            ].join("\n")
-    };
-
-    const pageSpecificCodePlaceholder = "<!-- dIddLqMeOedErIdLsPdNdI9dSl42sw -->";
-
-    $("head").prepend(
-        [
-            ...(Object.keys(cssGlobalsToDefine).length === 0 ? [] : [
-                '',
-                '<style>',
-                generateCssCodeToDefineGlobals({
-                    cssGlobalsToDefine,
-                    urlPathname
-                }).cssCodeToPrependInHead,
-                '</style>',
-                ''
-            ]),
-            "<script>",
-            loadAdjacentFile("Object.deepAssign.js"),
-            "</script>",
-            '<script>',
-            `    window.${ftlValuesGlobalName}= Object.assign(`,
-            `        {},`,
-            `        ${objectKeys(ftlPlaceholders)[0]}`,
-            '    );',
-            '</script>',
-            '',
-            pageSpecificCodePlaceholder,
-            '',
-            objectKeys(ftlPlaceholders)[1]
-        ].join("\n"),
-    );
-
-    const partiallyFixedIndexHtmlCode = $.html();
-
-    function generateFtlFilesCode(
-        params: {
-            pageId: string;
-        }
-    ): { ftlCode: string; } {
-
-        const { pageId } = params;
-
-        const $ = cheerio.load(partiallyFixedIndexHtmlCode);
-
-        let ftlCode = $.html()
-            .replace(
-                pageSpecificCodePlaceholder,
-                [
-                    '<script>',
-                    `    Object.deepAssign(`,
-                    `        window.${ftlValuesGlobalName},`,
-                    `        { "pageId": "${pageId}" }`,
-                    '    );',
-                    '</script>'
-                ].join("\n")
-            );
-
-        objectKeys(ftlPlaceholders)
-            .forEach(id => ftlCode = ftlCode.replace(id, ftlPlaceholders[id]));
-
-        return { ftlCode };
-
-    }
-
-    return { generateFtlFilesCode };
-
-
-}

src/bin/build-keycloak-theme/generateFtl/index.ts

@@ -1 +0,0 @@
-export * from "./generateFtl";

src/bin/build-keycloak-theme/generateJavaStackFiles.ts

@@ -1,99 +0,0 @@
-
-import * as url from "url";
-import * as fs from "fs";
-import { join as pathJoin, dirname as pathDirname } from "path";
-
-
-export function generateJavaStackFiles(
-    params: {
-        version: string;
-        themeName: string;
-        homepage?: string;
-        keycloakThemeBuildingDirPath: string;
-    }
-): { jarFilePath: string; } {
-
-    const {
-        themeName,
-        version,
-        homepage,
-        keycloakThemeBuildingDirPath
-    } = params;
-
-    {
-
-        const { pomFileCode } = (function generatePomFileCode(): { pomFileCode: string; } {
-
-
-            const groupId = (() => {
-
-                const fallbackGroupId = `there.was.no.homepage.field.in.the.package.json.${themeName}`;
-
-                return (!homepage ?
-                    fallbackGroupId :
-                    url.parse(homepage).host?.replace(/:[0-9]+$/,"")?.split(".").reverse().join(".") ?? fallbackGroupId
-                ) + ".keycloak";
-
-            })();
-
-            const artefactId = `${themeName}-keycloak-theme`;
-
-            const pomFileCode = [
-                `<?xml version="1.0"?>`,
-                `<project xmlns="http://maven.apache.org/POM/4.0.0"`,
-                `	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"`,
-                `	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">`,
-                `	<modelVersion>4.0.0</modelVersion>`,
-                `	<groupId>${groupId}</groupId>`,
-                `	<artifactId>${artefactId}</artifactId>`,
-                `	<version>${version}</version>`,
-                `	<name>${artefactId}</name>`,
-                `	<description />`,
-                `</project>`
-            ].join("\n");
-
-            return { pomFileCode };
-
-        })();
-
-        fs.writeFileSync(
-            pathJoin(keycloakThemeBuildingDirPath, "pom.xml"),
-            Buffer.from(pomFileCode, "utf8")
-        );
-
-    }
-
-    {
-
-        const themeManifestFilePath = pathJoin(
-            keycloakThemeBuildingDirPath, "src", "main",
-            "resources", "META-INF", "keycloak-themes.json"
-        );
-
-        try {
-
-            fs.mkdirSync(pathDirname(themeManifestFilePath));
-
-        } catch { }
-
-        fs.writeFileSync(
-            themeManifestFilePath,
-            Buffer.from(
-                JSON.stringify({
-                    "themes": [
-                        {
-                            "name": themeName,
-                            "types": ["login"]
-                        }
-                    ]
-                }, null, 2),
-                "utf8"
-            )
-        );
-
-    }
-
-    return { "jarFilePath": pathJoin(keycloakThemeBuildingDirPath, "target", `${themeName}-${version}.jar`) };
-
-}
-

src/bin/build-keycloak-theme/generateKeycloakThemeResources.ts

@@ -1,177 +0,0 @@
-
-import { transformCodebase } from "../tools/transformCodebase";
-import * as fs from "fs";
-import { join as pathJoin } from "path";
-import {
-    replaceImportsInCssCode,
-    replaceImportsFromStaticInJsCode
-} from "./replaceImportFromStatic";
-import { generateFtlFilesCodeFactory, pageIds } from "./generateFtl";
-import { builtinThemesUrl } from "../install-builtin-keycloak-themes";
-import { downloadAndUnzip } from "../tools/downloadAndUnzip";
-import * as child_process from "child_process";
-import { resourcesCommonPath, resourcesPath, subDirOfPublicDirBasename } from "../../lib/getKcContext/kcContextMocks/urlResourcesPath";
-import { isInside } from "../tools/isInside";
-
-
-export function generateKeycloakThemeResources(
-    params: {
-        themeName: string;
-        reactAppBuildDirPath: string;
-        keycloakThemeBuildingDirPath: string;
-        urlPathname: string;
-        //If urlOrigin is not undefined then it means --externals-assets
-        urlOrigin: undefined | string;
-        extraPagesId: string[];
-        extraThemeProperties: string[];
-    }
-) {
-
-    const { 
-        themeName, reactAppBuildDirPath, keycloakThemeBuildingDirPath, 
-        urlPathname, urlOrigin, extraPagesId, extraThemeProperties
-    } = params;
-
-    const themeDirPath = pathJoin(keycloakThemeBuildingDirPath, "src", "main", "resources", "theme", themeName, "login");
-
-    let allCssGlobalsToDefine: Record<string, string> = {};
-
-    transformCodebase({
-        "destDirPath":
-            urlOrigin === undefined ?
-                pathJoin(themeDirPath, "resources", "build") :
-                reactAppBuildDirPath,
-        "srcDirPath": reactAppBuildDirPath,
-        "transformSourceCode": ({ filePath, sourceCode }) => {
-
-            //NOTE: Prevent cycles, excludes the folder we generated for debug in public/
-            if (
-                urlOrigin === undefined &&
-                isInside({
-                    "dirPath": pathJoin(reactAppBuildDirPath, subDirOfPublicDirBasename),
-                    filePath
-                })
-            ) {
-                return undefined;
-            }
-
-            if (urlOrigin === undefined && /\.css?$/i.test(filePath)) {
-
-                const { cssGlobalsToDefine, fixedCssCode } = replaceImportsInCssCode(
-                    { "cssCode": sourceCode.toString("utf8") }
-                );
-
-                allCssGlobalsToDefine = {
-                    ...allCssGlobalsToDefine,
-                    ...cssGlobalsToDefine
-                };
-
-                return { "modifiedSourceCode": Buffer.from(fixedCssCode, "utf8") };
-
-            }
-
-            if (/\.js?$/i.test(filePath)) {
-
-                const { fixedJsCode } = replaceImportsFromStaticInJsCode({
-                    "jsCode": sourceCode.toString("utf8"),
-                    urlOrigin
-                });
-
-                return { "modifiedSourceCode": Buffer.from(fixedJsCode, "utf8") };
-
-            }
-
-            return urlOrigin === undefined ? 
-                { "modifiedSourceCode": sourceCode } :
-                undefined;
-
-        }
-    });
-
-    const { generateFtlFilesCode } = generateFtlFilesCodeFactory({
-        "cssGlobalsToDefine": allCssGlobalsToDefine,
-        "indexHtmlCode": fs.readFileSync(
-            pathJoin(reactAppBuildDirPath, "index.html")
-        ).toString("utf8"),
-        urlPathname,
-        urlOrigin
-    });
-
-    [...pageIds, ...extraPagesId].forEach(pageId => {
-
-        const { ftlCode } = generateFtlFilesCode({ pageId });
-
-        fs.mkdirSync(themeDirPath, { "recursive": true });
-
-        fs.writeFileSync(
-            pathJoin(themeDirPath, pageId),
-            Buffer.from(ftlCode, "utf8")
-        );
-
-    });
-
-    {
-
-        const tmpDirPath = pathJoin(themeDirPath, "..", "tmp_xxKdLpdIdLd");
-
-        downloadAndUnzip({
-            "url": builtinThemesUrl,
-            "destDirPath": tmpDirPath
-        });
-
-        const themeResourcesDirPath = pathJoin(themeDirPath, "resources");
-
-        transformCodebase({
-            "srcDirPath": pathJoin(tmpDirPath, "keycloak", "login", "resources"),
-            "destDirPath": themeResourcesDirPath
-        });
-
-        const reactAppPublicDirPath = pathJoin(reactAppBuildDirPath, "..", "public");
-
-        transformCodebase({
-            "srcDirPath": themeResourcesDirPath,
-            "destDirPath": pathJoin(
-                reactAppPublicDirPath,
-                resourcesPath
-            )
-        });
-
-        transformCodebase({
-            "srcDirPath": pathJoin(tmpDirPath, "keycloak", "common", "resources"),
-            "destDirPath": pathJoin(
-                reactAppPublicDirPath,
-                resourcesCommonPath
-            )
-        });
-
-        const keycloakResourcesWithinPublicDirPath =
-            pathJoin(reactAppPublicDirPath, subDirOfPublicDirBasename);
-
-
-        fs.writeFileSync(
-            pathJoin(keycloakResourcesWithinPublicDirPath, "README.txt"),
-            Buffer.from([
-                "This is just a test folder that helps develop",
-                "the login and register page without having to yarn build"
-            ].join(" "))
-        );
-
-        fs.writeFileSync(
-            pathJoin(keycloakResourcesWithinPublicDirPath, ".gitignore"),
-            Buffer.from("*", "utf8")
-        );
-
-        child_process.execSync(`rm -r ${tmpDirPath}`);
-
-    }
-
-    fs.writeFileSync(
-        pathJoin(themeDirPath, "theme.properties"),
-        Buffer.from(
-            "parent=keycloak".concat("\n\n", extraThemeProperties.join("\n\n")),
-            "utf8"
-        )
-    );
-
-}
-

src/bin/build-keycloak-theme/index.ts

@@ -1,10 +0,0 @@
-#!/usr/bin/env node
-
-export * from "./build-keycloak-theme";
-import { main } from "./build-keycloak-theme";
-
-if (require.main === module) {
-
-	main();
-
-}

src/bin/build-keycloak-theme/replaceImportFromStatic.ts

@@ -1,136 +0,0 @@
-
-import * as crypto from "crypto";
-import { ftlValuesGlobalName } from "./ftlValuesGlobalName";
-
-export function replaceImportsFromStaticInJsCode(
-    params: {
-        jsCode: string;
-        urlOrigin: undefined | string;
-    }
-): { fixedJsCode: string; } {
-
-    /* 
-    NOTE:
-
-    When we have urlOrigin defined it means that 
-    we are building with --external-assets
-    so we have to make sur that the fixed js code will run 
-    inside and outside keycloak.
-
-    When urlOrigin isn't defined we can assume the fixedJsCode
-    will always run in keycloak context.
-    */
-
-    const { jsCode, urlOrigin } = params;
-
-    const fixedJsCode =
-        jsCode
-            .replace(
-                /([a-z]+\.[a-z]+)\+"static\//g,
-                (...[, group]) =>
-                    urlOrigin === undefined ?
-                        `window.${ftlValuesGlobalName}.url.resourcesPath + "/build/static/` :
-                        `("${ftlValuesGlobalName}" in window ? "${urlOrigin}" : "") + ${group} + "static/`
-            )
-            .replace(
-                /".chunk.css",([a-z])+=([a-z]+\.[a-z]+)\+([a-z]+),/,
-                (...[, group1, group2, group3]) =>
-                    urlOrigin === undefined ?
-                        `".chunk.css",${group1} = window.${ftlValuesGlobalName}.url.resourcesPath + "/build/" + ${group3},` :
-                        `".chunk.css",${group1} = ("${ftlValuesGlobalName}" in window ? "${urlOrigin}" : "") + ${group2} + ${group3},`
-            );
-
-    return { fixedJsCode };
-
-}
-
-export function replaceImportsInInlineCssCode(
-    params: {
-        cssCode: string;
-        urlPathname: string;
-        urlOrigin: undefined | string;
-    }
-): { fixedCssCode: string; } {
-
-    const { cssCode, urlPathname, urlOrigin } = params;
-
-    const fixedCssCode = cssCode.replace(
-        urlPathname === "/" ?
-            /url\(\/([^/][^)]+)\)/g :
-            new RegExp(`url\\(${urlPathname}([^)]+)\\)`, "g"),
-        (...[, group]) => `url(${urlOrigin === undefined ?
-            "${url.resourcesPath}/build/" + group :
-            params.urlOrigin + urlPathname + group})`
-    );
-
-    return { fixedCssCode };
-
-}
-
-export function replaceImportsInCssCode(
-    params: {
-        cssCode: string;
-    }
-): {
-    fixedCssCode: string;
-    cssGlobalsToDefine: Record<string, string>;
-} {
-
-    const { cssCode } = params;
-
-    const cssGlobalsToDefine: Record<string, string> = {};
-
-    new Set(cssCode.match(/url\(\/[^/][^)]+\)[^;}]*/g) ?? [])
-        .forEach(match =>
-            cssGlobalsToDefine[
-            "url" + crypto
-                .createHash("sha256")
-                .update(match)
-                .digest("hex")
-                .substring(0, 15)
-            ] = match
-        );
-
-    let fixedCssCode = cssCode;
-
-    Object.keys(cssGlobalsToDefine).forEach(
-        cssVariableName =>
-            //NOTE: split/join pattern ~ replace all
-            fixedCssCode =
-            fixedCssCode.split(cssGlobalsToDefine[cssVariableName])
-                .join(`var(--${cssVariableName})`)
-    );
-
-    return { fixedCssCode, cssGlobalsToDefine };
-
-}
-
-export function generateCssCodeToDefineGlobals(
-    params: {
-        cssGlobalsToDefine: Record<string, string>;
-        urlPathname: string;
-    }
-): {
-    cssCodeToPrependInHead: string;
-} {
-
-    const { cssGlobalsToDefine, urlPathname } = params;
-
-    return {
-        "cssCodeToPrependInHead": [
-            ":root {",
-            ...Object.keys(cssGlobalsToDefine)
-                .map(cssVariableName => [
-                    `--${cssVariableName}:`,
-                    cssGlobalsToDefine[cssVariableName]
-                        .replace(new RegExp(`url\\(${urlPathname.replace(/\//g, "\\/")}`, "g"), "url(${url.resourcesPath}/build/")
-                ].join(" "))
-                .map(line => `    ${line};`),
-            "}"
-        ].join("\n")
-    };
-
-}
-
-
-

src/bin/create-keycloak-email-directory.ts

@@ -0,0 +1,41 @@
+#!/usr/bin/env node
+
+import { downloadBuiltinKeycloakTheme } from "./download-builtin-keycloak-theme";
+import { keycloakThemeEmailDirPath } from "./keycloakify";
+import { join as pathJoin, basename as pathBasename } from "path";
+import { transformCodebase } from "./tools/transformCodebase";
+import { promptKeycloakVersion } from "./promptKeycloakVersion";
+import * as fs from "fs";
+import { getCliOptions } from "./tools/cliOptions";
+import { getLogger } from "./tools/logger";
+
+if (require.main === module) {
+    (async () => {
+        const { isSilent } = getCliOptions(process.argv.slice(2));
+        const logger = getLogger({ isSilent });
+        if (fs.existsSync(keycloakThemeEmailDirPath)) {
+            logger.warn(`There is already a ./${pathBasename(keycloakThemeEmailDirPath)} directory in your project. Aborting.`);
+
+            process.exit(-1);
+        }
+
+        const { keycloakVersion } = await promptKeycloakVersion();
+
+        const builtinKeycloakThemeTmpDirPath = pathJoin(keycloakThemeEmailDirPath, "..", "tmp_xIdP3_builtin_keycloak_theme");
+
+        downloadBuiltinKeycloakTheme({
+            keycloakVersion,
+            "destDirPath": builtinKeycloakThemeTmpDirPath,
+            isSilent
+        });
+
+        transformCodebase({
+            "srcDirPath": pathJoin(builtinKeycloakThemeTmpDirPath, "base", "email"),
+            "destDirPath": keycloakThemeEmailDirPath
+        });
+
+        logger.log(`./${pathBasename(keycloakThemeEmailDirPath)} ready to be customized`);
+
+        fs.rmSync(builtinKeycloakThemeTmpDirPath, { "recursive": true, "force": true });
+    })();
+}

src/bin/download-builtin-keycloak-theme.ts

@@ -0,0 +1,40 @@
+#!/usr/bin/env node
+
+import { keycloakThemeBuildingDirPath } from "./keycloakify";
+import { join as pathJoin } from "path";
+import { downloadAndUnzip } from "./tools/downloadAndUnzip";
+import { promptKeycloakVersion } from "./promptKeycloakVersion";
+import { getCliOptions } from "./tools/cliOptions";
+import { getLogger } from "./tools/logger";
+
+export async function downloadBuiltinKeycloakTheme(params: { keycloakVersion: string; destDirPath: string; isSilent: boolean }) {
+    const { keycloakVersion, destDirPath, isSilent } = params;
+
+    for (const ext of ["", "-community"]) {
+        await downloadAndUnzip({
+            "destDirPath": destDirPath,
+            "url": `https://github.com/keycloak/keycloak/archive/refs/tags/${keycloakVersion}.zip`,
+            "pathOfDirToExtractInArchive": `keycloak-${keycloakVersion}/themes/src/main/resources${ext}/theme`,
+            "cacheDirPath": pathJoin(keycloakThemeBuildingDirPath, ".cache"),
+            isSilent
+        });
+    }
+}
+
+if (require.main === module) {
+    (async () => {
+        const { isSilent } = getCliOptions(process.argv.slice(2));
+        const logger = getLogger({ isSilent });
+        const { keycloakVersion } = await promptKeycloakVersion();
+
+        const destDirPath = pathJoin(keycloakThemeBuildingDirPath, "src", "main", "resources", "theme");
+
+        logger.log(`Downloading builtins theme of Keycloak ${keycloakVersion} here ${destDirPath}`);
+
+        await downloadBuiltinKeycloakTheme({
+            keycloakVersion,
+            destDirPath,
+            isSilent
+        });
+    })();
+}

src/bin/generate-i18n-messages.ts

@@ -1,76 +1,86 @@
 import "minimal-polyfills/Object.fromEntries";
 import * as fs from "fs";
-import { join as pathJoin, relative as pathRelative } from "path";
+import { join as pathJoin, relative as pathRelative, dirname as pathDirname } from "path";
 import { crawl } from "./tools/crawl";
-import { downloadAndUnzip } from "./tools/downloadAndUnzip";
-import { builtinThemesUrl } from "./install-builtin-keycloak-themes";
+import { downloadBuiltinKeycloakTheme } from "./download-builtin-keycloak-theme";
 import { getProjectRoot } from "./tools/getProjectRoot";
-import { rm_rf, rm_r } from "./tools/rm";
+import { getCliOptions } from "./tools/cliOptions";
+import { getLogger } from "./tools/logger";
+
+//NOTE: To run without argument when we want to generate src/i18n/generated_kcMessages files,
+// update the version array for generating for newer version.
 
 //@ts-ignore
 const propertiesParser = require("properties-parser");
 
-const tmpDirPath = pathJoin(getProjectRoot(), "tmp_xImOef9dOd44");
+const { isSilent } = getCliOptions(process.argv.slice(2));
+const logger = getLogger({ isSilent });
 
-rm_rf(tmpDirPath);
+for (const keycloakVersion of ["11.0.3", "15.0.2", "18.0.1"]) {
+    logger.log(JSON.stringify({ keycloakVersion }));
 
-downloadAndUnzip({
-    "destDirPath": tmpDirPath,
-    "url": builtinThemesUrl
-});
+    const tmpDirPath = pathJoin(getProjectRoot(), "tmp_xImOef9dOd44");
 
-type Dictionary = { [idiomId: string]: string };
+    fs.rmSync(tmpDirPath, { "recursive": true, "force": true });
 
-const record: { [typeOfPage: string]: { [language: string]: Dictionary } } = {};
+    downloadBuiltinKeycloakTheme({
+        keycloakVersion,
+        "destDirPath": tmpDirPath,
+        isSilent
+    });
 
-process.chdir(pathJoin(tmpDirPath, "base"));
+    type Dictionary = { [idiomId: string]: string };
 
-crawl(".").forEach(filePath => {
+    const record: { [typeOfPage: string]: { [language: string]: Dictionary } } = {};
 
-    const match = filePath.match(/^([^/]+)\/messages\/messages_([^.]+)\.properties$/);
+    {
+        const baseThemeDirPath = pathJoin(tmpDirPath, "base");
 
-    if (match === null) {
-        return;
+        crawl(baseThemeDirPath).forEach(filePath => {
+            const match = filePath.match(/^([^/]+)\/messages\/messages_([^.]+)\.properties$/);
+
+            if (match === null) {
+                return;
+            }
+
+            const [, typeOfPage, language] = match;
+
+            (record[typeOfPage] ??= {})[language.replace(/_/g, "-")] = Object.fromEntries(
+                Object.entries(propertiesParser.parse(fs.readFileSync(pathJoin(baseThemeDirPath, filePath)).toString("utf8"))).map(
+                    ([key, value]: any) => [key, value.replace(/''/g, "'")]
+                )
+            );
+        });
     }
 
-    const [, typeOfPage, language] = match;
+    fs.rmSync(tmpDirPath, { recursive: true, force: true });
 
-    (record[typeOfPage] ??= {})[language.replace(/_/g, "-")] =
-        Object.fromEntries(
-            Object.entries(
-                propertiesParser.parse(
-                    fs.readFileSync(filePath)
-                        .toString("utf8")
+    Object.keys(record).forEach(pageType => {
+        const recordForPageType = record[pageType];
+
+        Object.keys(recordForPageType).forEach(language => {
+            const filePath = pathJoin(getProjectRoot(), "src", "lib", "i18n", "generated_messages", keycloakVersion, pageType, `${language}.ts`);
+
+            fs.mkdirSync(pathDirname(filePath), { "recursive": true });
+
+            fs.writeFileSync(
+                filePath,
+                Buffer.from(
+                    [
+                        `//This code was automatically generated by running ${pathRelative(getProjectRoot(), __filename)}`,
+                        "//PLEASE DO NOT EDIT MANUALLY",
+                        "",
+                        "/* spell-checker: disable */",
+                        `const messages= ${JSON.stringify(recordForPageType[language], null, 2)};`,
+                        "",
+                        "export default messages;",
+                        "/* spell-checker: enable */"
+                    ].join("\n"),
+                    "utf8"
                 )
-            ).map(([key, value]: any) => [key, value.replace(/''/g, "'")])
-        );
+            );
 
-});
-
-rm_r(tmpDirPath);
-
-const targetDirPath = pathJoin(getProjectRoot(), "src", "lib", "i18n", "generated_kcMessages");
-
-fs.mkdirSync(targetDirPath, { "recursive": true });
-
-Object.keys(record).forEach(pageType => {
-
-    const filePath = pathJoin(targetDirPath, `${pageType}.ts`);
-
-    fs.writeFileSync(
-        filePath,
-        Buffer.from(
-            [
-                `//This code was automatically generated by running ${pathRelative(getProjectRoot(), __filename)}`,
-                '//PLEASE DO NOT EDIT MANUALLY',
-                '',
-                '/* spell-checker: disable */',
-                `export const kcMessages= ${JSON.stringify(record[pageType], null, 2)};`,
-                '/* spell-checker: enable */'
-            ].join("\n"), "utf8")
-    );
-
-    console.log(`${filePath} wrote`);
-
-
-});
+            logger.log(`${filePath} wrote`);
+        });
+    });
+}

src/bin/install-builtin-keycloak-themes.ts

@@ -1,18 +0,0 @@
-#!/usr/bin/env node
-
-import { keycloakThemeBuildingDirPath } from "./build-keycloak-theme";
-import { downloadAndUnzip } from "./tools/downloadAndUnzip";
-import { join as pathJoin } from "path";
-
-export const builtinThemesUrl =
-    "https://github.com/garronej/keycloakify/releases/download/v0.0.1/keycloak_11.0.3_builtin_themes.zip";
-
-if (require.main === module) {
-
-    downloadAndUnzip({
-        "url": builtinThemesUrl,
-        "destDirPath": pathJoin(keycloakThemeBuildingDirPath, "src", "main", "resources", "theme")
-    });
-
-}
-

src/bin/keycloakify/BuildOptions.ts

@@ -0,0 +1,207 @@
+import { z } from "zod";
+import { assert } from "tsafe/assert";
+import type { Equals } from "tsafe";
+import { id } from "tsafe/id";
+import { parse as urlParse } from "url";
+import { typeGuard } from "tsafe/typeGuard";
+import { symToStr } from "tsafe/symToStr";
+
+const bundlers = ["mvn", "keycloakify", "none"] as const;
+type Bundler = typeof bundlers[number];
+type ParsedPackageJson = {
+    name: string;
+    version: string;
+    homepage?: string;
+    keycloakify?: {
+        extraPages?: string[];
+        extraThemeProperties?: string[];
+        areAppAndKeycloakServerSharingSameDomain?: boolean;
+        artifactId?: string;
+        groupId?: string;
+        bundler?: Bundler;
+    };
+};
+
+const zParsedPackageJson = z.object({
+    "name": z.string(),
+    "version": z.string(),
+    "homepage": z.string().optional(),
+    "keycloakify": z
+        .object({
+            "extraPages": z.array(z.string()).optional(),
+            "extraThemeProperties": z.array(z.string()).optional(),
+            "areAppAndKeycloakServerSharingSameDomain": z.boolean().optional(),
+            "artifactId": z.string().optional(),
+            "groupId": z.string().optional(),
+            "bundler": z.enum(bundlers).optional()
+        })
+        .optional()
+});
+
+assert<Equals<ReturnType<typeof zParsedPackageJson["parse"]>, ParsedPackageJson>>();
+
+/** Consolidated build option gathered form CLI arguments and config in package.json */
+export type BuildOptions = BuildOptions.Standalone | BuildOptions.ExternalAssets;
+
+export namespace BuildOptions {
+    export type Common = {
+        isSilent: boolean;
+        version: string;
+        themeName: string;
+        extraPages?: string[];
+        extraThemeProperties?: string[];
+        groupId: string;
+        artifactId: string;
+        bundler: Bundler;
+    };
+
+    export type Standalone = Common & {
+        isStandalone: true;
+        urlPathname: string | undefined;
+    };
+
+    export type ExternalAssets = ExternalAssets.SameDomain | ExternalAssets.DifferentDomains;
+
+    export namespace ExternalAssets {
+        export type CommonExternalAssets = Common & {
+            isStandalone: false;
+        };
+
+        export type SameDomain = CommonExternalAssets & {
+            areAppAndKeycloakServerSharingSameDomain: true;
+        };
+
+        export type DifferentDomains = CommonExternalAssets & {
+            areAppAndKeycloakServerSharingSameDomain: false;
+            urlOrigin: string;
+            urlPathname: string | undefined;
+        };
+    }
+}
+
+export function readBuildOptions(params: {
+    packageJson: string;
+    CNAME: string | undefined;
+    isExternalAssetsCliParamProvided: boolean;
+    isSilent: boolean;
+}): BuildOptions {
+    const { packageJson, CNAME, isExternalAssetsCliParamProvided, isSilent } = params;
+
+    const parsedPackageJson = zParsedPackageJson.parse(JSON.parse(packageJson));
+
+    const url = (() => {
+        const { homepage } = parsedPackageJson;
+
+        let url: URL | undefined = undefined;
+
+        if (homepage !== undefined) {
+            url = new URL(homepage);
+        }
+
+        if (CNAME !== undefined) {
+            url = new URL(`https://${CNAME.replace(/\s+$/, "")}`);
+        }
+
+        if (url === undefined) {
+            return undefined;
+        }
+
+        return {
+            "origin": url.origin,
+            "pathname": (() => {
+                const out = url.pathname.replace(/([^/])$/, "$1/");
+
+                return out === "/" ? undefined : out;
+            })()
+        };
+    })();
+
+    const common: BuildOptions.Common = (() => {
+        const { name, keycloakify = {}, version, homepage } = parsedPackageJson;
+
+        const { extraPages, extraThemeProperties, groupId, artifactId, bundler } = keycloakify ?? {};
+
+        const themeName = name
+            .replace(/^@(.*)/, "$1")
+            .split("/")
+            .join("-");
+
+        return {
+            themeName,
+            "bundler": (() => {
+                const { KEYCLOAKIFY_BUNDLER } = process.env;
+
+                assert(
+                    typeGuard<Bundler | undefined>(
+                        KEYCLOAKIFY_BUNDLER,
+                        [undefined, ...id<readonly string[]>(bundlers)].includes(KEYCLOAKIFY_BUNDLER)
+                    ),
+                    `${symToStr({ KEYCLOAKIFY_BUNDLER })} should be one of ${bundlers.join(", ")}`
+                );
+
+                return KEYCLOAKIFY_BUNDLER ?? bundler ?? "keycloakify";
+            })(),
+            "artifactId": process.env.KEYCLOAKIFY_ARTIFACT_ID ?? artifactId ?? `${themeName}-keycloak-theme`,
+            "groupId": (() => {
+                const fallbackGroupId = `${themeName}.keycloak`;
+
+                return (
+                    process.env.KEYCLOAKIFY_GROUP_ID ??
+                    groupId ??
+                    (!homepage
+                        ? fallbackGroupId
+                        : urlParse(homepage)
+                              .host?.replace(/:[0-9]+$/, "")
+                              ?.split(".")
+                              .reverse()
+                              .join(".") ?? fallbackGroupId) + ".keycloak"
+                );
+            })(),
+            "version": process.env.KEYCLOAKIFY_VERSION ?? version,
+            extraPages,
+            extraThemeProperties,
+            isSilent
+        };
+    })();
+
+    if (isExternalAssetsCliParamProvided) {
+        const commonExternalAssets = id<BuildOptions.ExternalAssets.CommonExternalAssets>({
+            ...common,
+            "isStandalone": false
+        });
+
+        if (parsedPackageJson.keycloakify?.areAppAndKeycloakServerSharingSameDomain) {
+            return id<BuildOptions.ExternalAssets.SameDomain>({
+                ...commonExternalAssets,
+                "areAppAndKeycloakServerSharingSameDomain": true
+            });
+        } else {
+            assert(
+                url !== undefined,
+                [
+                    "Can't compile in external assets mode if we don't know where",
+                    "the app will be hosted.",
+                    "You should provide a homepage field in the package.json (or create a",
+                    "public/CNAME file.",
+                    "Alternatively, if your app and the Keycloak server are on the same domain, ",
+                    "eg https://example.com is your app and https://example.com/auth is the keycloak",
+                    'admin UI, you can set "keycloakify": { "areAppAndKeycloakServerSharingSameDomain": true }',
+                    "in your package.json"
+                ].join(" ")
+            );
+
+            return id<BuildOptions.ExternalAssets.DifferentDomains>({
+                ...commonExternalAssets,
+                "areAppAndKeycloakServerSharingSameDomain": false,
+                "urlOrigin": url.origin,
+                "urlPathname": url.pathname
+            });
+        }
+    }
+
+    return id<BuildOptions.Standalone>({
+        ...common,
+        "isStandalone": true,
+        "urlPathname": url?.pathname
+    });
+}

src/bin/keycloakify/ftlValuesGlobalName.ts

@@ -0,0 +1 @@
+export const ftlValuesGlobalName = "kcContext";

src/bin/keycloakify/generateFtl/ftl_object_to_js_code_declaring_an_object.ftl

@@ -0,0 +1,368 @@
+<script>const _= 
+<#assign pageId="PAGE_ID_xIgLsPgGId9D8e">
+(()=>{
+
+    const out = 
+${ftl_object_to_js_code_declaring_an_object(.data_model, [])?no_esc};
+
+    out["msg"]= function(){ throw new Error("use import { useKcMessage } from 'keycloakify'"); };
+    out["advancedMsg"]= function(){ throw new Error("use import { useKcMessage } from 'keycloakify'"); };
+
+    out["messagesPerField"]= {
+        <#assign fieldNames = [
+            "global", "userLabel", "username", "email", "firstName", "lastName", "password", "password-confirm",
+            "totp", "totpSecret", "SAMLRequest", "SAMLResponse", "relayState", "device_user_code", "code", 
+            "password-new", "rememberMe", "login", "authenticationExecution", "cancel-aia", "clientDataJSON", 
+            "authenticatorData", "signature", "credentialId", "userHandle", "error", "authn_use_chk", "authenticationExecution", 
+            "isSetRetry", "try-again", "attestationObject", "publicKeyCredentialId", "authenticatorLabel"
+        ]>
+    
+        <#attempt>
+            <#if profile?? && profile.attributes?? && profile.attributes?is_enumerable>
+                <#list profile.attributes as attribute>
+                    <#if fieldNames?seq_contains(attribute.name)>
+                        <#continue>
+                    </#if>
+                    <#assign fieldNames += [attribute.name]>
+                </#list>
+            </#if>
+        <#recover>
+        </#attempt>
+    
+        "printIfExists": function (fieldName, x) {
+            <#if !messagesPerField?? >
+                return undefined;
+            <#else>
+                <#list fieldNames as fieldName>
+                    if(fieldName === "${fieldName}" ){
+                        <#attempt>
+                            <#if '${fieldName}' == 'username' || '${fieldName}' == 'password'>
+                                return <#if messagesPerField.existsError('username', 'password')>x<#else>undefined</#if>;
+                            <#else>
+                                return <#if messagesPerField.existsError('${fieldName}')>x<#else>undefined</#if>;
+                            </#if>
+                        <#recover>
+                        </#attempt>
+                    }
+                </#list>
+                throw new Error("There is no " + fieldName + " field");
+            </#if>
+        },
+        "existsError": function (fieldName) {
+            <#if !messagesPerField?? >
+                return false;
+            <#else>
+                <#list fieldNames as fieldName>
+                    if(fieldName === "${fieldName}" ){
+                        <#attempt>
+                            <#if '${fieldName}' == 'username' || '${fieldName}' == 'password'>
+                                return <#if messagesPerField.existsError('username', 'password')>true<#else>false</#if>;
+                            <#else>
+                                return <#if messagesPerField.existsError('${fieldName}')>true<#else>false</#if>;
+                            </#if>
+                        <#recover>
+                        </#attempt>
+                    }
+                </#list>
+                throw new Error("There is no " + fieldName + " field");
+            </#if>
+        },
+        "get": function (fieldName) {
+            <#if !messagesPerField?? >
+                return '';
+            <#else>
+                <#list fieldNames as fieldName>
+                    if(fieldName === "${fieldName}" ){
+                        <#attempt>
+                            <#if '${fieldName}' == 'username' || '${fieldName}' == 'password'>
+                                <#if messagesPerField.existsError('username', 'password')>
+                                    return 'Invalid username or password.';
+                                </#if>
+                            <#else>
+                                <#if messagesPerField.existsError('${fieldName}')>
+                                    return "${messagesPerField.get('${fieldName}')?no_esc}";
+                                </#if>
+                            </#if>
+                        <#recover>
+                        </#attempt>
+                    }
+                </#list>
+                throw new Error("There is no " + fieldName + " field");
+            </#if>
+        },
+        "exists": function (fieldName) {
+            <#if !messagesPerField?? >
+                return false;
+            <#else>
+                <#list fieldNames as fieldName>
+                    if(fieldName === "${fieldName}" ){
+                        <#attempt>
+                            <#if '${fieldName}' == 'username' || '${fieldName}' == 'password'>
+                                return <#if messagesPerField.exists('username') ||  messagesPerField.exists('password')>true<#else>false</#if>;
+                            <#else>
+                                return <#if messagesPerField.exists('${fieldName}')>true<#else>false</#if>;
+                            </#if>
+                        <#recover>
+                        </#attempt>
+                    }
+                </#list>
+                throw new Error("There is no " + fieldName + " field");
+            </#if>
+        }
+    };
+
+    out["pageId"] = "${pageId}";
+
+    return out;
+
+})()
+<#function ftl_object_to_js_code_declaring_an_object object path>
+
+        <#local isHash = "">
+        <#attempt>
+            <#local isHash = object?is_hash || object?is_hash_ex>
+        <#recover>
+            <#return "ABORT: Can't evaluate if " + path?join(".") + " is hash">
+        </#attempt>
+
+        <#if isHash>
+
+            <#if path?size gt 10>
+                <#return "ABORT: Too many recursive calls">
+            </#if>
+
+            <#local keys = "">
+
+            <#attempt>
+                <#local keys = object?keys>
+            <#recover>
+                <#return "ABORT: We can't list keys on this object">
+            </#attempt>
+
+
+            <#local out_seq = []>
+
+            <#list keys as key>
+
+                <#if ["class","declaredConstructors","superclass","declaringClass" ]?seq_contains(key) >
+                    <#continue>
+                </#if>
+
+                <#if 
+                    (
+                        ["loginUpdatePasswordUrl", "loginUpdateProfileUrl", "loginUsernameReminderUrl", "loginUpdateTotpUrl"]?seq_contains(key) && 
+                        are_same_path(path, ["url"])
+                    ) || (
+                        key == "updateProfileCtx" && 
+                        are_same_path(path, [])
+                    ) || (
+                        <#-- https://github.com/InseeFrLab/keycloakify/pull/65#issuecomment-991896344 (reports with saml-post-form.ftl) -->
+                        <#-- https://github.com/InseeFrLab/keycloakify/issues/91#issue-1212319466 (reports with error.ftl and Kc18) -->
+                        <#-- https://github.com/InseeFrLab/keycloakify/issues/109#issuecomment-1134610163 -->
+                        key == "loginAction" && 
+                        are_same_path(path, ["url"]) && 
+                        ["saml-post-form.ftl", "error.ftl", "info.ftl"]?seq_contains(pageId) &&
+                        !(auth?has_content && auth.showTryAnotherWayLink())
+                    ) || (
+                        ["contextData", "idpConfig", "idp", "authenticationSession"]?seq_contains(key) &&
+                        are_same_path(path, ["brokerContext"]) &&
+                        ["login-idp-link-confirm.ftl", "login-idp-link-email.ftl" ]?seq_contains(pageId)
+                    ) || (
+                        key == "identityProviderBrokerCtx" && 
+                        are_same_path(path, []) &&
+                        ["login-idp-link-confirm.ftl", "login-idp-link-email.ftl" ]?seq_contains(pageId)
+                    ) ||  (
+                        ["masterAdminClient", "delegateForUpdate", "defaultRole"]?seq_contains(key) &&
+                        are_same_path(path, ["realm"])
+                    )
+                >
+                    <#local out_seq += ["/*If you need '" + key + "' on " + pageId + ", please submit an issue to the Keycloakify repo*/"]>
+                    <#continue>
+                </#if>
+
+                <#if key == "attemptedUsername" && are_same_path(path, ["auth"])>
+
+                    <#attempt>
+                        <#-- https://github.com/keycloak/keycloak/blob/3a2bf0c04bcde185e497aaa32d0bb7ab7520cf4a/themes/src/main/resources/theme/base/login/template.ftl#L63 -->
+                        <#if !(auth?has_content && auth.showUsername() && !auth.showResetCredentials())>
+                            <#continue>
+                        </#if>
+                    <#recover>
+                    </#attempt>
+
+                </#if>
+                
+                <#attempt>
+                    <#if !object[key]??>
+                        <#continue>
+                    </#if>
+                <#recover>
+                    <#local out_seq += ["/*Couldn't test if '" + key + "' is available on this object*/"]>
+                    <#continue>
+                </#attempt>
+
+                <#local propertyValue = "">
+
+                <#attempt>
+                    <#local propertyValue = object[key]>
+                <#recover>
+                    <#local out_seq += ["/*Couldn't dereference '" + key + "' on this object*/"]>
+                    <#continue>
+                </#attempt>
+
+                <#local rec_out = ftl_object_to_js_code_declaring_an_object(propertyValue, path + [ key ])>
+
+                <#if rec_out?starts_with("ABORT:")>
+
+                    <#local errorMessage = rec_out?remove_beginning("ABORT:")>
+
+                    <#if errorMessage != " It's a method" >
+                        <#local out_seq += ["/*" + key + ": " + errorMessage + "*/"]>
+                    </#if>
+
+                    <#continue>
+                </#if>
+
+                <#local out_seq +=  ['"' + key + '": ' + rec_out + ","]>
+
+            </#list>
+
+            <#return (["{"] + out_seq?map(str -> ""?right_pad(4 * (path?size + 1)) + str) + [ ""?right_pad(4 * path?size) + "}"])?join("\n")>
+
+        </#if>
+
+        <#local isMethod = "">
+        <#attempt>
+            <#local isMethod = object?is_method>
+        <#recover>
+            <#return "ABORT: Can't test if it'sa method.">
+        </#attempt>
+
+        <#if isMethod>
+
+            <#if are_same_path(path, ["auth", "showUsername"])>
+                <#attempt>
+                    <#return auth.showUsername()?c>
+                <#recover>
+                    <#return "ABORT: Couldn't evaluate auth.showUsername()">
+                </#attempt>
+            </#if>
+
+            <#if are_same_path(path, ["auth", "showResetCredentials"])>
+                <#attempt>
+                    <#return auth.showResetCredentials()?c>
+                <#recover>
+                    <#return "ABORT: Couldn't evaluate auth.showResetCredentials()">
+                </#attempt>
+            </#if>
+
+            <#if are_same_path(path, ["auth", "showTryAnotherWayLink"])>
+                <#attempt>
+                    <#return auth.showTryAnotherWayLink()?c>
+                <#recover>
+                    <#return "ABORT: Couldn't evaluate auth.showTryAnotherWayLink()">
+                </#attempt>
+            </#if>
+
+            <#return "ABORT: It's a method">
+        </#if>
+
+        <#local isBoolean = "">
+        <#attempt>
+            <#local isBoolean = object?is_boolean>
+        <#recover>
+            <#return "ABORT: Can't test if it's a boolean">
+        </#attempt>
+
+        <#if isBoolean>
+            <#return object?c>
+        </#if>
+
+        <#local isEnumerable = "">
+        <#attempt>
+            <#local isEnumerable = object?is_enumerable>
+        <#recover>
+            <#return "ABORT: Can't test if it's an enumerable">
+        </#attempt>
+
+
+        <#if isEnumerable>
+
+            <#local out_seq = []>
+
+            <#local i = 0>
+
+            <#list object as array_item>
+
+                <#if !array_item??>
+                    <#local out_seq += ["null,"]>
+                    <#continue>
+                </#if>
+
+                <#local rec_out = ftl_object_to_js_code_declaring_an_object(array_item, path + [ i ])>
+
+                <#local i = i + 1>
+
+                <#if rec_out?starts_with("ABORT:")>
+
+                    <#local errorMessage = rec_out?remove_beginning("ABORT:")>
+
+                    <#if errorMessage != " It's a method" >
+                        <#local out_seq += ["/*" + i?string + ": " + errorMessage + "*/"]>
+                    </#if>
+
+                    <#continue>
+                </#if>
+
+                <#local out_seq += [rec_out + ","]>
+
+            </#list>
+
+            <#return (["["] + out_seq?map(str -> ""?right_pad(4 * (path?size + 1)) + str) + [ ""?right_pad(4 * path?size) + "]"])?join("\n")>
+
+        </#if>
+
+        <#attempt>
+            <#return '"' + object?js_string + '"'>;
+        <#recover>
+        </#attempt>
+
+        <#return "ABORT: Couldn't convert into string non hash, non method, non boolean, non enumerable object">
+
+</#function>
+<#function are_same_path path searchedPath>
+
+    <#if path?size != searchedPath?size>
+        <#return false>
+    </#if>
+
+    <#local i=0>
+
+    <#list path as property>
+
+        <#local searchedProperty=searchedPath[i]>
+
+        <#if searchedProperty?is_string && searchedProperty == "*">
+            <#continue>
+        </#if>
+
+        <#if searchedProperty?is_string && !property?is_string>
+            <#return false>
+        </#if>
+
+        <#if searchedProperty?is_number && !property?is_number>
+            <#return false>
+        </#if>
+
+        <#if searchedProperty?string != property?string>
+            <#return false>
+        </#if>
+
+        <#local i+= 1>
+
+    </#list>
+
+    <#return true>
+
+</#function>
+</script>

