Release candidate

Rebase v9 to main

README.md

@@ -47,12 +47,12 @@
 
 > 📣 🛑 Account themes generated by Keycloakify are not currently compatible with Keycloak 22.  
 > We are working on a solution. [Follow progress](https://github.com/keycloakify/keycloakify/issues/389).  
-> Login and email themes are not affected.  
-> UPDATE: [The PR](https://github.com/keycloak/keycloak/pull/22317) that should future proof Keycloakify account themes has been greenlighted
-> by the Keycloak team. Resolution is only a matter of time.
+> **Login and email themes are not affected**.  
+> UPDATE: [The PR](https://github.com/keycloak/keycloak/pull/22317) that should future proof Keycloakify account themes has been
+> merged into Keycloak! 🥳 Credit to @xgp. We are now waiting for a new Keycloak release to be published.
 
 Keycloakify is fully compatible with Keycloak, starting from version 11 and is anticipated to maintain compatibility with all future versions.  
-You can update your Keycloak, your Keycloakify generated theme won't break.  
+You can update your Keycloak, your Keycloakify generated theme won't break. (Well except for Keycloak 22's Account theme obviously but this was hopefully a one time debacle)  
 To understand the basis of my confidence in this, you can [visit this discussion thread where I've explained in detail](https://github.com/keycloakify/keycloakify/discussions/346#discussioncomment-5889791).
 
 ## Sponsor 👼
@@ -130,6 +130,15 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
 
 # Changelog highlights
 
+## v9.0
+
+Restore support for Keycloak 22.1 and up! Huge thanks to @xgp without whom this wouldn't have been possible.  
+Big thanks also to @ssilvert from the Keycloak team for being so open to discussion and merging [@xgp's PR](https://github.com/keycloak/keycloak/pull/22317).
+
+### Breaking changes
+
+Very few. Check them out [here](https://docs.keycloakify.dev/migration-guides/v8-greater-than-v9).
+
 ## 8.0
 
 -   Much smaller .jar size. 70.2 MB -> 7.8 MB.  
@@ -138,58 +147,7 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
 
 ### Breaking changes
 
-There are very few breaking changes in this major version.
-
--   The [`--external-assets` build option has been removed](https://docs.keycloakify.dev/v/v7/build-options#external-assets-deprecated) it was a performance optimization that is no longer relevant now that
-    we have lazy loading.
-
--   `kcContext.usernameEditDisabled` is now `kcContext.usernameHidden`, the type was lying, it has been updated to reflect what's actually on the `kcContext` at runtime.
-    If you want to see in detail what should be updated [see issue](https://github.com/keycloakify/keycloakify/pull/399), or you can search and replace `usernameEditDisabled` -> `usernameHidden` it'll do the trick.
-
--   The `usePrepareTemplate` prototype has been changed, you can search and replace:
-
-`src/keycloak-theme/login/Template.tsx`
-
-```ts
-url,
-"stylesCommon": [
-    "node_modules/patternfly/dist/css/patternfly.min.css",
-    "node_modules/patternfly/dist/css/patternfly-additions.min.css",
-    "lib/zocial/zocial.css"
-],
-"styles": ["css/login.css"],
-```
-
-by
-
-```ts
-"styles": [
-    `${url.resourcesCommonPath}/node_modules/patternfly/dist/css/patternfly.min.css`,
-    `${url.resourcesCommonPath}/node_modules/patternfly/dist/css/patternfly-additions.min.css`,
-    `${url.resourcesCommonPath}/lib/zocial/zocial.css`,
-    `${url.resourcesPath}/css/login.css`
-],
-```
-
-and
-
-`src/keycloak-theme/account/Template.css`
-
-```ts
-url,
-"stylesCommon": ["node_modules/patternfly/dist/css/patternfly.min.css", "node_modules/patternfly/dist/css/patternfly-additions.min.css"],
-"styles": ["css/account.css"],
-```
-
-by
-
-```ts
-"styles": [
-    `${url.resourcesCommonPath}/node_modules/patternfly/dist/css/patternfly.min.css`,
-    `${url.resourcesCommonPath}/node_modules/patternfly/dist/css/patternfly-additions.min.css`,
-    `${url.resourcesPath}/css/account.css`
-],
-```
+There are very few breaking changes in this major version. [Check them out](https://docs.keycloakify.dev/migration-guides/v7-greater-than-v8).
 
 ## 7.15
 
@@ -211,7 +169,7 @@ by
 ## 7.12
 
 -   You can now pack multiple themes variant in a single `.jar` bundle. In vanilla Keycloak themes you have the ability to extend a base theme.
-    There is now an idiomatic way of achieving the same result. [Learn more](https://docs.keycloakify.dev/build-options#keycloakify.extrathemenames).
+    There is now an idiomatic way of achieving the same result. [Learn more](https://docs.keycloakify.dev/build-options#keycloakify.themeVariantNames).
 