src/bin/keycloakify/generateFtl/generateFtl.ts

@@ -0,0 +1,190 @@
+import cheerio from "cheerio";
+import { replaceImportsFromStaticInJsCode } from "../replacers/replaceImportsFromStaticInJsCode";
+import { generateCssCodeToDefineGlobals } from "../replacers/replaceImportsInCssCode";
+import { replaceImportsInInlineCssCode } from "../replacers/replaceImportsInInlineCssCode";
+import * as fs from "fs";
+import { join as pathJoin } from "path";
+import { objectKeys } from "tsafe/objectKeys";
+import { ftlValuesGlobalName } from "../ftlValuesGlobalName";
+import type { BuildOptions } from "../BuildOptions";
+import { assert } from "tsafe/assert";
+import { Reflect } from "tsafe/Reflect";
+
+// https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/forms/login/freemarker/Templates.java
+export const pageIds = [
+    "login.ftl",
+    "login-username.ftl",
+    "login-password.ftl",
+    "webauthn-authenticate.ftl",
+    "register.ftl",
+    "register-user-profile.ftl",
+    "info.ftl",
+    "error.ftl",
+    "login-reset-password.ftl",
+    "login-verify-email.ftl",
+    "terms.ftl",
+    "login-otp.ftl",
+    "login-update-profile.ftl",
+    "login-update-password.ftl",
+    "login-idp-link-confirm.ftl",
+    "login-idp-link-email.ftl",
+    "login-page-expired.ftl",
+    "login-config-totp.ftl",
+    "logout-confirm.ftl",
+    "update-user-profile.ftl",
+    "idp-review-user-profile.ftl"
+] as const;
+
+export type BuildOptionsLike = BuildOptionsLike.Standalone | BuildOptionsLike.ExternalAssets;
+
+export namespace BuildOptionsLike {
+    export type Standalone = {
+        isStandalone: true;
+        urlPathname: string | undefined;
+    };
+
+    export type ExternalAssets = ExternalAssets.SameDomain | ExternalAssets.DifferentDomains;
+
+    export namespace ExternalAssets {
+        export type CommonExternalAssets = {
+            isStandalone: false;
+        };
+
+        export type SameDomain = CommonExternalAssets & {
+            areAppAndKeycloakServerSharingSameDomain: true;
+        };
+
+        export type DifferentDomains = CommonExternalAssets & {
+            areAppAndKeycloakServerSharingSameDomain: false;
+            urlOrigin: string;
+            urlPathname: string | undefined;
+        };
+    }
+}
+
+{
+    const buildOptions = Reflect<BuildOptions>();
+
+    assert<typeof buildOptions extends BuildOptionsLike ? true : false>();
+}
+
+export type PageId = typeof pageIds[number];
+
+export function generateFtlFilesCodeFactory(params: {
+    indexHtmlCode: string;
+    //NOTE: Expected to be an empty object if external assets mode is enabled.
+    cssGlobalsToDefine: Record<string, string>;
+    buildOptions: BuildOptionsLike;
+}) {
+    const { cssGlobalsToDefine, indexHtmlCode, buildOptions } = params;
+
+    const $ = cheerio.load(indexHtmlCode);
+
+    fix_imports_statements: {
+        if (!buildOptions.isStandalone && buildOptions.areAppAndKeycloakServerSharingSameDomain) {
+            break fix_imports_statements;
+        }
+
+        $("script:not([src])").each((...[, element]) => {
+            const { fixedJsCode } = replaceImportsFromStaticInJsCode({
+                "jsCode": $(element).html()!,
+                buildOptions
+            });
+
+            $(element).text(fixedJsCode);
+        });
+
+        $("style").each((...[, element]) => {
+            const { fixedCssCode } = replaceImportsInInlineCssCode({
+                "cssCode": $(element).html()!,
+                buildOptions
+            });
+
+            $(element).text(fixedCssCode);
+        });
+
+        (
+            [
+                ["link", "href"],
+                ["script", "src"]
+            ] as const
+        ).forEach(([selector, attrName]) =>
+            $(selector).each((...[, element]) => {
+                const href = $(element).attr(attrName);
+
+                if (href === undefined) {
+                    return;
+                }
+
+                $(element).attr(
+                    attrName,
+                    buildOptions.isStandalone
+                        ? href.replace(new RegExp(`^${(buildOptions.urlPathname ?? "/").replace(/\//g, "\\/")}`), "${url.resourcesPath}/build/")
+                        : href.replace(/^\//, `${buildOptions.urlOrigin}/`)
+                );
+            })
+        );
+
+        if (Object.keys(cssGlobalsToDefine).length !== 0) {
+            $("head").prepend(
+                [
+                    "",
+                    "<style>",
+                    generateCssCodeToDefineGlobals({
+                        cssGlobalsToDefine,
+                        buildOptions
+                    }).cssCodeToPrependInHead,
+                    "</style>",
+                    ""
+                ].join("\n")
+            );
+        }
+    }
+
+    //FTL is no valid html, we can't insert with cheerio, we put placeholder for injecting later.
+    const replaceValueBySearchValue = {
+        '{ "x": "vIdLqMeOed9sdLdIdOxdK0d" }': fs
+            .readFileSync(pathJoin(__dirname, "ftl_object_to_js_code_declaring_an_object.ftl"))
+            .toString("utf8")
+            .match(/^<script>const _=((?:.|\n)+)<\/script>[\n]?$/)![1],
+        "<!-- xIdLqMeOedErIdLsPdNdI9dSlxI -->": [
+            "<#if scripts??>",
+            "    <#list scripts as script>",
+            '        <script src="${script}" type="text/javascript"></script>',
+            "    </#list>",
+            "</#if>"
+        ].join("\n")
+    };
+
+    $("head").prepend(
+        [
+            "<script>",
+            `    window.${ftlValuesGlobalName}= ${objectKeys(replaceValueBySearchValue)[0]};`,
+            "</script>",
+            "",
+            objectKeys(replaceValueBySearchValue)[1]
+        ].join("\n")
+    );
+
+    const partiallyFixedIndexHtmlCode = $.html();
+
+    function generateFtlFilesCode(params: { pageId: string }): {
+        ftlCode: string;
+    } {
+        const { pageId } = params;
+
+        const $ = cheerio.load(partiallyFixedIndexHtmlCode);
+
+        let ftlCode = $.html();
+
+        Object.entries({
+            ...replaceValueBySearchValue,
+            //If updated, don't forget to change in the ftl script as well.
+            "PAGE_ID_xIgLsPgGId9D8e": pageId
+        }).map(([searchValue, replaceValue]) => (ftlCode = ftlCode.replace(searchValue, replaceValue)));
+
+        return { ftlCode };
+    }
+
+    return { generateFtlFilesCode };
+}

src/bin/keycloakify/generateFtl/index.ts

@@ -0,0 +1 @@
+export * from "./generateFtl";

src/bin/keycloakify/generateJavaStackFiles.ts

@@ -0,0 +1,87 @@
+import * as fs from "fs";
+import { join as pathJoin, dirname as pathDirname } from "path";
+import { assert } from "tsafe/assert";
+import { Reflect } from "tsafe/Reflect";
+import type { BuildOptions } from "./BuildOptions";
+
+export type BuildOptionsLike = {
+    themeName: string;
+    groupId: string;
+    artifactId?: string;
+    version: string;
+};
+
+{
+    const buildOptions = Reflect<BuildOptions>();
+
+    assert<typeof buildOptions extends BuildOptionsLike ? true : false>();
+}
+
+export function generateJavaStackFiles(params: {
+    keycloakThemeBuildingDirPath: string;
+    doBundlesEmailTemplate: boolean;
+    buildOptions: BuildOptionsLike;
+}): {
+    jarFilePath: string;
+} {
+    const {
+        buildOptions: { groupId, themeName, version, artifactId },
+        keycloakThemeBuildingDirPath,
+        doBundlesEmailTemplate
+    } = params;
+
+    {
+        const { pomFileCode } = (function generatePomFileCode(): {
+            pomFileCode: string;
+        } {
+            const pomFileCode = [
+                `<?xml version="1.0"?>`,
+                `<project xmlns="http://maven.apache.org/POM/4.0.0"`,
+                `	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"`,
+                `	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">`,
+                `	<modelVersion>4.0.0</modelVersion>`,
+                `	<groupId>${groupId}</groupId>`,
+                `	<artifactId>${artifactId}</artifactId>`,
+                `	<version>${version}</version>`,
+                `	<name>${artifactId}</name>`,
+                `	<description />`,
+                `</project>`
+            ].join("\n");
+
+            return { pomFileCode };
+        })();
+
+        fs.writeFileSync(pathJoin(keycloakThemeBuildingDirPath, "pom.xml"), Buffer.from(pomFileCode, "utf8"));
+    }
+
+    {
+        const themeManifestFilePath = pathJoin(keycloakThemeBuildingDirPath, "src", "main", "resources", "META-INF", "keycloak-themes.json");
+
+        try {
+            fs.mkdirSync(pathDirname(themeManifestFilePath));
+        } catch {}
+
+        fs.writeFileSync(
+            themeManifestFilePath,
+            Buffer.from(
+                JSON.stringify(
+                    {
+                        "themes": [
+                            {
+                                "name": themeName,
+                                "types": ["login", ...(doBundlesEmailTemplate ? ["email"] : [])]
+                            }
+                        ]
+                    },
+                    null,
+                    2
+                ),
+                "utf8"
+            )
+        );
+    }
+
+    return {
+        "jarFilePath": pathJoin(keycloakThemeBuildingDirPath, "target", `${artifactId}-${version}.jar`)
+    };
+}

src/bin/keycloakify/generateKeycloakThemeResources.ts

@@ -0,0 +1,201 @@
+import { transformCodebase } from "../tools/transformCodebase";
+import * as fs from "fs";
+import { join as pathJoin, basename as pathBasename } from "path";
+import { replaceImportsFromStaticInJsCode } from "./replacers/replaceImportsFromStaticInJsCode";
+import { replaceImportsInCssCode } from "./replacers/replaceImportsInCssCode";
+import { generateFtlFilesCodeFactory, pageIds } from "./generateFtl";
+import { downloadBuiltinKeycloakTheme } from "../download-builtin-keycloak-theme";
+import { mockTestingResourcesCommonPath, mockTestingResourcesPath, mockTestingSubDirOfPublicDirBasename } from "../mockTestingResourcesPath";
+import { isInside } from "../tools/isInside";
+import type { BuildOptions } from "./BuildOptions";
+import { assert } from "tsafe/assert";
+import { Reflect } from "tsafe/Reflect";
+import { getLogger } from "../tools/logger";
+
+export type BuildOptionsLike = BuildOptionsLike.Standalone | BuildOptionsLike.ExternalAssets;
+
+export namespace BuildOptionsLike {
+    export type Common = {
+        themeName: string;
+        extraPages?: string[];
+        extraThemeProperties?: string[];
+        isSilent: boolean;
+    };
+
+    export type Standalone = Common & {
+        isStandalone: true;
+        urlPathname: string | undefined;
+    };
+
+    export type ExternalAssets = ExternalAssets.SameDomain | ExternalAssets.DifferentDomains;
+
+    export namespace ExternalAssets {
+        export type CommonExternalAssets = Common & {
+            isStandalone: false;
+        };
+
+        export type SameDomain = CommonExternalAssets & {
+            areAppAndKeycloakServerSharingSameDomain: true;
+        };
+
+        export type DifferentDomains = CommonExternalAssets & {
+            areAppAndKeycloakServerSharingSameDomain: false;
+            urlOrigin: string;
+            urlPathname: string | undefined;
+        };
+    }
+}
+
+{
+    const buildOptions = Reflect<BuildOptions>();
+
+    assert<typeof buildOptions extends BuildOptionsLike ? true : false>();
+}
+
+export async function generateKeycloakThemeResources(params: {
+    reactAppBuildDirPath: string;
+    keycloakThemeBuildingDirPath: string;
+    keycloakThemeEmailDirPath: string;
+    keycloakVersion: string;
+    buildOptions: BuildOptionsLike;
+}): Promise<{ doBundlesEmailTemplate: boolean }> {
+    const { reactAppBuildDirPath, keycloakThemeBuildingDirPath, keycloakThemeEmailDirPath, keycloakVersion, buildOptions } = params;
+
+    const logger = getLogger({ isSilent: buildOptions.isSilent });
+    const themeDirPath = pathJoin(keycloakThemeBuildingDirPath, "src", "main", "resources", "theme", buildOptions.themeName, "login");
+
+    let allCssGlobalsToDefine: Record<string, string> = {};
+
+    transformCodebase({
+        "destDirPath": buildOptions.isStandalone ? pathJoin(themeDirPath, "resources", "build") : reactAppBuildDirPath,
+        "srcDirPath": reactAppBuildDirPath,
+        "transformSourceCode": ({ filePath, sourceCode }) => {
+            //NOTE: Prevent cycles, excludes the folder we generated for debug in public/
+            if (
+                buildOptions.isStandalone &&
+                isInside({
+                    "dirPath": pathJoin(reactAppBuildDirPath, mockTestingSubDirOfPublicDirBasename),
+                    filePath
+                })
+            ) {
+                return undefined;
+            }
+
+            if (/\.css?$/i.test(filePath)) {
+                if (!buildOptions.isStandalone) {
+                    return undefined;
+                }
+
+                const { cssGlobalsToDefine, fixedCssCode } = replaceImportsInCssCode({
+                    "cssCode": sourceCode.toString("utf8")
+                });
+
+                allCssGlobalsToDefine = {
+                    ...allCssGlobalsToDefine,
+                    ...cssGlobalsToDefine
+                };
+
+                return { "modifiedSourceCode": Buffer.from(fixedCssCode, "utf8") };
+            }
+
+            if (/\.js?$/i.test(filePath)) {
+                if (!buildOptions.isStandalone && buildOptions.areAppAndKeycloakServerSharingSameDomain) {
+                    return undefined;
+                }
+
+                const { fixedJsCode } = replaceImportsFromStaticInJsCode({
+                    "jsCode": sourceCode.toString("utf8"),
+                    buildOptions
+                });
+
+                return { "modifiedSourceCode": Buffer.from(fixedJsCode, "utf8") };
+            }
+
+            return buildOptions.isStandalone ? { "modifiedSourceCode": sourceCode } : undefined;
+        }
+    });
+
+    let doBundlesEmailTemplate: boolean;
+
+    email: {
+        if (!fs.existsSync(keycloakThemeEmailDirPath)) {
+            logger.log(
+                [
+                    `Not bundling email template because ${pathBasename(keycloakThemeEmailDirPath)} does not exist`,
+                    `To start customizing the email template, run: 👉 npx create-keycloak-email-directory 👈`
+                ].join("\n")
+            );
+            doBundlesEmailTemplate = false;
+            break email;
+        }
+
+        doBundlesEmailTemplate = true;
+
+        transformCodebase({
+            "srcDirPath": keycloakThemeEmailDirPath,
+            "destDirPath": pathJoin(themeDirPath, "..", "email")
+        });
+    }
+
+    const { generateFtlFilesCode } = generateFtlFilesCodeFactory({
+        "indexHtmlCode": fs.readFileSync(pathJoin(reactAppBuildDirPath, "index.html")).toString("utf8"),
+        "cssGlobalsToDefine": allCssGlobalsToDefine,
+        "buildOptions": buildOptions
+    });
+
+    [...pageIds, ...(buildOptions.extraPages ?? [])].forEach(pageId => {
+        const { ftlCode } = generateFtlFilesCode({ pageId });
+
+        fs.mkdirSync(themeDirPath, { "recursive": true });
+
+        fs.writeFileSync(pathJoin(themeDirPath, pageId), Buffer.from(ftlCode, "utf8"));
+    });
+
+    {
+        const tmpDirPath = pathJoin(themeDirPath, "..", "tmp_xxKdLpdIdLd");
+
+        await downloadBuiltinKeycloakTheme({
+            keycloakVersion,
+            "destDirPath": tmpDirPath,
+            isSilent: buildOptions.isSilent
+        });
+
+        const themeResourcesDirPath = pathJoin(themeDirPath, "resources");
+
+        transformCodebase({
+            "srcDirPath": pathJoin(tmpDirPath, "keycloak", "login", "resources"),
+            "destDirPath": themeResourcesDirPath
+        });
+
+        const reactAppPublicDirPath = pathJoin(reactAppBuildDirPath, "..", "public");
+
+        transformCodebase({
+            "srcDirPath": pathJoin(tmpDirPath, "keycloak", "common", "resources"),
+            "destDirPath": pathJoin(themeResourcesDirPath, pathBasename(mockTestingResourcesCommonPath))
+        });
+
+        transformCodebase({
+            "srcDirPath": themeResourcesDirPath,
+            "destDirPath": pathJoin(reactAppPublicDirPath, mockTestingResourcesPath)
+        });
+
+        const keycloakResourcesWithinPublicDirPath = pathJoin(reactAppPublicDirPath, mockTestingSubDirOfPublicDirBasename);
+
+        fs.writeFileSync(
+            pathJoin(keycloakResourcesWithinPublicDirPath, "README.txt"),
+            Buffer.from(
+                ["This is just a test folder that helps develop", "the login and register page without having to run a Keycloak container"].join(" ")
+            )
+        );
+
+        fs.writeFileSync(pathJoin(keycloakResourcesWithinPublicDirPath, ".gitignore"), Buffer.from("*", "utf8"));
+        fs.rmSync(tmpDirPath, { recursive: true, force: true });
+    }
+
+    fs.writeFileSync(
+        pathJoin(themeDirPath, "theme.properties"),
+        Buffer.from(["parent=keycloak", ...(buildOptions.extraThemeProperties ?? [])].join("\n\n"), "utf8")
+    );
+
+    return { doBundlesEmailTemplate };
+}

src/bin/keycloakify/generateStartKeycloakTestingContainer.ts

@@ -0,0 +1,65 @@
+import * as fs from "fs";
+import { join as pathJoin } from "path";
+import { assert } from "tsafe/assert";
+import { Reflect } from "tsafe/Reflect";
+import type { BuildOptions } from "./BuildOptions";
+
+export type BuildOptionsLike = {
+    themeName: string;
+};
+
+{
+    const buildOptions = Reflect<BuildOptions>();
+
+    assert<typeof buildOptions extends BuildOptionsLike ? true : false>();
+}
+
+generateStartKeycloakTestingContainer.basename = "start_keycloak_testing_container.sh";
+
+const containerName = "keycloak-testing-container";
+
+/** Files for being able to run a hot reload keycloak container */
+export function generateStartKeycloakTestingContainer(params: {
+    keycloakVersion: string;
+    keycloakThemeBuildingDirPath: string;
+    buildOptions: BuildOptionsLike;
+}) {
+    const {
+        keycloakThemeBuildingDirPath,
+        keycloakVersion,
+        buildOptions: { themeName }
+    } = params;
+
+    fs.writeFileSync(
+        pathJoin(keycloakThemeBuildingDirPath, generateStartKeycloakTestingContainer.basename),
+        Buffer.from(
+            [
+                "#!/usr/bin/env bash",
+                "",
+                `docker rm ${containerName} || true`,
+                "",
+                `cd ${keycloakThemeBuildingDirPath}`,
+                "",
+                "docker run \\",
+                "   -p 8080:8080 \\",
+                `   --name ${containerName} \\`,
+                "   -e KEYCLOAK_ADMIN=admin \\",
+                "   -e KEYCLOAK_ADMIN_PASSWORD=admin \\",
+                "   -e JAVA_OPTS=-Dkeycloak.profile=preview \\",
+                `   -v ${pathJoin(
+                    keycloakThemeBuildingDirPath,
+                    "src",
+                    "main",
+                    "resources",
+                    "theme",
+                    themeName
+                )}:/opt/keycloak/themes/${themeName}:rw \\`,
+                `   -it quay.io/keycloak/keycloak:${keycloakVersion} \\`,
+                `   start-dev`,
+                ""
+            ].join("\n"),
+            "utf8"
+        ),
+        { "mode": 0o755 }
+    );
+}

src/bin/keycloakify/index.ts

@@ -0,0 +1,8 @@
+#!/usr/bin/env node
+
+export * from "./keycloakify";
+import { main } from "./keycloakify";
+
+if (require.main === module) {
+    main();
+}

src/bin/keycloakify/keycloakify.ts

@@ -0,0 +1,139 @@
+import { generateKeycloakThemeResources } from "./generateKeycloakThemeResources";
+import { generateJavaStackFiles } from "./generateJavaStackFiles";
+import { join as pathJoin, relative as pathRelative, basename as pathBasename } from "path";
+import * as child_process from "child_process";
+import { generateStartKeycloakTestingContainer } from "./generateStartKeycloakTestingContainer";
+import * as fs from "fs";
+import { readBuildOptions } from "./BuildOptions";
+import { getLogger } from "../tools/logger";
+import { getCliOptions } from "../tools/cliOptions";
+import jar from "../tools/jar";
+import { assert } from "tsafe/assert";
+import type { Equals } from "tsafe";
+
+const reactProjectDirPath = process.cwd();
+
+export const keycloakThemeBuildingDirPath = pathJoin(reactProjectDirPath, "build_keycloak");
+export const keycloakThemeEmailDirPath = pathJoin(keycloakThemeBuildingDirPath, "..", "keycloak_email");
+
+export async function main() {
+    const { isSilent, hasExternalAssets } = getCliOptions(process.argv.slice(2));
+    const logger = getLogger({ isSilent });
+    logger.log("🔏 Building the keycloak theme...⌚");
+
+    const buildOptions = readBuildOptions({
+        "packageJson": fs.readFileSync(pathJoin(reactProjectDirPath, "package.json")).toString("utf8"),
+        "CNAME": (() => {
+            const cnameFilePath = pathJoin(reactProjectDirPath, "public", "CNAME");
+
+            if (!fs.existsSync(cnameFilePath)) {
+                return undefined;
+            }
+
+            return fs.readFileSync(cnameFilePath).toString("utf8");
+        })(),
+        "isExternalAssetsCliParamProvided": hasExternalAssets,
+        "isSilent": isSilent
+    });
+
+    const { doBundlesEmailTemplate } = await generateKeycloakThemeResources({
+        keycloakThemeBuildingDirPath,
+        keycloakThemeEmailDirPath,
+        "reactAppBuildDirPath": pathJoin(reactProjectDirPath, "build"),
+        buildOptions,
+        //We have to leave it at that otherwise we break our default theme.
+        //Problem is that we can't guarantee that the the old resources
+        //will still be available on the newer keycloak version.
+        "keycloakVersion": "11.0.3"
+    });
+
+    const { jarFilePath } = generateJavaStackFiles({
+        keycloakThemeBuildingDirPath,
+        doBundlesEmailTemplate,
+        buildOptions
+    });
+
+    switch (buildOptions.bundler) {
+        case "none":
+            logger.log("😱 Skipping bundling step, there will be no jar");
+            break;
+        case "keycloakify":
+            logger.log("🫶 Let keycloakify do its thang");
+            await jar({
+                "rootPath": keycloakThemeBuildingDirPath,
+                "version": buildOptions.version,
+                "groupId": buildOptions.groupId,
+                "artifactId": buildOptions.artifactId || `${buildOptions.themeName}-keycloak-theme`,
+                "targetPath": jarFilePath
+            });
+            break;
+        case "mvn":
+            logger.log("🫙 Run maven to deliver a jar");
+            child_process.execSync("mvn package", { "cwd": keycloakThemeBuildingDirPath });
+            break;
+        default:
+            assert<Equals<typeof buildOptions.bundler, never>>(false);
+    }
+
+    // We want, however, to test in a container running the latest Keycloak version
+    const containerKeycloakVersion = "20.0.1";
+
+    generateStartKeycloakTestingContainer({
+        keycloakThemeBuildingDirPath,
+        "keycloakVersion": containerKeycloakVersion,
+        buildOptions
+    });
+
+    logger.log(
+        [
+            "",
+            `✅ Your keycloak theme has been generated and bundled into ./${pathRelative(reactProjectDirPath, jarFilePath)} 🚀`,
+            `It is to be placed in "/opt/keycloak/providers" in the container running a quay.io/keycloak/keycloak Docker image.`,
+            "",
+            //TODO: Restore when we find a good Helm chart for Keycloak.
+            //"Using Helm (https://github.com/codecentric/helm-charts), edit to reflect:",
+            "",
+            "value.yaml: ",
+            "    extraInitContainers: |",
+            "        - name: realm-ext-provider",
+            "          image: curlimages/curl",
+            "          imagePullPolicy: IfNotPresent",
+            "          command:",
+            "            - sh",
+            "          args:",
+            "            - -c",
+            `            - curl -L -f -S -o /extensions/${pathBasename(jarFilePath)} https://AN.URL.FOR/${pathBasename(jarFilePath)}`,
+            "          volumeMounts:",
+            "            - name: extensions",
+            "              mountPath: /extensions",
+            "        ",
+            "        extraVolumeMounts: |",
+            "            - name: extensions",
+            "              mountPath: /opt/keycloak/providers",
+            "    extraEnv: |",
+            "    - name: KEYCLOAK_USER",
+            "      value: admin",
+            "    - name: KEYCLOAK_PASSWORD",
+            "      value: xxxxxxxxx",
+            "    - name: JAVA_OPTS",
+            "      value: -Dkeycloak.profile=preview",
+            "",
+            "",
+            `To test your theme locally you can spin up a Keycloak ${containerKeycloakVersion} container image with the theme pre loaded by running:`,
+            "",
+            `👉 $ ./${pathRelative(reactProjectDirPath, pathJoin(keycloakThemeBuildingDirPath, generateStartKeycloakTestingContainer.basename))} 👈`,
+            "",
+            "Test with different Keycloak versions by editing the .sh file. see available versions here: https://quay.io/repository/keycloak/keycloak?tab=tags",
+            "",
+            "Once your container is up and running: ",
+            "- Log into the admin console 👉 http://localhost:8080/admin username: admin, password: admin 👈",
+            '- Create a realm named "myrealm"',
+            '- Create a client with ID: "myclient", "Root URL": "https://www.keycloak.org/app/" and "Valid redirect URIs": "https://www.keycloak.org/app/*"',
+            `- Select Login Theme: ${buildOptions.themeName} (don't forget to save at the bottom of the page)`,
+            `- Go to 👉 https://www.keycloak.org/app/ 👈 Click "Save" then "Sign in". You should see your login page`,
+            "",
+            "Video demoing this process: https://youtu.be/N3wlBoH4hKg",
+            ""
+        ].join("\n")
+    );
+}

src/bin/keycloakify/replacers/replaceImportsFromStaticInJsCode.ts

@@ -0,0 +1,86 @@
+import { ftlValuesGlobalName } from "../ftlValuesGlobalName";
+import type { BuildOptions } from "../BuildOptions";
+import { assert } from "tsafe/assert";
+import { is } from "tsafe/is";
+import { Reflect } from "tsafe/Reflect";
+
+export type BuildOptionsLike = BuildOptionsLike.Standalone | BuildOptionsLike.ExternalAssets;
+
+export namespace BuildOptionsLike {
+    export type Standalone = {
+        isStandalone: true;
+    };
+
+    export type ExternalAssets = {
+        isStandalone: false;
+        urlOrigin: string;
+    };
+}
+
+{
+    const buildOptions = Reflect<BuildOptions>();
+
+    assert(!is<BuildOptions.ExternalAssets.CommonExternalAssets>(buildOptions));
+
+    assert<typeof buildOptions extends BuildOptionsLike ? true : false>();
+}
+
+export function replaceImportsFromStaticInJsCode(params: { jsCode: string; buildOptions: BuildOptionsLike }): { fixedJsCode: string } {
+    /* 
+	NOTE:
+
+	When we have urlOrigin defined it means that 
+	we are building with --external-assets
+	so we have to make sur that the fixed js code will run 
+	inside and outside keycloak.
+
+	When urlOrigin isn't defined we can assume the fixedJsCode
+	will always run in keycloak context.
+	*/
+
+    const { jsCode, buildOptions } = params;
+
+    const getReplaceArgs = (language: "js" | "css"): Parameters<typeof String.prototype.replace> => [
+        new RegExp(`([a-zA-Z_]+)\\.([a-zA-Z]+)=function\\(([a-zA-Z]+)\\){return"static\\/${language}\\/"`, "g"),
+        (...[, n, u, e]) => `
+			${n}[(function(){
+                var pd= Object.getOwnPropertyDescriptor(${n}, "p");
+                if( pd === undefined || pd.configurable ){
+                ${
+                    buildOptions.isStandalone
+                        ? `
+                        Object.defineProperty(${n}, "p", {
+                            get: function() { return window.${ftlValuesGlobalName}.url.resourcesPath; },
+                            set: function (){}
+                        });
+                    `
+                        : `
+                    var p= "";
+                    Object.defineProperty(${n}, "p", {
+                        get: function() { return "${ftlValuesGlobalName}" in window ? "${buildOptions.urlOrigin}/" : p; },
+                        set: function (value){ p = value;}
+                    });
+                    `
+                }
+                }
+				return "${u}";
+			})()] = function(${e}) { return "${buildOptions.isStandalone ? "/build/" : ""}static/${language}/"`
+    ];
+
+    const fixedJsCode = jsCode
+        .replace(...getReplaceArgs("js"))
+        .replace(...getReplaceArgs("css"))
+        .replace(/([a-zA-Z]+\.[a-zA-Z]+)\+"static\//g, (...[, group]) =>
+            buildOptions.isStandalone
+                ? `window.${ftlValuesGlobalName}.url.resourcesPath + "/build/static/`
+                : `("${ftlValuesGlobalName}" in window ? "${buildOptions.urlOrigin}/" : ${group}) + "static/`
+        )
+        //TODO: Write a test case for this
+        .replace(/".chunk.css",([a-zA-Z])+=([a-zA-Z]+\.[a-zA-Z]+)\+([a-zA-Z]+),/, (...[, group1, group2, group3]) =>
+            buildOptions.isStandalone
+                ? `".chunk.css",${group1} = window.${ftlValuesGlobalName}.url.resourcesPath + "/build/" + ${group3},`
+                : `".chunk.css",${group1} = ("${ftlValuesGlobalName}" in window ? "${buildOptions.urlOrigin}/" : ${group2}) + ${group3},`
+        );
+
+    return { fixedJsCode };
+}

src/bin/keycloakify/replacers/replaceImportsInCssCode.ts

@@ -0,0 +1,64 @@
+import * as crypto from "crypto";
+import type { BuildOptions } from "../BuildOptions";
+import { assert } from "tsafe/assert";
+import { is } from "tsafe/is";
+import { Reflect } from "tsafe/Reflect";
+
+export type BuildOptionsLike = {
+    urlPathname: string | undefined;
+};
+
+{
+    const buildOptions = Reflect<BuildOptions>();
+
+    assert(!is<BuildOptions.ExternalAssets.CommonExternalAssets>(buildOptions));
+
+    assert<typeof buildOptions extends BuildOptionsLike ? true : false>();
+}
+
+export function replaceImportsInCssCode(params: { cssCode: string }): {
+    fixedCssCode: string;
+    cssGlobalsToDefine: Record<string, string>;
+} {
+    const { cssCode } = params;
+
+    const cssGlobalsToDefine: Record<string, string> = {};
+
+    new Set(cssCode.match(/url\(["']?\/[^/][^)"']+["']?\)[^;}]*/g) ?? []).forEach(
+        match => (cssGlobalsToDefine["url" + crypto.createHash("sha256").update(match).digest("hex").substring(0, 15)] = match)
+    );
+
+    let fixedCssCode = cssCode;
+
+    Object.keys(cssGlobalsToDefine).forEach(
+        cssVariableName =>
+            //NOTE: split/join pattern ~ replace all
+            (fixedCssCode = fixedCssCode.split(cssGlobalsToDefine[cssVariableName]).join(`var(--${cssVariableName})`))
+    );
+
+    return { fixedCssCode, cssGlobalsToDefine };
+}
+
+export function generateCssCodeToDefineGlobals(params: { cssGlobalsToDefine: Record<string, string>; buildOptions: BuildOptionsLike }): {
+    cssCodeToPrependInHead: string;
+} {
+    const { cssGlobalsToDefine, buildOptions } = params;
+
+    return {
+        "cssCodeToPrependInHead": [
+            ":root {",
+            ...Object.keys(cssGlobalsToDefine)
+                .map(cssVariableName =>
+                    [
+                        `--${cssVariableName}:`,
+                        cssGlobalsToDefine[cssVariableName].replace(
+                            new RegExp(`url\\(${(buildOptions.urlPathname ?? "/").replace(/\//g, "\\/")}`, "g"),
+                            "url(${url.resourcesPath}/build/"
+                        )
+                    ].join(" ")
+                )
+                .map(line => `    ${line};`),
+            "}"
+        ].join("\n")
+    };
+}

src/bin/keycloakify/replacers/replaceImportsInInlineCssCode.ts

@@ -0,0 +1,47 @@
+import type { BuildOptions } from "../BuildOptions";
+import { assert } from "tsafe/assert";
+import { is } from "tsafe/is";
+import { Reflect } from "tsafe/Reflect";
+
+export type BuildOptionsLike = BuildOptionsLike.Standalone | BuildOptionsLike.ExternalAssets;
+
+export namespace BuildOptionsLike {
+    export type Common = {
+        urlPathname: string | undefined;
+    };
+
+    export type Standalone = Common & {
+        isStandalone: true;
+    };
+
+    export type ExternalAssets = Common & {
+        isStandalone: false;
+        urlOrigin: string;
+    };
+}
+
+{
+    const buildOptions = Reflect<BuildOptions>();
+
+    assert(!is<BuildOptions.ExternalAssets.CommonExternalAssets>(buildOptions));
+
+    assert<typeof buildOptions extends BuildOptionsLike ? true : false>();
+}
+
+export function replaceImportsInInlineCssCode(params: { cssCode: string; buildOptions: BuildOptionsLike }): {
+    fixedCssCode: string;
+} {
+    const { cssCode, buildOptions } = params;
+
+    const fixedCssCode = cssCode.replace(
+        buildOptions.urlPathname === undefined
+            ? /url\(["']?\/([^/][^)"']+)["']?\)/g
+            : new RegExp(`url\\(["']?${buildOptions.urlPathname}([^)"']+)["']?\\)`, "g"),
+        (...[, group]) =>
+            `url(${
+                buildOptions.isStandalone ? "${url.resourcesPath}/build/" + group : buildOptions.urlOrigin + (buildOptions.urlPathname ?? "/") + group
+            })`
+    );
+
+    return { fixedCssCode };
+}

src/bin/link_in_test_app.ts

@@ -0,0 +1,128 @@
+import { execSync } from "child_process";
+import { join as pathJoin, relative as pathRelative } from "path";
+import { exclude } from "tsafe/exclude";
+import * as fs from "fs";
+
+const keycloakifyDirPath = pathJoin(__dirname, "..", "..");
+
+fs.writeFileSync(
+    pathJoin(keycloakifyDirPath, "dist", "package.json"),
+    Buffer.from(
+        JSON.stringify(
+            (() => {
+                const packageJsonParsed = JSON.parse(fs.readFileSync(pathJoin(keycloakifyDirPath, "package.json")).toString("utf8"));
+
+                return {
+                    ...packageJsonParsed,
+                    "main": packageJsonParsed["main"].replace(/^dist\//, ""),
+                    "types": packageJsonParsed["types"].replace(/^dist\//, ""),
+                    "bin": Object.fromEntries(Object.entries<string>(packageJsonParsed["bin"]).map(([k, v]) => [k, v.replace(/^dist\//, "")]))
+                };
+            })(),
+            null,
+            2
+        ),
+        "utf8"
+    )
+);
+
+const commonThirdPartyDeps = (() => {
+    const namespaceModuleNames = ["@emotion"];
+    const standaloneModuleNames = ["react", "@types/react", "powerhooks", "tss-react", "evt"];
+
+    return [
+        ...namespaceModuleNames
+            .map(namespaceModuleName =>
+                fs
+                    .readdirSync(pathJoin(keycloakifyDirPath, "node_modules", namespaceModuleName))
+                    .map(submoduleName => `${namespaceModuleName}/${submoduleName}`)
+            )
+            .reduce((prev, curr) => [...prev, ...curr], []),
+        ...standaloneModuleNames
+    ];
+})();
+
+const yarnHomeDirPath = pathJoin(keycloakifyDirPath, ".yarn_home");
+
+fs.rmSync(yarnHomeDirPath, { "recursive": true, "force": true });
+fs.mkdirSync(yarnHomeDirPath);
+
+const execYarnLink = (params: { targetModuleName?: string; cwd: string }) => {
+    const { targetModuleName, cwd } = params;
+
+    const cmd = ["yarn", "link", ...(targetModuleName !== undefined ? [targetModuleName] : [])].join(" ");
+
+    console.log(`$ cd ${pathRelative(keycloakifyDirPath, cwd) || "."} && ${cmd}`);
+
+    execSync(cmd, {
+        cwd,
+        "env": {
+            ...process.env,
+            "HOME": yarnHomeDirPath
+        }
+    });
+};
+
+const testAppPaths = (() => {
+    const arg = process.argv[2];
+
+    const testAppNames = arg !== undefined ? [arg] : ["keycloakify-starter", "keycloakify-advanced-starter"];
+
+    return testAppNames
+        .map(testAppName => {
+            const testAppPath = pathJoin(keycloakifyDirPath, "..", testAppName);
+
+            if (fs.existsSync(testAppPath)) {
+                return testAppPath;
+            }
+
+            console.warn(`Skipping ${testAppName} since it cant be found here: ${testAppPath}`);
+
+            return undefined;
+        })
+        .filter(exclude(undefined));
+})();
+
+if (testAppPaths.length === 0) {
+    console.error("No test app to link into!");
+    process.exit(-1);
+}
+
+testAppPaths.forEach(testAppPath => execSync("yarn install", { "cwd": testAppPath }));
+
+console.log("=== Linking common dependencies ===");
+
+const total = commonThirdPartyDeps.length;
+let current = 0;
+
+commonThirdPartyDeps.forEach(commonThirdPartyDep => {
+    current++;
+
+    console.log(`${current}/${total} ${commonThirdPartyDep}`);
+
+    const localInstallPath = pathJoin(
+        ...[keycloakifyDirPath, "node_modules", ...(commonThirdPartyDep.startsWith("@") ? commonThirdPartyDep.split("/") : [commonThirdPartyDep])]
+    );
+
+    execYarnLink({ "cwd": localInstallPath });
+});
+
+commonThirdPartyDeps.forEach(commonThirdPartyDep =>
+    testAppPaths.forEach(testAppPath =>
+        execYarnLink({
+            "cwd": testAppPath,
+            "targetModuleName": commonThirdPartyDep
+        })
+    )
+);
+
+console.log("=== Linking in house dependencies ===");
+
+execYarnLink({ "cwd": pathJoin(keycloakifyDirPath, "dist") });
+
+testAppPaths.forEach(testAppPath =>
+    execYarnLink({
+        "cwd": testAppPath,
+        "targetModuleName": "keycloakify"
+    })
+);

src/bin/mockTestingResourcesPath.ts

@@ -0,0 +1,5 @@
+import { pathJoin } from "./tools/pathJoin";
+
+export const mockTestingSubDirOfPublicDirBasename = "keycloak_static";
+export const mockTestingResourcesPath = pathJoin(mockTestingSubDirOfPublicDirBasename, "resources");
+export const mockTestingResourcesCommonPath = pathJoin(mockTestingResourcesPath, "resources_common");

src/bin/promptKeycloakVersion.ts

@@ -0,0 +1,47 @@
+import { getLatestsSemVersionedTagFactory } from "./tools/octokit-addons/getLatestsSemVersionedTag";
+import { Octokit } from "@octokit/rest";
+import cliSelect from "cli-select";
+
+export async function promptKeycloakVersion() {
+    const { getLatestsSemVersionedTag } = (() => {
+        const { octokit } = (() => {
+            const githubToken = process.env.GITHUB_TOKEN;
+
+            const octokit = new Octokit(githubToken === undefined ? undefined : { "auth": githubToken });
+
+            return { octokit };
+        })();
+
+        const { getLatestsSemVersionedTag } = getLatestsSemVersionedTagFactory({ octokit });
+
+        return { getLatestsSemVersionedTag };
+    })();
+
+    console.log("Initialize the directory with email template from which keycloak version?");
+
+    const tags = [
+        ...(await getLatestsSemVersionedTag({
+            "count": 10,
+            "doIgnoreBeta": true,
+            "owner": "keycloak",
+            "repo": "keycloak"
+        }).then(arr => arr.map(({ tag }) => tag))),
+        "11.0.3"
+    ];
+
+    if (process.env["GITHUB_ACTIONS"] === "true") {
+        return { "keycloakVersion": tags[0] };
+    }
+
+    const { value: keycloakVersion } = await cliSelect<string>({
+        "values": tags
+    }).catch(() => {
+        console.log("Aborting");
+
+        process.exit(-1);
+    });
+
+    console.log(keycloakVersion);
+
+    return { keycloakVersion };
+}

src/bin/tools/NpmModuleVersion.ts

@@ -0,0 +1,73 @@
+export type NpmModuleVersion = {
+    major: number;
+    minor: number;
+    patch: number;
+    betaPreRelease?: number;
+};
+
+export namespace NpmModuleVersion {
+    export function parse(versionStr: string): NpmModuleVersion {
+        const match = versionStr.match(/^([0-9]+)\.([0-9]+)\.([0-9]+)(?:-beta.([0-9]+))?/);
+
+        if (!match) {
+            throw new Error(`${versionStr} is not a valid NPM version`);
+        }
+
+        return {
+            "major": parseInt(match[1]),
+            "minor": parseInt(match[2]),
+            "patch": parseInt(match[3]),
+            ...(() => {
+                const str = match[4];
+                return str === undefined ? {} : { "betaPreRelease": parseInt(str) };
+            })()
+        };
+    }
+
+    export function stringify(v: NpmModuleVersion) {
+        return `${v.major}.${v.minor}.${v.patch}${v.betaPreRelease === undefined ? "" : `-beta.${v.betaPreRelease}`}`;
+    }
+
+    /**
+     *
+     * v1  <  v2  => -1
+     * v1 === v2  => 0
+     * v1  >  v2  => 1
+     *
+     */
+    export function compare(v1: NpmModuleVersion, v2: NpmModuleVersion): -1 | 0 | 1 {
+        const sign = (diff: number): -1 | 0 | 1 => (diff === 0 ? 0 : diff < 0 ? -1 : 1);
+        const noUndefined = (n: number | undefined) => n ?? Infinity;
+
+        for (const level of ["major", "minor", "patch", "betaPreRelease"] as const) {
+            if (noUndefined(v1[level]) !== noUndefined(v2[level])) {
+                return sign(noUndefined(v1[level]) - noUndefined(v2[level]));
+            }
+        }
+
+        return 0;
+    }
+
+    /*
+    console.log(compare(parse("3.0.0-beta.3"), parse("3.0.0")) === -1 )
+    console.log(compare(parse("3.0.0-beta.3"), parse("3.0.0-beta.4")) === -1 )
+    console.log(compare(parse("3.0.0-beta.3"), parse("4.0.0")) === -1 )
+    */
+
+    export function bumpType(params: { versionBehindStr: string; versionAheadStr: string }): "major" | "minor" | "patch" | "betaPreRelease" | "same" {
+        const versionAhead = parse(params.versionAheadStr);
+        const versionBehind = parse(params.versionBehindStr);
+
+        if (compare(versionBehind, versionAhead) === 1) {
+            throw new Error(`Version regression ${versionBehind} -> ${versionAhead}`);
+        }
+
+        for (const level of ["major", "minor", "patch", "betaPreRelease"] as const) {
+            if (versionBehind[level] !== versionAhead[level]) {
+                return level;
+            }
+        }
+
+        return "same";
+    }
+}

src/bin/tools/cliOptions.ts

@@ -0,0 +1,15 @@
+import parseArgv from "minimist";
+
+export type CliOptions = {
+    isSilent: boolean;
+    hasExternalAssets: boolean;
+};
+
+export const getCliOptions = (processArgv: string[]): CliOptions => {
+    const argv = parseArgv(processArgv);
+
+    return {
+        isSilent: typeof argv["silent"] === "boolean" ? argv["silent"] : false,
+        hasExternalAssets: typeof argv["external-assets"] === "boolean" ? argv["external-assets"] : false
+    };
+};

src/bin/tools/crawl.ts

@@ -3,35 +3,25 @@ import * as path from "path";
 
 /** List all files in a given directory return paths relative to the dir_path */
 export const crawl = (() => {
-
     const crawlRec = (dir_path: string, paths: string[]) => {
-
         for (const file_name of fs.readdirSync(dir_path)) {
-
             const file_path = path.join(dir_path, file_name);
 
             if (fs.lstatSync(file_path).isDirectory()) {
-
                 crawlRec(file_path, paths);
 
                 continue;
-
             }
 
             paths.push(file_path);
-
         }
-
     };
 
     return function crawl(dir_path: string): string[] {
-
         const paths: string[] = [];
 
         crawlRec(dir_path, paths);
 
         return paths.map(file_path => path.relative(dir_path, file_path));
-
-    }
-
-})();
+    };
+})();

src/bin/tools/crc32.ts

@@ -0,0 +1,54 @@
+import { Readable } from "stream";
+
+const crc32tab = [
+    0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
+    0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
+    0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
+    0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
+    0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
+    0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
+    0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
+    0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
+    0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
+    0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
+    0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
+    0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
+    0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
+    0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
+    0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
+    0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
+    0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
+    0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
+    0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
+    0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
+    0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
+    0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
+];
+
+/**
+ *
+ * @param input either a byte stream, a string or a buffer, you want to have the checksum for
+ * @returns a promise for a checksum (uint32)
+ */
+export function crc32(input: Readable | String | Buffer): Promise<number> {
+    if (typeof input === "string") {
+        let crc = ~0;
+        for (let i = 0; i < input.length; i++) crc = (crc >>> 8) ^ crc32tab[(crc ^ input.charCodeAt(i)) & 0xff];
+        return Promise.resolve((crc ^ -1) >>> 0);
+    } else if (input instanceof Buffer) {
+        let crc = ~0;
+        for (let i = 0; i < input.length; i++) crc = (crc >>> 8) ^ crc32tab[(crc ^ input[i]) & 0xff];
+        return Promise.resolve((crc ^ -1) >>> 0);
+    } else if (input instanceof Readable) {
+        return new Promise<number>((resolve, reject) => {
+            let crc = ~0;
+            input.on("end", () => resolve((crc ^ -1) >>> 0));
+            input.on("error", e => reject(e));
+            input.on("data", (chunk: Buffer) => {
+                for (let i = 0; i < chunk.length; i++) crc = (crc >>> 8) ^ crc32tab[(crc ^ chunk[i]) & 0xff];
+            });
+        });
+    } else {
+        throw new Error("Unsupported input " + typeof input);
+    }
+}

src/bin/tools/deflate.ts

@@ -0,0 +1,61 @@
+import { PassThrough, Readable, TransformCallback, Writable } from "stream";
+import { pipeline } from "stream/promises";
+import { deflateRaw as deflateRawCb, createDeflateRaw } from "zlib";
+import { promisify } from "util";
+
+import { crc32 } from "./crc32";
+import tee from "./tee";
+
+const deflateRaw = promisify(deflateRawCb);
+
+/**
+ * A stream transformer that records the number of bytes
+ * passed in its `size` property.
+ */
+class ByteCounter extends PassThrough {
+    size: number = 0;
+    _transform(chunk: any, encoding: BufferEncoding, callback: TransformCallback) {
+        if ("length" in chunk) this.size += chunk.length;
+        super._transform(chunk, encoding, callback);
+    }
+}
+
+/**
+ * @param data buffer containing the data to be compressed
+ * @returns a buffer containing the compressed/deflated data and the crc32 checksum
+ *  of the source data
+ */
+export async function deflateBuffer(data: Buffer) {
+    const [deflated, checksum] = await Promise.all([deflateRaw(data), crc32(data)]);
+    return { deflated, crc32: checksum };
+}
+
+/**
+ * @param input a byte stream, containing data to be compressed
+ * @param sink a method that will accept chunks of compressed data; We don't pass
+ *   a writable here, since we don't want the writablestream to be closed after
+ *   a single file
+ * @returns a promise, which will resolve with the crc32 checksum and the
+ * compressed size
+ */
+export async function deflateStream(input: Readable, sink: (chunk: Buffer) => void) {
+    const deflateWriter = new Writable({
+        write(chunk, _, callback) {
+            sink(chunk);
+            callback();
+        }
+    });
+
+    // tee the input stream, so we can compress and calc crc32 in parallel
+    const [rs1, rs2] = tee(input);
+    const byteCounter = new ByteCounter();
+    const [_, crc] = await Promise.all([
+        // pipe input into zip compressor, count the bytes
+        // returned and pass compressed data to the sink
+        pipeline(rs1, createDeflateRaw(), byteCounter, deflateWriter),
+        // calc checksum
+        crc32(rs2)
+    ]);
+
+    return { crc32: crc, compressedSize: byteCounter.size };
+}

src/bin/tools/downloadAndUnzip.ts

@@ -1,35 +1,289 @@
+import { dirname as pathDirname, basename as pathBasename, join as pathJoin } from "path";
+import { createReadStream, createWriteStream, unlinkSync } from "fs";
+import { stat, mkdir, unlink, readFile, writeFile } from "fs/promises";
+import { transformCodebase } from "./transformCodebase";
+import { createHash } from "crypto";
+import http from "http";
+import https from "https";
+import { createInflateRaw } from "zlib";
 
-import { basename as pathBasename, join as pathJoin } from "path";
-import { execSync } from "child_process";
-import fs from "fs";
-import { transformCodebase } from "../tools/transformCodebase";
-import { rm_rf, rm, rm_r } from "./rm";
+import type { Readable } from "stream";
 
-/** assert url ends with .zip */
-export function downloadAndUnzip(
-    params: {
-        url: string;
-        destDirPath: string;
+function hash(s: string) {
+    return createHash("sha256").update(s).digest("hex");
+}
+
+async function maybeReadFile(path: string) {
+    try {
+        return await readFile(path, "utf-8");
+    } catch (error) {
+        if ((error as Error & { code: string }).code === "ENOENT") return undefined;
+        throw error;
     }
-) {
+}
 
-    const { url, destDirPath } = params;
+async function maybeStat(path: string) {
+    try {
+        return await stat(path);
+    } catch (error) {
+        if ((error as Error & { code: string }).code === "ENOENT") return undefined;
+        throw error;
+    }
+}
 
-    const tmpDirPath = pathJoin(destDirPath, "..", "tmp_xxKdOxnEdx");
+/**
+ * Download a file from `url` to `dir`. Will try to avoid downloading existing
+ * files by using an `{hash(url)}.etag` file. If this file exists, we add an
+ * etag headear, so server can tell us if file changed and we should re-download
+ * or if our file is up-to-date.
+ *
+ * Warning, this method assumes that the target filename can be extracted from
+ * url, content-disposition headers are ignored.
+ *
+ * If the target directory does not exist, it will be created.
+ *
+ * If the target file exists and is out of date, it will be overwritten.
+ * If the target file exists and there is no etag file, the target file will
+ * be overwritten.
+ *
+ * @param url download url
+ * @param dir target directory
+ * @returns promise for the full path of the downloaded file
+ */
+async function download(url: string, dir: string): Promise<string> {
+    await mkdir(dir, { recursive: true });
+    const filename = pathBasename(url);
+    const filepath = pathJoin(dir, filename);
+    // If downloaded file exists already and has an `.etag` companion file,
+    // read the etag from that file. This will avoid re-downloading the file
+    // if it is up to date.
+    const exists = await maybeStat(filepath);
+    const etagFilepath = pathJoin(dir, "_" + hash(url).substring(0, 15) + ".etag");
+    const etag = !exists ? undefined : await maybeReadFile(etagFilepath);
 
-    rm_rf(tmpDirPath);
-
-    fs.mkdirSync(tmpDirPath, { "recursive": true });
-
-    execSync(`wget ${url}`, { "cwd": tmpDirPath })
-    execSync(`unzip ${pathBasename(url)}`, { "cwd": tmpDirPath });
-    rm(pathBasename(url), { "cwd": tmpDirPath });
-
-    transformCodebase({
-        "srcDirPath": tmpDirPath,
-        "destDirPath": destDirPath,
+    return new Promise((resolve, reject) => {
+        // use inner method to allow following redirects
+        function request(url1: URL) {
+            const headers: Record<string, string> = {};
+            if (etag) headers["If-None-Match"] = etag;
+            (url1.protocol === "https:" ? https : http).get(url1, { headers }, response => {
+                if (response.statusCode === 301 || response.statusCode === 302) {
+                    // follow redirects
+                    request(new URL(response.headers.location!!));
+                } else if (response.statusCode === 304) {
+                    // up-to-date, resolve now
+                    resolve(filepath);
+                } else if (response.statusCode !== 200) {
+                    reject(new Error(`Request to ${url1} returned status ${response.statusCode}.`));
+                } else {
+                    const fp = createWriteStream(filepath, { autoClose: true });
+                    fp.on("err", e => {
+                        fp.close();
+                        unlinkSync(filepath);
+                        reject(e);
+                    });
+                    fp.on("finish", async () => {
+                        // when targetfile has been written, write etag file so that
+                        // next time around we don't need to re-download
+                        const responseEtag = response.headers.etag;
+                        if (responseEtag) await writeFile(etagFilepath, responseEtag, "utf-8");
+                        resolve(filepath);
+                    });
+                    response.pipe(fp);
+                }
+            });
+        }
+        request(new URL(url));
     });
+}
 
-    rm_r(tmpDirPath);
+/**
+ * @typedef
+ * @type MultiError = Error & { cause: Error[] }
+ */
 
-}
+/**
+ * Extract the archive `zipFile` into the directory `dir`. If `archiveDir` is given,
+ * only that directory will be extracted, stripping the given path components.
+ *
+ * If dir does not exist, it will be created.
+ *
+ * If any archive file exists, it will be overwritten.
+ *
+ * Will unzip using all available nodejs worker threads.
+ *
+ * Will try to clean up extracted files on failure.
+ *
+ * If unpacking fails, will either throw an regular error, or
+ * possibly an `MultiError`, which contains a `cause` field with
+ * a number of root cause errors.
+ *
+ * Warning this method is not optimized for continuous reading of the zip
+ * archive, but is a trade-off between simplicity and allowing extraction
+ * of a single directory from the archive.
+ *
+ * @param zipFile the file to unzip
+ * @param dir the target directory
+ * @param archiveDir if given, unpack only files from this archive directory
+ * @throws {MultiError} error
+ * @returns Promise for a list of full file paths pointing to actually extracted files
+ */
+async function unzip(zipFile: string, dir: string, archiveDir?: string): Promise<string[]> {
+    await mkdir(dir, { recursive: true });
+    const promises: Promise<string>[] = [];
+
+    // Iterate over all files in the zip, skip files which are not in archiveDir,
+    // if given.
+    for await (const record of iterateZipArchive(zipFile)) {
+        const { path: recordPath, createReadStream: createRecordReadStream } = record;
+        const filePath = pathJoin(dir, recordPath);
+        const parent = pathDirname(filePath);
+        if (archiveDir && !recordPath.startsWith(archiveDir)) continue;
+        promises.push(
+            new Promise<string>(async (resolve, reject) => {
+                await mkdir(parent, { recursive: true });
+                // Pull the file out of the archive, write it to the target directory
+                const input = createRecordReadStream();
+                const output = createWriteStream(filePath);
+                output.on("error", e => reject(Object.assign(e, { filePath })));
+                output.on("finish", () => resolve(filePath));
+                input.pipe(output);
+            })
+        );
+    }
+
+    // Wait until _all_ files are either extracted or failed
+    const results = await Promise.allSettled(promises);
+    const success = results.filter(r => r.status === "fulfilled").map(r => (r as PromiseFulfilledResult<string>).value);
+    const failure = results.filter(r => r.status === "rejected").map(r => (r as PromiseRejectedResult).reason);
+
+    // If any extraction failed, try to clean up, then throw a MultiError,
+    // which has a `cause` field, containing a list of root cause errors.
+    if (failure.length) {
+        await Promise.all(success.map(path => unlink(path)));
+        await Promise.all(failure.map(e => e && e.path && unlink(e.path as string)));
+        const e = new Error("Failed to extract: " + failure.map(e => e.message).join(";"));
+        (e as any).cause = failure;
+        throw e;
+    }
+
+    return success;
+}
+
+/**
+ *
+ * @param file file to read
+ * @param start first byte to read
+ * @param end last byte to read
+ * @returns Promise of a buffer of read bytes
+ */
+async function readFileChunk(file: string, start: number, end: number): Promise<Buffer> {
+    const chunks: Buffer[] = [];
+    return new Promise((resolve, reject) => {
+        const stream = createReadStream(file, { start, end });
+        stream.on("error", e => reject(e));
+        stream.on("end", () => resolve(Buffer.concat(chunks)));
+        stream.on("data", chunk => chunks.push(chunk as Buffer));
+    });
+}
+
+type ZipRecord = {
+    path: string;
+    createReadStream: () => Readable;
+    compressionMethod: "deflate" | undefined;
+};
+
+type ZipRecordGenerator = AsyncGenerator<ZipRecord, void, unknown>;
+
+/**
+ * Iterate over all records of a zipfile, and yield a ZipRecord.
+ * Use `record.createReadStream()` to actually read the file.
+ *
+ * Warning this method will only work with single-disk zip files.
+ * Warning this method may fail if the zip archive has an crazy amount
+ * of files and the central directory is not fully contained within the
+ * last 65k bytes of the zip file.
+ *
+ * @param zipFile
+ * @returns AsyncGenerator which will yield ZipRecords
+ */
+async function* iterateZipArchive(zipFile: string): ZipRecordGenerator {
+    // Need to know zip file size before we can do anything  else
+    const { size } = await stat(zipFile);
+    const chunkSize = 65_535 + 22 + 1; // max comment size + end header size + wiggle
+    // Read last ~65k bytes. Zip files have an comment up to 65_535 bytes at the very end,
+    // before that comes the zip central directory end header.
+    let chunk = await readFileChunk(zipFile, size - chunkSize, size);
+    const unread = size - chunk.length;
+    let i = chunk.length - 4;
+    let found = false;
+    // Find central directory end header, reading backwards from the end
+    while (!found && i-- > 0) if (chunk[i] === 0x50 && chunk.readUInt32LE(i) === 0x06054b50) found = true;
+    if (!found) throw new Error("Not a zip file");
+    // This method will fail on a multi-disk zip, so bail early.
+    if (chunk.readUInt16LE(i + 4) !== 0) throw new Error("Multi-disk zip not supported");
+    let nFiles = chunk.readUint16LE(i + 10);
+    // Get the position of the central directory
+    const directorySize = chunk.readUint32LE(i + 12);
+    const directoryOffset = chunk.readUint32LE(i + 16);
+    if (directoryOffset === 0xffff_ffff) throw new Error("zip64 not supported");
+    if (directoryOffset > size) throw new Error(`Central directory offset ${directoryOffset} is outside file`);
+    i = directoryOffset - unread;
+    // If i < 0, it means that the central directory is not contained within `chunk`
+    if (i < 0) {
+        chunk = await readFileChunk(zipFile, directoryOffset, directoryOffset + directorySize);
+        i = 0;
+    }
+    // Now iterate the central directory records, yield an `ZipRecord` for every entry
+    while (nFiles-- > 0) {
+        // Check for marker bytes
+        if (chunk.readUInt32LE(i) !== 0x02014b50) throw new Error("No central directory record at position " + (unread + i));
+        const compressionMethod = ({ 8: "deflate" } as const)[chunk.readUint16LE(i + 10)];
+        const compressedFileSize = chunk.readUint32LE(i + 20);
+        const filenameLength = chunk.readUint16LE(i + 28);
+        const extraLength = chunk.readUint16LE(i + 30);
+        const commentLength = chunk.readUint16LE(i + 32);
+        // Start of the actual content byte stream is after the 'local' record header,
+        // which is  30 bytes long plus filename and extra field
+        const start = chunk.readUint32LE(i + 42) + 30 + filenameLength + extraLength;
+        const end = start + compressedFileSize;
+        const filename = chunk.slice(i + 46, i + 46 + filenameLength).toString("utf-8");
+        const createRecordReadStream = () => {
+            const input = createReadStream(zipFile, { start, end });
+            if (compressionMethod === "deflate") {
+                const inflate = createInflateRaw();
+                input.pipe(inflate);
+                return inflate;
+            }
+            return input;
+        };
+        if (end > start) yield { path: filename, createReadStream: createRecordReadStream, compressionMethod };
+        // advance pointer to next central directory entry
+        i += 46 + filenameLength + extraLength + commentLength;
+    }
+}
+
+export async function downloadAndUnzip({
+    url,
+    destDirPath,
+    pathOfDirToExtractInArchive,
+    cacheDirPath
+}: {
+    isSilent: boolean;
+    url: string;
+    destDirPath: string;
+    pathOfDirToExtractInArchive?: string;
+    cacheDirPath: string;
+}) {
+    const downloadHash = hash(JSON.stringify({ url, pathOfDirToExtractInArchive })).substring(0, 15);
+    const extractDirPath = pathJoin(cacheDirPath, `_${downloadHash}`);
+
+    const zipFilepath = await download(url, cacheDirPath);
+    const zipMtime = (await stat(zipFilepath)).mtimeMs;
+    const unzipMtime = (await maybeStat(extractDirPath))?.mtimeMs;
+
+    if (!unzipMtime || zipMtime > unzipMtime) await unzip(zipFilepath, extractDirPath, pathOfDirToExtractInArchive);
+
+    const srcDirPath = pathOfDirToExtractInArchive === undefined ? extractDirPath : pathJoin(extractDirPath, pathOfDirToExtractInArchive);
+    transformCodebase({ srcDirPath, destDirPath });
+}

src/bin/tools/getProjectRoot.ts

@@ -16,4 +16,4 @@ export function getProjectRoot(): string {
     }
 
     return (result = getProjectRootRec(__dirname));
-}
+}

src/bin/tools/grant-exec-perms.ts

@@ -1,8 +1,17 @@
+import { getProjectRoot } from "./getProjectRoot";
+import { join as pathJoin } from "path";
+import { constants } from "fs";
+import { chmod, stat } from "fs/promises";
 
-import { getProjectRoot } from "./getProjectRoot";
-import { join as pathJoin } from "path";
-import child_process from "child_process";
+async () => {
+    var { bin } = await import(pathJoin(getProjectRoot(), "package.json"));
 
-Object.entries<string>(require(pathJoin(getProjectRoot(), "package.json"))["bin"])
-    .forEach(([, scriptPath]) => child_process.execSync(`chmod +x ${scriptPath}`, { "cwd": getProjectRoot() }));
+    var promises = Object.values<string>(bin).map(async scriptPath => {
+        const fullPath = pathJoin(getProjectRoot(), scriptPath);
+        const oldMode = (await stat(fullPath)).mode;
+        const newMode = oldMode | constants.S_IXUSR | constants.S_IXGRP | constants.S_IXOTH;
+        await chmod(fullPath, newMode);
+    });
 
+    await Promise.all(promises);
+};

src/bin/tools/isInside.ts

@@ -1,14 +1,7 @@
 import { relative as pathRelative } from "path";
 
-export function isInside(
-    params: {
-        dirPath: string;
-        filePath: string;
-    }
-) {
-
+export function isInside(params: { dirPath: string; filePath: string }) {
     const { dirPath, filePath } = params;
 
     return !pathRelative(dirPath, filePath).startsWith("..");
-
-}
+}

src/bin/tools/jar.ts

@@ -0,0 +1,100 @@
+import { Readable, Transform } from "stream";
+import { pipeline } from "stream/promises";
+import { relative, sep } from "path";
+import { createWriteStream } from "fs";
+
+import walk from "./walk";
+import type { ZipSource } from "./zip";
+import zip from "./zip";
+
+/** Trim leading whitespace from every line */
+const trimIndent = (s: string) => s.replace(/(\n)\s+/g, "$1");
+
+type JarArgs = {
+    rootPath: string;
+    targetPath: string;
+    groupId: string;
+    artifactId: string;
+    version: string;
+};
+
+/**
+ * Create a jar archive, using the resources found at `rootPath` (a directory) and write the
+ * archive to `targetPath` (a file). Use `groupId`, `artifactId` and `version` to define
+ * the contents of the pom.properties file which is going to be added to the archive.
+ */
+export default async function jar({ groupId, artifactId, version, rootPath, targetPath }: JarArgs) {
+    const manifest: ZipSource = {
+        path: "META-INF/MANIFEST.MF",
+        data: Buffer.from(
+            trimIndent(
+                `Manifest-Version: 1.0
+                 Archiver-Version: Plexus Archiver
+                 Created-By: Keycloakify
+                 Built-By: unknown
+                 Build-Jdk: 19.0.0`
+            )
+        )
+    };
+
+    const pomProps: ZipSource = {
+        path: `META-INF/maven/${groupId}/${artifactId}/pom.properties`,
+        data: Buffer.from(
+            trimIndent(
+                `# Generated by keycloakify
+                 # ${new Date()}
+                 artifactId=${artifactId}
+                 groupId=${groupId}
+                 version=${version}`
+            )
+        )
+    };
+
+    /**
+     * Convert every path entry to a ZipSource record, and when all records are
+     * processed, append records for MANIFEST.mf and pom.properties
+     */
+    const pathToRecord = () =>
+        new Transform({
+            objectMode: true,
+            transform: function (path, _, cb) {
+                const filename = relative(rootPath, path).split(sep).join("/");
+                this.push({ filename, path });
+                cb();
+            },
+            final: function () {
+                this.push(manifest);
+                this.push(pomProps);
+                this.push(null);
+            }
+        });
+
+    /**
+     * Create an async pipeline, wait until everything is fully processed
+     */
+    await pipeline(
+        // walk all files in `rootPath` recursively
+        Readable.from(walk(rootPath)),
+        // transform every path into a ZipSource object
+        pathToRecord(),
+        // let the zip lib convert all ZipSource objects into a byte stream
+        zip(),
+        // write that byte stream to targetPath
+        createWriteStream(targetPath, { encoding: "binary" })
+    );
+}
+
+/**
+ * Standalone usage, call e.g. `ts-node jar.ts dirWithSources some-jar.jar`
+ */
+if (require.main === module) {
+    const main = () =>
+        jar({
+            rootPath: process.argv[2],
+            targetPath: process.argv[3],
+            artifactId: process.env.ARTIFACT_ID ?? "artifact",
+            groupId: process.env.GROUP_ID ?? "group",
+            version: process.env.VERSION ?? "1.0.0"
+        });
+    main().catch(e => console.error(e));
+}

src/bin/tools/logger.ts

@@ -0,0 +1,27 @@
+type LoggerOpts = {
+    force?: boolean;
+};
+
+type Logger = {
+    log: (message: string, opts?: LoggerOpts) => void;
+    warn: (message: string) => void;
+    error: (message: string) => void;
+};
+
+export const getLogger = ({ isSilent }: { isSilent?: boolean } = {}): Logger => {
+    return {
+        log: (message, { force } = {}) => {
+            if (isSilent && !force) {
+                return;
+            }
+
+            console.log(message);
+        },
+        warn: message => {
+            console.warn(message);
+        },
+        error: message => {
+            console.error(message);
+        }
+    };
+};

src/bin/tools/octokit-addons/getLatestsSemVersionedTag.ts

@@ -0,0 +1,40 @@
+import { listTagsFactory } from "./listTags";
+import type { Octokit } from "@octokit/rest";
+import { NpmModuleVersion } from "../NpmModuleVersion";
+
+export function getLatestsSemVersionedTagFactory(params: { octokit: Octokit }) {
+    const { octokit } = params;
+
+    async function getLatestsSemVersionedTag(params: { owner: string; repo: string; doIgnoreBeta: boolean; count: number }): Promise<
+        {
+            tag: string;
+            version: NpmModuleVersion;
+        }[]
+    > {
+        const { owner, repo, doIgnoreBeta, count } = params;
+
+        const semVersionedTags: { tag: string; version: NpmModuleVersion }[] = [];
+
+        const { listTags } = listTagsFactory({ octokit });
+
+        for await (const tag of listTags({ owner, repo })) {
+            let version: NpmModuleVersion;
+
+            try {
+                version = NpmModuleVersion.parse(tag.replace(/^[vV]?/, ""));
+            } catch {
+                continue;
+            }
+
+            if (doIgnoreBeta && version.betaPreRelease !== undefined) {
+                continue;
+            }
+
+            semVersionedTags.push({ tag, version });
+        }
+
+        return semVersionedTags.sort(({ version: vX }, { version: vY }) => NpmModuleVersion.compare(vY, vX)).slice(0, count);
+    }
+
+    return { getLatestsSemVersionedTag };
+}

src/bin/tools/octokit-addons/listTags.ts

@@ -0,0 +1,49 @@
+import type { Octokit } from "@octokit/rest";
+
+const per_page = 99;
+
+export function listTagsFactory(params: { octokit: Octokit }) {
+    const { octokit } = params;
+
+    const octokit_repo_listTags = async (params: { owner: string; repo: string; per_page: number; page: number }) => {
+        return octokit.repos.listTags(params);
+    };
+
+    async function* listTags(params: { owner: string; repo: string }): AsyncGenerator<string> {
+        const { owner, repo } = params;
+
+        let page = 1;
+
+        while (true) {
+            const resp = await octokit_repo_listTags({
+                owner,
+                repo,
+                per_page,
+                "page": page++
+            });
+
+            for (const branch of resp.data.map(({ name }) => name)) {
+                yield branch;
+            }
+
+            if (resp.data.length < 99) {
+                break;
+            }
+        }
+    }
+
+    /** Returns the same "latest" tag as deno.land/x, not actually the latest though */
+    async function getLatestTag(params: { owner: string; repo: string }): Promise<string | undefined> {
+        const { owner, repo } = params;
+
+        const itRes = await listTags({ owner, repo }).next();
+
+        if (itRes.done) {
+            return undefined;
+        }
+
+        return itRes.value;
+    }
+
+    return { listTags, getLatestTag };
+}

src/bin/tools/pathJoin.ts

@@ -0,0 +1,6 @@
+export function pathJoin(...path: string[]): string {
+    return path
+        .map((part, i) => (i === 0 ? part : part.replace(/^\/+/, "")))
+        .map((part, i) => (i === path.length - 1 ? part : part.replace(/\/+$/, "")))
+        .join("/");
+}

src/bin/tools/rm.ts

@@ -1,42 +0,0 @@
-
-import { execSync } from "child_process";
-
-function rmInternal(
-	params: {
-		pathToRemove: string;
-		args: string | undefined;
-		cwd: string | undefined;
-	}
-) {
-
-	const { pathToRemove, args, cwd } = params;
-
-	execSync(
-		`rm ${args ? `-${args} ` : ""}${pathToRemove.replace(/\ /g, "\\ ")}`,
-		cwd !== undefined ? { cwd } : undefined
-	);
-}
-
-export function rm(pathToRemove: string, options?: { cwd: string; }) {
-	rmInternal({
-		pathToRemove,
-		"args": undefined,
-		"cwd": options?.cwd,
-	});
-}
-
-export function rm_r(pathToRemove: string, options?: { cwd: string; }) {
-	rmInternal({
-		pathToRemove,
-		"args": "r",
-		"cwd": options?.cwd,
-	});
-}
-
-export function rm_rf(pathToRemove: string, options?: { cwd: string; }) {
-	rmInternal({
-		pathToRemove,
-		"args": "rf",
-		"cwd": options?.cwd,
-	});
-}

src/bin/tools/tee.ts

@@ -0,0 +1,37 @@
+import { PassThrough, Readable } from "stream";
+
+export default function tee(input: Readable) {
+    const a = new PassThrough();
+    const b = new PassThrough();
+
+    let aFull = false;
+    let bFull = false;
+
+    a.on("drain", () => {
+        aFull = false;
+        if (!aFull && !bFull) input.resume();
+    });
+    b.on("drain", () => {
+        bFull = false;
+        if (!aFull && !bFull) input.resume();
+    });
+
+    input.on("error", e => {
+        a.emit("error", e);
+        b.emit("error", e);
+    });
+
+    input.on("data", chunk => {
+        aFull = !a.write(chunk);
+        bFull = !b.write(chunk);
+
+        if (aFull || bFull) input.pause();
+    });
+
+    input.on("end", () => {
+        a.end();
+        b.end();
+    });
+
+    return [a, b] as const;
+}

src/bin/tools/transformCodebase.ts

@@ -1,36 +1,26 @@
-
-
 import * as fs from "fs";
 import * as path from "path";
 import { crawl } from "./crawl";
-import { id } from "tsafe/id";
+import { id } from "tsafe/id";
 
-type TransformSourceCode = 
-        (params: {
-            sourceCode: Buffer;
-            filePath: string;
-        }) => {
-            modifiedSourceCode: Buffer;
-            newFileName?: string;
-        } | undefined;
+type TransformSourceCode = (params: { sourceCode: Buffer; filePath: string }) =>
+    | {
+          modifiedSourceCode: Buffer;
+          newFileName?: string;
+      }
+    | undefined;
 
 /** Apply a transformation function to every file of directory */
-export function transformCodebase(
-    params: {
-        srcDirPath: string;
-        destDirPath: string;
-        transformSourceCode?: TransformSourceCode;
-    }
-) {
-
-    const { 
-        srcDirPath, 
-        destDirPath, 
-        transformSourceCode = id<TransformSourceCode>(({ sourceCode }) => ({ "modifiedSourceCode": sourceCode }))
+export function transformCodebase(params: { srcDirPath: string; destDirPath: string; transformSourceCode?: TransformSourceCode }) {
+    const {
+        srcDirPath,
+        destDirPath,
+        transformSourceCode = id<TransformSourceCode>(({ sourceCode }) => ({
+            "modifiedSourceCode": sourceCode
+        }))
     } = params;
 
     for (const file_relative_path of crawl(srcDirPath)) {
-
         const filePath = path.join(srcDirPath, file_relative_path);
 
         const transformSourceCodeResult = transformSourceCode({
@@ -42,28 +32,15 @@ export function transformCodebase(
             continue;
         }
 
-        fs.mkdirSync(
-            path.dirname(
-                path.join(
-                    destDirPath,
-                    file_relative_path
-                )
-            ),
-            { "recursive": true }
-        );
+        fs.mkdirSync(path.dirname(path.join(destDirPath, file_relative_path)), {
+            "recursive": true
+        });
 
         const { newFileName, modifiedSourceCode } = transformSourceCodeResult;
 
         fs.writeFileSync(
-            path.join(
-                path.dirname(path.join(destDirPath, file_relative_path)),
-                newFileName ?? path.basename(file_relative_path)
-            ),
+            path.join(path.dirname(path.join(destDirPath, file_relative_path)), newFileName ?? path.basename(file_relative_path)),
             modifiedSourceCode
         );
-
     }
-
-
 }
-

src/bin/tools/walk.ts

@@ -0,0 +1,19 @@
+import { readdir } from "fs/promises";
+import { resolve } from "path";
+
+/**
+ * Asynchronously and recursively walk a directory tree, yielding every file and directory
+ * found
+ *
+ * @param root the starting directory
+ * @returns AsyncGenerator
+ */
+export default async function* walk(root: string): AsyncGenerator<string, void, void> {
+    for (const entry of await readdir(root, { withFileTypes: true })) {
+        const absolutePath = resolve(root, entry.name);
+        if (entry.isDirectory()) {
+            yield absolutePath;
+            yield* walk(absolutePath);
+        } else yield absolutePath;
+    }
+}

src/bin/tools/zip.ts

@@ -0,0 +1,245 @@
+import { Transform, TransformOptions } from "stream";
+import { createReadStream } from "fs";
+import { stat } from "fs/promises";
+
+import { deflateBuffer, deflateStream } from "./deflate";
+
+/**
+ * Zip source
+ * @property filename the name of the entry in the archie
+ * @property path of the source file, if the source is an actual file
+ * @property data the actual data buffer, if the source is constructed in-memory
+ */
+export type ZipSource = { path: string } & ({ fsPath: string } | { data: Buffer });
+
+export type ZipRecord = {
+    path: string;
+    compression: "deflate" | undefined;
+    uncompressedSize: number;
+    compressedSize?: number;
+    crc32?: number;
+    offset?: number;
+};
+
+/**
+ * @returns the actual byte size of an string
+ */
+function utf8size(s: string) {
+    return new Blob([s]).size;
+}
+
+/**
+ * @param record
+ * @returns a buffer representing a Zip local header
+ * @link https://en.wikipedia.org/wiki/ZIP_(file_format)#Local_file_header
+ */
+function localHeader(record: ZipRecord) {
+    const { path, compression, uncompressedSize } = record;
+    const filenameSize = utf8size(path);
+    const buf = Buffer.alloc(30 + filenameSize);
+
+    buf.writeUInt32LE(0x04_03_4b_50, 0); // local header signature
+    buf.writeUInt16LE(10, 4); // min version
+    // we write 0x08 because crc and compressed size are unknown at
+    buf.writeUInt16LE(0x08, 6); // general purpose bit flag
+    buf.writeUInt16LE(compression ? ({ "deflate": 8 } as const)[compression] : 0, 8);
+    buf.writeUInt16LE(0, 10); // modified time
+    buf.writeUInt16LE(0, 12); // modified date
+    buf.writeUInt32LE(0, 14); // crc unknown
+    buf.writeUInt32LE(0, 18); // compressed size unknown
+    buf.writeUInt32LE(uncompressedSize, 22);
+    buf.writeUInt16LE(filenameSize, 26);
+    buf.writeUInt16LE(0, 28); // extra field length
+    buf.write(path, 30, "utf-8");
+
+    return buf;
+}
+
+/**
+ * @param record
+ * @returns a buffer representing a Zip central header
+ * @link https://en.wikipedia.org/wiki/ZIP_(file_format)#Central_directory_file_header
+ */
+function centralHeader(record: ZipRecord) {
+    const { path, compression, crc32, compressedSize, uncompressedSize, offset } = record;
+    const filenameSize = utf8size(path);
+    const buf = Buffer.alloc(46 + filenameSize);
+    const isFile = !path.endsWith("/");
+
+    if (typeof offset === "undefined") throw new Error("Illegal argument");
+
+    // we don't want to deal with possibly messed up file or directory
+    // permissions, so we ignore the original permissions
+    const externalAttr = isFile ? 0x81a40000 : 0x41ed0000;
+
+    buf.writeUInt32LE(0x0201_4b50, 0); // central header signature
+    buf.writeUInt16LE(10, 4); // version
+    buf.writeUInt16LE(10, 6); // min version
+    buf.writeUInt16LE(0, 8); // general purpose bit flag
+    buf.writeUInt16LE(compression ? ({ "deflate": 8 } as const)[compression] : 0, 10);
+    buf.writeUInt16LE(0, 12); // modified time
+    buf.writeUInt16LE(0, 14); // modified date
+    buf.writeUInt32LE(crc32 || 0, 16);
+    buf.writeUInt32LE(compressedSize || 0, 20);
+    buf.writeUInt32LE(uncompressedSize, 24);
+    buf.writeUInt16LE(filenameSize, 28);
+    buf.writeUInt16LE(0, 30); // extra field length
+    buf.writeUInt16LE(0, 32); // comment field length
+    buf.writeUInt16LE(0, 34); // disk number
+    buf.writeUInt16LE(0, 36); // internal
+    buf.writeUInt32LE(externalAttr, 38); // external
+    buf.writeUInt32LE(offset, 42); // offset where file starts
+    buf.write(path, 46, "utf-8");
+
+    return buf;
+}
+
+/**
+ * @returns a buffer representing an Zip End-Of-Central-Directory block
+ * @link https://en.wikipedia.org/wiki/ZIP_(file_format)#End_of_central_directory_record_(EOCD)
+ */
+function eocd({ offset, cdSize, nRecords }: { offset: number; cdSize: number; nRecords: number }) {
+    const buf = Buffer.alloc(22);
+    buf.writeUint32LE(0x06054b50, 0); // eocd signature
+    buf.writeUInt16LE(0, 4); // disc number
+    buf.writeUint16LE(0, 6); // disc where central directory starts
+    buf.writeUint16LE(nRecords, 8); // records on this disc
+    buf.writeUInt16LE(nRecords, 10); // records total
+    buf.writeUInt32LE(cdSize, 12); // byte size of cd
+    buf.writeUInt32LE(offset, 16); // cd offset
+    buf.writeUint16LE(0, 20); // comment length
+
+    return buf;
+}
+
+/**
+ * @returns a stream Transform, which reads a stream of ZipRecords and
+ * writes a bytestream
+ */
+export default function zip() {
+    /**
+     * This is called when the input stream of ZipSource items is finished.
+     * Will write central directory and end-of-central-direcotry blocks.
+     */
+    const final = () => {
+        // write central directory
+        let cdSize = 0;
+        for (const record of records) {
+            const head = centralHeader(record);
+            zipTransform.push(head);
+            cdSize += head.length;
+        }
+
+        // write end-of-central-directory
+        zipTransform.push(eocd({ offset, cdSize, nRecords: records.length }));
+        // signal stream end
+        zipTransform.push(null);
+    };
+
+    /**
+     * Write a directory entry to the archive
+     * @param path
+     */
+    const writeDir = async (path: string) => {
+        const record: ZipRecord = {
+            path: path + "/",
+            offset,
+            compression: undefined,
+            uncompressedSize: 0
+        };
+        const head = localHeader(record);
+        zipTransform.push(head);
+        records.push(record);
+        offset += head.length;
+    };
+
+    /**
+     * Write a file entry to the archive
+     * @param archivePath path of the file in archive
+     * @param fsPath path to file on filesystem
+     * @param size of the actual, uncompressed, file
+     */
+    const writeFile = async (archivePath: string, fsPath: string, size: number) => {
+        const record: ZipRecord = {
+            path: archivePath,
+            offset,
+            compression: "deflate",
+            uncompressedSize: size
+        };
+        const head = localHeader(record);
+        zipTransform.push(head);
+
+        const { crc32, compressedSize } = await deflateStream(createReadStream(fsPath), chunk => zipTransform.push(chunk));
+
+        record.crc32 = crc32;
+        record.compressedSize = compressedSize;
+        records.push(record);
+        offset += head.length + compressedSize;
+    };
+
+    /**
+     * Write archive record based on filesystem file or directory
+     * @param archivePath path of item in archive
+     * @param fsPath path to item on filesystem
+     */
+    const writeFromPath = async (archivePath: string, fsPath: string) => {
+        const fileStats = await stat(fsPath);
+        fileStats.isDirectory() ? await writeDir(archivePath) /**/ : await writeFile(archivePath, fsPath, fileStats.size) /**/;
+    };
+
+    /**
+     * Write archive record based on data in a buffer
+     * @param path
+     * @param data
+     */
+    const writeFromBuffer = async (path: string, data: Buffer) => {
+        const { deflated, crc32 } = await deflateBuffer(data);
+        const record: ZipRecord = {
+            path,
+            compression: "deflate",
+            crc32,
+            uncompressedSize: data.length,
+            compressedSize: deflated.length,
+            offset
+        };
+        const head = localHeader(record);
+        zipTransform.push(head);
+        zipTransform.push(deflated);
+        records.push(record);
+        offset += head.length + deflated.length;
+    };
+
+    /**
+     * Write an archive record
+     * @param source
+     */
+    const writeRecord = async (source: ZipSource) => {
+        if ("fsPath" in source) await writeFromPath(source.path, source.fsPath);
+        else if ("data" in source) await writeFromBuffer(source.path, source.data);
+        else throw new Error("Illegal argument " + typeof source + "  " + source);
+    };
+
+    /**
+     * The actual stream transform function
+     * @param source
+     * @param _ encoding, ignored
+     * @param cb
+     */
+    const transform: TransformOptions["transform"] = async (source: ZipSource, _, cb) => {
+        await writeRecord(source);
+        cb();
+    };
+
+    /** offset and records keep local state during processing */
+    let offset = 0;
+    const records: ZipRecord[] = [];
+
+    const zipTransform = new Transform({
+        readableObjectMode: false,
+        writableObjectMode: true,
+        transform,
+        final
+    });
+
+    return zipTransform;
+}

src/bin/tsconfig.json

@@ -0,0 +1,11 @@
+{
+    "extends": "../../tsproject.json",
+    "compilerOptions": {
+        "module": "CommonJS",
+        "target": "ES5",
+        "esModuleInterop": true,
+        "lib": ["es2015", "DOM", "ES2019.Object"],
+        "outDir": "../../dist/bin",
+        "rootDir": "."
+    }
+}

src/lib/components/Error.tsx

@@ -1,36 +1,43 @@
-import { memo } from "react";
-import { Template } from "./Template";
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 import type { KcProps } from "./KcProps";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
-import { useKcMessage } from "../i18n/useKcMessage";
+import type { I18n } from "../i18n";
 