 ## 7.9
 

keycloakify-json-schema.json

@@ -1,73 +0,0 @@
-{
-    "allOf": [
-        {
-            "$ref": "https://json.schemastore.org/package.json"
-        },
-        {
-            "$ref": "keycloakifyPackageJsonSchema"
-        }
-    ],
-    "$ref": "#/definitions/keycloakifyPackageJsonSchema",
-    "definitions": {
-        "keycloakifyPackageJsonSchema": {
-            "type": "object",
-            "properties": {
-                "name": {
-                    "type": "string"
-                },
-                "version": {
-                    "type": "string"
-                },
-                "homepage": {
-                    "type": "string"
-                },
-                "keycloakify": {
-                    "type": "object",
-                    "properties": {
-                        "extraPages": {
-                            "type": "array",
-                            "items": {
-                                "type": "string"
-                            }
-                        },
-                        "extraThemeProperties": {
-                            "type": "array",
-                            "items": {
-                                "type": "string"
-                            }
-                        },
-                        "areAppAndKeycloakServerSharingSameDomain": {
-                            "type": "boolean"
-                        },
-                        "artifactId": {
-                            "type": "string"
-                        },
-                        "groupId": {
-                            "type": "string"
-                        },
-                        "bundler": {
-                            "type": "string",
-                            "enum": ["mvn", "keycloakify", "none"]
-                        },
-                        "keycloakVersionDefaultAssets": {
-                            "type": "string"
-                        },
-                        "reactAppBuildDirPath": {
-                            "type": "string"
-                        },
-                        "keycloakifyBuildDirPath": {
-                            "type": "string"
-                        },
-                        "themeName": {
-                            "type": "string"
-                        }
-                    },
-                    "additionalProperties": false
-                }
-            },
-            "required": ["name", "version"],
-            "additionalProperties": false
-        }
-    },
-    "$schema": "http://json-schema.org/draft-07/schema#"
-}

package.json

@@ -1,6 +1,6 @@
 {
     "name": "keycloakify",
-    "version": "8.3.1",
+    "version": "9.0.0-rc.1",
     "description": "Create Keycloak themes using React",
     "repository": {
         "type": "git",
@@ -13,7 +13,7 @@
         "build": "rimraf dist/ && tsc -p src/bin && tsc -p src && tsc-alias -p src/tsconfig.json && yarn grant-exec-perms && yarn copy-files dist/ && cp -r src dist/",
         "generate:json-schema": "ts-node scripts/generate-json-schema.ts",
         "grant-exec-perms": "node dist/bin/tools/grant-exec-perms.js",
-        "copy-files": "copyfiles -u 1 src/**/*.ftl",
+        "copy-files": "copyfiles -u 1 src/**/*.ftl src/**/*.java",
         "test": "yarn test:types && vitest run",
         "test:keycloakify-starter": "ts-node scripts/test-keycloakify-starter",
         "test:types": "tsc -p test/tsconfig.json --noEmit",

scripts/generate-i18n-messages.ts

@@ -24,9 +24,11 @@ async function main() {
     fs.rmSync(tmpDirPath, { "recursive": true, "force": true });
 
     await downloadBuiltinKeycloakTheme({
-        "projectDirPath": getProjectRoot(),
         keycloakVersion,
-        "destDirPath": tmpDirPath
+        "destDirPath": tmpDirPath,
+        "buildOptions": {
+            "cacheDirPath": pathJoin(getProjectRoot(), "node_modules", ".cache", "keycloakify")
+        }
     });
 
     type Dictionary = { [idiomId: string]: string };

src/account/kcContext/KcContext.ts

@@ -1,11 +1,13 @@
-import type { AccountThemePageId, ThemeType } from "keycloakify/bin/keycloakify/generateFtl";
+import type { AccountThemePageId } from "keycloakify/bin/keycloakify/generateFtl";
 import { assert } from "tsafe/assert";
 import type { Equals } from "tsafe";
+import { type ThemeType } from "keycloakify/bin/constants";
 
 export type KcContext = KcContext.Password | KcContext.Account;
 
 export declare namespace KcContext {
     export type Common = {
+        themeVersion: string;
         keycloakifyVersion: string;
         themeType: "account";
         themeName: string;

src/account/kcContext/createGetKcContext.ts

@@ -3,9 +3,8 @@ import { deepAssign } from "keycloakify/tools/deepAssign";
 import type { ExtendKcContext } from "./getKcContextFromWindow";
 import { getKcContextFromWindow } from "./getKcContextFromWindow";
 import { pathJoin } from "keycloakify/bin/tools/pathJoin";
-import { pathBasename } from "keycloakify/tools/pathBasename";
-import { resourcesCommonDirPathRelativeToPublicDir } from "keycloakify/bin/mockTestingResourcesPath";
 import { symToStr } from "tsafe/symToStr";
+import { resources_common } from "keycloakify/bin/constants";
 import { kcContextMocks, kcContextCommonMock } from "keycloakify/account/kcContext/kcContextMocks";
 
 export function createGetKcContext<KcContextExtension extends { pageId: string } = never>(params?: {
@@ -89,11 +88,7 @@ export function createGetKcContext<KcContextExtension extends { pageId: string }
             return { "kcContext": undefined as any };
         }
 