-export const Error = memo(({ kcContext, ...props }: { kcContext: KcContextBase.Error; } & KcProps) => {
+export type ErrorProps = KcProps & {
+    kcContext: KcContextBase.Error;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
 
-    const { msg } = useKcMessage();
+const Error = memo((props: ErrorProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
 
     const { message, client } = kcContext;
 
+    const { msg } = i18n;
+
     return (
         <Template
-            {...{ kcContext, ...props }}
-            doFetchDefaultThemeResources={true}
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
             displayMessage={false}
             headerNode={msg("errorTitle")}
             formNode={
                 <div id="kc-error-message">
                     <p className="instruction">{message.summary}</p>
-                    {
-                        client !== undefined && client.baseUrl !== undefined &&
+                    {client !== undefined && client.baseUrl !== undefined && (
                         <p>
                             <a id="backToApplication" href={client.baseUrl}>
                                 {msg("backToApplication")}
                             </a>
                         </p>
-                    }
+                    )}
                 </div>
             }
         />
     );
 });
 
-
+export default Error;

src/lib/components/IdpReviewUserProfile.tsx

@@ -0,0 +1,58 @@
+import React, { useState, memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
+import { UserProfileFormFields } from "./shared/UserProfileCommons";
+
+export type IdpReviewUserProfileProps = KcProps & {
+    kcContext: KcContextBase.IdpReviewUserProfile;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const IdpReviewUserProfile = memo((props: IdpReviewUserProfileProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { msg, msgStr } = i18n;
+
+    const { url } = kcContext;
+
+    const [isFomSubmittable, setIsFomSubmittable] = useState(false);
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            headerNode={msg("loginIdpReviewProfileTitle")}
+            formNode={
+                <form id="kc-idp-review-profile-form" className={clsx(kcProps.kcFormClass)} action={url.loginAction} method="post">
+                    <UserProfileFormFields kcContext={kcContext} onIsFormSubmittableValueChange={setIsFomSubmittable} i18n={i18n} {...kcProps} />
+
+                    <div className={clsx(kcProps.kcFormGroupClass)}>
+                        <div id="kc-form-options" className={clsx(kcProps.kcFormOptionsClass)}>
+                            <div className={clsx(kcProps.kcFormOptionsWrapperClass)} />
+                        </div>
+                        <div id="kc-form-buttons" className={clsx(kcProps.kcFormButtonsClass)}>
+                            <input
+                                className={clsx(
+                                    kcProps.kcButtonClass,
+                                    kcProps.kcButtonPrimaryClass,
+                                    kcProps.kcButtonBlockClass,
+                                    kcProps.kcButtonLargeClass
+                                )}
+                                type="submit"
+                                value={msgStr("doSubmit")}
+                                disabled={!isFomSubmittable}
+                            />
+                        </div>
+                    </div>
+                </form>
+            }
+        />
+    );
+});
+
+export default IdpReviewUserProfile;

src/lib/components/Info.tsx

@@ -1,73 +1,60 @@
-
-import { memo } from "react";
-import { Template } from "./Template";
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 import type { KcProps } from "./KcProps";
 import { assert } from "../tools/assert";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
-import { useKcMessage } from "../i18n/useKcMessage";
+import type { I18n } from "../i18n";
 
-export const Info = memo(({ kcContext, ...props }: { kcContext: KcContextBase.Info; } & KcProps) => {
+export type InfoProps = KcProps & {
+    kcContext: KcContextBase.Info;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
 
-    const { msg } = useKcMessage();
+const Info = memo((props: InfoProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { msgStr, msg } = i18n;
 
     assert(kcContext.message !== undefined);
 
-    const {
-        messageHeader,
-        message,
-        requiredActions,
-        skipLink,
-        pageRedirectUri,
-        actionUri,
-        client
-    } = kcContext;
+    const { messageHeader, message, requiredActions, skipLink, pageRedirectUri, actionUri, client } = kcContext;
 
     return (
         <Template
-            {...{ kcContext, ...props }}
-            doFetchDefaultThemeResources={true}
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
             displayMessage={false}
-            headerNode={
-                messageHeader !== undefined ?
-                    <>{messageHeader}</>
-                    :
-                    <>{message.summary}</>
-            }
+            headerNode={messageHeader !== undefined ? <>{messageHeader}</> : <>{message.summary}</>}
             formNode={
                 <div id="kc-info-message">
-                    <p className="instruction">{message.summary}
-
-                        {
-                            requiredActions !== undefined &&
-                            <b>
-                                {
-                                    requiredActions
-                                        .map(requiredAction => msg(`requiredAction.${requiredAction}` as const))
-                                        .join(",")
-                                }
-
-                            </b>
-
-                        }
+                    <p className="instruction">
+                        {message.summary}
 
+                        {requiredActions !== undefined && (
+                            <b>{requiredActions.map(requiredAction => msgStr(`requiredAction.${requiredAction}` as const)).join(",")}</b>
+                        )}
                     </p>
-                    {
-                        !skipLink &&
-                            pageRedirectUri !== undefined ?
-                            <p><a href={pageRedirectUri}>{(msg("backToApplication"))}</a></p>
-                            :
-                            actionUri !== undefined ?
-                                <p><a href={actionUri}>{msg("proceedWithAction")}</a></p>
-                                :
-                                client.baseUrl !== undefined &&
-                                <p><a href={client.baseUrl}>{msg("backToApplication")}</a></p>
-                    }
+                    {!skipLink && pageRedirectUri !== undefined ? (
+                        <p>
+                            <a href={pageRedirectUri}>{msg("backToApplication")}</a>
+                        </p>
+                    ) : actionUri !== undefined ? (
+                        <p>
+                            <a href={actionUri}>{msg("proceedWithAction")}</a>
+                        </p>
+                    ) : (
+                        client.baseUrl !== undefined && (
+                            <p>
+                                <a href={client.baseUrl}>{msg("backToApplication")}</a>
+                            </p>
+                        )
+                    )}
                 </div>
-
-
             }
         />
     );
 });
 
-
+export default Info;

src/lib/components/KcApp.tsx

@@ -1,29 +1,109 @@
-
-import { memo } from "react";
+import React, { lazy, memo, Suspense } from "react";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
 import type { KcProps } from "./KcProps";
-import { Login } from "./Login";
-import { Register } from "./Register";
-import { Info } from "./Info";
-import { Error } from "./Error";
-import { LoginResetPassword } from "./LoginResetPassword";
-import { LoginVerifyEmail } from "./LoginVerifyEmail";
-import { Terms } from "./Terms";
-import { LoginOtp } from "./LoginOtp";
-import { LoginUpdateProfile } from "./LoginUpdateProfile";
-import { LoginIdpLinkConfirm } from "./LoginIdpLinkConfirm";
+import { __unsafe_useI18n as useI18n } from "../i18n";
+import type { I18n } from "../i18n";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 
-export const KcApp = memo(({ kcContext, ...props }: { kcContext: KcContextBase; } & KcProps) => {
-    switch (kcContext.pageId) {
-        case "login.ftl": return <Login {...{ kcContext, ...props }} />;
-        case "register.ftl": return <Register {...{ kcContext, ...props }} />;
-        case "info.ftl": return <Info {...{ kcContext, ...props }} />;
-        case "error.ftl": return <Error {...{ kcContext, ...props }} />;
-        case "login-reset-password.ftl": return <LoginResetPassword {...{ kcContext, ...props }} />;
-        case "login-verify-email.ftl": return <LoginVerifyEmail {...{ kcContext, ...props }} />;
-        case "terms.ftl": return <Terms {...{ kcContext, ...props }} />;
-        case "login-otp.ftl": return <LoginOtp {...{ kcContext, ...props }} />;
-        case "login-update-profile.ftl": return <LoginUpdateProfile {...{ kcContext, ...props }} />;
-        case "login-idp-link-confirm.ftl": return <LoginIdpLinkConfirm {...{ kcContext, ...props }} />;
+const Login = lazy(() => import("./Login"));
+const Register = lazy(() => import("./Register"));
+const RegisterUserProfile = lazy(() => import("./RegisterUserProfile"));
+const Info = lazy(() => import("./Info"));
+const Error = lazy(() => import("./Error"));
+const LoginResetPassword = lazy(() => import("./LoginResetPassword"));
+const LoginVerifyEmail = lazy(() => import("./LoginVerifyEmail"));
+const Terms = lazy(() => import("./Terms"));
+const LoginOtp = lazy(() => import("./LoginOtp"));
+const LoginPassword = lazy(() => import("./LoginPassword"));
+const LoginUsername = lazy(() => import("./LoginUsername"));
+const WebauthnAuthenticate = lazy(() => import("./WebauthnAuthenticate"));
+const LoginUpdatePassword = lazy(() => import("./LoginUpdatePassword"));
+const LoginUpdateProfile = lazy(() => import("./LoginUpdateProfile"));
+const LoginIdpLinkConfirm = lazy(() => import("./LoginIdpLinkConfirm"));
+const LoginPageExpired = lazy(() => import("./LoginPageExpired"));
+const LoginIdpLinkEmail = lazy(() => import("./LoginIdpLinkEmail"));
+const LoginConfigTotp = lazy(() => import("./LoginConfigTotp"));
+const LogoutConfirm = lazy(() => import("./LogoutConfirm"));
+const UpdateUserProfile = lazy(() => import("./UpdateUserProfile"));
+const IdpReviewUserProfile = lazy(() => import("./IdpReviewUserProfile"));
+
+export type KcAppProps = KcProps & {
+    kcContext: KcContextBase;
+    i18n?: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const KcApp = memo((props_: KcAppProps) => {
+    const { kcContext, i18n: userProvidedI18n, Template = DefaultTemplate, ...kcProps } = props_;
+
+    const i18n = (function useClosure() {
+        const i18n = useI18n({
+            kcContext,
+            "extraMessages": {},
+            "doSkip": userProvidedI18n !== undefined
+        });
+
+        return userProvidedI18n ?? i18n;
+    })();
+
+    if (i18n === null) {
+        return null;
     }
-});
+
+    const commonProps = { i18n, Template, ...kcProps };
+
+    return (
+        <Suspense>
+            {(() => {
+                switch (kcContext.pageId) {
+                    case "login.ftl":
+                        return <Login {...{ kcContext, ...commonProps }} />;
+                    case "register.ftl":
+                        return <Register {...{ kcContext, ...commonProps }} />;
+                    case "register-user-profile.ftl":
+                        return <RegisterUserProfile {...{ kcContext, ...commonProps }} />;
+                    case "info.ftl":
+                        return <Info {...{ kcContext, ...commonProps }} />;
+                    case "error.ftl":
+                        return <Error {...{ kcContext, ...commonProps }} />;
+                    case "login-reset-password.ftl":
+                        return <LoginResetPassword {...{ kcContext, ...commonProps }} />;
+                    case "login-verify-email.ftl":
+                        return <LoginVerifyEmail {...{ kcContext, ...commonProps }} />;
+                    case "terms.ftl":
+                        return <Terms {...{ kcContext, ...commonProps }} />;
+                    case "login-otp.ftl":
+                        return <LoginOtp {...{ kcContext, ...commonProps }} />;
+                    case "login-username.ftl":
+                        return <LoginUsername {...{ kcContext, ...commonProps }} />;
+                    case "login-password.ftl":
+                        return <LoginPassword {...{ kcContext, ...commonProps }} />;
+                    case "webauthn-authenticate.ftl":
+                        return <WebauthnAuthenticate {...{ kcContext, ...commonProps }} />;
+                    case "login-update-password.ftl":
+                        return <LoginUpdatePassword {...{ kcContext, ...commonProps }} />;
+                    case "login-update-profile.ftl":
+                        return <LoginUpdateProfile {...{ kcContext, ...commonProps }} />;
+                    case "login-idp-link-confirm.ftl":
+                        return <LoginIdpLinkConfirm {...{ kcContext, ...commonProps }} />;
+                    case "login-idp-link-email.ftl":
+                        return <LoginIdpLinkEmail {...{ kcContext, ...commonProps }} />;
+                    case "login-page-expired.ftl":
+                        return <LoginPageExpired {...{ kcContext, ...commonProps }} />;
+                    case "login-config-totp.ftl":
+                        return <LoginConfigTotp {...{ kcContext, ...commonProps }} />;
+                    case "logout-confirm.ftl":
+                        return <LogoutConfirm {...{ kcContext, ...commonProps }} />;
+                    case "update-user-profile.ftl":
+                        return <UpdateUserProfile {...{ kcContext, ...commonProps }} />;
+                    case "idp-review-user-profile.ftl":
+                        return <IdpReviewUserProfile {...{ kcContext, ...commonProps }} />;
+                }
+            })()}
+        </Suspense>
+    );
+});
+
+export default KcApp;

src/lib/components/KcProps.ts

@@ -1,39 +1,35 @@
-
 import { allPropertiesValuesToUndefined } from "../tools/allPropertiesValuesToUndefined";
-import { doExtends } from "tsafe/doExtends";
+import { assert } from "tsafe/assert";
 
 /** Class names can be provided as an array or separated by whitespace */
-export type KcPropsGeneric<CssClasses extends string> = { [key in CssClasses]: readonly string[] | string | undefined; };
+export type KcPropsGeneric<CssClasses extends string> = {
+    [key in CssClasses]: readonly string[] | string | undefined;
+};
 
 export type KcTemplateClassKey =
-    "stylesCommon" |
-    "styles" |
-    "scripts" |
-    "kcHtmlClass" |
-    "kcLoginClass" |
-    "kcHeaderClass" |
-    "kcHeaderWrapperClass" |
-    "kcFormCardClass" |
-    "kcFormCardAccountClass" |
-    "kcFormHeaderClass" |
-    "kcLocaleWrapperClass" |
-    "kcContentWrapperClass" |
-    "kcLabelWrapperClass" |
-    "kcContentWrapperClass" |
-    "kcLabelWrapperClass" |
-    "kcFormGroupClass" |
-    "kcResetFlowIcon" |
-    "kcResetFlowIcon" |
-    "kcFeedbackSuccessIcon" |
-    "kcFeedbackWarningIcon" |
-    "kcFeedbackErrorIcon" |
-    "kcFeedbackInfoIcon" |
-    "kcContentWrapperClass" |
-    "kcFormSocialAccountContentClass" |
-    "kcFormSocialAccountClass" |
-    "kcSignUpClass" |
-    "kcInfoAreaWrapperClass"
-    ;
+    | "stylesCommon"
+    | "styles"
+    | "scripts"
+    | "kcHtmlClass"
+    | "kcLoginClass"
+    | "kcHeaderClass"
+    | "kcHeaderWrapperClass"
+    | "kcFormCardClass"
+    | "kcFormCardAccountClass"
+    | "kcFormHeaderClass"
+    | "kcLocaleWrapperClass"
+    | "kcContentWrapperClass"
+    | "kcLabelWrapperClass"
+    | "kcFormGroupClass"
+    | "kcResetFlowIcon"
+    | "kcFeedbackSuccessIcon"
+    | "kcFeedbackWarningIcon"
+    | "kcFeedbackErrorIcon"
+    | "kcFeedbackInfoIcon"
+    | "kcFormSocialAccountContentClass"
+    | "kcFormSocialAccountClass"
+    | "kcSignUpClass"
+    | "kcInfoAreaWrapperClass";
 
 export type KcTemplateProps = KcPropsGeneric<KcTemplateClassKey>;
 
@@ -67,64 +63,69 @@ export const defaultKcTemplateProps = {
     "kcInfoAreaWrapperClass": []
 } as const;
 
-
-doExtends<typeof defaultKcTemplateProps, KcTemplateProps>();
+assert<typeof defaultKcTemplateProps extends KcTemplateProps ? true : false>();
 
 /** Tu use if you don't want any default */
-export const allClearKcTemplateProps =
-    allPropertiesValuesToUndefined(defaultKcTemplateProps);
+export const allClearKcTemplateProps = allPropertiesValuesToUndefined(defaultKcTemplateProps);
 
-doExtends<typeof allClearKcTemplateProps, KcTemplateProps>();
+assert<typeof allClearKcTemplateProps extends KcTemplateProps ? true : false>();
 
 export type KcProps = KcPropsGeneric<
-    KcTemplateClassKey |
-    "kcLogoLink" |
-    "kcLogoClass" |
-    "kcContainerClass" |
-    "kcContentClass" |
-    "kcFeedbackAreaClass" |
-    "kcLocaleClass" |
-    "kcAlertIconClasserror" |
-    "kcFormAreaClass" |
-    "kcFormSocialAccountListClass" |
-    "kcFormSocialAccountDoubleListClass" |
-    "kcFormSocialAccountListLinkClass" |
-    "kcWebAuthnKeyIcon" |
-    "kcFormClass" |
-    "kcFormGroupErrorClass" |
-    "kcLabelClass" |
-    "kcInputClass" |
-    "kcInputWrapperClass" |
-    "kcFormOptionsClass" |
-    "kcFormButtonsClass" |
-    "kcFormSettingClass" |
-    "kcTextareaClass" |
-    "kcInfoAreaClass" |
-    "kcButtonClass" |
-    "kcButtonPrimaryClass" |
-    "kcButtonDefaultClass" |
-    "kcButtonLargeClass" |
-    "kcButtonBlockClass" |
-    "kcInputLargeClass" |
-    "kcSrOnlyClass" |
-    "kcSelectAuthListClass" |
-    "kcSelectAuthListItemClass" |
-    "kcSelectAuthListItemInfoClass" |
-    "kcSelectAuthListItemLeftClass" |
-    "kcSelectAuthListItemBodyClass" |
-    "kcSelectAuthListItemDescriptionClass" |
-    "kcSelectAuthListItemHeadingClass" |
-    "kcSelectAuthListItemHelpTextClass" |
-    "kcAuthenticatorDefaultClass" |
-    "kcAuthenticatorPasswordClass" |
-    "kcAuthenticatorOTPClass" |
-    "kcAuthenticatorWebAuthnClass" |
-    "kcAuthenticatorWebAuthnPasswordlessClass" |
-    "kcSelectOTPListClass" |
-    "kcSelectOTPListItemClass" |
-    "kcAuthenticatorOtpCircleClass" |
-    "kcSelectOTPItemHeadingClass" |
-    "kcFormOptionsWrapperClass"
+    | KcTemplateClassKey
+    | "kcLogoLink"
+    | "kcLogoClass"
+    | "kcContainerClass"
+    | "kcContentClass"
+    | "kcFeedbackAreaClass"
+    | "kcLocaleClass"
+    | "kcAlertIconClasserror"
+    | "kcFormAreaClass"
+    | "kcFormSocialAccountListClass"
+    | "kcFormSocialAccountDoubleListClass"
+    | "kcFormSocialAccountListLinkClass"
+    | "kcWebAuthnKeyIcon"
+    | "kcWebAuthnDefaultIcon"
+    | "kcFormClass"
+    | "kcFormGroupErrorClass"
+    | "kcLabelClass"
+    | "kcInputClass"
+    | "kcInputErrorMessageClass"
+    | "kcInputWrapperClass"
+    | "kcFormOptionsClass"
+    | "kcFormButtonsClass"
+    | "kcFormSettingClass"
+    | "kcTextareaClass"
+    | "kcInfoAreaClass"
+    | "kcFormGroupHeader"
+    | "kcButtonClass"
+    | "kcButtonPrimaryClass"
+    | "kcButtonDefaultClass"
+    | "kcButtonLargeClass"
+    | "kcButtonBlockClass"
+    | "kcInputLargeClass"
+    | "kcSrOnlyClass"
+    | "kcSelectAuthListClass"
+    | "kcSelectAuthListItemClass"
+    | "kcSelectAuthListItemFillClass"
+    | "kcSelectAuthListItemInfoClass"
+    | "kcSelectAuthListItemLeftClass"
+    | "kcSelectAuthListItemBodyClass"
+    | "kcSelectAuthListItemDescriptionClass"
+    | "kcSelectAuthListItemHeadingClass"
+    | "kcSelectAuthListItemHelpTextClass"
+    | "kcSelectAuthListItemIconPropertyClass"
+    | "kcSelectAuthListItemIconClass"
+    | "kcSelectAuthListItemTitle"
+    | "kcAuthenticatorDefaultClass"
+    | "kcAuthenticatorPasswordClass"
+    | "kcAuthenticatorOTPClass"
+    | "kcAuthenticatorWebAuthnClass"
+    | "kcAuthenticatorWebAuthnPasswordlessClass"
+    | "kcSelectOTPListClass"
+    | "kcSelectOTPListItemClass"
+    | "kcAuthenticatorOtpCircleClass"
+    | "kcSelectOTPItemHeadingClass"
+    | "kcFormOptionsWrapperClass"
 >;
 
 export const defaultKcProps = {
@@ -142,11 +143,13 @@ export const defaultKcProps = {
     "kcFormSocialAccountDoubleListClass": ["login-pf-social-double-col"],
     "kcFormSocialAccountListLinkClass": ["login-pf-social-link"],
     "kcWebAuthnKeyIcon": ["pficon", "pficon-key"],
+    "kcWebAuthnDefaultIcon": ["pficon", "pficon-key"],
 
     "kcFormClass": ["form-horizontal"],
     "kcFormGroupErrorClass": ["has-error"],
     "kcLabelClass": ["control-label"],
     "kcInputClass": ["form-control"],
+    "kcInputErrorMessageClass": ["pf-c-form__helper-text", "pf-m-error", "required", "kc-feedback-text"],
     "kcInputWrapperClass": ["col-xs-12", "col-sm-12", "col-md-12", "col-lg-12"],
     "kcFormOptionsClass": ["col-xs-12", "col-sm-12", "col-md-12", "col-lg-12"],
     "kcFormButtonsClass": ["col-xs-12", "col-sm-12", "col-md-12", "col-lg-12"],
@@ -155,6 +158,9 @@ export const defaultKcProps = {
 
     "kcInfoAreaClass": ["col-xs-12", "col-sm-4", "col-md-4", "col-lg-5", "details"],
 
+    // user-profile grouping
+    "kcFormGroupHeader": ["pf-c-form__group"],
+
     // css classes for form buttons main class used for all buttons
     "kcButtonClass": ["btn"],
     // classes defining priority of the button - primary or default (there is typically only one priority button for the form)
@@ -173,6 +179,10 @@ export const defaultKcProps = {
     // css classes for select-authenticator form
     "kcSelectAuthListClass": ["list-group", "list-view-pf"],
     "kcSelectAuthListItemClass": ["list-group-item", "list-view-pf-stacked"],
+    "kcSelectAuthListItemFillClass": ["pf-l-split__item", "pf-m-fill"],
+    "kcSelectAuthListItemIconPropertyClass": ["fa-2x", "select-auth-box-icon-properties"],
+    "kcSelectAuthListItemIconClass": ["pf-l-split__item", "select-auth-box-icon"],
+    "kcSelectAuthListItemTitle": ["select-auth-box-paragraph"],
     "kcSelectAuthListItemInfoClass": ["list-view-pf-main-info"],
     "kcSelectAuthListItemLeftClass": ["list-view-pf-left"],
     "kcSelectAuthListItemBodyClass": ["list-view-pf-body"],
@@ -195,11 +205,9 @@ export const defaultKcProps = {
     "kcFormOptionsWrapperClass": []
 } as const;
 
-doExtends<typeof defaultKcProps, KcProps>();
+assert<typeof defaultKcProps extends KcProps ? true : false>();
 
 /** Tu use if you don't want any default */
-export const allClearKcProps =
-    allPropertiesValuesToUndefined(defaultKcProps);
-
-doExtends<typeof allClearKcProps, KcProps>();
+export const allClearKcProps = allPropertiesValuesToUndefined(defaultKcProps);
 
+assert<typeof allClearKcProps extends KcProps ? true : false>();

src/lib/components/Login.tsx

@@ -1,157 +1,204 @@
-
-import { useState, memo } from "react";
-import { Template } from "./Template";
+import React, { useState, memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 import type { KcProps } from "./KcProps";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
-import { useKcMessage } from "../i18n/useKcMessage";
-import { useCssAndCx } from "tss-react";
+import { clsx } from "../tools/clsx";
 import { useConstCallback } from "powerhooks/useConstCallback";
+import type { FormEventHandler } from "react";
+import type { I18n } from "../i18n";
 
-export const Login = memo(({ kcContext, ...props }: { kcContext: KcContextBase.Login; } & KcProps) => {
+export type LoginProps = KcProps & {
+    kcContext: KcContextBase.Login;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
 
-    const {
-        social, realm, url,
-        usernameEditDisabled, login,
-        auth, registrationDisabled
-    } = kcContext;
+const Login = memo((props: LoginProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
 
-    const { msg, msgStr } = useKcMessage();
+    const { social, realm, url, usernameEditDisabled, login, auth, registrationDisabled } = kcContext;
 
-    const { cx } = useCssAndCx();
+    const { msg, msgStr } = i18n;
 
     const [isLoginButtonDisabled, setIsLoginButtonDisabled] = useState(false);
 
-    const onSubmit = useConstCallback(() =>
-        (setIsLoginButtonDisabled(true), true)
-    );
+    const onSubmit = useConstCallback<FormEventHandler<HTMLFormElement>>(e => {
+        e.preventDefault();
+
+        setIsLoginButtonDisabled(true);
+
+        const formElement = e.target as HTMLFormElement;
+
+        //NOTE: Even if we login with email Keycloak expect username and password in
+        //the POST request.
+        formElement.querySelector("input[name='email']")?.setAttribute("name", "username");
+
+        formElement.submit();
+    });
 
     return (
         <Template
-            {...{ kcContext, ...props }}
-            doFetchDefaultThemeResources={true}
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
             displayInfo={social.displayInfo}
             displayWide={realm.password && social.providers !== undefined}
             headerNode={msg("doLogIn")}
             formNode={
-                <div
-                    id="kc-form"
-                    className={cx(realm.password && social.providers !== undefined && props.kcContentWrapperClass)}
-                >
+                <div id="kc-form" className={clsx(realm.password && social.providers !== undefined && kcProps.kcContentWrapperClass)}>
                     <div
                         id="kc-form-wrapper"
-                        className={cx(realm.password && social.providers && [props.kcFormSocialAccountContentClass, props.kcFormSocialAccountClass])}
+                        className={clsx(
+                            realm.password && social.providers && [kcProps.kcFormSocialAccountContentClass, kcProps.kcFormSocialAccountClass]
+                        )}
                     >
-                        {
-                            realm.password &&
-                            (
-                                <form id="kc-form-login" onSubmit={onSubmit} action={url.loginAction} method="post">
-                                    <div className={cx(props.kcFormGroupClass)}>
-                                        <label htmlFor="username" className={cx(props.kcLabelClass)}>
-                                            {
-                                                !realm.loginWithEmailAllowed ?
-                                                    msg("username")
-                                                    :
-                                                    (
-                                                        !realm.registrationEmailAsUsername ?
-                                                            msg("usernameOrEmail") :
-                                                            msg("email")
-                                                    )
-                                            }
-                                        </label>
-                                        <input
-                                            tabIndex={1}
-                                            id="username"
-                                            className={cx(props.kcInputClass)}
-                                            name="username"
-                                            defaultValue={login.username ?? ''}
-                                            type="text"
-                                            {...(usernameEditDisabled ? { "disabled": true } : { "autoFocus": true, "autoComplete": "off" })}
-                                        />
-                                    </div>
-                                    <div className={cx(props.kcFormGroupClass)}>
-                                        <label htmlFor="password" className={cx(props.kcLabelClass)}>
-                                            {msg("password")}
-                                        </label>
-                                        <input tabIndex={2} id="password" className={cx(props.kcInputClass)} name="password" type="password" autoComplete="off" />
-                                    </div>
-                                    <div className={cx(props.kcFormGroupClass, props.kcFormSettingClass)}>
-                                        <div id="kc-form-options">
-                                            {
-                                                (
-                                                    realm.rememberMe &&
-                                                    !usernameEditDisabled
-                                                ) &&
-                                                <div className="checkbox">
-                                                    <label>
-                                                        <input tabIndex={3} id="rememberMe" name="rememberMe" type="checkbox" {...(login.rememberMe ? { "checked": true } : {})} />
-                                                        {msg("rememberMe")}
-                                                    </label>
-                                                </div>
-                                            }
-                                        </div>
-                                        <div className={cx(props.kcFormOptionsWrapperClass)}>
-                                            {
-                                                realm.resetPasswordAllowed &&
-                                                <span>
-                                                    <a tabIndex={5} href={url.loginResetCredentialsUrl}>{msg("doForgotPassword")}</a>
-                                                </span>
-                                            }
-                                        </div>
+                        {realm.password && (
+                            <form id="kc-form-login" onSubmit={onSubmit} action={url.loginAction} method="post">
+                                <div className={clsx(kcProps.kcFormGroupClass)}>
+                                    {(() => {
+                                        const label = !realm.loginWithEmailAllowed
+                                            ? "username"
+                                            : realm.registrationEmailAsUsername
+                                            ? "email"
+                                            : "usernameOrEmail";
 
+                                        const autoCompleteHelper: typeof label = label === "usernameOrEmail" ? "username" : label;
+
+                                        return (
+                                            <>
+                                                <label htmlFor={autoCompleteHelper} className={clsx(kcProps.kcLabelClass)}>
+                                                    {msg(label)}
+                                                </label>
+                                                <input
+                                                    tabIndex={1}
+                                                    id={autoCompleteHelper}
+                                                    className={clsx(kcProps.kcInputClass)}
+                                                    //NOTE: This is used by Google Chrome auto fill so we use it to tell
+                                                    //the browser how to pre fill the form but before submit we put it back
+                                                    //to username because it is what keycloak expects.
+                                                    name={autoCompleteHelper}
+                                                    defaultValue={login.username ?? ""}
+                                                    type="text"
+                                                    {...(usernameEditDisabled
+                                                        ? { "disabled": true }
+                                                        : {
+                                                              "autoFocus": true,
+                                                              "autoComplete": "off"
+                                                          })}
+                                                />
+                                            </>
+                                        );
+                                    })()}
+                                </div>
+                                <div className={clsx(kcProps.kcFormGroupClass)}>
+                                    <label htmlFor="password" className={clsx(kcProps.kcLabelClass)}>
+                                        {msg("password")}
+                                    </label>
+                                    <input
+                                        tabIndex={2}
+                                        id="password"
+                                        className={clsx(kcProps.kcInputClass)}
+                                        name="password"
+                                        type="password"
+                                        autoComplete="off"
+                                    />
+                                </div>
+                                <div className={clsx(kcProps.kcFormGroupClass, kcProps.kcFormSettingClass)}>
+                                    <div id="kc-form-options">
+                                        {realm.rememberMe && !usernameEditDisabled && (
+                                            <div className="checkbox">
+                                                <label>
+                                                    <input
+                                                        tabIndex={3}
+                                                        id="rememberMe"
+                                                        name="rememberMe"
+                                                        type="checkbox"
+                                                        {...(login.rememberMe
+                                                            ? {
+                                                                  "checked": true
+                                                              }
+                                                            : {})}
+                                                    />
+                                                    {msg("rememberMe")}
+                                                </label>
+                                            </div>
+                                        )}
                                     </div>
-                                    <div id="kc-form-buttons" className={cx(props.kcFormGroupClass)}>
-                                        <input
-                                            type="hidden"
-                                            id="id-hidden-input"
-                                            name="credentialId"
-                                            {...(auth?.selectedCredential !== undefined ? { "value": auth.selectedCredential } : {})}
-                                        />
-                                        <input
-                                            tabIndex={4}
-                                            className={cx(props.kcButtonClass, props.kcButtonPrimaryClass, props.kcButtonBlockClass, props.kcButtonLargeClass)} name="login" id="kc-login" type="submit"
-                                            value={msgStr("doLogIn")}
-                                            disabled={isLoginButtonDisabled}
-                                        />
+                                    <div className={clsx(kcProps.kcFormOptionsWrapperClass)}>
+                                        {realm.resetPasswordAllowed && (
+                                            <span>
+                                                <a tabIndex={5} href={url.loginResetCredentialsUrl}>
+                                                    {msg("doForgotPassword")}
+                                                </a>
+                                            </span>
+                                        )}
                                     </div>
-                                </form>
-                            )
-                        }
+                                </div>
+                                <div id="kc-form-buttons" className={clsx(kcProps.kcFormGroupClass)}>
+                                    <input
+                                        type="hidden"
+                                        id="id-hidden-input"
+                                        name="credentialId"
+                                        {...(auth?.selectedCredential !== undefined
+                                            ? {
+                                                  "value": auth.selectedCredential
+                                              }
+                                            : {})}
+                                    />
+                                    <input
+                                        tabIndex={4}
+                                        className={clsx(
+                                            kcProps.kcButtonClass,
+                                            kcProps.kcButtonPrimaryClass,
+                                            kcProps.kcButtonBlockClass,
+                                            kcProps.kcButtonLargeClass
+                                        )}
+                                        name="login"
+                                        id="kc-login"
+                                        type="submit"
+                                        value={msgStr("doLogIn")}
+                                        disabled={isLoginButtonDisabled}
+                                    />
+                                </div>
+                            </form>
+                        )}
                     </div>
-                    {
-                        (realm.password && social.providers !== undefined) &&
-                        <div id="kc-social-providers" className={cx(props.kcFormSocialAccountContentClass, props.kcFormSocialAccountClass)}>
-                            <ul className={cx(props.kcFormSocialAccountListClass, social.providers.length > 4 && props.kcFormSocialAccountDoubleListClass)}>
-                                {
-                                    social.providers.map(p =>
-                                        <li key={p.providerId} className={cx(props.kcFormSocialAccountListLinkClass)}>
-                                            <a href={p.loginUrl} id={`zocial-${p.alias}`} className={cx("zocial", p.providerId)}>
-                                                <span>{p.displayName}</span>
-                                            </a>
-                                        </li>
-                                    )
-                                }
+                    {realm.password && social.providers !== undefined && (
+                        <div id="kc-social-providers" className={clsx(kcProps.kcFormSocialAccountContentClass, kcProps.kcFormSocialAccountClass)}>
+                            <ul
+                                className={clsx(
+                                    kcProps.kcFormSocialAccountListClass,
+                                    social.providers.length > 4 && kcProps.kcFormSocialAccountDoubleListClass
+                                )}
+                            >
+                                {social.providers.map(p => (
+                                    <li key={p.providerId} className={clsx(kcProps.kcFormSocialAccountListLinkClass)}>
+                                        <a href={p.loginUrl} id={`zocial-${p.alias}`} className={clsx("zocial", p.providerId)}>
+                                            <span>{p.displayName}</span>
+                                        </a>
+                                    </li>
+                                ))}
                             </ul>
                         </div>
-                    }
+                    )}
                 </div>
             }
             infoNode={
-                (
-                    realm.password &&
-                    realm.registrationAllowed &&
-                    !registrationDisabled
-                ) &&
-                <div id="kc-registration">
-                    <span>
-                        {msg("noAccount")}
-                        <a tabIndex={6} href={url.registrationUrl}>
-                            {msg("doRegister")}
-                        </a>
-                    </span>
-                </div>
+                realm.password &&
+                realm.registrationAllowed &&
+                !registrationDisabled && (
+                    <div id="kc-registration">
+                        <span>
+                            {msg("noAccount")}
+                            <a tabIndex={6} href={url.registrationUrl}>
+                                {msg("doRegister")}
+                            </a>
+                        </span>
+                    </div>
+                )
             }
         />
     );
 });
 
-
+export default Login;

src/lib/components/LoginConfigTotp.tsx

@@ -0,0 +1,193 @@
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
+
+export type LoginConfigTotpProps = KcProps & {
+    kcContext: KcContextBase.LoginConfigTotp;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const LoginConfigTotp = memo((props: LoginConfigTotpProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { url, isAppInitiatedAction, totp, mode, messagesPerField } = kcContext;
+
+    const { msg, msgStr } = i18n;
+
+    const algToKeyUriAlg: Record<KcContextBase.LoginConfigTotp["totp"]["policy"]["algorithm"], string> = {
+        "HmacSHA1": "SHA1",
+        "HmacSHA256": "SHA256",
+        "HmacSHA512": "SHA512"
+    };
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            headerNode={msg("loginTotpTitle")}
+            formNode={
+                <>
+                    <ol id="kc-totp-settings">
+                        <li>
+                            <p>{msg("loginTotpStep1")}</p>
+
+                            <ul id="kc-totp-supported-apps">
+                                {totp.policy.supportedApplications.map(app => (
+                                    <li>{app}</li>
+                                ))}
+                            </ul>
+                        </li>
+
+                        {mode && mode == "manual" ? (
+                            <>
+                                <li>
+                                    <p>{msg("loginTotpManualStep2")}</p>
+                                    <p>
+                                        <span id="kc-totp-secret-key">{totp.totpSecretEncoded}</span>
+                                    </p>
+                                    <p>
+                                        <a href={totp.qrUrl} id="mode-barcode">
+                                            {msg("loginTotpScanBarcode")}
+                                        </a>
+                                    </p>
+                                </li>
+                                <li>
+                                    <p>{msg("loginTotpManualStep3")}</p>
+                                    <p>
+                                        <ul>
+                                            <li id="kc-totp-type">
+                                                {msg("loginTotpType")}: {msg(`loginTotp.${totp.policy.type}`)}
+                                            </li>
+                                            <li id="kc-totp-algorithm">
+                                                {msg("loginTotpAlgorithm")}: {algToKeyUriAlg?.[totp.policy.algorithm] ?? totp.policy.algorithm}
+                                            </li>
+                                            <li id="kc-totp-digits">
+                                                {msg("loginTotpDigits")}: {totp.policy.digits}
+                                            </li>
+                                            {totp.policy.type === "totp" ? (
+                                                <li id="kc-totp-period">
+                                                    {msg("loginTotpInterval")}: {totp.policy.period}
+                                                </li>
+                                            ) : (
+                                                <li id="kc-totp-counter">
+                                                    {msg("loginTotpCounter")}: {totp.policy.initialCounter}
+                                                </li>
+                                            )}
+                                        </ul>
+                                    </p>
+                                </li>
+                            </>
+                        ) : (
+                            <li>
+                                <p>{msg("loginTotpStep2")}</p>
+                                <img id="kc-totp-secret-qr-code" src={`data:image/png;base64, ${totp.totpSecretQrCode}`} alt="Figure: Barcode" />
+                                <br />
+                                <p>
+                                    <a href={totp.manualUrl} id="mode-manual">
+                                        {msg("loginTotpUnableToScan")}
+                                    </a>
+                                </p>
+                            </li>
+                        )}
+                        <li>
+                            <p>{msg("loginTotpStep3")}</p>
+                            <p>{msg("loginTotpStep3DeviceName")}</p>
+                        </li>
+                    </ol>
+
+                    <form action={url.loginAction} className={clsx(kcProps.kcFormClass)} id="kc-totp-settings-form" method="post">
+                        <div className={clsx(kcProps.kcFormGroupClass)}>
+                            <div className={clsx(kcProps.kcInputWrapperClass)}>
+                                <label htmlFor="totp" className={clsx(kcProps.kcLabelClass)}>
+                                    {msg("authenticatorCode")}
+                                </label>{" "}
+                                <span className="required">*</span>
+                            </div>
+                            <div className={clsx(kcProps.kcInputWrapperClass)}>
+                                <input
+                                    type="text"
+                                    id="totp"
+                                    name="totp"
+                                    autoComplete="off"
+                                    className={clsx(kcProps.kcInputClass)}
+                                    aria-invalid={messagesPerField.existsError("totp")}
+                                />
+
+                                {messagesPerField.existsError("totp") && (
+                                    <span id="input-error-otp-code" className={clsx(kcProps.kcInputErrorMessageClass)} aria-live="polite">
+                                        {messagesPerField.get("totp")}
+                                    </span>
+                                )}
+                            </div>
+                            <input type="hidden" id="totpSecret" name="totpSecret" value={totp.totpSecret} />
+                            {mode && <input type="hidden" id="mode" value={mode} />}
+                        </div>
+
+                        <div className={clsx(kcProps.kcFormGroupClass)}>
+                            <div className={clsx(kcProps.kcInputWrapperClass)}>
+                                <label htmlFor="userLabel" className={clsx(kcProps.kcLabelClass)}>
+                                    {msg("loginTotpDeviceName")}
+                                </label>{" "}
+                                {totp.otpCredentials.length >= 1 && <span className="required">*</span>}
+                            </div>
+                            <div className={clsx(kcProps.kcInputWrapperClass)}>
+                                <input
+                                    type="text"
+                                    id="userLabel"
+                                    name="userLabel"
+                                    autoComplete="off"
+                                    className={clsx(kcProps.kcInputClass)}
+                                    aria-invalid={messagesPerField.existsError("userLabel")}
+                                />
+                                {messagesPerField.existsError("userLabel") && (
+                                    <span id="input-error-otp-label" className={clsx(kcProps.kcInputErrorMessageClass)} aria-live="polite">
+                                        {messagesPerField.get("userLabel")}
+                                    </span>
+                                )}
+                            </div>
+                        </div>
+
+                        {isAppInitiatedAction ? (
+                            <>
+                                <input
+                                    type="submit"
+                                    className={clsx(kcProps.kcButtonClass, kcProps.kcButtonPrimaryClass, kcProps.kcButtonLargeClass)}
+                                    id="saveTOTPBtn"
+                                    value={msgStr("doSubmit")}
+                                />
+                                <button
+                                    type="submit"
+                                    className={clsx(
+                                        kcProps.kcButtonClass,
+                                        kcProps.kcButtonDefaultClass,
+                                        kcProps.kcButtonLargeClass,
+                                        kcProps.kcButtonLargeClass
+                                    )}
+                                    id="cancelTOTPBtn"
+                                    name="cancel-aia"
+                                    value="true"
+                                >
+                                    ${msg("doCancel")}
+                                </button>
+                            </>
+                        ) : (
+                            <input
+                                type="submit"
+                                className={clsx(kcProps.kcButtonClass, kcProps.kcButtonPrimaryClass, kcProps.kcButtonLargeClass)}
+                                id="saveTOTPBtn"
+                                value={msgStr("doSubmit")}
+                            />
+                        )}
+                    </form>
+                </>
+            }
+        />
+    );
+});
+
+export default LoginConfigTotp;

src/lib/components/LoginIdpLinkConfirm.tsx

@@ -1,61 +1,65 @@
-
-import { memo } from "react";
-import { Template } from "./Template";
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 import type { KcProps } from "./KcProps";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
-import { useKcMessage } from "../i18n/useKcMessage";
-import { useCssAndCx } from "tss-react";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
 
-export const LoginIdpLinkConfirm = memo(({ kcContext, ...props }: { kcContext: KcContextBase.LoginIdpLinkConfirm; } & KcProps) => {
+export type LoginIdpLinkConfirmProps = KcProps & {
+    kcContext: KcContextBase.LoginIdpLinkConfirm;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
 
-	const { url, idpAlias } = kcContext;
+const LoginIdpLinkConfirm = memo((props: LoginIdpLinkConfirmProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
 
-	const { msg } = useKcMessage();
+    const { url, idpAlias } = kcContext;
 
-	const { cx } = useCssAndCx();
-
-	return (
-		<Template
-			{...{ kcContext, ...props }}
-			doFetchDefaultThemeResources={true}
-			headerNode={msg("confirmLinkIdpTitle")}
-			formNode={
-				<form id="kc-register-form" action={url.loginAction} method="post">
-					<div className={cx(props.kcFormGroupClass)}>
-						<button
-							type="submit"
-							className={cx(
-								props.kcButtonClass,
-								props.kcButtonDefaultClass,
-								props.kcButtonBlockClass,
-								props.kcButtonLargeClass
-							)}
-							name="submitAction"
-							id="updateProfile"
-							value="updateProfile"
-						>
-							{msg("confirmLinkIdpReviewProfile")}
-						</button>
-						<button
-							type="submit"
-							className={cx(
-								props.kcButtonClass,
-								props.kcButtonDefaultClass,
-								props.kcButtonBlockClass,
-								props.kcButtonLargeClass
-							)}
-							name="submitAction"
-							id="linkAccount"
-							value="linkAccount"
-						>
-							{msg("confirmLinkIdpContinue", idpAlias)}
-						</button>
-					</div>
-				</form>
-			}
-		/>
-	);
+    const { msg } = i18n;
 
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            headerNode={msg("confirmLinkIdpTitle")}
+            formNode={
+                <form id="kc-register-form" action={url.loginAction} method="post">
+                    <div className={clsx(kcProps.kcFormGroupClass)}>
+                        <button
+                            type="submit"
+                            className={clsx(
+                                kcProps.kcButtonClass,
+                                kcProps.kcButtonDefaultClass,
+                                kcProps.kcButtonBlockClass,
+                                kcProps.kcButtonLargeClass
+                            )}
+                            name="submitAction"
+                            id="updateProfile"
+                            value="updateProfile"
+                        >
+                            {msg("confirmLinkIdpReviewProfile")}
+                        </button>
+                        <button
+                            type="submit"
+                            className={clsx(
+                                kcProps.kcButtonClass,
+                                kcProps.kcButtonDefaultClass,
+                                kcProps.kcButtonBlockClass,
+                                kcProps.kcButtonLargeClass
+                            )}
+                            name="submitAction"
+                            id="linkAccount"
+                            value="linkAccount"
+                        >
+                            {msg("confirmLinkIdpContinue", idpAlias)}
+                        </button>
+                    </div>
+                </form>
+            }
+        />
+    );
 });
 
-
+export default LoginIdpLinkConfirm;

src/lib/components/LoginIdpLinkEmail.tsx

@@ -0,0 +1,43 @@
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import type { I18n } from "../i18n";
+
+export type LoginIdpLinkEmailProps = KcProps & {
+    kcContext: KcContextBase.LoginIdpLinkEmail;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const LoginIdpLinkEmail = memo((props: LoginIdpLinkEmailProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { url, realm, brokerContext, idpAlias } = kcContext;
+
+    const { msg } = i18n;
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            headerNode={msg("emailLinkIdpTitle", idpAlias)}
+            formNode={
+                <>
+                    <p id="instruction1" className="instruction">
+                        {msg("emailLinkIdp1", idpAlias, brokerContext.username, realm.displayName)}
+                    </p>
+                    <p id="instruction2" className="instruction">
+                        {msg("emailLinkIdp2")} <a href={url.loginAction}>{msg("doClickHere")}</a> {msg("emailLinkIdp3")}
+                    </p>
+                    <p id="instruction3" className="instruction">
+                        {msg("emailLinkIdp4")} <a href={url.loginAction}>{msg("doClickHere")}</a> {msg("emailLinkIdp5")}
+                    </p>
+                </>
+            }
+        />
+    );
+});
+
+export default LoginIdpLinkEmail;

src/lib/components/LoginOtp.tsx

@@ -1,111 +1,89 @@
-
-
-import { useEffect, memo } from "react";
-import { Template } from "./Template";
+import React, { useEffect, memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 import type { KcProps } from "./KcProps";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
-import { useKcMessage } from "../i18n/useKcMessage";
-import { appendHead } from "../tools/appendHead";
-import { join as pathJoin } from "path";
-import { useCssAndCx } from "tss-react";
+import { headInsert } from "../tools/headInsert";
+import { pathJoin } from "../../bin/tools/pathJoin";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
 
-export const LoginOtp = memo(({ kcContext, ...props }: { kcContext: KcContextBase.LoginOtp; } & KcProps) => {
+export type LoginOtpProps = KcProps & {
+    kcContext: KcContextBase.LoginOtp;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const LoginOtp = memo((props: LoginOtpProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
 
     const { otpLogin, url } = kcContext;
 
-    const { cx } = useCssAndCx();
+    const { msg, msgStr } = i18n;
 
-    const { msg, msgStr } = useKcMessage();
+    useEffect(() => {
+        let isCleanedUp = false;
 
-    useEffect(
-        () => {
+        headInsert({
+            "type": "javascript",
+            "src": pathJoin(kcContext.url.resourcesCommonPath, "node_modules/jquery/dist/jquery.min.js")
+        }).then(() => {
+            if (isCleanedUp) return;
 
-            let isCleanedUp = false;
+            evaluateInlineScript();
+        });
 
-            appendHead({
-                "type": "javascript",
-                "src": pathJoin(
-                    kcContext.url.resourcesCommonPath,
-                    "node_modules/jquery/dist/jquery.min.js"
-                )
-            }).then(() => {
-
-                if (isCleanedUp) return;
-
-                evaluateInlineScript();
-
-            });
-
-            return () => { isCleanedUp = true };
-
-        },
-        []
-    );
+        return () => {
+            isCleanedUp = true;
+        };
+    }, []);
 
     return (
         <Template
-            {...{ kcContext, ...props }}
-            doFetchDefaultThemeResources={true}
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
             headerNode={msg("doLogIn")}
             formNode={
-
-                <form
-                    id="kc-otp-login-form"
-                    className={cx(props.kcFormClass)}
-                    action={url.loginAction}
-                    method="post"
-                >
-                    {
-                        otpLogin.userOtpCredentials.length > 1 &&
-                        <div className={cx(props.kcFormGroupClass)}>
-                            <div className={cx(props.kcInputWrapperClass)}>
-                                {
-                                    otpLogin.userOtpCredentials.map(otpCredential =>
-                                        <div key={otpCredential.id} className={cx(props.kcSelectOTPListClass)}>
-                                            <input type="hidden" value="${otpCredential.id}" />
-                                            <div className={cx(props.kcSelectOTPListItemClass)}>
-                                                <span className={cx(props.kcAuthenticatorOtpCircleClass)} />
-                                                <h2 className={cx(props.kcSelectOTPItemHeadingClass)}>
-                                                    {otpCredential.userLabel}
-                                                </h2>
-                                            </div>
+                <form id="kc-otp-login-form" className={clsx(kcProps.kcFormClass)} action={url.loginAction} method="post">
+                    {otpLogin.userOtpCredentials.length > 1 && (
+                        <div className={clsx(kcProps.kcFormGroupClass)}>
+                            <div className={clsx(kcProps.kcInputWrapperClass)}>
+                                {otpLogin.userOtpCredentials.map(otpCredential => (
+                                    <div key={otpCredential.id} className={clsx(kcProps.kcSelectOTPListClass)}>
+                                        <input type="hidden" value="${otpCredential.id}" />
+                                        <div className={clsx(kcProps.kcSelectOTPListItemClass)}>
+                                            <span className={clsx(kcProps.kcAuthenticatorOtpCircleClass)} />
+                                            <h2 className={clsx(kcProps.kcSelectOTPItemHeadingClass)}>{otpCredential.userLabel}</h2>
                                         </div>
-                                    )
-                                }
+                                    </div>
+                                ))}
                             </div>
                         </div>
-                    }
-                    <div className={cx(props.kcFormGroupClass)}>
-                        <div className={cx(props.kcLabelWrapperClass)}>
-                            <label htmlFor="otp" className={cx(props.kcLabelClass)}>
+                    )}
+                    <div className={clsx(kcProps.kcFormGroupClass)}>
+                        <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                            <label htmlFor="otp" className={clsx(kcProps.kcLabelClass)}>
                                 {msg("loginOtpOneTime")}
                             </label>
                         </div>
 
-                        <div className={cx(props.kcInputWrapperClass)}>
-                            <input
-                                id="otp"
-                                name="otp"
-                                autoComplete="off"
-                                type="text"
-                                className={cx(props.kcInputClass)}
-                                autoFocus
-                            />
+                        <div className={clsx(kcProps.kcInputWrapperClass)}>
+                            <input id="otp" name="otp" autoComplete="off" type="text" className={clsx(kcProps.kcInputClass)} autoFocus />
                         </div>
                     </div>
 
-                    <div className={cx(props.kcFormGroupClass)}>
-                        <div id="kc-form-options" className={cx(props.kcFormOptionsClass)}>
-                            <div className={cx(props.kcFormOptionsWrapperClass)} />
+                    <div className={clsx(kcProps.kcFormGroupClass)}>
+                        <div id="kc-form-options" className={clsx(kcProps.kcFormOptionsClass)}>
+                            <div className={clsx(kcProps.kcFormOptionsWrapperClass)} />
                         </div>
 
-                        <div id="kc-form-buttons" className={cx(props.kcFormButtonsClass)}>
+                        <div id="kc-form-buttons" className={clsx(kcProps.kcFormButtonsClass)}>
                             <input
-                                className={cx(
-                                    props.kcButtonClass,
-                                    props.kcButtonPrimaryClass,
-                                    props.kcButtonBlockClass,
-                                    props.kcButtonLargeClass
+                                className={clsx(
+                                    kcProps.kcButtonClass,
+                                    kcProps.kcButtonPrimaryClass,
+                                    kcProps.kcButtonBlockClass,
+                                    kcProps.kcButtonLargeClass
                                 )}
                                 name="login"
                                 id="kc-login"
@@ -114,35 +92,34 @@ export const LoginOtp = memo(({ kcContext, ...props }: { kcContext: KcContextBas
                             />
                         </div>
                     </div>
-                </form >
-
+                </form>
             }
         />
     );
 });
 
-
-
-
 declare const $: any;
 
 function evaluateInlineScript() {
-
     $(document).ready(function () {
         // Card Single Select
-        $('.card-pf-view-single-select').click(function (this: any) {
-            if ($(this).hasClass('active')) { $(this).removeClass('active'); $(this).children().removeAttr('name'); }
-            else {
-                $('.card-pf-view-single-select').removeClass('active');
-                $('.card-pf-view-single-select').children().removeAttr('name');
-                $(this).addClass('active'); $(this).children().attr('name', 'selectedCredentialId');
+        $(".card-pf-view-single-select").click(function (this: any) {
+            if ($(this).hasClass("active")) {
+                $(this).removeClass("active");
+                $(this).children().removeAttr("name");
+            } else {
+                $(".card-pf-view-single-select").removeClass("active");
+                $(".card-pf-view-single-select").children().removeAttr("name");
+                $(this).addClass("active");
+                $(this).children().attr("name", "selectedCredentialId");
             }
         });
 
-        var defaultCred = $('.card-pf-view-single-select')[0];
+        var defaultCred = $(".card-pf-view-single-select")[0];
         if (defaultCred) {
             defaultCred.click();
         }
     });
+}
 
-}
+export default LoginOtp;

src/lib/components/LoginPageExpired.tsx

@@ -0,0 +1,47 @@
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import type { I18n } from "../i18n";
+
+export type LoginPageExpired = KcProps & {
+    kcContext: KcContextBase.LoginPageExpired;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const LoginPageExpired = memo((props: LoginPageExpired) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { url } = kcContext;
+
+    const { msg } = i18n;
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            displayMessage={false}
+            headerNode={msg("pageExpiredTitle")}
+            formNode={
+                <>
+                    <p id="instruction1" className="instruction">
+                        {msg("pageExpiredMsg1")}
+                        <a id="loginRestartLink" href={url.loginRestartFlowUrl}>
+                            {msg("doClickHere")}
+                        </a>{" "}
+                        .<br />
+                        {msg("pageExpiredMsg2")}{" "}
+                        <a id="loginContinueLink" href={url.loginAction}>
+                            {msg("doClickHere")}
+                        </a>{" "}
+                        .
+                    </p>
+                </>
+            }
+        />
+    );
+});
+
+export default LoginPageExpired;

src/lib/components/LoginPassword.tsx

@@ -0,0 +1,97 @@
+import React, { useState, memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import { clsx } from "../tools/clsx";
+import { useConstCallback } from "powerhooks/useConstCallback";
+import type { FormEventHandler } from "react";
+import type { I18n } from "../i18n";
+
+export type LoginPasswordProps = KcProps & {
+    kcContext: KcContextBase.LoginPassword;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const LoginPassword = memo((props: LoginPasswordProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { realm, url, login } = kcContext;
+
+    const { msg, msgStr } = i18n;
+
+    const [isLoginButtonDisabled, setIsLoginButtonDisabled] = useState(false);
+
+    const onSubmit = useConstCallback<FormEventHandler<HTMLFormElement>>(e => {
+        e.preventDefault();
+
+        setIsLoginButtonDisabled(true);
+
+        const formElement = e.target as HTMLFormElement;
+
+        formElement.submit();
+    });
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            headerNode={msg("doLogIn")}
+            formNode={
+                <div id="kc-form">
+                    <div id="kc-form-wrapper">
+                        <form id="kc-form-login" onSubmit={onSubmit} action={url.loginAction} method="post">
+                            <div className={clsx(kcProps.kcFormGroupClass)}>
+                                <hr />
+                                <label htmlFor="password" className={clsx(kcProps.kcLabelClass)}>
+                                    {msg("password")}
+                                </label>
+                                <input
+                                    tabIndex={2}
+                                    id="password"
+                                    className={clsx(kcProps.kcInputClass)}
+                                    name="password"
+                                    type="password"
+                                    autoFocus={true}
+                                    autoComplete="on"
+                                    defaultValue={login.password ?? ""}
+                                />
+                            </div>
+                            <div className={clsx(kcProps.kcFormGroupClass, kcProps.kcFormSettingClass)}>
+                                <div id="kc-form-options" />
+                                <div className={clsx(kcProps.kcFormOptionsWrapperClass)}>
+                                    {realm.resetPasswordAllowed && (
+                                        <span>
+                                            <a tabIndex={5} href={url.loginResetCredentialsUrl}>
+                                                {msg("doForgotPassword")}
+                                            </a>
+                                        </span>
+                                    )}
+                                </div>
+                            </div>
+                            <div id="kc-form-buttons" className={clsx(kcProps.kcFormGroupClass)}>
+                                <input
+                                    tabIndex={4}
+                                    className={clsx(
+                                        kcProps.kcButtonClass,
+                                        kcProps.kcButtonPrimaryClass,
+                                        kcProps.kcButtonBlockClass,
+                                        kcProps.kcButtonLargeClass
+                                    )}
+                                    name="login"
+                                    id="kc-login"
+                                    type="submit"
+                                    value={msgStr("doLogIn")}
+                                    disabled={isLoginButtonDisabled}
+                                />
+                            </div>
+                        </form>
+                    </div>
+                </div>
+            }
+        />
+    );
+});
+
+export default LoginPassword;

src/lib/components/LoginResetPassword.tsx

@@ -1,72 +1,69 @@
-
-import { memo } from "react";
-import { Template } from "./Template";
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 import type { KcProps } from "./KcProps";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
-import { useKcMessage } from "../i18n/useKcMessage";
-import { useCssAndCx } from "tss-react";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
 
-export const LoginResetPassword = memo(({ kcContext, ...props }: { kcContext: KcContextBase.LoginResetPassword; } & KcProps) => {
+export type LoginResetPasswordProps = KcProps & {
+    kcContext: KcContextBase.LoginResetPassword;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
 
-    const {
-        url,
-        realm,
-        auth
-    } = kcContext;
+const LoginResetPassword = memo((props: LoginResetPasswordProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
 
-    const { msg, msgStr } = useKcMessage();
+    const { url, realm, auth } = kcContext;
 
-    const { cx } = useCssAndCx();
+    const { msg, msgStr } = i18n;
 
     return (
         <Template
-            {...{ kcContext, ...props }}
-            doFetchDefaultThemeResources={true}
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
             displayMessage={false}
             headerNode={msg("emailForgotTitle")}
             formNode={
-                <form id="kc-reset-password-form" className={cx(props.kcFormClass)} action={url.loginAction} method="post">
-                    <div className={cx(props.kcFormGroupClass)}>
-                        <div className={cx(props.kcLabelWrapperClass)}>
-                            <label htmlFor="username" className={cx(props.kcLabelClass)}>
-                                {
-                                    !realm.loginWithEmailAllowed ?
-                                        msg("username")
-                                        :
-                                        !realm.registrationEmailAsUsername ?
-                                            msg("usernameOrEmail") :
-                                            msg("email")
-                                }
+                <form id="kc-reset-password-form" className={clsx(kcProps.kcFormClass)} action={url.loginAction} method="post">
+                    <div className={clsx(kcProps.kcFormGroupClass)}>
+                        <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                            <label htmlFor="username" className={clsx(kcProps.kcLabelClass)}>
+                                {!realm.loginWithEmailAllowed
+                                    ? msg("username")
+                                    : !realm.registrationEmailAsUsername
+                                    ? msg("usernameOrEmail")
+                                    : msg("email")}
                             </label>
                         </div>
-                        <div className={cx(props.kcInputWrapperClass)}>
+                        <div className={clsx(kcProps.kcInputWrapperClass)}>
                             <input
                                 type="text"
                                 id="username"
                                 name="username"
-                                className={cx(props.kcInputClass)}
+                                className={clsx(kcProps.kcInputClass)}
                                 autoFocus
-                                defaultValue={
-                                    auth !== undefined && auth.showUsername ?
-                                        auth.attemptedUsername : undefined
-                                }
+                                defaultValue={auth !== undefined && auth.showUsername ? auth.attemptedUsername : undefined}
                             />
                         </div>
                     </div>
-                    <div className={cx(props.kcFormGroupClass, props.kcFormSettingClass)}>
-                        <div id="kc-form-options" className={cx(props.kcFormOptionsClass)}>
-                            <div className={cx(props.kcFormOptionsWrapperClass)}>
+                    <div className={clsx(kcProps.kcFormGroupClass, kcProps.kcFormSettingClass)}>
+                        <div id="kc-form-options" className={clsx(kcProps.kcFormOptionsClass)}>
+                            <div className={clsx(kcProps.kcFormOptionsWrapperClass)}>
                                 <span>
                                     <a href={url.loginUrl}>{msg("backToLogin")}</a>
                                 </span>
                             </div>
                         </div>
 
-                        <div id="kc-form-buttons" className={cx(props.kcFormButtonsClass)}>
+                        <div id="kc-form-buttons" className={clsx(kcProps.kcFormButtonsClass)}>
                             <input
-                                className={cx(
-                                    props.kcButtonClass, props.kcButtonPrimaryClass,
-                                    props.kcButtonBlockClass, props.kcButtonLargeClass
+                                className={clsx(
+                                    kcProps.kcButtonClass,
+                                    kcProps.kcButtonPrimaryClass,
+                                    kcProps.kcButtonBlockClass,
+                                    kcProps.kcButtonLargeClass
                                 )}
                                 type="submit"
                                 value={msgStr("doSubmit")}
@@ -80,4 +77,4 @@ export const LoginResetPassword = memo(({ kcContext, ...props }: { kcContext: Kc
     );
 });
 
-
+export default LoginResetPassword;

src/lib/components/LoginUpdatePassword.tsx

@@ -0,0 +1,128 @@
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
+
+export type LoginUpdatePasswordProps = KcProps & {
+    kcContext: KcContextBase.LoginUpdatePassword;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const LoginUpdatePassword = memo((props: LoginUpdatePasswordProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { msg, msgStr } = i18n;
+
+    const { url, messagesPerField, isAppInitiatedAction, username } = kcContext;
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            headerNode={msg("updatePasswordTitle")}
+            formNode={
+                <form id="kc-passwd-update-form" className={clsx(kcProps.kcFormClass)} action={url.loginAction} method="post">
+                    <input
+                        type="text"
+                        id="username"
+                        name="username"
+                        value={username}
+                        readOnly={true}
+                        autoComplete="username"
+                        style={{ display: "none" }}
+                    />
+                    <input type="password" id="password" name="password" autoComplete="current-password" style={{ display: "none" }} />
+
+                    <div className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("password", kcProps.kcFormGroupErrorClass))}>
+                        <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                            <label htmlFor="password-new" className={clsx(kcProps.kcLabelClass)}>
+                                {msg("passwordNew")}
+                            </label>
+                        </div>
+                        <div className={clsx(kcProps.kcInputWrapperClass)}>
+                            <input
+                                type="password"
+                                id="password-new"
+                                name="password-new"
+                                autoFocus
+                                autoComplete="new-password"
+                                className={clsx(kcProps.kcInputClass)}
+                            />
+                        </div>
+                    </div>
+
+                    <div
+                        className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("password-confirm", kcProps.kcFormGroupErrorClass))}
+                    >
+                        <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                            <label htmlFor="password-confirm" className={clsx(kcProps.kcLabelClass)}>
+                                {msg("passwordConfirm")}
+                            </label>
+                        </div>
+                        <div className={clsx(kcProps.kcInputWrapperClass)}>
+                            <input
+                                type="password"
+                                id="password-confirm"
+                                name="password-confirm"
+                                autoComplete="new-password"
+                                className={clsx(kcProps.kcInputClass)}
+                            />
+                        </div>
+                    </div>
+
+                    <div className={clsx(kcProps.kcFormGroupClass)}>
+                        <div id="kc-form-options" className={clsx(kcProps.kcFormOptionsClass)}>
+                            <div className={clsx(kcProps.kcFormOptionsWrapperClass)}>
+                                {isAppInitiatedAction && (
+                                    <div className="checkbox">
+                                        <label>
+                                            <input type="checkbox" id="logout-sessions" name="logout-sessions" value="on" checked />
+                                            {msgStr("logoutOtherSessions")}
+                                        </label>
+                                    </div>
+                                )}
+                            </div>
+                        </div>
+
+                        <div id="kc-form-buttons" className={clsx(kcProps.kcFormButtonsClass)}>
+                            {isAppInitiatedAction ? (
+                                <>
+                                    <input
+                                        className={clsx(kcProps.kcButtonClass, kcProps.kcButtonPrimaryClass, kcProps.kcButtonLargeClass)}
+                                        type="submit"
+                                        defaultValue={msgStr("doSubmit")}
+                                    />
+                                    <button
+                                        className={clsx(kcProps.kcButtonClass, kcProps.kcButtonDefaultClass, kcProps.kcButtonLargeClass)}
+                                        type="submit"
+                                        name="cancel-aia"
+                                        value="true"
+                                    >
+                                        {msg("doCancel")}
+                                    </button>
+                                </>
+                            ) : (
+                                <input
+                                    className={clsx(
+                                        kcProps.kcButtonClass,
+                                        kcProps.kcButtonPrimaryClass,
+                                        kcProps.kcButtonBlockClass,
+                                        kcProps.kcButtonLargeClass
+                                    )}
+                                    type="submit"
+                                    defaultValue={msgStr("doSubmit")}
+                                />
+                            )}
+                        </div>
+                    </div>
+                </form>
+            }
+        />
+    );
+});
+
+export default LoginUpdatePassword;

src/lib/components/LoginUpdateProfile.tsx

@@ -1,133 +1,135 @@
-import { memo } from "react";
-import { Template } from "./Template";
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 import type { KcProps } from "./KcProps";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
-import { useKcMessage } from "../i18n/useKcMessage";
-import { useCssAndCx } from "tss-react";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
 
-export const LoginUpdateProfile = memo(({ kcContext, ...props }: { kcContext: KcContextBase.LoginUpdateProfile; } & KcProps) => {
+export type LoginUpdateProfile = KcProps & {
+    kcContext: KcContextBase.LoginUpdateProfile;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
 
-	const { cx } = useCssAndCx();
+const LoginUpdateProfile = memo((props: LoginUpdateProfile) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
 
-	const { msg, msgStr } = useKcMessage();
+    const { msg, msgStr } = i18n;
 
-	const { url, user, messagesPerField, isAppInitiatedAction } = kcContext;
+    const { url, user, messagesPerField, isAppInitiatedAction } = kcContext;
 
-	return (
-		<Template
-			{...{ kcContext, ...props }}
-			doFetchDefaultThemeResources={true}
-			headerNode={msg("loginProfileTitle")}
-			formNode={
-				<form id="kc-update-profile-form" className={cx(props.kcFormClass)} action={url.loginAction} method="post">
-					{user.editUsernameAllowed &&
-						<div className={cx(props.kcFormGroupClass, messagesPerField.printIfExists("username", props.kcFormGroupErrorClass))}>
-							<div className={cx(props.kcLabelWrapperClass)}>
-								<label htmlFor="username" className={cx(props.kcLabelClass)}>
-									{msg("username")}
-								</label>
-							</div>
-							<div className={cx(props.kcInputWrapperClass)}>
-								<input
-									type="text"
-									id="username"
-									name="username"
-									defaultValue={user.username ?? ""}
-									className={cx(props.kcInputClass)}
-								/>
-							</div>
-						</div>
-					}
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            headerNode={msg("loginProfileTitle")}
+            formNode={
+                <form id="kc-update-profile-form" className={clsx(kcProps.kcFormClass)} action={url.loginAction} method="post">
+                    {user.editUsernameAllowed && (
+                        <div className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("username", kcProps.kcFormGroupErrorClass))}>
+                            <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                                <label htmlFor="username" className={clsx(kcProps.kcLabelClass)}>
+                                    {msg("username")}
+                                </label>
+                            </div>
+                            <div className={clsx(kcProps.kcInputWrapperClass)}>
+                                <input
+                                    type="text"
+                                    id="username"
+                                    name="username"
+                                    defaultValue={user.username ?? ""}
+                                    className={clsx(kcProps.kcInputClass)}
+                                />
+                            </div>
+                        </div>
+                    )}
 
-					<div className={cx(props.kcFormGroupClass, messagesPerField.printIfExists("email", props.kcFormGroupErrorClass))}>
-						<div className={cx(props.kcLabelWrapperClass)}>
-							<label htmlFor="email" className={cx(props.kcLabelClass)}>
-								{msg("email")}
-							</label>
-						</div>
-						<div className={cx(props.kcInputWrapperClass)}>
-							<input
-								type="text"
-								id="email"
-								name="email"
-								defaultValue={user.email ?? ""}
-								className={cx(props.kcInputClass)}
-							/>
-						</div>
-					</div>
+                    <div className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("email", kcProps.kcFormGroupErrorClass))}>
+                        <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                            <label htmlFor="email" className={clsx(kcProps.kcLabelClass)}>
+                                {msg("email")}
+                            </label>
+                        </div>
+                        <div className={clsx(kcProps.kcInputWrapperClass)}>
+                            <input type="text" id="email" name="email" defaultValue={user.email ?? ""} className={clsx(kcProps.kcInputClass)} />
+                        </div>
+                    </div>
 
-					<div className={cx(props.kcFormGroupClass, messagesPerField.printIfExists("firstName", props.kcFormGroupErrorClass))}>
-						<div className={cx(props.kcLabelWrapperClass)}>
-							<label htmlFor="firstName" className={cx(props.kcLabelClass)}>
-								{msg("firstName")}
-							</label>
-						</div>
-						<div className={cx(props.kcInputWrapperClass)}>
-							<input
-								type="text"
-								id="firstName"
-								name="firstName"
-								defaultValue={user.firstName ?? ""}
-								className={cx(props.kcInputClass)}
-							/>
-						</div>
-					</div>
+                    <div className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("firstName", kcProps.kcFormGroupErrorClass))}>
+                        <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                            <label htmlFor="firstName" className={clsx(kcProps.kcLabelClass)}>
+                                {msg("firstName")}
+                            </label>
+                        </div>
+                        <div className={clsx(kcProps.kcInputWrapperClass)}>
+                            <input
+                                type="text"
+                                id="firstName"
+                                name="firstName"
+                                defaultValue={user.firstName ?? ""}
+                                className={clsx(kcProps.kcInputClass)}
+                            />
+                        </div>
+                    </div>
 
-					<div className={cx(props.kcFormGroupClass, messagesPerField.printIfExists("lastName", props.kcFormGroupErrorClass))}>
-						<div className={cx(props.kcLabelWrapperClass)}>
-							<label htmlFor="lastName" className={cx(props.kcLabelClass)}>
-								{msg("lastName")}
-							</label>
-						</div>
-						<div className={cx(props.kcInputWrapperClass)}>
-							<input
-								type="text"
-								id="lastName"
-								name="lastName"
-								defaultValue={user.lastName ?? ""}
-								className={cx(props.kcInputClass)}
-							/>
-						</div>
-					</div>
+                    <div className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("lastName", kcProps.kcFormGroupErrorClass))}>
+                        <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                            <label htmlFor="lastName" className={clsx(kcProps.kcLabelClass)}>
+                                {msg("lastName")}
+                            </label>
+                        </div>
+                        <div className={clsx(kcProps.kcInputWrapperClass)}>
+                            <input
+                                type="text"
+                                id="lastName"
+                                name="lastName"
+                                defaultValue={user.lastName ?? ""}
+                                className={clsx(kcProps.kcInputClass)}
+                            />
+                        </div>
+                    </div>
 
-					<div className={cx(props.kcFormGroupClass)}>
-						<div id="kc-form-options" className={cx(props.kcFormOptionsClass)}>
-							<div className={cx(props.kcFormOptionsWrapperClass)} />
-						</div>
-
-						<div id="kc-form-buttons" className={cx(props.kcFormButtonsClass)}>
-							{
-								isAppInitiatedAction ?
-									<>
-										<input
-											className={cx(props.kcButtonClass, props.kcButtonPrimaryClass, props.kcButtonLargeClass)}
-											type="submit"
-											defaultValue={msgStr("doSubmit")}
-										/>
-										<button
-											className={cx(props.kcButtonClass, props.kcButtonDefaultClass, props.kcButtonLargeClass)}
-											type="submit"
-											name="cancel-aia"
-											value="true"
-										>
-											{msg("doCancel")}
-										</button>
-									</>
-									:
-									<input
-										className={cx(props.kcButtonClass, props.kcButtonPrimaryClass, props.kcButtonBlockClass, props.kcButtonLargeClass)}
-										type="submit"
-										defaultValue={msgStr("doSubmit")}
-									/>
-							}
-						</div>
-					</div>
-
-				</form>
-			}
-		/>
-	);
+                    <div className={clsx(kcProps.kcFormGroupClass)}>
+                        <div id="kc-form-options" className={clsx(kcProps.kcFormOptionsClass)}>
+                            <div className={clsx(kcProps.kcFormOptionsWrapperClass)} />
+                        </div>
 
+                        <div id="kc-form-buttons" className={clsx(kcProps.kcFormButtonsClass)}>
+                            {isAppInitiatedAction ? (
+                                <>
+                                    <input
+                                        className={clsx(kcProps.kcButtonClass, kcProps.kcButtonPrimaryClass, kcProps.kcButtonLargeClass)}
+                                        type="submit"
+                                        defaultValue={msgStr("doSubmit")}
+                                    />
+                                    <button
+                                        className={clsx(kcProps.kcButtonClass, kcProps.kcButtonDefaultClass, kcProps.kcButtonLargeClass)}
+                                        type="submit"
+                                        name="cancel-aia"
+                                        value="true"
+                                    >
+                                        {msg("doCancel")}
+                                    </button>
+                                </>
+                            ) : (
+                                <input
+                                    className={clsx(
+                                        kcProps.kcButtonClass,
+                                        kcProps.kcButtonPrimaryClass,
+                                        kcProps.kcButtonBlockClass,
+                                        kcProps.kcButtonLargeClass
+                                    )}
+                                    type="submit"
+                                    defaultValue={msgStr("doSubmit")}
+                                />
+                            )}
+                        </div>
+                    </div>
+                </form>
+            }
+        />
+    );
 });
 
-
+export default LoginUpdateProfile;

src/lib/components/LoginUsername.tsx

@@ -0,0 +1,169 @@
+import React, { useState, memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import { clsx } from "../tools/clsx";
+import { useConstCallback } from "powerhooks/useConstCallback";
+import type { FormEventHandler } from "react";
+import type { I18n } from "../i18n";
+
+export type LoginUsernameProps = KcProps & {
+    kcContext: KcContextBase.LoginUsername;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const LoginUsername = memo((props: LoginUsernameProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { social, realm, url, usernameHidden, login, registrationDisabled } = kcContext;
+
+    const { msg, msgStr } = i18n;
+
+    const [isLoginButtonDisabled, setIsLoginButtonDisabled] = useState(false);
+
+    const onSubmit = useConstCallback<FormEventHandler<HTMLFormElement>>(e => {
+        e.preventDefault();
+
+        setIsLoginButtonDisabled(true);
+
+        const formElement = e.target as HTMLFormElement;
+
+        //NOTE: Even if we login with email Keycloak expect username and password in
+        //the POST request.
+        formElement.querySelector("input[name='email']")?.setAttribute("name", "username");
+
+        formElement.submit();
+    });
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            displayInfo={social.displayInfo}
+            displayWide={realm.password && social.providers !== undefined}
+            headerNode={msg("doLogIn")}
+            formNode={
+                <div id="kc-form" className={clsx(realm.password && social.providers !== undefined && kcProps.kcContentWrapperClass)}>
+                    <div
+                        id="kc-form-wrapper"
+                        className={clsx(
+                            realm.password && social.providers && [kcProps.kcFormSocialAccountContentClass, kcProps.kcFormSocialAccountClass]
+                        )}
+                    >
+                        {realm.password && (
+                            <form id="kc-form-login" onSubmit={onSubmit} action={url.loginAction} method="post">
+                                <div className={clsx(kcProps.kcFormGroupClass)}>
+                                    {!usernameHidden &&
+                                        (() => {
+                                            const label = !realm.loginWithEmailAllowed
+                                                ? "username"
+                                                : realm.registrationEmailAsUsername
+                                                ? "email"
+                                                : "usernameOrEmail";
+
+                                            const autoCompleteHelper: typeof label = label === "usernameOrEmail" ? "username" : label;
+
+                                            return (
+                                                <>
+                                                    <label htmlFor={autoCompleteHelper} className={clsx(kcProps.kcLabelClass)}>
+                                                        {msg(label)}
+                                                    </label>
+                                                    <input
+                                                        tabIndex={1}
+                                                        id={autoCompleteHelper}
+                                                        className={clsx(kcProps.kcInputClass)}
+                                                        //NOTE: This is used by Google Chrome auto fill so we use it to tell
+                                                        //the browser how to pre fill the form but before submit we put it back
+                                                        //to username because it is what keycloak expects.
+                                                        name={autoCompleteHelper}
+                                                        defaultValue={login.username ?? ""}
+                                                        type="text"
+                                                        autoFocus={true}
+                                                        autoComplete="off"
+                                                    />
+                                                </>
+                                            );
+                                        })()}
+                                </div>
+                                <div className={clsx(kcProps.kcFormGroupClass, kcProps.kcFormSettingClass)}>
+                                    <div id="kc-form-options">
+                                        {realm.rememberMe && !usernameHidden && (
+                                            <div className="checkbox">
+                                                <label>
+                                                    <input
+                                                        tabIndex={3}
+                                                        id="rememberMe"
+                                                        name="rememberMe"
+                                                        type="checkbox"
+                                                        {...(login.rememberMe
+                                                            ? {
+                                                                  "checked": true
+                                                              }
+                                                            : {})}
+                                                    />
+                                                    {msg("rememberMe")}
+                                                </label>
+                                            </div>
+                                        )}
+                                    </div>
+                                </div>
+                                <div id="kc-form-buttons" className={clsx(kcProps.kcFormGroupClass)}>
+                                    <input
+                                        tabIndex={4}
+                                        className={clsx(
+                                            kcProps.kcButtonClass,
+                                            kcProps.kcButtonPrimaryClass,
+                                            kcProps.kcButtonBlockClass,
+                                            kcProps.kcButtonLargeClass
+                                        )}
+                                        name="login"
+                                        id="kc-login"
+                                        type="submit"
+                                        value={msgStr("doLogIn")}
+                                        disabled={isLoginButtonDisabled}
+                                    />
+                                </div>
+                            </form>
+                        )}
+                    </div>
+                    {realm.password && social.providers !== undefined && (
+                        <div id="kc-social-providers" className={clsx(kcProps.kcFormSocialAccountContentClass, kcProps.kcFormSocialAccountClass)}>
+                            <ul
+                                className={clsx(
+                                    kcProps.kcFormSocialAccountListClass,
+                                    social.providers.length > 4 && kcProps.kcFormSocialAccountDoubleListClass
+                                )}
+                            >
+                                {social.providers.map(p => (
+                                    <li key={p.providerId} className={clsx(kcProps.kcFormSocialAccountListLinkClass)}>
+                                        <a href={p.loginUrl} id={`zocial-${p.alias}`} className={clsx("zocial", p.providerId)}>
+                                            <span>{p.displayName}</span>
+                                        </a>
+                                    </li>
+                                ))}
+                            </ul>
+                        </div>
+                    )}
+                </div>
+            }
+            infoNode={
+                realm.password &&
+                realm.registrationAllowed &&
+                !registrationDisabled && (
+                    <div id="kc-registration">
+                        <span>
+                            {msg("noAccount")}
+                            <a tabIndex={6} href={url.registrationUrl}>
+                                {msg("doRegister")}
+                            </a>
+                        </span>
+                    </div>
+                )
+            }
+        />
+    );
+});
+
+export default LoginUsername;

src/lib/components/LoginVerifyEmail.tsx

@@ -1,39 +1,43 @@
-
-import { memo } from "react";
-import { Template } from "./Template";
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 import type { KcProps } from "./KcProps";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
-import { useKcMessage } from "../i18n/useKcMessage";
+import type { I18n } from "../i18n";
 
-export const LoginVerifyEmail = memo(({ kcContext, ...props }: { kcContext: KcContextBase.LoginVerifyEmail; } & KcProps) => {
+export type LoginVerifyEmailProps = KcProps & {
+    kcContext: KcContextBase.LoginVerifyEmail;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
 
-    const { msg } = useKcMessage();
+const LoginVerifyEmail = memo((props: LoginVerifyEmailProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
 
-    const {
-        url
-    } = kcContext;
+    const { msg } = i18n;
+
+    const { url, user } = kcContext;
 
     return (
         <Template
-            {...{ kcContext, ...props }}
-            doFetchDefaultThemeResources={true}
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
             displayMessage={false}
             headerNode={msg("emailVerifyTitle")}
             formNode={
                 <>
-                    <p className="instruction">
-                        {msg("emailVerifyInstruction1")}
-                    </p>
+                    <p className="instruction">{msg("emailVerifyInstruction1", user?.email)}</p>
                     <p className="instruction">
                         {msg("emailVerifyInstruction2")}
+                        <br />
                         <a href={url.loginAction}>{msg("doClickHere")}</a>
+                        &nbsp;
                         {msg("emailVerifyInstruction3")}
                     </p>
                 </>
             }
         />
     );
-
 });
 
-
+export default LoginVerifyEmail;

src/lib/components/LogoutConfirm.tsx

@@ -0,0 +1,69 @@
+import React, { memo } from "react";
+import { clsx } from "../tools/clsx";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import type { I18n } from "../i18n";
+
+export type LogoutConfirmProps = KcProps & {
+    kcContext: KcContextBase.LogoutConfirm;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const LogoutConfirm = memo((props: LogoutConfirmProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { url, client, logoutConfirm } = kcContext;
+
+    const { msg, msgStr } = i18n;
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            displayMessage={false}
+            headerNode={msg("logoutConfirmTitle")}
+            formNode={
+                <>
+                    <div id="kc-logout-confirm" className="content-area">
+                        <p className="instruction">{msg("logoutConfirmHeader")}</p>
+                        <form className="form-actions" action={url.logoutConfirmAction} method="POST">
+                            <input type="hidden" name="session_code" value={logoutConfirm.code} />
+                            <div className={clsx(kcProps.kcFormGroupClass)}>
+                                <div id="kc-form-options">
+                                    <div className={clsx(kcProps.kcFormOptionsWrapperClass)}></div>
+                                </div>
+                                <div id="kc-form-buttons" className={clsx(kcProps.kcFormGroupClass)}>
+                                    <input
+                                        tabIndex={4}
+                                        className={clsx(
+                                            kcProps.kcButtonClass,
+                                            kcProps.kcButtonPrimaryClass,
+                                            kcProps.kcButtonBlockClass,
+                                            kcProps.kcButtonLargeClass
+                                        )}
+                                        name="confirmLogout"
+                                        id="kc-logout"
+                                        type="submit"
+                                        value={msgStr("doLogout")}
+                                    />
+                                </div>
+                            </div>
+                        </form>
+                        <div id="kc-info-message">
+                            {!logoutConfirm.skipLink && client.baseUrl && (
+                                <p>
+                                    <a href={client.baseUrl} dangerouslySetInnerHTML={{ __html: msgStr("backToApplication") }} />
+                                </p>
+                            )}
+                        </div>
+                    </div>
+                </>
+            }
+        />
+    );
+});
+
+export default LogoutConfirm;

src/lib/components/Register.tsx

@@ -1,126 +1,172 @@
-import { memo } from "react";
-import { Template } from "./Template";
+import React, { memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 import type { KcProps } from "./KcProps";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
-import { useKcMessage } from "../i18n/useKcMessage";
-import { useCssAndCx } from "tss-react";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
 
-export const Register = memo(({ kcContext, ...props }: { kcContext: KcContextBase.Register; } & KcProps) => {
+export type RegisterProps = KcProps & {
+    kcContext: KcContextBase.Register;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
 
-    const {
-        url,
-        messagesPerField,
-        register,
-        realm,
-        passwordRequired,
-        recaptchaRequired,
-        recaptchaSiteKey
-    } = kcContext;
+const Register = memo((props: RegisterProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
 
-    const { msg, msgStr } = useKcMessage();
+    const { url, messagesPerField, register, realm, passwordRequired, recaptchaRequired, recaptchaSiteKey } = kcContext;
 
-    const { cx } = useCssAndCx();
+    const { msg, msgStr } = i18n;
 
     return (
         <Template
-            {...{ kcContext, ...props }}
-            doFetchDefaultThemeResources={true}
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
             headerNode={msg("registerTitle")}
             formNode={
-                <form id="kc-register-form" className={cx(props.kcFormClass)} action={url.registrationAction} method="post">
-
-                    <div className={cx(props.kcFormGroupClass, messagesPerField.printIfExists("firstName", props.kcFormGroupErrorClass))}>
-                        <div className={cx(props.kcLabelWrapperClass)}>
-                            <label htmlFor="firstName" className={cx(props.kcLabelClass)}>{msg("firstName")}</label>
+                <form id="kc-register-form" className={clsx(kcProps.kcFormClass)} action={url.registrationAction} method="post">
+                    <div className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("firstName", kcProps.kcFormGroupErrorClass))}>
+                        <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                            <label htmlFor="firstName" className={clsx(kcProps.kcLabelClass)}>
+                                {msg("firstName")}
+                            </label>
                         </div>
-                        <div className={cx(props.kcInputWrapperClass)}>
-                            <input type="text" id="firstName" className={cx(props.kcInputClass)} name="firstName"
+                        <div className={clsx(kcProps.kcInputWrapperClass)}>
+                            <input
+                                type="text"
+                                id="firstName"
+                                className={clsx(kcProps.kcInputClass)}
+                                name="firstName"
                                 defaultValue={register.formData.firstName ?? ""}
                             />
                         </div>
                     </div>
 
-                    <div className={cx(props.kcFormGroupClass, messagesPerField.printIfExists("lastName", props.kcFormGroupErrorClass))}>
-                        <div className={cx(props.kcLabelWrapperClass)}>
-                            <label htmlFor="lastName" className={cx(props.kcLabelClass)}>{msg("lastName")}</label>
+                    <div className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("lastName", kcProps.kcFormGroupErrorClass))}>
+                        <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                            <label htmlFor="lastName" className={clsx(kcProps.kcLabelClass)}>
+                                {msg("lastName")}
+                            </label>
                         </div>
-                        <div className={cx(props.kcInputWrapperClass)}>
-                            <input type="text" id="lastName" className={cx(props.kcInputClass)} name="lastName"
+                        <div className={clsx(kcProps.kcInputWrapperClass)}>
+                            <input
+                                type="text"
+                                id="lastName"
+                                className={clsx(kcProps.kcInputClass)}
+                                name="lastName"
                                 defaultValue={register.formData.lastName ?? ""}
                             />
                         </div>
                     </div>
 
-                    <div className={cx(props.kcFormGroupClass, messagesPerField.printIfExists('email', props.kcFormGroupErrorClass))}>
-                        <div className={cx(props.kcLabelWrapperClass)}>
-                            <label htmlFor="email" className={cx(props.kcLabelClass)}>{msg("email")}</label>
+                    <div className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("email", kcProps.kcFormGroupErrorClass))}>
+                        <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                            <label htmlFor="email" className={clsx(kcProps.kcLabelClass)}>
+                                {msg("email")}
+                            </label>
                         </div>
-                        <div className={cx(props.kcInputWrapperClass)}>
-                            <input type="text" id="email" className={cx(props.kcInputClass)} name="email"
-                                defaultValue={register.formData.email ?? ""} autoComplete="email"
+                        <div className={clsx(kcProps.kcInputWrapperClass)}>
+                            <input
+                                type="text"
+                                id="email"
+                                className={clsx(kcProps.kcInputClass)}
+                                name="email"
+                                defaultValue={register.formData.email ?? ""}
+                                autoComplete="email"
                             />
                         </div>
                     </div>
-                    {
-                        !realm.registrationEmailAsUsername &&
-
-                        <div className={cx(props.kcFormGroupClass, messagesPerField.printIfExists('username', props.kcFormGroupErrorClass))}>
-                            <div className={cx(props.kcLabelWrapperClass)}>
-                                <label htmlFor="username" className={cx(props.kcLabelClass)}>{msg("username")}</label>
+                    {!realm.registrationEmailAsUsername && (
+                        <div className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("username", kcProps.kcFormGroupErrorClass))}>
+                            <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                                <label htmlFor="username" className={clsx(kcProps.kcLabelClass)}>
+                                    {msg("username")}
+                                </label>
                             </div>
-                            <div className={cx(props.kcInputWrapperClass)}>
-                                <input type="text" id="username" className={cx(props.kcInputClass)} name="username"
-                                    defaultValue={register.formData.username ?? ""} autoComplete="username" />
+                            <div className={clsx(kcProps.kcInputWrapperClass)}>
+                                <input
+                                    type="text"
+                                    id="username"
+                                    className={clsx(kcProps.kcInputClass)}
+                                    name="username"
+                                    defaultValue={register.formData.username ?? ""}
+                                    autoComplete="username"
+                                />
                             </div>
-                        </div >
-
-                    }
-                    {
-                        passwordRequired &&
+                        </div>
+                    )}
+                    {passwordRequired && (
                         <>
-
-                            <div className={cx(props.kcFormGroupClass, messagesPerField.printIfExists("password", props.kcFormGroupErrorClass))}>
-                                <div className={cx(props.kcLabelWrapperClass)}>
-                                    <label htmlFor="password" className={cx(props.kcLabelClass)}>{msg("password")}</label>
+                            <div
+                                className={clsx(kcProps.kcFormGroupClass, messagesPerField.printIfExists("password", kcProps.kcFormGroupErrorClass))}
+                            >
+                                <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                                    <label htmlFor="password" className={clsx(kcProps.kcLabelClass)}>
+                                        {msg("password")}
+                                    </label>
                                 </div>
-                                <div className={cx(props.kcInputWrapperClass)}>
-                                    <input type="password" id="password" className={cx(props.kcInputClass)} name="password" autoComplete="new-password" />
+                                <div className={clsx(kcProps.kcInputWrapperClass)}>
+                                    <input
+                                        type="password"
+                                        id="password"
+                                        className={clsx(kcProps.kcInputClass)}
+                                        name="password"
+                                        autoComplete="new-password"
+                                    />
                                 </div>
                             </div>
 
-                            <div className={cx(props.kcFormGroupClass, messagesPerField.printIfExists("password-confirm", props.kcFormGroupErrorClass))}>
-                                <div className={cx(props.kcLabelWrapperClass)}>
-                                    <label htmlFor="password-confirm" className={cx(props.kcLabelClass)}>{msg("passwordConfirm")}</label>
+                            <div
+                                className={clsx(
+                                    kcProps.kcFormGroupClass,
+                                    messagesPerField.printIfExists("password-confirm", kcProps.kcFormGroupErrorClass)
+                                )}
+                            >
+                                <div className={clsx(kcProps.kcLabelWrapperClass)}>
+                                    <label htmlFor="password-confirm" className={clsx(kcProps.kcLabelClass)}>
+                                        {msg("passwordConfirm")}
+                                    </label>
                                 </div>
-                                <div className={cx(props.kcInputWrapperClass)}>
-                                    <input type="password" id="password-confirm" className={cx(props.kcInputClass)} name="password-confirm" />
+                                <div className={clsx(kcProps.kcInputWrapperClass)}>
+                                    <input type="password" id="password-confirm" className={clsx(kcProps.kcInputClass)} name="password-confirm" />
                                 </div>
                             </div>
                         </>
-
-                    }
-                    {
-                        recaptchaRequired &&
+                    )}
+                    {recaptchaRequired && (
                         <div className="form-group">
-                            <div className={cx(props.kcInputWrapperClass)}>
+                            <div className={clsx(kcProps.kcInputWrapperClass)}>
                                 <div className="g-recaptcha" data-size="compact" data-sitekey={recaptchaSiteKey}></div>
                             </div>
                         </div>
-                    }
-                    <div className={cx(props.kcFormGroupClass)}>
-                        <div id="kc-form-options" className={cx(props.kcFormOptionsClass)}>
-                            <div className={cx(props.kcFormOptionsWrapperClass)}>
-                                <span><a href={url.loginUrl}>{msg("backToLogin")}</a></span>
+                    )}
+                    <div className={clsx(kcProps.kcFormGroupClass)}>
+                        <div id="kc-form-options" className={clsx(kcProps.kcFormOptionsClass)}>
+                            <div className={clsx(kcProps.kcFormOptionsWrapperClass)}>
+                                <span>
+                                    <a href={url.loginUrl}>{msg("backToLogin")}</a>
+                                </span>
                             </div>
                         </div>
 
-                        <div id="kc-form-buttons" className={cx(props.kcFormButtonsClass)}>
-                            <input className={cx(props.kcButtonClass, props.kcButtonPrimaryClass, props.kcButtonBlockClass, props.kcButtonLargeClass)} type="submit"
-                                value={msgStr("doRegister")} />
+                        <div id="kc-form-buttons" className={clsx(kcProps.kcFormButtonsClass)}>
+                            <input
+                                className={clsx(
+                                    kcProps.kcButtonClass,
+                                    kcProps.kcButtonPrimaryClass,
+                                    kcProps.kcButtonBlockClass,
+                                    kcProps.kcButtonLargeClass
+                                )}
+                                type="submit"
+                                value={msgStr("doRegister")}
+                            />
                         </div>
                     </div>
-                </form >
+                </form>
             }
         />
     );
 });
+
+export default Register;

src/lib/components/RegisterUserProfile.tsx

@@ -0,0 +1,71 @@
+import React, { memo, useState } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
+import { UserProfileFormFields } from "./shared/UserProfileCommons";
+
+export type RegisterUserProfileProps = KcProps & {
+    kcContext: KcContextBase.RegisterUserProfile;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const RegisterUserProfile = memo((props: RegisterUserProfileProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { url, messagesPerField, recaptchaRequired, recaptchaSiteKey } = kcContext;
+
+    const { msg, msgStr } = i18n;
+
+    const [isFomSubmittable, setIsFomSubmittable] = useState(false);
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            displayMessage={messagesPerField.exists("global")}
+            displayRequiredFields={true}
+            headerNode={msg("registerTitle")}
+            formNode={
+                <form id="kc-register-form" className={clsx(kcProps.kcFormClass)} action={url.registrationAction} method="post">
+                    <UserProfileFormFields kcContext={kcContext} onIsFormSubmittableValueChange={setIsFomSubmittable} i18n={i18n} {...kcProps} />
+                    {recaptchaRequired && (
+                        <div className="form-group">
+                            <div className={clsx(kcProps.kcInputWrapperClass)}>
+                                <div className="g-recaptcha" data-size="compact" data-sitekey={recaptchaSiteKey} />
+                            </div>
+                        </div>
+                    )}
+                    <div className={clsx(kcProps.kcFormGroupClass)} style={{ "marginBottom": 30 }}>
+                        <div id="kc-form-options" className={clsx(kcProps.kcFormOptionsClass)}>
+                            <div className={clsx(kcProps.kcFormOptionsWrapperClass)}>
+                                <span>
+                                    <a href={url.loginUrl}>{msg("backToLogin")}</a>
+                                </span>
+                            </div>
+                        </div>
+
+                        <div id="kc-form-buttons" className={clsx(kcProps.kcFormButtonsClass)}>
+                            <input
+                                className={clsx(
+                                    kcProps.kcButtonClass,
+                                    kcProps.kcButtonPrimaryClass,
+                                    kcProps.kcButtonBlockClass,
+                                    kcProps.kcButtonLargeClass
+                                )}
+                                type="submit"
+                                value={msgStr("doRegister")}
+                                disabled={!isFomSubmittable}
+                            />
+                        </div>
+                    </div>
+                </form>
+            }
+        />
+    );
+});
+
+export default RegisterUserProfile;

src/lib/components/Template.tsx

@@ -1,19 +1,14 @@
-
-import { useReducer, useEffect, memo } from "react";
+import React, { useReducer, useEffect, memo } from "react";
 import type { ReactNode } from "react";
-import { useKcMessage } from "../i18n/useKcMessage";
-import { useKcLanguageTag } from "../i18n/useKcLanguageTag";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
 import { assert } from "../tools/assert";
-import type { KcLanguageTag } from "../i18n/KcLanguageTag";
-import { getBestMatchAmongKcLanguageTag } from "../i18n/KcLanguageTag";
-import { getKcLanguageTagLabel } from "../i18n/KcLanguageTag";
 import { useCallbackFactory } from "powerhooks/useCallbackFactory";
-import { appendHead } from "../tools/appendHead";
-import { join as pathJoin } from "path";
+import { headInsert } from "../tools/headInsert";
+import { pathJoin } from "../../bin/tools/pathJoin";
 import { useConstCallback } from "powerhooks/useConstCallback";
 import type { KcTemplateProps } from "./KcProps";
-import { useCssAndCx } from "tss-react";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
 
 export type TemplateProps = {
     displayInfo?: boolean;
@@ -29,10 +24,9 @@ export type TemplateProps = {
      * to avoid pulling the default theme assets.
      */
     doFetchDefaultThemeResources: boolean;
-} & { kcContext: KcContextBase; } & KcTemplateProps;
-
-export const Template = memo((props: TemplateProps) => {
+} & { kcContext: KcContextBase; i18n: I18n } & KcTemplateProps;
 
+const Template = memo((props: TemplateProps) => {
     const {
         displayInfo = false,
         displayMessage = true,
@@ -44,53 +38,21 @@ export const Template = memo((props: TemplateProps) => {
         formNode,
         infoNode = null,
         kcContext,
+        i18n,
         doFetchDefaultThemeResources
     } = props;
 
-    const { cx } = useCssAndCx();
+    const { msg, changeLocale, labelBySupportedLanguageTag, currentLanguageTag } = i18n;
 
-    useEffect(() => { console.log("Rendering this page with react using keycloakify") }, []);
+    const onChangeLanguageClickFactory = useCallbackFactory(([kcLanguageTag]: [string]) => changeLocale(kcLanguageTag));
 
-    const { msg } = useKcMessage();
+    const onTryAnotherWayClick = useConstCallback(() => (document.forms["kc-select-try-another-way-form" as never].submit(), false));
 
-    const { kcLanguageTag, setKcLanguageTag } = useKcLanguageTag();
-
-
-    const onChangeLanguageClickFactory = useCallbackFactory(
-        ([languageTag]: [KcLanguageTag]) =>
-            setKcLanguageTag(languageTag)
-    );
-
-    const onTryAnotherWayClick = useConstCallback(() =>
-        (document.forms["kc-select-try-another-way-form" as never].submit(), false)
-    );
-
-    const {
-        realm, locale, auth,
-        url, message, isAppInitiatedAction
-    } = kcContext;
-
-    useEffect(() => {
-
-        if (!realm.internationalizationEnabled) {
-            return;
-        }
-
-        assert(locale !== undefined);
-
-        if (kcLanguageTag === getBestMatchAmongKcLanguageTag(locale.current)) {
-            return;
-        }
-
-        window.location.href =
-            locale.supported.find(({ languageTag }) => languageTag === kcLanguageTag)!.url;
-
-    }, [kcLanguageTag]);
+    const { realm, locale, auth, url, message, isAppInitiatedAction } = kcContext;
 
     const [isExtraCssLoaded, setExtraCssLoaded] = useReducer(() => true, false);
 
     useEffect(() => {
-
         if (!doFetchDefaultThemeResources) {
             setExtraCssLoaded();
             return;
@@ -99,55 +61,51 @@ export const Template = memo((props: TemplateProps) => {
         let isUnmounted = false;
         const cleanups: (() => void)[] = [];
 
-        const toArr = (x: string | readonly string[] | undefined) =>
-            typeof x === "string" ? x.split(" ") : x ?? [];
+        const toArr = (x: string | readonly string[] | undefined) => (typeof x === "string" ? x.split(" ") : x ?? []);
 
         Promise.all(
             [
                 ...toArr(props.stylesCommon).map(relativePath => pathJoin(url.resourcesCommonPath, relativePath)),
                 ...toArr(props.styles).map(relativePath => pathJoin(url.resourcesPath, relativePath))
-            ].map(href => appendHead({
-                "type": "css",
-                href
-            }))).then(() => {
+            ]
+                .reverse()
+                .map(href =>
+                    headInsert({
+                        "type": "css",
+                        href,
+                        "position": "prepend"
+                    })
+                )
+        ).then(() => {
+            if (isUnmounted) {
+                return;
+            }
 
-                if (isUnmounted) {
-                    return;
-                }
+            setExtraCssLoaded();
+        });
 
-                setExtraCssLoaded();
-
-            });
-
-        toArr(props.scripts).forEach(
-            relativePath => appendHead({
+        toArr(props.scripts).forEach(relativePath =>
+            headInsert({
                 "type": "javascript",
                 "src": pathJoin(url.resourcesPath, relativePath)
             })
         );
 
         if (props.kcHtmlClass !== undefined) {
+            const htmlClassList = document.getElementsByTagName("html")[0].classList;
 
-            const htmlClassList =
-                document.getElementsByTagName("html")[0]
-                    .classList;
-
-            const tokens = cx(props.kcHtmlClass).split(" ")
+            const tokens = clsx(props.kcHtmlClass).split(" ");
 
             htmlClassList.add(...tokens);
 
             cleanups.push(() => htmlClassList.remove(...tokens));
-
         }
 
         return () => {
-
             isUnmounted = true;
 
             cleanups.forEach(f => f());
-
         };
-
     }, [props.kcHtmlClass]);
 
     if (!isExtraCssLoaded) {
@@ -155,167 +113,137 @@ export const Template = memo((props: TemplateProps) => {
     }
 
     return (
-        <div className={cx(props.kcLoginClass)}>
-
-            <div id="kc-header" className={cx(props.kcHeaderClass)}>
-                <div id="kc-header-wrapper" className={cx(props.kcHeaderWrapperClass)}>
+        <div className={clsx(props.kcLoginClass)}>
+            <div id="kc-header" className={clsx(props.kcHeaderClass)}>
+                <div id="kc-header-wrapper" className={clsx(props.kcHeaderWrapperClass)}>
                     {msg("loginTitleHtml", realm.displayNameHtml)}
                 </div>
             </div>
 
-            <div className={cx(props.kcFormCardClass, displayWide && props.kcFormCardAccountClass)}>
-                <header className={cx(props.kcFormHeaderClass)}>
-                    {
-                        (
-                            realm.internationalizationEnabled &&
-                            (assert(locale !== undefined), true) &&
-                            locale.supported.length > 1
-                        ) &&
+            <div className={clsx(props.kcFormCardClass, displayWide && props.kcFormCardAccountClass)}>
+                <header className={clsx(props.kcFormHeaderClass)}>
+                    {realm.internationalizationEnabled && (assert(locale !== undefined), true) && locale.supported.length > 1 && (
                         <div id="kc-locale">
-                            <div id="kc-locale-wrapper" className={cx(props.kcLocaleWrapperClass)}>
+                            <div id="kc-locale-wrapper" className={clsx(props.kcLocaleWrapperClass)}>
                                 <div className="kc-dropdown" id="kc-locale-dropdown">
                                     <a href="#" id="kc-current-locale-link">
-                                        {getKcLanguageTagLabel(kcLanguageTag)}
+                                        {labelBySupportedLanguageTag[currentLanguageTag]}
                                     </a>
                                     <ul>
-                                        {
-                                            locale.supported.map(
-                                                ({ languageTag }) =>
-                                                    <li key={languageTag} className="kc-dropdown-item">
-                                                        <a href="#" onClick={onChangeLanguageClickFactory(languageTag)}>
-                                                            {getKcLanguageTagLabel(languageTag)}
-                                                        </a>
-
-                                                    </li>
-                                            )
-                                        }
+                                        {locale.supported.map(({ languageTag }) => (
+                                            <li key={languageTag} className="kc-dropdown-item">
+                                                <a href="#" onClick={onChangeLanguageClickFactory(languageTag)}>
+                                                    {labelBySupportedLanguageTag[languageTag]}
+                                                </a>
+                                            </li>
+                                        ))}
                                     </ul>
                                 </div>
                             </div>
                         </div>
-
-                    }
-                    {
-                        !(
-                            auth !== undefined &&
-                            auth.showUsername &&
-                            !auth.showResetCredentials
-                        ) ?
-                            (
-                                displayRequiredFields ?
-                                    (
-
-                                        <div className={cx(props.kcContentWrapperClass)}>
-                                            <div className={cx(props.kcLabelWrapperClass, "subtitle")}>
-                                                <span className="subtitle">
-                                                    <span className="required">*</span>
-                                                    {msg("requiredFields")}
-                                                </span>
+                    )}
+                    {!(auth !== undefined && auth.showUsername && !auth.showResetCredentials) ? (
+                        displayRequiredFields ? (
+                            <div className={clsx(props.kcContentWrapperClass)}>
+                                <div className={clsx(props.kcLabelWrapperClass, "subtitle")}>
+                                    <span className="subtitle">
+                                        <span className="required">*</span>
+                                        {msg("requiredFields")}
+                                    </span>
+                                </div>
+                                <div className="col-md-10">
+                                    <h1 id="kc-page-title">{headerNode}</h1>
+                                </div>
+                            </div>
+                        ) : (
+                            <h1 id="kc-page-title">{headerNode}</h1>
+                        )
+                    ) : displayRequiredFields ? (
+                        <div className={clsx(props.kcContentWrapperClass)}>
+                            <div className={clsx(props.kcLabelWrapperClass, "subtitle")}>
+                                <span className="subtitle">
+                                    <span className="required">*</span> {msg("requiredFields")}
+                                </span>
+                            </div>
+                            <div className="col-md-10">
+                                {showUsernameNode}
+                                <div className={clsx(props.kcFormGroupClass)}>
+                                    <div id="kc-username">
+                                        <label id="kc-attempted-username">{auth?.attemptedUsername}</label>
+                                        <a id="reset-login" href={url.loginRestartFlowUrl}>
+                                            <div className="kc-login-tooltip">
+                                                <i className={clsx(props.kcResetFlowIcon)}></i>
+                                                <span className="kc-tooltip-text">{msg("restartLoginTooltip")}</span>
                                             </div>
-                                            <div className="col-md-10">
-                                                <h1 id="kc-page-title">{headerNode}</h1>
-                                            </div>
-                                        </div>
-
-                                    )
-                                    :
-                                    (
-
-                                        <h1 id="kc-page-title">{headerNode}</h1>
-
-                                    )
-                            ) : (
-                                displayRequiredFields ? (
-                                    <div className={cx(props.kcContentWrapperClass)}>
-                                        <div className={cx(props.kcLabelWrapperClass, "subtitle")}>
-                                            <span className="subtitle"><span className="required">*</span> {msg("requiredFields")}</span>
-                                        </div>
-                                        <div className="col-md-10">
-                                            {showUsernameNode}
-                                            <div className={cx(props.kcFormGroupClass)}>
-                                                <div id="kc-username">
-                                                    <label id="kc-attempted-username">{auth?.attemptedUsername}</label>
-                                                    <a id="reset-login" href={url.loginRestartFlowUrl}>
-                                                        <div className="kc-login-tooltip">
-                                                            <i className={cx(props.kcResetFlowIcon)}></i>
-                                                            <span className="kc-tooltip-text">{msg("restartLoginTooltip")}</span>
-                                                        </div>
-                                                    </a>
-                                                </div>
-                                            </div>
-                                        </div>
+                                        </a>
                                     </div>
-                                ) : (
-                                    <>
-                                        {showUsernameNode}
-                                        <div className={cx(props.kcFormGroupClass)}>
-                                            <div id="kc-username">
-                                                <label id="kc-attempted-username">{auth?.attemptedUsername}</label>
-                                                <a id="reset-login" href={url.loginRestartFlowUrl}>
-                                                    <div className="kc-login-tooltip">
-                                                        <i className={cx(props.kcResetFlowIcon)}></i>
-                                                        <span className="kc-tooltip-text">{msg("restartLoginTooltip")}</span>
-                                                    </div>
-                                                </a>
-                                            </div>
+                                </div>
+                            </div>
+                        </div>
+                    ) : (
+                        <>
+                            {showUsernameNode}
+                            <div className={clsx(props.kcFormGroupClass)}>
+                                <div id="kc-username">
+                                    <label id="kc-attempted-username">{auth?.attemptedUsername}</label>
+                                    <a id="reset-login" href={url.loginRestartFlowUrl}>
+                                        <div className="kc-login-tooltip">
+                                            <i className={clsx(props.kcResetFlowIcon)}></i>
+                                            <span className="kc-tooltip-text">{msg("restartLoginTooltip")}</span>
                                         </div>
-                                    </>
-                                )
-                            )
-                    }
+                                    </a>
+                                </div>
+                            </div>
+                        </>
+                    )}
                 </header>
                 <div id="kc-content">
                     <div id="kc-content-wrapper">
                         {/* App-initiated actions should not see warning messages about the need to complete the action during login. */}
-                        {
-                            (
-                                displayMessage &&
-                                message !== undefined &&
-                                (
-                                    message.type !== "warning" ||
-                                    !isAppInitiatedAction
-                                )
-                            ) &&
-                            <div className={cx("alert", `alert-${message.type}`)}>
-                                {message.type === "success" && <span className={cx(props.kcFeedbackSuccessIcon)}></span>}
-                                {message.type === "warning" && <span className={cx(props.kcFeedbackWarningIcon)}></span>}
-                                {message.type === "error" && <span className={cx(props.kcFeedbackErrorIcon)}></span>}
-                                {message.type === "info" && <span className={cx(props.kcFeedbackInfoIcon)}></span>}
+                        {displayMessage && message !== undefined && (message.type !== "warning" || !isAppInitiatedAction) && (
+                            <div className={clsx("alert", `alert-${message.type}`)}>
+                                {message.type === "success" && <span className={clsx(props.kcFeedbackSuccessIcon)}></span>}
+                                {message.type === "warning" && <span className={clsx(props.kcFeedbackWarningIcon)}></span>}
+                                {message.type === "error" && <span className={clsx(props.kcFeedbackErrorIcon)}></span>}
+                                {message.type === "info" && <span className={clsx(props.kcFeedbackInfoIcon)}></span>}
                                 <span
                                     className="kc-feedback-text"
-                                    dangerouslySetInnerHTML={{ "__html": message.summary }}
+                                    dangerouslySetInnerHTML={{
+                                        "__html": message.summary
+                                    }}
                                 />
                             </div>
-                        }
+                        )}
                         {formNode}
-                        {
-                            (
-                                auth !== undefined &&
-                                auth.showTryAnotherWayLink &&
-                                showAnotherWayIfPresent
-                            ) &&
-
-                            <form id="kc-select-try-another-way-form" action={url.loginAction} method="post" className={cx(displayWide && props.kcContentWrapperClass)} >
-                                <div className={cx(displayWide && [props.kcFormSocialAccountContentClass, props.kcFormSocialAccountClass])} >
-                                    <div className={cx(props.kcFormGroupClass)}>
+                        {auth !== undefined && auth.showTryAnotherWayLink && showAnotherWayIfPresent && (
+                            <form
+                                id="kc-select-try-another-way-form"
+                                action={url.loginAction}
+                                method="post"
+                                className={clsx(displayWide && props.kcContentWrapperClass)}
+                            >
+                                <div className={clsx(displayWide && [props.kcFormSocialAccountContentClass, props.kcFormSocialAccountClass])}>
+                                    <div className={clsx(props.kcFormGroupClass)}>
                                         <input type="hidden" name="tryAnotherWay" value="on" />
-                                        <a href="#" id="try-another-way" onClick={onTryAnotherWayClick}>{msg("doTryAnotherWay")}</a>
+                                        <a href="#" id="try-another-way" onClick={onTryAnotherWayClick}>
+                                            {msg("doTryAnotherWay")}
+                                        </a>
                                     </div>
-                                </div >
+                                </div>
                             </form>
-                        }
-                        {
-                            displayInfo &&
-
-                            <div id="kc-info" className={cx(props.kcSignUpClass)}>
-                                <div id="kc-info-wrapper" className={cx(props.kcInfoAreaWrapperClass)}>
+                        )}
+                        {displayInfo && (
+                            <div id="kc-info" className={clsx(props.kcSignUpClass)}>
+                                <div id="kc-info-wrapper" className={clsx(props.kcInfoAreaWrapperClass)}>
                                     {infoNode}
                                 </div>
                             </div>
-                        }
+                        )}
                     </div>
                 </div>
             </div>
         </div>
     );
 });
+
+export default Template;

src/lib/components/Terms.tsx

@@ -1,37 +1,97 @@
-import { memo } from "react";
-import { Template } from "./Template";
+import React, { useEffect, memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
 import type { KcProps } from "./KcProps";
 import type { KcContextBase } from "../getKcContext/KcContextBase";
-import { useKcMessage } from "../i18n/useKcMessage";
-import { useCssAndCx } from "tss-react";
+import { clsx } from "../tools/clsx";
+import { Evt } from "evt";
+import { useRerenderOnStateChange } from "evt/hooks";
+import { assert } from "tsafe/assert";
+import { fallbackLanguageTag } from "../i18n";
+import type { I18n } from "../i18n";
+import memoize from "memoizee";
+import { useConst } from "powerhooks/useConst";
+import { useConstCallback } from "powerhooks/useConstCallback";
+import { Markdown } from "../tools/Markdown";
+import type { Extends } from "tsafe";
 
-export const Terms = memo(({ kcContext, ...props }: { kcContext: KcContextBase.Terms; } & KcProps) => {
+export const evtTermMarkdown = Evt.create<string | undefined>(undefined);
 
-    const { msg, msgStr } = useKcMessage();
+export type KcContextLike = {
+    pageId: KcContextBase["pageId"];
+    locale?: {
+        currentLanguageTag: string;
+    };
+};
 
-    const { cx } = useCssAndCx();
+assert<Extends<KcContextBase, KcContextLike>>();
+
+/** Allow to avoid bundling the terms and download it on demand*/
+export function useDownloadTerms(params: {
+    kcContext: KcContextLike;
+    downloadTermMarkdown: (params: { currentLanguageTag: string }) => Promise<string>;
+}) {
+    const { kcContext } = params;
+
+    const { downloadTermMarkdownMemoized } = (function useClosure() {
+        const { downloadTermMarkdown } = params;
+
+        const downloadTermMarkdownConst = useConstCallback(downloadTermMarkdown);
+
+        const downloadTermMarkdownMemoized = useConst(() =>
+            memoize((currentLanguageTag: string) => downloadTermMarkdownConst({ currentLanguageTag }), { "promise": true })
+        );
+
+        return { downloadTermMarkdownMemoized };
+    })();
+
+    useEffect(() => {
+        if (kcContext.pageId !== "terms.ftl") {
+            return;
+        }
+
+        downloadTermMarkdownMemoized(kcContext.locale?.currentLanguageTag ?? fallbackLanguageTag).then(
+            thermMarkdown => (evtTermMarkdown.state = thermMarkdown)
+        );
+    }, []);
+}
+
+export type TermsProps = KcProps & {
+    kcContext: KcContextBase.Terms;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const Terms = memo((props: TermsProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { msg, msgStr } = i18n;
+
+    useRerenderOnStateChange(evtTermMarkdown);
 
     const { url } = kcContext;
 
+    if (evtTermMarkdown.state === undefined) {
+        return null;
+    }
+
     return (
         <Template
-            {...{ kcContext, ...props }}
-            doFetchDefaultThemeResources={true}
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
             displayMessage={false}
             headerNode={msg("termsTitle")}
             formNode={
                 <>
-                    <div id="kc-terms-text">
-                        {msg("termsText")}
-                    </div>
+                    <div id="kc-terms-text">{evtTermMarkdown.state && <Markdown>{evtTermMarkdown.state}</Markdown>}</div>
                     <form className="form-actions" action={url.loginAction} method="POST">
                         <input
-                            className={cx(
-                                props.kcButtonClass,
-                                props.kcButtonClass,
-                                props.kcButtonClass,
-                                props.kcButtonPrimaryClass,
-                                props.kcButtonLargeClass
+                            className={clsx(
+                                kcProps.kcButtonClass,
+                                kcProps.kcButtonClass,
+                                kcProps.kcButtonClass,
+                                kcProps.kcButtonPrimaryClass,
+                                kcProps.kcButtonLargeClass
                             )}
                             name="accept"
                             id="kc-accept"
@@ -39,11 +99,7 @@ export const Terms = memo(({ kcContext, ...props }: { kcContext: KcContextBase.T
                             value={msgStr("doAccept")}
                         />
                         <input
-                            className={cx(
-                                props.kcButtonClass,
-                                props.kcButtonDefaultClass,
-                                props.kcButtonLargeClass
-                            )}
+                            className={clsx(kcProps.kcButtonClass, kcProps.kcButtonDefaultClass, kcProps.kcButtonLargeClass)}
                             name="cancel"
                             id="kc-decline"
                             type="submit"
@@ -57,4 +113,4 @@ export const Terms = memo(({ kcContext, ...props }: { kcContext: KcContextBase.T
     );
 });
 
-
+export default Terms;

src/lib/components/UpdateUserProfile.tsx

@@ -0,0 +1,78 @@
+import React, { useState, memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import { clsx } from "../tools/clsx";
+import type { I18n } from "../i18n";
+import { UserProfileFormFields } from "./shared/UserProfileCommons";
+
+export type UpdateUserProfileProps = KcProps & {
+    kcContext: KcContextBase.UpdateUserProfile;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const UpdateUserProfile = memo((props: UpdateUserProfileProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { msg, msgStr } = i18n;
+
+    const { url, isAppInitiatedAction } = kcContext;
+
+    const [isFomSubmittable, setIsFomSubmittable] = useState(false);
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            headerNode={msg("loginProfileTitle")}
+            formNode={
+                <form id="kc-update-profile-form" className={clsx(kcProps.kcFormClass)} action={url.loginAction} method="post">
+                    <UserProfileFormFields kcContext={kcContext} onIsFormSubmittableValueChange={setIsFomSubmittable} i18n={i18n} {...kcProps} />
+
+                    <div className={clsx(kcProps.kcFormGroupClass)}>
+                        <div id="kc-form-options" className={clsx(kcProps.kcFormOptionsClass)}>
+                            <div className={clsx(kcProps.kcFormOptionsWrapperClass)}></div>
+                        </div>
+
+                        <div id="kc-form-buttons" className={clsx(kcProps.kcFormButtonsClass)}>
+                            {isAppInitiatedAction ? (
+                                <>
+                                    <input
+                                        className={clsx(kcProps.kcButtonClass, kcProps.kcButtonPrimaryClass, kcProps.kcButtonLargeClass)}
+                                        type="submit"
+                                        value={msgStr("doSubmit")}
+                                    />
+                                    <button
+                                        className={clsx(kcProps.kcButtonClass, kcProps.kcButtonDefaultClass, kcProps.kcButtonLargeClass)}
+                                        type="submit"
+                                        name="cancel-aia"
+                                        value="true"
+                                        formNoValidate
+                                    >
+                                        {msg("doCancel")}
+                                    </button>
+                                </>
+                            ) : (
+                                <input
+                                    className={clsx(
+                                        kcProps.kcButtonClass,
+                                        kcProps.kcButtonPrimaryClass,
+                                        kcProps.kcButtonBlockClass,
+                                        kcProps.kcButtonLargeClass
+                                    )}
+                                    type="submit"
+                                    defaultValue={msgStr("doSubmit")}
+                                    disabled={!isFomSubmittable}
+                                />
+                            )}
+                        </div>
+                    </div>
+                </form>
+            }
+        />
+    );
+});
+
+export default UpdateUserProfile;

src/lib/components/WebauthnAuthenticate.tsx

@@ -0,0 +1,203 @@
+import React, { useRef, useState, memo } from "react";
+import DefaultTemplate from "./Template";
+import type { TemplateProps } from "./Template";
+import type { KcProps } from "./KcProps";
+import type { KcContextBase } from "../getKcContext/KcContextBase";
+import { clsx } from "../tools/clsx";
+import type { I18n, MessageKeyBase } from "../i18n";
+import { base64url } from "rfc4648";
+import { useConstCallback } from "powerhooks/useConstCallback";
+
+export type WebauthnAuthenticateProps = KcProps & {
+    kcContext: KcContextBase.WebauthnAuthenticate;
+    i18n: I18n;
+    doFetchDefaultThemeResources?: boolean;
+    Template?: (props: TemplateProps) => JSX.Element | null;
+};
+
+const WebauthnAuthenticate = memo((props: WebauthnAuthenticateProps) => {
+    const { kcContext, i18n, doFetchDefaultThemeResources = true, Template = DefaultTemplate, ...kcProps } = props;
+
+    const { url } = kcContext;
+
+    const { msg, msgStr } = i18n;
+
+    const { authenticators, challenge, shouldDisplayAuthenticators, userVerification, rpId } = kcContext;
+    const createTimeout = Number(kcContext.createTimeout);
+    const isUserIdentified = kcContext.isUserIdentified == "true";
+
+    const webAuthnAuthenticate = useConstCallback(async () => {
+        if (!isUserIdentified) {
+            return;
+        }
+        const allowCredentials = authenticators.authenticators.map(
+            authenticator =>
+                ({
+                    id: base64url.parse(authenticator.credentialId, { loose: true }),
+                    type: "public-key"
+                } as PublicKeyCredentialDescriptor)
+        );
+        // Check if WebAuthn is supported by this browser
+        if (!window.PublicKeyCredential) {
+            setError(msgStr("webauthn-unsupported-browser-text"));
+            submitForm();
+            return;
+        }
+
+        const publicKey: PublicKeyCredentialRequestOptions = {
+            rpId,
+            challenge: base64url.parse(challenge, { loose: true })
+        };
+
+        if (createTimeout !== 0) {
+            publicKey.timeout = createTimeout * 1000;
+        }
+
+        if (allowCredentials.length) {
+            publicKey.allowCredentials = allowCredentials;
+        }
+
+        if (userVerification !== "not specified") {
+            publicKey.userVerification = userVerification;
+        }
+
+        try {
+            const resultRaw = await navigator.credentials.get({ publicKey });
+            if (!resultRaw || resultRaw.type != "public-key") return;
+            const result = resultRaw as PublicKeyCredential;
+            if (!("authenticatorData" in result.response)) return;
+            const response = result.response as AuthenticatorAssertionResponse;
+            const clientDataJSON = response.clientDataJSON;
+            const authenticatorData = response.authenticatorData;
+            const signature = response.signature;
+
+            setClientDataJSON(base64url.stringify(new Uint8Array(clientDataJSON), { pad: false }));
+            setAuthenticatorData(base64url.stringify(new Uint8Array(authenticatorData), { pad: false }));
+            setSignature(base64url.stringify(new Uint8Array(signature), { pad: false }));
+            setCredentialId(result.id);
+            setUserHandle(base64url.stringify(new Uint8Array(response.userHandle!), { pad: false }));
+            submitForm();
+        } catch (err) {
+            setError(String(err));
+            submitForm();
+        }
+    });
+
+    const webAuthForm = useRef<HTMLFormElement>(null);
+    const submitForm = useConstCallback(() => {
+        webAuthForm.current!.submit();
+    });
+
+    const [clientDataJSON, setClientDataJSON] = useState("");
+    const [authenticatorData, setAuthenticatorData] = useState("");
+    const [signature, setSignature] = useState("");
+    const [credentialId, setCredentialId] = useState("");
+    const [userHandle, setUserHandle] = useState("");
+    const [error, setError] = useState("");
+
+    return (
+        <Template
+            {...{ kcContext, i18n, doFetchDefaultThemeResources, ...kcProps }}
+            headerNode={msg("webauthn-login-title")}
+            formNode={
+                <div id="kc-form-webauthn" className={clsx(kcProps.kcFormClass)}>
+                    <form id="webauth" action={url.loginAction} ref={webAuthForm} method="post">
+                        <input type="hidden" id="clientDataJSON" name="clientDataJSON" value={clientDataJSON} />
+                        <input type="hidden" id="authenticatorData" name="authenticatorData" value={authenticatorData} />
+                        <input type="hidden" id="signature" name="signature" value={signature} />
+                        <input type="hidden" id="credentialId" name="credentialId" value={credentialId} />
+                        <input type="hidden" id="userHandle" name="userHandle" value={userHandle} />
+                        <input type="hidden" id="error" name="error" value={error} />
+                    </form>
+                    <div className={clsx(kcProps.kcFormGroupClass)}>
+                        {authenticators &&
+                            (() => (
+                                <form id="authn_select" className={clsx(kcProps.kcFormClass)}>
+                                    {authenticators.authenticators.map(authenticator => (
+                                        <input
+                                            type="hidden"
+                                            name="authn_use_chk"
+                                            value={authenticator.credentialId}
+                                            key={authenticator.credentialId}
+                                        />
+                                    ))}
+                                </form>
+                            ))()}
+                        {authenticators &&
+                            shouldDisplayAuthenticators &&
+                            (() => (
+                                <>
+                                    {authenticators.authenticators.length > 1 && (
+                                        <p className={clsx(kcProps.kcSelectAuthListItemTitle)}>{msg("webauthn-available-authenticators")}</p>
+                                    )}
+                                    <div className={clsx(kcProps.kcFormClass)}>
+                                        {authenticators.authenticators.map(authenticator => (
+                                            <div id="kc-webauthn-authenticator" className={clsx(kcProps.kcSelectAuthListItemClass)}>
+                                                <div className={clsx(kcProps.kcSelectAuthListItemIconClass)}>
+                                                    <i
+                                                        className={clsx(
+                                                            kcProps[authenticator.transports.iconClass] ?? kcProps.kcWebAuthnDefaultIcon,
+                                                            kcProps.kcSelectAuthListItemIconPropertyClass
+                                                        )}
+                                                    />
+                                                </div>
+                                                <div className={clsx(kcProps.kcSelectAuthListItemBodyClass)}>
+                                                    <div
+                                                        id="kc-webauthn-authenticator-label"
+                                                        className={clsx(kcProps.kcSelectAuthListItemHeadingClass)}
+                                                    >
+                                                        {authenticator.label}
+                                                    </div>
+
+                                                    {authenticator.transports && authenticator.transports.displayNameProperties.length && (
+                                                        <div
+                                                            id="kc-webauthn-authenticator-transport"
+                                                            className={clsx(kcProps.kcSelectAuthListItemDescriptionClass)}
+                                                        >
+                                                            {authenticator.transports.displayNameProperties.map(
+                                                                (transport: MessageKeyBase, index: number) => (
+                                                                    <>
+                                                                        <span>{msg(transport)}</span>
+                                                                        {index < authenticator.transports.displayNameProperties.length - 1 && (
+                                                                            <span>{", "}</span>
+                                                                        )}
+                                                                    </>
+                                                                )
+                                                            )}
+                                                        </div>
+                                                    )}
+
+                                                    <div className={clsx(kcProps.kcSelectAuthListItemDescriptionClass)}>
+                                                        <span id="kc-webauthn-authenticator-created-label">{msg("webauthn-createdAt-label")}</span>
+                                                        <span id="kc-webauthn-authenticator-created">{authenticator.createdAt}</span>
+                                                    </div>
+                                                </div>
+                                                <div className={clsx(kcProps.kcSelectAuthListItemFillClass)} />
+                                            </div>
+                                        ))}
+                                    </div>
+                                </>
+                            ))()}
+                        <div id="kc-form-buttons" className={clsx(kcProps.kcFormButtonsClass)}>
+                            <input
+                                id="authenticateWebAuthnButton"
+                                type="button"
+                                onClick={webAuthnAuthenticate}
+                                autoFocus={true}
+                                value={msgStr("webauthn-doAuthenticate")}
+                                className={clsx(
+                                    kcProps.kcButtonClass,
+                                    kcProps.kcButtonPrimaryClass,
+                                    kcProps.kcButtonBlockClass,
+                                    kcProps.kcButtonLargeClass
+                                )}
+                            />
+                        </div>
+                    </div>
+                </div>
+            }
+        />
+    );
+});
+
+export default WebauthnAuthenticate;

src/lib/components/shared/UserProfileCommons.tsx

@@ -0,0 +1,173 @@
+import React, { memo, useEffect, Fragment } from "react";
+import type { KcProps } from "../KcProps";
+import type { Attribute } from "../../getKcContext/KcContextBase";
+import { clsx } from "../../tools/clsx";
+import type { ReactComponent } from "../../tools/ReactComponent";
+import { useCallbackFactory } from "powerhooks/useCallbackFactory";
+import { useFormValidationSlice } from "../../useFormValidationSlice";
+import type { I18n } from "../../i18n";
+import type { Param0 } from "tsafe/Param0";
+
+export type UserProfileFormFieldsProps = {
+    kcContext: Param0<typeof useFormValidationSlice>["kcContext"];
+    i18n: I18n;
+} & KcProps &
+    Partial<Record<"BeforeField" | "AfterField", ReactComponent<{ attribute: Attribute }>>> & {
+        onIsFormSubmittableValueChange: (isFormSubmittable: boolean) => void;
+    };
+
+export const UserProfileFormFields = memo(
+    ({ kcContext, onIsFormSubmittableValueChange, i18n, BeforeField, AfterField, ...props }: UserProfileFormFieldsProps) => {
+        const { advancedMsg } = i18n;
+
+        const {
+            formValidationState: { fieldStateByAttributeName, isFormSubmittable },
+            formValidationReducer,
+            attributesWithPassword
+        } = useFormValidationSlice({
+            kcContext,
+            i18n
+        });
+
+        useEffect(() => {
+            onIsFormSubmittableValueChange(isFormSubmittable);
+        }, [isFormSubmittable]);
+
+        const onChangeFactory = useCallbackFactory(
+            (
+                [name]: [string],
+                [
+                    {
+                        target: { value }
+                    }
+                ]: [React.ChangeEvent<HTMLInputElement | HTMLSelectElement>]
+            ) =>
+                formValidationReducer({
+                    "action": "update value",
+                    name,
+                    "newValue": value
+                })
+        );
+
+        const onBlurFactory = useCallbackFactory(([name]: [string]) =>
+            formValidationReducer({
+                "action": "focus lost",
+                name
+            })
+        );
+
+        let currentGroup = "";
+
+        return (
+            <>
+                {attributesWithPassword.map((attribute, i) => {
+                    const { group = "", groupDisplayHeader = "", groupDisplayDescription = "" } = attribute;
+
+                    const { value, displayableErrors } = fieldStateByAttributeName[attribute.name];
+
+                    const formGroupClassName = clsx(props.kcFormGroupClass, displayableErrors.length !== 0 && props.kcFormGroupErrorClass);
+
+                    return (
+                        <Fragment key={i}>
+                            {group !== currentGroup && (currentGroup = group) !== "" && (
+                                <div className={formGroupClassName}>
+                                    <div className={clsx(props.kcContentWrapperClass)}>
+                                        <label id={`header-${group}`} className={clsx(props.kcFormGroupHeader)}>
+                                            {advancedMsg(groupDisplayHeader) || currentGroup}
+                                        </label>
+                                    </div>
+                                    {groupDisplayDescription !== "" && (
+                                        <div className={clsx(props.kcLabelWrapperClass)}>
+                                            <label id={`description-${group}`} className={`${clsx(props.kcLabelClass)}`}>
+                                                {advancedMsg(groupDisplayDescription)}
+                                            </label>
+                                        </div>
+                                    )}
+                                </div>
+                            )}
+
+                            {BeforeField && <BeforeField attribute={attribute} />}
+
+                            <div className={formGroupClassName}>
+                                <div className={clsx(props.kcLabelWrapperClass)}>
+                                    <label htmlFor={attribute.name} className={clsx(props.kcLabelClass)}>
+                                        {advancedMsg(attribute.displayName ?? "")}
+                                    </label>
+                                    {attribute.required && <>*</>}
+                                </div>
+                                <div className={clsx(props.kcInputWrapperClass)}>
+                                    {(() => {
+                                        const { options } = attribute.validators;
+
+                                        if (options !== undefined) {
+                                            return (
+                                                <select
+                                                    id={attribute.name}
+                                                    name={attribute.name}
+                                                    onChange={onChangeFactory(attribute.name)}
+                                                    onBlur={onBlurFactory(attribute.name)}
+                                                    value={value}
+                                                >
+                                                    {options.options.map(option => (
+                                                        <option key={option} value={option}>
+                                                            {option}
+                                                        </option>
+                                                    ))}
+                                                </select>
+                                            );
+                                        }
+
+                                        return (
+                                            <input
+                                                type={(() => {
+                                                    switch (attribute.name) {
+                                                        case "password-confirm":
+                                                        case "password":
+                                                            return "password";
+                                                        default:
+                                                            return "text";
+                                                    }
+                                                })()}
+                                                id={attribute.name}
+                                                name={attribute.name}
+                                                value={value}
+                                                onChange={onChangeFactory(attribute.name)}
+                                                className={clsx(props.kcInputClass)}
+                                                aria-invalid={displayableErrors.length !== 0}
+                                                disabled={attribute.readOnly}
+                                                autoComplete={attribute.autocomplete}
+                                                onBlur={onBlurFactory(attribute.name)}
+                                            />
+                                        );
+                                    })()}
+                                    {displayableErrors.length !== 0 &&
+                                        (() => {
+                                            const divId = `input-error-${attribute.name}`;
+
+                                            return (
+                                                <>
+                                                    <style>{`#${divId} > span: { display: block; }`}</style>
+                                                    <span
+                                                        id={divId}
+                                                        className={clsx(props.kcInputErrorMessageClass)}
+                                                        style={{
+                                                            "position": displayableErrors.length === 1 ? "absolute" : undefined
+                                                        }}
+                                                        aria-live="polite"
+                                                    >
+                                                        {displayableErrors.map(({ errorMessage }) => errorMessage)}
+                                                    </span>
+                                                </>
+                                            );
+                                        })()}
+                                </div>
+                            </div>
+
+                            {AfterField && <AfterField attribute={attribute} />}
+                        </Fragment>
+                    );
+                })}
+            </>
+        );
+    }
+);

src/lib/getKcContext/KcContextBase.ts

@@ -1,25 +1,49 @@
+import type { PageId } from "../../bin/keycloakify/generateFtl";
+import { assert } from "tsafe/assert";
+import type { Equals } from "tsafe";
+import type { MessageKeyBase } from "../i18n";
+import type { KcTemplateClassKey } from "../components/KcProps";
 
-import type { PageId } from "../../bin/build-keycloak-theme/generateFtl";
-import type { KcLanguageTag } from "../i18n/KcLanguageTag";
-import { doExtends } from "tsafe/doExtends";
-import type { MessageKey } from "../i18n/useKcMessage";
-import type { LanguageLabel } from "../i18n/KcLanguageTag";
+type ExtractAfterStartingWith<Prefix extends string, StrEnum> = StrEnum extends `${Prefix}${infer U}` ? U : never;
 
-type ExtractAfterStartingWith<Prefix extends string, StrEnum> =
-    StrEnum extends `${Prefix}${infer U}` ? U : never;
-
-/** Take theses type definition with a grain of salt. 
+/** Take theses type definition with a grain of salt.
  * Some values might be undefined on some pages.
  * (ex: url.loginAction is undefined on error.ftl)
  */
 export type KcContextBase =
-    KcContextBase.Login | KcContextBase.Register | KcContextBase.Info |
-    KcContextBase.Error | KcContextBase.LoginResetPassword | KcContextBase.LoginVerifyEmail |
-    KcContextBase.Terms | KcContextBase.LoginOtp | KcContextBase.LoginUpdateProfile |
-    KcContextBase.LoginIdpLinkConfirm;
+    | KcContextBase.Login
+    | KcContextBase.Register
+    | KcContextBase.RegisterUserProfile
+    | KcContextBase.Info
+    | KcContextBase.Error
+    | KcContextBase.LoginResetPassword
+    | KcContextBase.LoginVerifyEmail
+    | KcContextBase.Terms
+    | KcContextBase.LoginOtp
+    | KcContextBase.LoginUsername
+    | KcContextBase.WebauthnAuthenticate
+    | KcContextBase.LoginPassword
+    | KcContextBase.LoginUpdatePassword
+    | KcContextBase.LoginUpdateProfile
+    | KcContextBase.LoginIdpLinkConfirm
+    | KcContextBase.LoginIdpLinkEmail
+    | KcContextBase.LoginPageExpired
+    | KcContextBase.LoginConfigTotp
+    | KcContextBase.LogoutConfirm
+    | KcContextBase.UpdateUserProfile
+    | KcContextBase.IdpReviewUserProfile;
+
+export type WebauthnAuthenticator = {
+    credentialId: string;
+    transports: {
+        iconClass: KcTemplateClassKey;
+        displayNameProperties: MessageKeyBase[];
+    };
+    label: string;
+    createdAt: string;
+};
 
 export declare namespace KcContextBase {
-
     export type Common = {
         url: {
             loginAction: string;
@@ -29,6 +53,7 @@ export declare namespace KcContextBase {
             loginUrl: string;
         };
         realm: {
+            name: string;
             displayName?: string;
             displayNameHtml?: string;
             internationalizationEnabled: boolean;
@@ -38,18 +63,15 @@ export declare namespace KcContextBase {
         locale?: {
             supported: {
                 url: string;
-                languageTag: KcLanguageTag;
-                /** Is determined by languageTag. Ex: languageTag === "en" => label === "English"
-                 * or getLanguageLabel(languageTag) === label
-                 */
-                //label: LanguageLabel;
+                label: string;
+                languageTag: string;
             }[];
-            current: LanguageLabel;
-        },
+            currentLanguageTag: string;
+        };
         auth?: {
-            showUsername: boolean;
-            showResetCredentials: boolean;
-            showTryAnotherWayLink: boolean;
+            showUsername?: boolean;
+            showResetCredentials?: boolean;
+            showTryAnotherWayLink?: boolean;
             attemptedUsername?: string;
         };
         scripts: string[];
@@ -60,8 +82,15 @@ export declare namespace KcContextBase {
         client: {
             clientId: string;
             name?: string;
-        }
+            description?: string;
+        };
         isAppInitiatedAction: boolean;
+        messagesPerField: {
+            printIfExists: <T>(fieldName: string, x: T) => T | undefined;
+            existsError: (fieldName: string) => boolean;
+            get: (fieldName: string) => string;
+            exists: (fieldName: string) => boolean;
+        };
     };
 
     export type Login = Common & {
@@ -83,7 +112,7 @@ export declare namespace KcContextBase {
         registrationDisabled: boolean;
         login: {
             username?: string;
-            rememberMe: boolean;
+            rememberMe?: boolean;
         };
         usernameEditDisabled: boolean;
         social: {
@@ -93,37 +122,14 @@ export declare namespace KcContextBase {
                 alias: string;
                 providerId: string;
                 displayName: string;
-            }[]
+            }[];
         };
     };
 
-    export type Register = Common & {
-        pageId: "register.ftl";
+    export type RegisterCommon = Common & {
         url: {
             registrationAction: string;
         };
-        messagesPerField: {
-            printIfExists<T>(
-                key:
-                    "userLabel" |
-                    "username" |
-                    "email" |
-                    "firstName" |
-                    "lastName" |
-                    "password" |
-                    "password-confirm",
-                x: T
-            ): T | undefined;
-        };
-        register: {
-            formData: {
-                firstName?: string;
-                displayName?: string;
-                lastName?: string;
-                email?: string;
-                username?: string;
-            }
-        };
         passwordRequired: boolean;
         recaptchaRequired: boolean;
         recaptchaSiteKey?: string;
@@ -134,27 +140,49 @@ export declare namespace KcContextBase {
                 alias: string;
                 providerId: string;
                 displayName: string;
-            }[]
+            }[];
+        };
+    };
+
+    export type Register = RegisterCommon & {
+        pageId: "register.ftl";
+        register: {
+            formData: {
+                firstName?: string;
+                displayName?: string;
+                lastName?: string;
+                email?: string;
+                username?: string;
+            };
+        };
+    };
+
+    export type RegisterUserProfile = RegisterCommon & {
+        pageId: "register-user-profile.ftl";
+        profile: {
+            context: "REGISTRATION_PROFILE";
+            attributes: Attribute[];
+            attributesByName: Record<string, Attribute>;
         };
     };
 
     export type Info = Common & {
         pageId: "info.ftl";
         messageHeader?: string;
-        requiredActions?: ExtractAfterStartingWith<"requiredAction.", MessageKey>[];
+        requiredActions?: ExtractAfterStartingWith<"requiredAction.", MessageKeyBase>[];
         skipLink: boolean;
         pageRedirectUri?: string;
         actionUri?: string;
         client: {
             baseUrl?: string;
-        }
+        };
     };
 
     export type Error = Common & {
         pageId: "error.ftl";
         client?: {
             baseUrl?: string;
-        },
+        };
         message: NonNullable<Common["message"]>;
     };
 
@@ -162,11 +190,15 @@ export declare namespace KcContextBase {
         pageId: "login-reset-password.ftl";
         realm: {
             loginWithEmailAllowed: boolean;
-        }
+        };
     };
 
     export type LoginVerifyEmail = Common & {
         pageId: "login-verify-email.ftl";
+        //NOTE: Optional because maybe it wasn't defined in older keycloak versions.
+        user?: {
+            email: string;
+        };
     };
 
     export type Terms = Common & {
@@ -176,8 +208,84 @@ export declare namespace KcContextBase {
     export type LoginOtp = Common & {
         pageId: "login-otp.ftl";
         otpLogin: {
-            userOtpCredentials: { id: string; userLabel: string; }[];
-        }
+            userOtpCredentials: { id: string; userLabel: string }[];
+        };
+    };
+
+    export type LoginUsername = Common & {
+        pageId: "login-username.ftl";
+        url: {
+            loginResetCredentialsUrl: string;
+            registrationUrl: string;
+        };
+        realm: {
+            loginWithEmailAllowed: boolean;
+            rememberMe: boolean;
+            password: boolean;
+            resetPasswordAllowed: boolean;
+            registrationAllowed: boolean;
+        };
+        registrationDisabled: boolean;
+        login: {
+            username?: string;
+            rememberMe?: boolean;
+        };
+        usernameHidden?: boolean;
+        social: {
+            displayInfo: boolean;
+            providers?: {
+                loginUrl: string;
+                alias: string;
+                providerId: string;
+                displayName: string;
+            }[];
+        };
+    };
+
+    export type LoginPassword = Common & {
+        pageId: "login-password.ftl";
+        url: {
+            loginResetCredentialsUrl: string;
+            registrationUrl: string;
+        };
+        realm: {
+            resetPasswordAllowed: boolean;
+        };
+        auth?: {
+            showUsername?: boolean;
+            showResetCredentials?: boolean;
+            showTryAnotherWayLink?: boolean;
+            attemptedUsername?: string;
+        };
+        social: {
+            displayInfo: boolean;
+        };
+        login: {
+            password?: string;
+        };
+    };
+
+    export type WebauthnAuthenticate = Common & {
+        pageId: "webauthn-authenticate.ftl";
+        authenticators: {
+            authenticators: WebauthnAuthenticator[];
+        };
+        challenge: string;
+        // I hate this:
+        userVerification: UserVerificationRequirement | "not specified";
+        rpId: string;
+        createTimeout: string;
+        isUserIdentified: "true" | "false";
+        shouldDisplayAuthenticators: boolean;
+        social: {
+            displayInfo: boolean;
+        };
+        login: {};
+    };
+
+    export type LoginUpdatePassword = Common & {
+        pageId: "login-update-password.ftl";
+        username: string;
     };
 
     export type LoginUpdateProfile = Common & {
@@ -189,13 +297,6 @@ export declare namespace KcContextBase {
             firstName?: string;
             lastName?: string;
         };
-        messagesPerField: {
-            printIfExists<T>(
-                key: "username" | "email" | "firstName" | "lastName",
-                x: T
-            ): T | undefined;
-        };
-
     };
 
     export type LoginIdpLinkConfirm = Common & {
@@ -203,10 +304,193 @@ export declare namespace KcContextBase {
         idpAlias: string;
     };
 
+    export type LoginIdpLinkEmail = Common & {
+        pageId: "login-idp-link-email.ftl";
+        brokerContext: {
+            username: string;
+        };
+        idpAlias: string;
+    };
+
+    export type LoginPageExpired = Common & {
+        pageId: "login-page-expired.ftl";
+    };
+
+    export type LoginConfigTotp = Common & {
+        pageId: "login-config-totp.ftl";
+        mode?: "qr" | "manual" | undefined | null;
+        totp: {
+            totpSecretEncoded: string;
+            qrUrl: string;
+            policy: {
+                supportedApplications: string[];
+                algorithm: "HmacSHA1" | "HmacSHA256" | "HmacSHA512";
+                digits: number;
+                lookAheadWindow: number;
+            } & (
+                | {
+                      type: "totp";
+                      period: number;
+                  }
+                | {
+                      type: "hotp";
+                      initialCounter: number;
+                  }
+            );
+            totpSecretQrCode: string;
+            manualUrl: string;
+            totpSecret: string;
+            otpCredentials: { id: string; userLabel: string }[];
+        };
+    };
+
+    export type LogoutConfirm = Common & {
+        pageId: "logout-confirm.ftl";
+        url: {
+            logoutConfirmAction: string;
+        };
+        client: {
+            baseUrl?: string;
+        };
+        logoutConfirm: {
+            code: string;
+            skipLink?: boolean;
+        };
+    };
+
+    export type UpdateUserProfile = Common & {
+        pageId: "update-user-profile.ftl";
+        profile: {
+            attributes: Attribute[];
+            attributesByName: Record<string, Attribute>;
+        };
+    };
+
+    export type IdpReviewUserProfile = Common & {
+        pageId: "idp-review-user-profile.ftl";
+        profile: {
+            context: "IDP_REVIEW";
+            attributes: Attribute[];
+            attributesByName: Record<string, Attribute>;
+        };
+    };
 }
 
-doExtends<KcContextBase["pageId"], PageId>();
-doExtends<PageId, KcContextBase["pageId"]>();
+export type Attribute = {
+    name: string;
+    displayName?: string;
+    required: boolean;
+    value?: string;
+    group?: string;
+    groupDisplayHeader?: string;
+    groupDisplayDescription?: string;
+    readOnly: boolean;
+    validators: Validators;
+    annotations: Record<string, string>;
+    groupAnnotations: Record<string, string>;
+    autocomplete?:
+        | "on"
+        | "off"
+        | "name"
+        | "honorific-prefix"
+        | "given-name"
+        | "additional-name"
+        | "family-name"
+        | "honorific-suffix"
+        | "nickname"
+        | "email"
+        | "username"
+        | "new-password"
+        | "current-password"
+        | "one-time-code"
+        | "organization-title"
+        | "organization"
+        | "street-address"
+        | "address-line1"
+        | "address-line2"
+        | "address-line3"
+        | "address-level4"
+        | "address-level3"
+        | "address-level2"
+        | "address-level1"
+        | "country"
+        | "country-name"
+        | "postal-code"
+        | "cc-name"
+        | "cc-given-name"
+        | "cc-additional-name"
+        | "cc-family-name"
+        | "cc-number"
+        | "cc-exp"
+        | "cc-exp-month"
+        | "cc-exp-year"
+        | "cc-csc"
+        | "cc-type"
+        | "transaction-currency"
+        | "transaction-amount"
+        | "language"
+        | "bday"
+        | "bday-day"
+        | "bday-month"
+        | "bday-year"
+        | "sex"
+        | "tel"
+        | "tel-country-code"
+        | "tel-national"
+        | "tel-area-code"
+        | "tel-local"
+        | "tel-extension"
+        | "impp"
+        | "url"
+        | "photo";
+};
 
+export type Validators = Partial<{
+    length: Validators.DoIgnoreEmpty & Validators.Range;
+    double: Validators.DoIgnoreEmpty & Validators.Range;
+    integer: Validators.DoIgnoreEmpty & Validators.Range;
+    email: Validators.DoIgnoreEmpty;
+    "up-immutable-attribute": {};
+    "up-attribute-required-by-metadata-value": {};
+    "up-username-has-value": {};
+    "up-duplicate-username": {};
+    "up-username-mutation": {};
+    "up-email-exists-as-username": {};
+    "up-blank-attribute-value": Validators.ErrorMessage & {
+        "fail-on-null": boolean;
+    };
+    "up-duplicate-email": {};
+    "local-date": Validators.DoIgnoreEmpty;
+    pattern: Validators.DoIgnoreEmpty & Validators.ErrorMessage & { pattern: string };
+    "person-name-prohibited-characters": Validators.DoIgnoreEmpty & Validators.ErrorMessage;
+    uri: Validators.DoIgnoreEmpty;
+    "username-prohibited-characters": Validators.DoIgnoreEmpty & Validators.ErrorMessage;
+    /** Made up validator that only exists in Keycloakify */
+    _compareToOther: Validators.DoIgnoreEmpty &
+        Validators.ErrorMessage & {
+            name: string;
+            shouldBe: "equal" | "different";
+        };
+    options: Validators.Options;
+}>;
 
+export declare namespace Validators {
+    export type DoIgnoreEmpty = {
+        "ignore.empty.value"?: boolean;
+    };
 
+    export type ErrorMessage = {
+        "error-message"?: string;
+    };
+
+    export type Range = {
+        /** "0", "1", "2"... yeah I know, don't tell me */
+        min?: `${number}`;
+        max?: `${number}`;
+    };
+    export type Options = {
+        options: string[];
+    };
+}
+
+assert<Equals<KcContextBase["pageId"], PageId>>();

src/lib/getKcContext/getKcContext.ts

@@ -1,86 +1,131 @@
-
-import type { KcContextBase } from "./KcContextBase";
+import type { KcContextBase, Attribute } from "./KcContextBase";
 import { kcContextMocks, kcContextCommonMock } from "./kcContextMocks";
-import { ftlValuesGlobalName } from "../../bin/build-keycloak-theme/ftlValuesGlobalName";
-import type { AndByDiscriminatingKey } from "../tools/AndByDiscriminatingKey";
 import type { DeepPartial } from "../tools/DeepPartial";
 import { deepAssign } from "../tools/deepAssign";
+import { id } from "tsafe/id";
+import { exclude } from "tsafe/exclude";
+import { assert } from "tsafe/assert";
+import type { ExtendsKcContextBase } from "./getKcContextFromWindow";
+import { getKcContextFromWindow } from "./getKcContextFromWindow";
+import { pathJoin } from "../../bin/tools/pathJoin";
+import { pathBasename } from "../tools/pathBasename";
+import { mockTestingResourcesCommonPath } from "../../bin/mockTestingResourcesPath";
+import { symToStr } from "tsafe/symToStr";
 
+export function getKcContext<KcContextExtended extends { pageId: string } = never>(params?: {
+    mockPageId?: ExtendsKcContextBase<KcContextExtended>["pageId"];
+    mockData?: readonly DeepPartial<ExtendsKcContextBase<KcContextExtended>>[];
+}): { kcContext: ExtendsKcContextBase<KcContextExtended> | undefined } {
+    const { mockPageId, mockData } = params ?? {};
 
-export type ExtendsKcContextBase<
-	KcContextExtended extends { pageId: string; }
-	> =
-	[KcContextExtended] extends [never] ?
-	KcContextBase :
-	AndByDiscriminatingKey<
-		"pageId",
-		KcContextExtended & KcContextBase.Common,
-		KcContextBase
-	>;
+    const realKcContext = getKcContextFromWindow<KcContextExtended>();
 
-export function getKcContext<KcContextExtended extends { pageId: string; } = never>(
-	params?: {
-		mockPageId?: ExtendsKcContextBase<KcContextExtended>["pageId"];
-		mockData?: readonly DeepPartial<ExtendsKcContextBase<KcContextExtended>>[];
-	}
-): { kcContext: ExtendsKcContextBase<KcContextExtended> | undefined; } {
+    if (mockPageId !== undefined && realKcContext === undefined) {
+        //TODO maybe trow if no mock fo custom page
 
-	const {
-		mockPageId,
-		mockData
-	} = params ?? {};
+        console.log(
+            [
+                `%cKeycloakify: ${symToStr({ mockPageId })} set to ${mockPageId}.`,
+                `If assets are missing make sure you have built your Keycloak theme at least once.`
+            ].join(" "),
+            "background: red; color: yellow; font-size: medium"
+        );
 
-	if (mockPageId !== undefined) {
+        const kcContextDefaultMock = kcContextMocks.find(({ pageId }) => pageId === mockPageId);
 
-		//TODO maybe trow if no mock fo custom page
+        const partialKcContextCustomMock = mockData?.find(({ pageId }) => pageId === mockPageId);
 
-		const kcContextDefaultMock = kcContextMocks.find(({ pageId }) => pageId === mockPageId);
+        if (kcContextDefaultMock === undefined && partialKcContextCustomMock === undefined) {
+            console.warn(
+                [
+                    `WARNING: You declared the non build in page ${mockPageId} but you didn't `,
+                    `provide mock data needed to debug the page outside of Keycloak as you are trying to do now.`,
+                    `Please check the documentation of the getKcContext function`
+                ].join("\n")
+            );
+        }
 
-		const partialKcContextCustomMock = mockData?.find(({ pageId }) => pageId === mockPageId);
+        const kcContext: any = {};
 
-		if (
-			kcContextDefaultMock === undefined &&
-			partialKcContextCustomMock === undefined
-		) {
+        deepAssign({
+            "target": kcContext,
+            "source": kcContextDefaultMock !== undefined ? kcContextDefaultMock : { "pageId": mockPageId, ...kcContextCommonMock }
+        });
 
-			console.warn([
-				`WARNING: You declared the non build in page ${mockPageId} but you didn't `,
-				`provide mock data needed to debug the page outside of Keycloak as you are trying to do now.`,
-				`Please check the documentation of the getKcContext function`
-			].join("\n"));
+        if (partialKcContextCustomMock !== undefined) {
+            deepAssign({
+                "target": kcContext,
+                "source": partialKcContextCustomMock
+            });
 
-		}
+            if (
+                partialKcContextCustomMock.pageId === "register-user-profile.ftl" ||
+                partialKcContextCustomMock.pageId === "update-user-profile.ftl" ||
+                partialKcContextCustomMock.pageId === "idp-review-user-profile.ftl"
+            ) {
+                assert(
+                    kcContextDefaultMock?.pageId === "register-user-profile.ftl" ||
+                        kcContextDefaultMock?.pageId === "update-user-profile.ftl" ||
+                        kcContextDefaultMock?.pageId === "idp-review-user-profile.ftl"
+                );
 
-		const kcContext: any = {};
+                const { attributes } = kcContextDefaultMock.profile;
 
-		deepAssign({
-			"target": kcContext,
-			"source": kcContextDefaultMock !== undefined ?
-				kcContextDefaultMock :
-				{ "pageId": mockPageId, ...kcContextCommonMock,  }
-		});
+                id<KcContextBase.RegisterUserProfile>(kcContext).profile.attributes = [];
+                id<KcContextBase.RegisterUserProfile>(kcContext).profile.attributesByName = {};
 
-		if (partialKcContextCustomMock !== undefined) {
+                const partialAttributes = [
+                    ...((partialKcContextCustomMock as DeepPartial<KcContextBase.RegisterUserProfile>).profile?.attributes ?? [])
+                ].filter(exclude(undefined));
 
-			deepAssign({
-				"target": kcContext,
-				"source": partialKcContextCustomMock
-			});
+                attributes.forEach(attribute => {
+                    const partialAttribute = partialAttributes.find(({ name }) => name === attribute.name);
 
-		}
+                    const augmentedAttribute: Attribute = {} as any;
 
-		return { kcContext };
+                    deepAssign({
+                        "target": augmentedAttribute,
+                        "source": attribute
+                    });
 
-	}
+                    if (partialAttribute !== undefined) {
+                        partialAttributes.splice(partialAttributes.indexOf(partialAttribute), 1);
 
-	return {
-		"kcContext":
-			typeof window === "undefined" ?
-				undefined :
-				(window as any)[ftlValuesGlobalName]
-	};
+                        deepAssign({
+                            "target": augmentedAttribute,
+                            "source": partialAttribute
+                        });
+                    }
 
+                    id<KcContextBase.RegisterUserProfile>(kcContext).profile.attributes.push(augmentedAttribute);
+                    id<KcContextBase.RegisterUserProfile>(kcContext).profile.attributesByName[augmentedAttribute.name] = augmentedAttribute;
+                });
+
+                partialAttributes
+                    .map(partialAttribute => ({ "validators": {}, ...partialAttribute }))
+                    .forEach(partialAttribute => {
+                        const { name } = partialAttribute;
+
+                        assert(name !== undefined, "If you define a mock attribute it must have at least a name");
+
+                        id<KcContextBase.RegisterUserProfile>(kcContext).profile.attributes.push(partialAttribute as any);
+                        id<KcContextBase.RegisterUserProfile>(kcContext).profile.attributesByName[name] = partialAttribute as any;
+                    });
+            }
+        }
+
+        return { kcContext };
+    }
+
+    if (realKcContext === undefined) {
+        return { "kcContext": undefined };
+    }
+
+    {
+        const { url } = realKcContext;
+
+        url.resourcesCommonPath = pathJoin(url.resourcesPath, pathBasename(mockTestingResourcesCommonPath));
+    }
+
+    return { "kcContext": realKcContext };
 }
-
-
-

src/lib/getKcContext/getKcContextFromWindow.ts

@@ -0,0 +1,11 @@
+import type { KcContextBase } from "./KcContextBase";
+import type { AndByDiscriminatingKey } from "../tools/AndByDiscriminatingKey";
+import { ftlValuesGlobalName } from "../../bin/keycloakify/ftlValuesGlobalName";
+
+export type ExtendsKcContextBase<KcContextExtended extends { pageId: string }> = [KcContextExtended] extends [never]
+    ? KcContextBase
+    : AndByDiscriminatingKey<"pageId", KcContextExtended & KcContextBase.Common, KcContextBase>;
+
+export function getKcContextFromWindow<KcContextExtended extends { pageId: string } = never>(): ExtendsKcContextBase<KcContextExtended> | undefined {
+    return typeof window === "undefined" ? undefined : (window as any)[ftlValuesGlobalName];
+}

src/lib/getKcContext/index.ts

@@ -1,2 +1,3 @@
-export type { KcContextBase } from "./KcContextBase";
-export { getKcContext } from "./getKcContext";
+export type { KcContextBase, Attribute, Validators } from "./KcContextBase";
+export type { ExtendsKcContextBase } from "./getKcContextFromWindow";
+export { getKcContext } from "./getKcContext";

src/lib/getKcContext/kcContextMocks/index.ts

@@ -1 +1 @@
-export * from "./kcContextMocks";
+export * from "./kcContextMocks";

src/lib/getKcContext/kcContextMocks/kcContextMocks.ts

@@ -1,261 +1,497 @@
-
-import type { KcContextBase } from "../KcContextBase";
-import { getEvtKcLanguage } from "../../i18n/useKcLanguageTag";
-import { getKcLanguageTagLabel } from "../../i18n/KcLanguageTag";
+import "minimal-polyfills/Object.fromEntries";
+import type { KcContextBase, Attribute } from "../KcContextBase";
 //NOTE: Aside because we want to be able to import them from node
-import { resourcesCommonPath, resourcesPath } from "./urlResourcesPath";
+import { mockTestingResourcesCommonPath, mockTestingResourcesPath } from "../../../bin/mockTestingResourcesPath";
 import { id } from "tsafe/id";
-import { join as pathJoin } from "path";
+import { pathJoin } from "../../../bin/tools/pathJoin";
 
 const PUBLIC_URL = process.env["PUBLIC_URL"] ?? "/";
 
+const attributes: Attribute[] = [
+    {
+        "validators": {
+            "username-prohibited-characters": {
+                "ignore.empty.value": true
+            },
+            "up-username-has-value": {},
+            "length": {
+                "ignore.empty.value": true,
+                "min": "3",
+                "max": "255"
+            },
+            "up-duplicate-username": {},
+            "up-username-mutation": {}
+        },
+        "displayName": "${username}",
+        "annotations": {},
+        "required": true,
+        "groupAnnotations": {},
+        "autocomplete": "username",
+        "readOnly": false,
+        "name": "username",
+        "value": "xxxx"
+    },
+    {
+        "validators": {
+            "up-email-exists-as-username": {},
+            "length": {
+                "max": "255",
+                "ignore.empty.value": true
+            },
+            "up-blank-attribute-value": {
+                "error-message": "missingEmailMessage",
+                "fail-on-null": false
+            },
+            "up-duplicate-email": {},
+            "email": {
+                "ignore.empty.value": true
+            },
+            "pattern": {
+                "ignore.empty.value": true,
+                "pattern": "gmail\\.com$"
+            }
+        },
+        "displayName": "${email}",
+        "annotations": {},
+        "required": true,
+        "groupAnnotations": {},
+        "autocomplete": "email",
+        "readOnly": false,
+        "name": "email"
+    },
+    {
+        "validators": {
+            "length": {
+                "max": "255",
+                "ignore.empty.value": true
+            },
+            "person-name-prohibited-characters": {
+                "ignore.empty.value": true
+            },
+            "up-immutable-attribute": {},
+            "up-attribute-required-by-metadata-value": {}
+        },
+        "displayName": "${firstName}",
+        "annotations": {},
+        "required": true,
+        "groupAnnotations": {},
+        "readOnly": false,
+        "name": "firstName"
+    },
+    {
+        "validators": {
+            "length": {
+                "max": "255",
+                "ignore.empty.value": true
+            },
+            "person-name-prohibited-characters": {
+                "ignore.empty.value": true
+            },
+            "up-immutable-attribute": {},
+            "up-attribute-required-by-metadata-value": {}
+        },
+        "displayName": "${lastName}",
+        "annotations": {},
+        "required": true,
+        "groupAnnotations": {},
+        "readOnly": false,
+        "name": "lastName"
+    }
+];
+
+const attributesByName = Object.fromEntries(attributes.map(attribute => [attribute.name, attribute])) as any;
+
 export const kcContextCommonMock: KcContextBase.Common = {
-	"url": {
-		"loginAction": "#",
-		"resourcesPath": pathJoin(PUBLIC_URL, resourcesPath),
-		"resourcesCommonPath": pathJoin(PUBLIC_URL, resourcesCommonPath),
-		"loginRestartFlowUrl": "/auth/realms/myrealm/login-actions/restart?client_id=account&tab_id=HoAx28ja4xg",
-		"loginUrl": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg",
-	},
-	"realm": {
-		"displayName": "myrealm",
-		"displayNameHtml": "myrealm",
-		"internationalizationEnabled": true,
-		"registrationEmailAsUsername": true,
-	},
-	"locale": {
-		"supported": [
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=de",
-				"languageTag": "de"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=no",
-				"languageTag": "no"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=ru",
-				"languageTag": "ru"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=sv",
-				"languageTag": "sv"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=pt-BR",
-				"languageTag": "pt-BR"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=lt",
-				"languageTag": "lt"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=en",
-				"languageTag": "en"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=it",
-				"languageTag": "it"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=fr",
-				"languageTag": "fr"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=zh-CN",
-				"languageTag": "zh-CN"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=es",
-				"languageTag": "es"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=cs",
-				"languageTag": "cs"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=ja",
-				"languageTag": "ja"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=sk",
-				"languageTag": "sk"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=pl",
-				"languageTag": "pl"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=ca",
-				"languageTag": "ca"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=nl",
-				"languageTag": "nl"
-			},
-			{
-				"url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=tr",
-				"languageTag": "tr"
-			}
-		],
-		//"current": null as any
-		"current": "English"
-	},
-	"auth": {
-		"showUsername": false,
-		"showResetCredentials": false,
-		"showTryAnotherWayLink": false
-	},
-	"client": {
-		"clientId": "myApp"
-	},
-	"scripts": [],
-	"message": {
-		"type": "success",
-		"summary": "This is a test message"
-	},
-	"isAppInitiatedAction": false,
+    "url": {
+        "loginAction": "#",
+        "resourcesPath": pathJoin(PUBLIC_URL, mockTestingResourcesPath),
+        "resourcesCommonPath": pathJoin(PUBLIC_URL, mockTestingResourcesCommonPath),
+        "loginRestartFlowUrl": "/auth/realms/myrealm/login-actions/restart?client_id=account&tab_id=HoAx28ja4xg",
+        "loginUrl": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg"
+    },
+    "realm": {
+        "name": "myrealm",
+        "displayName": "myrealm",
+        "displayNameHtml": "myrealm",
+        "internationalizationEnabled": true,
+        "registrationEmailAsUsername": false
+    },
+    "messagesPerField": {
+        "printIfExists": (...[, x]) => x,
+        "existsError": () => true,
+        "get": key => `Fake error for ${key}`,
+        "exists": () => true
+    },
+    "locale": {
+        "supported": [
+            /* spell-checker: disable */
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=de",
+                "label": "Deutsch",
+                "languageTag": "de"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=no",
+                "label": "Norsk",
+                "languageTag": "no"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=ru",
+                "label": "Русский",
+                "languageTag": "ru"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=sv",
+                "label": "Svenska",
+                "languageTag": "sv"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=pt-BR",
+                "label": "Português (Brasil)",
+                "languageTag": "pt-BR"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=lt",
+                "label": "Lietuvių",
+                "languageTag": "lt"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=en",
+                "label": "English",
+                "languageTag": "en"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=it",
+                "label": "Italiano",
+                "languageTag": "it"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=fr",
+                "label": "Français",
+                "languageTag": "fr"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=zh-CN",
+                "label": "中文简体",
+                "languageTag": "zh-CN"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=es",
+                "label": "Español",
+                "languageTag": "es"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=cs",
+                "label": "Čeština",
+                "languageTag": "cs"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=ja",
+                "label": "日本語",
+                "languageTag": "ja"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=sk",
+                "label": "Slovenčina",
+                "languageTag": "sk"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=pl",
+                "label": "Polski",
+                "languageTag": "pl"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=ca",
+                "label": "Català",
+                "languageTag": "ca"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=nl",
+                "label": "Nederlands",
+                "languageTag": "nl"
+            },
+            {
+                "url": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg&execution=ee6c2834-46a4-4a20-a1b6-f6d6f6451b36&kc_locale=tr",
+                "label": "Türkçe",
+                "languageTag": "tr"
+            }
+            /* spell-checker: enable */
+        ],
+        "currentLanguageTag": "en"
+    },
+    "auth": {
+        "showUsername": false,
+        "showResetCredentials": false,
+        "showTryAnotherWayLink": false
+    },
+    "client": {
+        "clientId": "myApp"
+    },
+    "scripts": [],
+    "message": {
+        "type": "success",
+        "summary": "This is a test message"
+    },
+    "isAppInitiatedAction": false
 };
 
-
-Object.defineProperty(
-	kcContextCommonMock.locale!,
-	"current",
-	{
-		"get": () => getKcLanguageTagLabel(getEvtKcLanguage().state),
-		"enumerable": true
-	}
-);
-
 const loginUrl = {
-	...kcContextCommonMock.url,
-	"loginResetCredentialsUrl": "/auth/realms/myrealm/login-actions/reset-credentials?client_id=account&tab_id=HoAx28ja4xg",
-	"registrationUrl": "/auth/realms/myrealm/login-actions/registration?client_id=account&tab_id=HoAx28ja4xg"
+    ...kcContextCommonMock.url,
+    "loginResetCredentialsUrl": "/auth/realms/myrealm/login-actions/reset-credentials?client_id=account&tab_id=HoAx28ja4xg",
+    "registrationUrl": "/auth/realms/myrealm/login-actions/registration?client_id=account&tab_id=HoAx28ja4xg"
 };
 
 export const kcContextMocks: KcContextBase[] = [
-	id<KcContextBase.Login>({
-		...kcContextCommonMock,
-		"pageId": "login.ftl",
-		"url": loginUrl,
-		"realm": {
-			...kcContextCommonMock.realm,
-			"loginWithEmailAllowed": true,
-			"rememberMe": true,
-			"password": true,
-			"resetPasswordAllowed": true,
-			"registrationAllowed": true
-		},
-		"auth": kcContextCommonMock.auth!,
-		"social": {
-			"displayInfo": true
-		},
-		"usernameEditDisabled": false,
-		"login": {
-			"rememberMe": false
-		},
-		"registrationDisabled": false,
+    id<KcContextBase.Login>({
+        ...kcContextCommonMock,
+        "pageId": "login.ftl",
+        "url": loginUrl,
+        "realm": {
+            ...kcContextCommonMock.realm,
+            "loginWithEmailAllowed": true,
+            "rememberMe": true,
+            "password": true,
+            "resetPasswordAllowed": true,
+            "registrationAllowed": true
+        },
+        "auth": kcContextCommonMock.auth!,
+        "social": {
+            "displayInfo": true
+        },
+        "usernameEditDisabled": false,
+        "login": {
+            "rememberMe": false
+        },
+        "registrationDisabled": false
+    }),
+    ...(() => {
+        const registerCommon: KcContextBase.RegisterCommon = {
+            ...kcContextCommonMock,
+            "url": {
+                ...loginUrl,
+                "registrationAction":
+                    "http://localhost:8080/auth/realms/myrealm/login-actions/registration?session_code=gwZdUeO7pbYpFTRxiIxRg_QtzMbtFTKrNu6XW_f8asM&execution=12146ce0-b139-4bbd-b25b-0eccfee6577e&client_id=account&tab_id=uS8lYfebLa0"
+            },
+            "scripts": [],
+            "isAppInitiatedAction": false,
+            "passwordRequired": true,
+            "recaptchaRequired": false,
+            "social": {
+                "displayInfo": true
+            }
+        };
 
-	}),
-	id<KcContextBase.Register>({
-		...kcContextCommonMock,
-		"pageId": "register.ftl",
-		"url": {
-			...loginUrl,
-			"registrationAction": "http://localhost:8080/auth/realms/myrealm/login-actions/registration?session_code=gwZdUeO7pbYpFTRxiIxRg_QtzMbtFTKrNu6XW_f8asM&execution=12146ce0-b139-4bbd-b25b-0eccfee6577e&client_id=account&tab_id=uS8lYfebLa0"
-		},
-		"messagesPerField": {
-			"printIfExists": (...[, x]) => x
-		},
-		"scripts": [],
-		"isAppInitiatedAction": false,
-		"register": {
-			"formData": {}
-		},
-		"passwordRequired": true,
-		"recaptchaRequired": false,
-		"social": {
-			"displayInfo": true
-		},
-
-	}),
-	id<KcContextBase.Info>({
-		...kcContextCommonMock,
-		"pageId": "info.ftl",
-		"messageHeader": "<Message header>",
-		"requiredActions": undefined,
-		"skipLink": false,
-		"actionUri": "#",
-		"client": {
-			"clientId": "myApp",
-			"baseUrl": "#"
-		}
-
-	}),
-	id<KcContextBase.Error>({
-		...kcContextCommonMock,
-		"pageId": "error.ftl",
-		"client": {
-			"clientId": "myApp",
-			"baseUrl": "#"
-		},
-		"message": {
-			"type": "error",
-			"summary": "This is the error message"
-		}
-	}),
-	id<KcContextBase.LoginResetPassword>({
-		...kcContextCommonMock,
-		"pageId": "login-reset-password.ftl",
-		"realm": {
-			...kcContextCommonMock.realm,
-			"loginWithEmailAllowed": false
-		}
-
-	}),
-	id<KcContextBase.LoginVerifyEmail>({
-		...kcContextCommonMock,
-		"pageId": "login-verify-email.ftl"
-	}),
-	id<KcContextBase.Terms>({
-		...kcContextCommonMock,
-		"pageId": "terms.ftl"
-
-	}),
-	id<KcContextBase.LoginOtp>({
-		...kcContextCommonMock,
-		"pageId": "login-otp.ftl",
-		"otpLogin": {
-			"userOtpCredentials": [
-				{
-					"id": "id1",
-					"userLabel": "label1"
-				},
-				{
-					"id": "id2",
-					"userLabel": "label2"
-				}
-			]
-		}
-
-	}),
-	id<KcContextBase.LoginUpdateProfile>({
-		...kcContextCommonMock,
-		"pageId": "login-update-profile.ftl",
-		"user": {
-			"editUsernameAllowed": true,
-			"username": "anUsername",
-			"email": "foo@example.com",
-			"firstName": "aFirstName",
-			"lastName": "aLastName"
-		},
-		"messagesPerField": {
-			"printIfExists": () => undefined
-		}
-	}),
-	id<KcContextBase.LoginIdpLinkConfirm>({
-		...kcContextCommonMock,
-		"pageId": "login-idp-link-confirm.ftl",
-		"idpAlias": "FranceConnect"
-	})
+        return [
+            id<KcContextBase.Register>({
+                "pageId": "register.ftl",
+                ...registerCommon,
+                "register": {
+                    "formData": {}
+                }
+            }),
+            id<KcContextBase.RegisterUserProfile>({
+                "pageId": "register-user-profile.ftl",
+                ...registerCommon,
+                "profile": {
+                    "context": "REGISTRATION_PROFILE" as const,
+                    attributes,
+                    attributesByName
+                }
+            })
+        ];
+    })(),
+    id<KcContextBase.Info>({
+        ...kcContextCommonMock,
+        "pageId": "info.ftl",
+        "messageHeader": "<Message header>",
+        "requiredActions": undefined,
+        "skipLink": false,
+        "actionUri": "#",
+        "client": {
+            "clientId": "myApp",
+            "baseUrl": "#"
+        }
+    }),
+    id<KcContextBase.Error>({
+        ...kcContextCommonMock,
+        "pageId": "error.ftl",
+        "client": {
+            "clientId": "myApp",
+            "baseUrl": "#"
+        },
+        "message": {
+            "type": "error",
+            "summary": "This is the error message"
+        }
+    }),
+    id<KcContextBase.LoginResetPassword>({
+        ...kcContextCommonMock,
+        "pageId": "login-reset-password.ftl",
+        "realm": {
+            ...kcContextCommonMock.realm,
+            "loginWithEmailAllowed": false
+        }
+    }),
+    id<KcContextBase.LoginVerifyEmail>({
+        ...kcContextCommonMock,
+        "pageId": "login-verify-email.ftl",
+        "user": {
+            "email": "john.doe@gmail.com"
+        }
+    }),
+    id<KcContextBase.Terms>({
+        ...kcContextCommonMock,
+        "pageId": "terms.ftl"
+    }),
+    id<KcContextBase.LoginOtp>({
+        ...kcContextCommonMock,
+        "pageId": "login-otp.ftl",
+        "otpLogin": {
+            "userOtpCredentials": [
+                {
+                    "id": "id1",
+                    "userLabel": "label1"
+                },
+                {
+                    "id": "id2",
+                    "userLabel": "label2"
+                }
+            ]
+        }
+    }),
+    id<KcContextBase.LoginUsername>({
+        ...kcContextCommonMock,
+        "pageId": "login-username.ftl",
+        "url": loginUrl,
+        "realm": {
+            ...kcContextCommonMock.realm,
+            "loginWithEmailAllowed": true,
+            "rememberMe": true,
+            "password": true,
+            "resetPasswordAllowed": true,
+            "registrationAllowed": true
+        },
+        "social": {
+            "displayInfo": true
+        },
+        "usernameHidden": false,
+        "login": {
+            "rememberMe": false
+        },
+        "registrationDisabled": false
+    }),
+    id<KcContextBase.LoginPassword>({
+        ...kcContextCommonMock,
+        "pageId": "login-password.ftl",
+        "url": loginUrl,
+        "realm": {
+            ...kcContextCommonMock.realm,
+            "resetPasswordAllowed": true
+        },
+        "social": {
+            "displayInfo": false
+        },
+        "login": {}
+    }),
+    id<KcContextBase.WebauthnAuthenticate>({
+        ...kcContextCommonMock,
+        "pageId": "webauthn-authenticate.ftl",
+        "url": loginUrl,
+        "authenticators": {
+            "authenticators": []
+        },
+        "realm": {
+            ...kcContextCommonMock.realm
+        },
+        "challenge": "",
+        "userVerification": "not specified",
+        "rpId": "",
+        "createTimeout": "0",
+        "isUserIdentified": "false",
+        "shouldDisplayAuthenticators": false,
+        "social": {
+            "displayInfo": false
+        },
+        "login": {}
+    }),
+    id<KcContextBase.LoginUpdatePassword>({
+        ...kcContextCommonMock,
+        "pageId": "login-update-password.ftl",
+        "username": "anUsername"
+    }),
+    id<KcContextBase.LoginUpdateProfile>({
+        ...kcContextCommonMock,
+        "pageId": "login-update-profile.ftl",
+        "user": {
+            "editUsernameAllowed": true,
+            "username": "anUsername",
+            "email": "foo@example.com",
+            "firstName": "aFirstName",
+            "lastName": "aLastName"
+        }
+    }),
+    id<KcContextBase.LoginIdpLinkConfirm>({
+        ...kcContextCommonMock,
+        "pageId": "login-idp-link-confirm.ftl",
+        "idpAlias": "FranceConnect"
+    }),
+    id<KcContextBase.LoginIdpLinkEmail>({
+        ...kcContextCommonMock,
+        "pageId": "login-idp-link-email.ftl",
+        "idpAlias": "FranceConnect",
+        "brokerContext": {
+            "username": "anUsername"
+        }
+    }),
+    id<KcContextBase.LoginConfigTotp>({
+        ...kcContextCommonMock,
+        "pageId": "login-config-totp.ftl",
+        totp: {
+            totpSecretEncoded: "KVVF G2BY N4YX S6LB IUYT K2LH IFYE 4SBV",
+            qrUrl: "#",
+            totpSecretQrCode:
+                "iVBORw0KGgoAAAANSUhEUgAAAPYAAAD2AQAAAADNaUdlAAACM0lEQVR4Xu3OIZJgOQwDUDFd2UxiurLAVnnbHw4YGDKtSiWOn4Gxf81//7r/+q8b4HfLGBZDK9d85NmNR+sB42sXvOYrN5P1DcgYYFTGfOlbzE8gzwy3euweGizw7cfdl34/GRhlkxjKNV+5AebPXPORX1JuB9x8ZfbyyD2y1krWAKsbMq1HnqQDaLfa77p4+MqvzEGSqvSAD/2IHW2yHaigR9tX3m8dDIYGcNf3f+gDpVBZbZU77zyJ6Rlcy+qoTMG887KAPD9hsh6a1Sv3gJUHGHUAxSMzj7zqDDe7Phmt2eG+8UsMxjRGm816MAO+8VMl1R1jGHOrZB/5Zo/WXAPgxixm9Mo96vDGrM1eOto8c4Ax4wF437mifOXlpiPzCnN7Y9l95NnEMxgMY9AAGA8fucH14Y1aVb6N/cqrmyh0BVht7k1e+bU8LK0Cg5vmVq9c5vHIjOfqxDIfeTraNVTwewa4wVe+SW5N+uP1qACeudUZbqGOfA6VZV750Noq2Xx3kpveV44ZelSV1V7KFHzkWyVrrlUwG0Pl9pWnoy3vsQoME6vKI69i5osVgwWzHT7zjmJtMcNUSVn1oYMd7ZodbgowZl45VG0uVuLPUr1yc79uaQBag/mqR34xhlWyHm1prplHboCWdZ4TeZjsK8+dI+jbz1C5hl65mcpgB5dhcj8+dGO+0Ko68+lD37JDD83dpDLzzK+TrQyaVwGj6pUboGV+7+AyN8An/pf84/7rv/4/1l4OCc/1BYMAAAAASUVORK5CYII=",
+            manualUrl: "#",
+            totpSecret: "G4nsI8lQagRMUchH8jEG",
+            otpCredentials: [],
+            policy: {
+                supportedApplications: ["FreeOTP", "Google Authenticator"],
+                algorithm: "HmacSHA1",
+                digits: 6,
+                lookAheadWindow: 1,
+                type: "totp",
+                period: 30
+            }
+        }
+    }),
+    id<KcContextBase.LogoutConfirm>({
+        ...kcContextCommonMock,
+        "pageId": "logout-confirm.ftl",
+        "url": {
+            ...kcContextCommonMock.url,
+            "logoutConfirmAction": "Continuer?"
+        },
+        "client": {
+            "clientId": "myApp",
+            "baseUrl": "#"
+        },
+        "logoutConfirm": { "code": "123", skipLink: false }
+    }),
+    id<KcContextBase.UpdateUserProfile>({
+        ...kcContextCommonMock,
+        "pageId": "update-user-profile.ftl",
+        "profile": {
+            attributes,
+            attributesByName
+        }
+    }),
+    id<KcContextBase.IdpReviewUserProfile>({
+        ...kcContextCommonMock,
+        "pageId": "idp-review-user-profile.ftl",
+        "profile": {
+            context: "IDP_REVIEW",
+            attributes,
+            attributesByName
+        }
+    })
 ];

src/lib/getKcContext/kcContextMocks/urlResourcesPath.ts

@@ -1,6 +0,0 @@
-
-import { join as pathJoin } from "path";
-
-export const subDirOfPublicDirBasename = "keycloak_static";
-export const resourcesPath = pathJoin(subDirOfPublicDirBasename, "/resources");
-export const resourcesCommonPath = pathJoin(subDirOfPublicDirBasename, "/resources_common");

src/lib/i18n/KcLanguageTag.ts

@@ -1,72 +0,0 @@
-
-import { objectKeys } from "tsafe/objectKeys";
-import { kcMessages } from "./kcMessages/login";
-
-export type KcLanguageTag = keyof typeof kcMessages;
-
-export type LanguageLabel =
-    /* spell-checker: disable */
-    "Deutsch" | "Norsk" | "Русский" | "Svenska" | "Português (Brasil)" | "Lietuvių" |
-    "English" | "Italiano" | "Français" | "中文简体" | "Español" | "Čeština" | "日本語" |
-    "Slovenčina" | "Polski" | "Català" | "Nederlands" | "Türkçe";
-/* spell-checker: enable */
-
-export function getKcLanguageTagLabel(language: KcLanguageTag): LanguageLabel {
-
-    switch (language) {
-        /* spell-checker: disable */
-        case "es": return "Español";
-        case "it": return "Italiano";
-        case "fr": return "Français";
-        case "ca": return "Català";
-        case "en": return "English";
-        case "de": return "Deutsch";
-        case "no": return "Norsk";
-        case "pt-BR": return "Português (Brasil)";
-        case "ru": return "Русский";
-        case "sk": return "Slovenčina";
-        case "ja": return "日本語";
-        case "pl": return "Polski";
-        case "zh-CN": return "中文简体"
-        case "sv": return "Svenska";
-        case "lt": return "Lietuvių";
-        case "cs": return "Čeština";
-        case "nl": return "Nederlands";
-        case "tr": return "Türkçe";
-        /* spell-checker: enable */
-    }
-
-    return language;
-
-}
-
-const availableLanguages = objectKeys(kcMessages);
-
-/** 
- * Pass in "fr-FR" or "français" for example, it will return the AvailableLanguage
- * it corresponds to: "fr". 
- * If there is no reasonable match it's guessed from navigator.language.
- * If still no matches "en" is returned.
-*/
-export function getBestMatchAmongKcLanguageTag(
-    languageLike: string
-): KcLanguageTag {
-
-    const iso2LanguageLike = languageLike.split("-")[0].toLowerCase();
-
-    const kcLanguageTag = availableLanguages.find(language =>
-        language.toLowerCase().includes(iso2LanguageLike) ||
-        getKcLanguageTagLabel(language).toLocaleLowerCase() === languageLike.toLocaleLowerCase()
-    );
-
-    if (kcLanguageTag !== undefined) {
-        return kcLanguageTag;
-    }
-
-    if (languageLike !== navigator.language) {
-        return getBestMatchAmongKcLanguageTag(navigator.language);
-    }
-
-    return "en";
-}
-

src/lib/i18n/generated_kcMessages/admin.ts

@@ -1,244 +0,0 @@
-//This code was automatically generated by running dist/bin/generate-i18n-messages.js
-//PLEASE DO NOT EDIT MANUALLY
-
-/* spell-checker: disable */
-export const kcMessages= {
-  "ca": {
-    "invalidPasswordHistoryMessage": "Contrasenya incorrecta: no pot ser igual a cap de les últimes {0} contrasenyes.",
-    "invalidPasswordMinDigitsMessage": "Contraseña incorrecta: debe contener al menos {0} caracteres numéricos.",
-    "invalidPasswordMinLengthMessage": "Contrasenya incorrecta: longitud mínima {0}.",
-    "invalidPasswordMinLowerCaseCharsMessage": "Contrasenya incorrecta: ha de contenir almenys {0} lletres minúscules.",
-    "invalidPasswordMinSpecialCharsMessage": "Contrasenya incorrecta: ha de contenir almenys {0} caràcters especials.",
-    "invalidPasswordMinUpperCaseCharsMessage": "Contrasenya incorrecta: ha de contenir almenys {0} lletres majúscules.",
-    "invalidPasswordNotUsernameMessage": "Contrasenya incorrecta: no pot ser igual al nom d'usuari.",
-    "invalidPasswordRegexPatternMessage": "Contrasenya incorrecta: no compleix l'expressió regular."
-  },
-  "de": {
-    "invalidPasswordMinLengthMessage": "Ungültiges Passwort: muss mindestens {0} Zeichen beinhalten.",
-    "invalidPasswordMinLowerCaseCharsMessage": "Ungültiges Passwort: muss mindestens {0} Kleinbuchstaben beinhalten.",
-    "invalidPasswordMinDigitsMessage": "Ungültiges Passwort: muss mindestens {0} Ziffern beinhalten.",
-    "invalidPasswordMinUpperCaseCharsMessage": "Ungültiges Passwort: muss mindestens {0} Großbuchstaben beinhalten.",
-    "invalidPasswordMinSpecialCharsMessage": "Ungültiges Passwort: muss mindestens {0} Sonderzeichen beinhalten.",
-    "invalidPasswordNotUsernameMessage": "Ungültiges Passwort: darf nicht identisch mit dem Benutzernamen sein.",
-    "invalidPasswordRegexPatternMessage": "Ungültiges Passwort: stimmt nicht mit Regex-Muster überein.",
-    "invalidPasswordHistoryMessage": "Ungültiges Passwort: darf nicht identisch mit einem der letzten {0} Passwörter sein.",
-    "invalidPasswordBlacklistedMessage": "Ungültiges Passwort: Passwort ist zu bekannt und auf der schwarzen Liste.",
-    "invalidPasswordGenericMessage": "Ungültiges Passwort: neues Passwort erfüllt die Passwort-Anforderungen nicht."
-  },
-  "en": {
-    "invalidPasswordMinLengthMessage": "Invalid password: minimum length {0}.",
-    "invalidPasswordMinLowerCaseCharsMessage": "Invalid password: must contain at least {0} lower case characters.",
-    "invalidPasswordMinDigitsMessage": "Invalid password: must contain at least {0} numerical digits.",
-    "invalidPasswordMinUpperCaseCharsMessage": "Invalid password: must contain at least {0} upper case characters.",
-    "invalidPasswordMinSpecialCharsMessage": "Invalid password: must contain at least {0} special characters.",
-    "invalidPasswordNotUsernameMessage": "Invalid password: must not be equal to the username.",
-    "invalidPasswordRegexPatternMessage": "Invalid password: fails to match regex pattern(s).",
-    "invalidPasswordHistoryMessage": "Invalid password: must not be equal to any of last {0} passwords.",
-    "invalidPasswordBlacklistedMessage": "Invalid password: password is blacklisted.",
-    "invalidPasswordGenericMessage": "Invalid password: new password does not match password policies.",
-    "ldapErrorInvalidCustomFilter": "Custom configured LDAP filter does not start with \"(\" or does not end with \")\".",
-    "ldapErrorConnectionTimeoutNotNumber": "Connection Timeout must be a number",
-    "ldapErrorReadTimeoutNotNumber": "Read Timeout must be a number",
-    "ldapErrorMissingClientId": "Client ID needs to be provided in config when Realm Roles Mapping is not used.",
-    "ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType": "Not possible to preserve group inheritance and use UID membership type together.",
-    "ldapErrorCantWriteOnlyForReadOnlyLdap": "Can not set write only when LDAP provider mode is not WRITABLE",
-    "ldapErrorCantWriteOnlyAndReadOnly": "Can not set write-only and read-only together",
-    "ldapErrorCantEnableStartTlsAndConnectionPooling": "Can not enable both StartTLS and connection pooling.",
-    "ldapErrorCantEnableUnsyncedAndImportOff": "Can not disable Importing users when LDAP provider mode is UNSYNCED",
-    "ldapErrorMissingGroupsPathGroup": "Groups path group does not exist - please create the group on specified path first",
-    "clientRedirectURIsFragmentError": "Redirect URIs must not contain an URI fragment",
-    "clientRootURLFragmentError": "Root URL must not contain an URL fragment",
-    "clientRootURLIllegalSchemeError": "Root URL uses an illegal scheme",
-    "clientBaseURLIllegalSchemeError": "Base URL uses an illegal scheme",
-    "clientRedirectURIsIllegalSchemeError": "A redirect URI uses an illegal scheme",
-    "clientBaseURLInvalid": "Base URL is not a valid URL",
-    "clientRootURLInvalid": "Root URL is not a valid URL",
-    "clientRedirectURIsInvalid": "A redirect URI is not a valid URI",
-    "pairwiseMalformedClientRedirectURI": "Client contained an invalid redirect URI.",
-    "pairwiseClientRedirectURIsMissingHost": "Client redirect URIs must contain a valid host component.",
-    "pairwiseClientRedirectURIsMultipleHosts": "Without a configured Sector Identifier URI, client redirect URIs must not contain multiple host components.",
-    "pairwiseMalformedSectorIdentifierURI": "Malformed Sector Identifier URI.",
-    "pairwiseFailedToGetRedirectURIs": "Failed to get redirect URIs from the Sector Identifier URI.",
-    "pairwiseRedirectURIsMismatch": "Client redirect URIs does not match redirect URIs fetched from the Sector Identifier URI."
-  },
-  "es": {
-    "invalidPasswordMinLengthMessage": "Contraseña incorrecta: longitud mínima {0}.",
-    "invalidPasswordMinLowerCaseCharsMessage": "Contraseña incorrecta: debe contener al menos {0} letras minúsculas.",
-    "invalidPasswordMinDigitsMessage": "Contraseña incorrecta: debe contener al menos {0} caracteres numéricos.",
-    "invalidPasswordMinUpperCaseCharsMessage": "Contraseña incorrecta: debe contener al menos {0} letras mayúsculas.",
-    "invalidPasswordMinSpecialCharsMessage": "Contraseña incorrecta: debe contener al menos {0} caracteres especiales.",
-    "invalidPasswordNotUsernameMessage": "Contraseña incorrecta: no puede ser igual al nombre de usuario.",
-    "invalidPasswordRegexPatternMessage": "Contraseña incorrecta: no cumple la expresión regular.",
-    "invalidPasswordHistoryMessage": "Contraseña incorrecta: no puede ser igual a ninguna de las últimas {0} contraseñas."
-  },
-  "fr": {
-    "invalidPasswordMinLengthMessage": "Mot de passe invalide : longueur minimale requise de {0}.",
-    "invalidPasswordMinLowerCaseCharsMessage": "Mot de passe invalide : doit contenir au moins {0} lettre(s) en minuscule.",
-    "invalidPasswordMinDigitsMessage": "Mot de passe invalide : doit contenir au moins {0} chiffre(s).",
-    "invalidPasswordMinUpperCaseCharsMessage": "Mot de passe invalide : doit contenir au moins {0} lettre(s) en majuscule.",
-    "invalidPasswordMinSpecialCharsMessage": "Mot de passe invalide : doit contenir au moins {0} caractère(s) spéciaux.",
-    "invalidPasswordNotUsernameMessage": "Mot de passe invalide : ne doit pas être identique au nom d'utilisateur.",
-    "invalidPasswordRegexPatternMessage": "Mot de passe invalide : ne valide pas l'expression rationnelle.",
-    "invalidPasswordHistoryMessage": "Mot de passe invalide : ne doit pas être égal aux {0} derniers mot de passe."
-  },
-  "it": {},
-  "ja": {
-    "invalidPasswordMinLengthMessage": "無効なパスワード: 最小{0}の長さが必要です。",
-    "invalidPasswordMinLowerCaseCharsMessage": "無効なパスワード: 少なくとも{0}文字の小文字を含む必要があります。",
-    "invalidPasswordMinDigitsMessage": "無効なパスワード: 少なくとも{0}文字の数字を含む必要があります。",
-    "invalidPasswordMinUpperCaseCharsMessage": "無効なパスワード: 少なくとも{0}文字の大文字を含む必要があります。",
-    "invalidPasswordMinSpecialCharsMessage": "無効なパスワード: 少なくとも{0}文字の特殊文字を含む必要があります。",
-    "invalidPasswordNotUsernameMessage": "無効なパスワード: ユーザー名と同じパスワードは禁止されています。",
-    "invalidPasswordRegexPatternMessage": "無効なパスワード: 正規表現パターンと一致しません。",
-    "invalidPasswordHistoryMessage": "無効なパスワード: 最近の{0}パスワードのいずれかと同じパスワードは禁止されています。",
-    "invalidPasswordBlacklistedMessage": "無効なパスワード: パスワードがブラックリストに含まれています。",
-    "invalidPasswordGenericMessage": "無効なパスワード: 新しいパスワードはパスワード・ポリシーと一致しません。",
-    "ldapErrorInvalidCustomFilter": "LDAPフィルターのカスタム設定が、「(」から開始または「)」で終了となっていません。",
-    "ldapErrorConnectionTimeoutNotNumber": "接続タイムアウトは数字でなければなりません",
-    "ldapErrorReadTimeoutNotNumber": "読み取りタイムアウトは数字でなければなりません",
-    "ldapErrorMissingClientId": "レルムロール・マッピングを使用しない場合は、クライアントIDは設定内で提供される必要があります。",
-    "ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType": "グループの継承を維持することと、UIDメンバーシップ・タイプを使用することは同時にできません。",
-    "ldapErrorCantWriteOnlyForReadOnlyLdap": "LDAPプロバイダー・モードがWRITABLEではない場合は、write onlyを設定することはできません。",
-    "ldapErrorCantWriteOnlyAndReadOnly": "write-onlyとread-onlyを一緒に設定することはできません。",
-    "ldapErrorCantEnableStartTlsAndConnectionPooling": "StartTLSと接続プーリングの両方を有効にできません。",
-    "clientRedirectURIsFragmentError": "リダイレクトURIにURIフラグメントを含めることはできません。",
-    "clientRootURLFragmentError": "ルートURLにURLフラグメントを含めることはできません。",
-    "pairwiseMalformedClientRedirectURI": "クライアントに無効なリダイレクトURIが含まれていました。",
-    "pairwiseClientRedirectURIsMissingHost": "クライアントのリダイレクトURIには有効なホスト・コンポーネントが含まれている必要があります。",
-    "pairwiseClientRedirectURIsMultipleHosts": "設定されたセレクター識別子URIがない場合は、クライアントのリダイレクトURIは複数のホスト・コンポーネントを含むことはできません。",
-    "pairwiseMalformedSectorIdentifierURI": "不正なセレクター識別子URIです。",
-    "pairwiseFailedToGetRedirectURIs": "セクター識別子URIからリダイレクトURIを取得できませんでした。",
-    "pairwiseRedirectURIsMismatch": "クライアントのリダイレクトURIは、セクター識別子URIからフェッチされたリダイレクトURIと一致しません。"
-  },
-  "lt": {
-    "invalidPasswordMinLengthMessage": "Per trumpas slaptažodis: mažiausias ilgis {0}.",
-    "invalidPasswordMinLowerCaseCharsMessage": "Neteisingas slaptažodis: privaloma įvesti {0} mažąją raidę.",
-    "invalidPasswordMinDigitsMessage": "Neteisingas slaptažodis: privaloma įvesti {0} skaitmenį.",
-    "invalidPasswordMinUpperCaseCharsMessage": "Neteisingas slaptažodis: privaloma įvesti {0} didžiąją raidę.",
-    "invalidPasswordMinSpecialCharsMessage": "Neteisingas slaptažodis: privaloma įvesti {0} specialų simbolį.",
-    "invalidPasswordNotUsernameMessage": "Neteisingas slaptažodis: slaptažodis negali sutapti su naudotojo vardu.",
-    "invalidPasswordRegexPatternMessage": "Neteisingas slaptažodis: slaptažodis netenkina regex taisyklės(ių).",
-    "invalidPasswordHistoryMessage": "Neteisingas slaptažodis: slaptažodis negali sutapti su prieš tai buvusiais {0} slaptažodžiais.",
-    "ldapErrorInvalidCustomFilter": "Sukonfigūruotas LDAP filtras neprasideda \"(\" ir nesibaigia \")\" simboliais.",
-    "ldapErrorMissingClientId": "Privaloma nurodyti kliento ID kai srities rolių susiejimas nėra nenaudojamas.",
-    "ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType": "Grupių paveldėjimo ir UID narystės tipas kartu negali būti naudojami.",
-    "ldapErrorCantWriteOnlyForReadOnlyLdap": "Negalima nustatyti rašymo rėžimo kuomet LDAP teikėjo rėžimas ne WRITABLE",
-    "ldapErrorCantWriteOnlyAndReadOnly": "Negalima nustatyti tik rašyti ir tik skaityti kartu",
-    "clientRedirectURIsFragmentError": "Nurodykite URI fragmentą, kurio negali būti peradresuojamuose URI adresuose",
-    "clientRootURLFragmentError": "Nurodykite URL fragmentą, kurio negali būti šakniniame URL adrese",
-    "pairwiseMalformedClientRedirectURI": "Klientas pateikė neteisingą nukreipimo nuorodą.",
-    "pairwiseClientRedirectURIsMissingHost": "Kliento nukreipimo nuorodos privalo būti nurodytos su serverio vardo komponentu.",
-    "pairwiseClientRedirectURIsMultipleHosts": "Kuomet nesukonfigūruotas sektoriaus identifikatoriaus URL, kliento nukreipimo nuorodos privalo talpinti ne daugiau kaip vieną skirtingą serverio vardo komponentą.",
-    "pairwiseMalformedSectorIdentifierURI": "Neteisinga sektoriaus identifikatoriaus URI.",
-    "pairwiseFailedToGetRedirectURIs": "Nepavyko gauti nukreipimo nuorodų iš sektoriaus identifikatoriaus URI.",
-    "pairwiseRedirectURIsMismatch": "Kliento nukreipimo nuoroda neatitinka nukreipimo nuorodų iš sektoriaus identifikatoriaus URI."
-  },
-  "nl": {
-    "invalidPasswordMinLengthMessage": "Ongeldig wachtwoord: de minimale lengte is {0} karakters.",
-    "invalidPasswordMinLowerCaseCharsMessage": "Ongeldig wachtwoord: het moet minstens {0} kleine letters bevatten.",
-    "invalidPasswordMinDigitsMessage": "Ongeldig wachtwoord: het moet minstens {0} getallen bevatten.",
-    "invalidPasswordMinUpperCaseCharsMessage": "Ongeldig wachtwoord: het moet minstens {0} hoofdletters bevatten.",
-    "invalidPasswordMinSpecialCharsMessage": "Ongeldig wachtwoord: het moet minstens {0} speciale karakters bevatten.",
-    "invalidPasswordNotUsernameMessage": "Ongeldig wachtwoord: het mag niet overeenkomen met de gebruikersnaam.",
-    "invalidPasswordRegexPatternMessage": "Ongeldig wachtwoord: het voldoet niet aan het door de beheerder ingestelde patroon.",
-    "invalidPasswordHistoryMessage": "Ongeldig wachtwoord: het mag niet overeen komen met een van de laatste {0} wachtwoorden.",
-    "invalidPasswordGenericMessage": "Ongeldig wachtwoord: het nieuwe wachtwoord voldoet niet aan het wachtwoordbeleid.",
-    "ldapErrorInvalidCustomFilter": "LDAP filter met aangepaste configuratie start niet met \"(\" of eindigt niet met \")\".",
-    "ldapErrorConnectionTimeoutNotNumber": "Verbindingstimeout moet een getal zijn",
-    "ldapErrorReadTimeoutNotNumber": "Lees-timeout moet een getal zijn",
-    "ldapErrorMissingClientId": "Client ID moet ingesteld zijn als Realm Roles Mapping niet gebruikt wordt.",
-    "ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType": "Kan groepsovererving niet behouden bij UID-lidmaatschapstype.",
-    "ldapErrorCantWriteOnlyForReadOnlyLdap": "Alleen-schrijven niet mogelijk als LDAP provider mode niet WRITABLE is",
-    "ldapErrorCantWriteOnlyAndReadOnly": "Alleen-schrijven en alleen-lezen mogen niet tegelijk ingesteld zijn",
-    "clientRedirectURIsFragmentError": "Redirect URIs mogen geen URI fragment bevatten",
-    "clientRootURLFragmentError": "Root URL mag geen URL fragment bevatten",
-    "pairwiseMalformedClientRedirectURI": "Client heeft een ongeldige redirect URI.",
-    "pairwiseClientRedirectURIsMissingHost": "Client redirect URIs moeten een geldige host-component bevatten.",
-    "pairwiseClientRedirectURIsMultipleHosts": "Zonder een geconfigureerde Sector Identifier URI mogen client redirect URIs niet meerdere host componenten hebben.",
-    "pairwiseMalformedSectorIdentifierURI": "Onjuist notatie in Sector Identifier URI.",
-    "pairwiseFailedToGetRedirectURIs": "Kon geen redirect URIs verkrijgen van de Sector Identifier URI.",
-    "pairwiseRedirectURIsMismatch": "Client redirect URIs komen niet overeen met redict URIs ontvangen van de Sector Identifier URI."
-  },
-  "no": {
-    "invalidPasswordMinLengthMessage": "Ugyldig passord: minimum lengde {0}.",
-    "invalidPasswordMinLowerCaseCharsMessage": "Ugyldig passord: må inneholde minst {0} små bokstaver.",
-    "invalidPasswordMinDigitsMessage": "Ugyldig passord: må inneholde minst {0} sifre.",
-    "invalidPasswordMinUpperCaseCharsMessage": "Ugyldig passord: må inneholde minst {0} store bokstaver.",
-    "invalidPasswordMinSpecialCharsMessage": "Ugyldig passord: må inneholde minst {0} spesialtegn.",
-    "invalidPasswordNotUsernameMessage": "Ugyldig passord: kan ikke være likt brukernavn.",
-    "invalidPasswordRegexPatternMessage": "Ugyldig passord: tilfredsstiller ikke kravene for passord-mønster.",
-    "invalidPasswordHistoryMessage": "Ugyldig passord: kan ikke være likt noen av de {0} foregående passordene.",
-    "ldapErrorInvalidCustomFilter": "Tilpasset konfigurasjon av LDAP-filter starter ikke med \"(\" eller slutter ikke med \")\".",
-    "ldapErrorMissingClientId": "KlientID må være tilgjengelig i config når sikkerhetsdomenerollemapping ikke brukes.",
-    "ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType": "Ikke mulig å bevare gruppearv og samtidig bruke UID medlemskapstype.",
-    "ldapErrorCantWriteOnlyForReadOnlyLdap": "Kan ikke sette write-only når LDAP leverandør-modus ikke er WRITABLE",
-    "ldapErrorCantWriteOnlyAndReadOnly": "Kan ikke sette både write-only og read-only"
-  },
-  "pl": {},
-  "pt-BR": {
-    "invalidPasswordMinLengthMessage": "Senha inválida: deve conter ao menos {0} caracteres.",
-    "invalidPasswordMinLowerCaseCharsMessage": "Senha inválida: deve conter ao menos {0} caracteres minúsculos.",
-    "invalidPasswordMinDigitsMessage": "Senha inválida: deve conter ao menos {0} digitos numéricos.",
-    "invalidPasswordMinUpperCaseCharsMessage": "Senha inválida: deve conter ao menos {0} caracteres maiúsculos.",
-    "invalidPasswordMinSpecialCharsMessage": "Senha inválida: deve conter ao menos {0} caracteres especiais.",
-    "invalidPasswordNotUsernameMessage": "Senha inválida: não deve ser igual ao nome de usuário.",
-    "invalidPasswordRegexPatternMessage": "Senha inválida: falha ao passar por padrões.",
-    "invalidPasswordHistoryMessage": "Senha inválida: não deve ser igual às últimas {0} senhas.",
-    "ldapErrorInvalidCustomFilter": "Filtro LDAP não inicia com \"(\" ou não termina com \")\".",
-    "ldapErrorMissingClientId": "ID do cliente precisa ser definido na configuração quando mapeamentos de Roles do Realm não é utilizado.",
-    "ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType": "Não é possível preservar herança de grupos e usar tipo de associação de UID ao mesmo tempo.",
-    "ldapErrorCantWriteOnlyForReadOnlyLdap": "Não é possível definir modo de somente escrita quando o provedor LDAP não suporta escrita",
-    "ldapErrorCantWriteOnlyAndReadOnly": "Não é possível definir somente escrita e somente leitura ao mesmo tempo",
-    "clientRedirectURIsFragmentError": "URIs de redirecionamento não podem conter fragmentos",
-    "clientRootURLFragmentError": "URL raiz não pode conter fragmentos"
-  },
-  "ru": {
-    "invalidPasswordMinLengthMessage": "Некорректный пароль: длина пароля должна быть не менее {0} символов(а).",
-    "invalidPasswordMinDigitsMessage": "Некорректный пароль: должен содержать не менее {0} цифр(ы).",
-    "invalidPasswordMinLowerCaseCharsMessage": "Некорректный пароль: пароль должен содержать не менее {0} символов(а) в нижнем регистре.",
-    "invalidPasswordMinUpperCaseCharsMessage": "Некорректный пароль: пароль должен содержать не менее {0} символов(а) в верхнем регистре.",
-    "invalidPasswordMinSpecialCharsMessage": "Некорректный пароль: пароль должен содержать не менее {0} спецсимволов(а).",
-    "invalidPasswordNotUsernameMessage": "Некорректный пароль: пароль не должен совпадать с именем пользователя.",
-    "invalidPasswordRegexPatternMessage": "Некорректный пароль: пароль не прошел проверку по регулярному выражению.",
-    "invalidPasswordHistoryMessage": "Некорректный пароль: пароль не должен совпадать с последним(и) {0} паролем(ями).",
-    "invalidPasswordGenericMessage": "Некорректный пароль: новый пароль не соответствует правилам пароля.",
-    "ldapErrorInvalidCustomFilter": "Сконфигурированный пользователем фильтр LDAP не должен начинаться с \"(\" или заканчиваться на \")\".",
-    "ldapErrorMissingClientId": "Client ID должен быть настроен в конфигурации, если не используется сопоставление ролей в realm.",
-    "ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType": "Не удалось унаследовать группу и использовать членство UID типа вместе.",
-    "ldapErrorCantWriteOnlyForReadOnlyLdap": "Невозможно установить режим \"только на запись\", когда LDAP провайдер не в режиме WRITABLE",
-    "ldapErrorCantWriteOnlyAndReadOnly": "Невозможно одновременно установить режимы \"только на чтение\" и \"только на запись\"",
-    "clientRedirectURIsFragmentError": "URI перенаправления не должен содержать фрагмент URI",
-    "clientRootURLFragmentError": "Корневой URL не должен содержать фрагмент URL ",
-    "pairwiseMalformedClientRedirectURI": "Клиент содержит некорректный URI перенаправления.",
-    "pairwiseClientRedirectURIsMissingHost": "URI перенаправления клиента должен содержать корректный компонент хоста.",
-    "pairwiseClientRedirectURIsMultipleHosts": "Без конфигурации по части идентификатора URI, URI перенаправления клиента не может содержать несколько компонентов хоста.",
-    "pairwiseMalformedSectorIdentifierURI": "Искаженная часть идентификатора URI.",
-    "pairwiseFailedToGetRedirectURIs": "Не удалось получить идентификаторы URI перенаправления из части идентификатора URI.",
-    "pairwiseRedirectURIsMismatch": "Клиент URI переадресации не соответствует URI переадресации, полученной из части идентификатора URI."
-  },
-  "zh-CN": {
-    "invalidPasswordMinLengthMessage": "无效的密码：最短长度 {0}.",
-    "invalidPasswordMinLowerCaseCharsMessage": "无效的密码：至少包含 {0} 小写字母",
-    "invalidPasswordMinDigitsMessage": "无效的密码：至少包含 {0} 个数字",
-    "invalidPasswordMinUpperCaseCharsMessage": "无效的密码：最短长度 {0} 大写字母",
-    "invalidPasswordMinSpecialCharsMessage": "无效的密码：最短长度 {0} 特殊字符",
-    "invalidPasswordNotUsernameMessage": "无效的密码： 不可以与用户名相同",
-    "invalidPasswordRegexPatternMessage": "无效的密码： 无法与正则表达式匹配",
-    "invalidPasswordHistoryMessage": "无效的密码：不能与最后使用的 {0} 个密码相同",
-    "ldapErrorInvalidCustomFilter": "定制的 LDAP过滤器不是以 \"(\" 开头或以 \")\"结尾.",
-    "ldapErrorConnectionTimeoutNotNumber": "Connection Timeout 必须是个数字",
-    "ldapErrorMissingClientId": "当域角色映射未启用时，客户端 ID 需要指定。",
-    "ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType": "无法在使用UID成员类型的同时维护组继承属性。",
-    "ldapErrorCantWriteOnlyForReadOnlyLdap": "当LDAP提供方不是可写模式时，无法设置只写",
-    "ldapErrorCantWriteOnlyAndReadOnly": "无法同时设置只读和只写",
-    "clientRedirectURIsFragmentError": "重定向URL不应包含URI片段",
-    "clientRootURLFragmentError": "根URL 不应包含 URL 片段",
-    "pairwiseMalformedClientRedirectURI": "客户端包含一个无效的重定向URL",
-    "pairwiseClientRedirectURIsMissingHost": "客户端重定向URL需要有一个有效的主机",
-    "pairwiseClientRedirectURIsMultipleHosts": "Without a configured Sector Identifier URI, client redirect URIs must not contain multiple host components.",
-    "pairwiseMalformedSectorIdentifierURI": "Malformed Sector Identifier URI.",
-    "pairwiseFailedToGetRedirectURIs": "无法从服务器获得重定向URL",
-    "pairwiseRedirectURIsMismatch": "客户端的重定向URI与服务器端获取的URI配置不匹配。"
-  }
-};
-/* spell-checker: enable */