-        {
-            const { url } = realKcContext;
-
-            url.resourcesCommonPath = pathJoin(url.resourcesPath, pathBasename(resourcesCommonDirPathRelativeToPublicDir));
-        }
+        realKcContext.url.resourcesCommonPath = pathJoin(realKcContext.url.resourcesPath, resources_common);
 
         return { "kcContext": realKcContext as any };
     }

src/account/kcContext/kcContextMocks.ts

@@ -1,18 +1,21 @@
 import "minimal-polyfills/Object.fromEntries";
-import { resourcesCommonDirPathRelativeToPublicDir, resourcesDirPathRelativeToPublicDir } from "keycloakify/bin/mockTestingResourcesPath";
+import { resources_common, keycloak_resources } from "keycloakify/bin/constants";
 import { pathJoin } from "keycloakify/bin/tools/pathJoin";
 import { id } from "tsafe/id";
 import type { KcContext } from "./KcContext";
 
 const PUBLIC_URL = (typeof process !== "object" ? undefined : process.env?.["PUBLIC_URL"]) || "/";
 
+const resourcesPath = pathJoin(PUBLIC_URL, keycloak_resources, "account", "resources");
+
 export const kcContextCommonMock: KcContext.Common = {
+    "themeVersion": "0.0.0",
     "keycloakifyVersion": "0.0.0",
     "themeType": "account",
     "themeName": "my-theme-name",
     "url": {
-        "resourcesPath": pathJoin(PUBLIC_URL, resourcesDirPathRelativeToPublicDir),
-        "resourcesCommonPath": pathJoin(PUBLIC_URL, resourcesCommonDirPathRelativeToPublicDir),
+        resourcesPath,
+        "resourcesCommonPath": pathJoin(resourcesPath, resources_common),
         "resourceUrl": "#",
         "accountUrl": "#",
         "applicationsUrl": "#",

src/bin/constants.ts

@@ -0,0 +1,9 @@
+export const keycloak_resources = "keycloak-resources";
+export const resources_common = "resources-common";
+export const lastKeycloakVersionWithAccountV1 = "21.1.2";
+
+export const themeTypes = ["login", "account"] as const;
+export const retrocompatPostfix = "_retrocompat";
+export const accountV1 = "account-v1";
+
+export type ThemeType = (typeof themeTypes)[number];

src/bin/copy-keycloak-resources-to-public.ts

@@ -2,38 +2,39 @@
 
 import { downloadKeycloakStaticResources } from "./keycloakify/generateTheme/downloadKeycloakStaticResources";
 import { join as pathJoin, relative as pathRelative } from "path";
-import { basenameOfKeycloakDirInPublicDir } from "./mockTestingResourcesPath";
 import { readBuildOptions } from "./keycloakify/BuildOptions";
-import { themeTypes } from "./keycloakify/generateFtl";
+import { themeTypes, keycloak_resources, lastKeycloakVersionWithAccountV1 } from "./constants";
 import * as fs from "fs";
 
 (async () => {
-    const projectDirPath = process.cwd();
+    const reactAppRootDirPath = process.cwd();
 
     const buildOptions = readBuildOptions({
-        "processArgv": process.argv.slice(2),
-        "projectDirPath": process.cwd()
+        reactAppRootDirPath,
+        "processArgv": process.argv.slice(2)
     });
 
-    const keycloakDirInPublicDir = pathJoin(process.env["PUBLIC_DIR_PATH"] || pathJoin(projectDirPath, "public"), basenameOfKeycloakDirInPublicDir);
-
-    if (fs.existsSync(keycloakDirInPublicDir)) {
-        console.log(`${pathRelative(projectDirPath, keycloakDirInPublicDir)} already exists.`);
-        return;
-    }
+    const reservedDirPath = pathJoin(buildOptions.publicDirPath, keycloak_resources);
 
     for (const themeType of themeTypes) {
         await downloadKeycloakStaticResources({
-            projectDirPath,
-            "keycloakVersion": buildOptions.keycloakVersionDefaultAssets,
-            "themeType": themeType,
-            "themeDirPath": keycloakDirInPublicDir,
-            "usedResources": undefined
+            "keycloakVersion": (() => {
+                switch (themeType) {
+                    case "login":
+                        return buildOptions.loginThemeResourcesFromKeycloakVersion;
+                    case "account":
+                        return lastKeycloakVersionWithAccountV1;
+                }
+            })(),
+            themeType,
+            "themeDirPath": reservedDirPath,
+            "usedResources": undefined,
+            buildOptions
         });
     }
 
     fs.writeFileSync(
-        pathJoin(keycloakDirInPublicDir, "README.txt"),
+        pathJoin(reservedDirPath, "README.txt"),
         Buffer.from(
             // prettier-ignore
             [
@@ -43,21 +44,7 @@ import * as fs from "fs";
         )
     );
 
-    fs.writeFileSync(pathJoin(keycloakDirInPublicDir, ".gitignore"), Buffer.from("*", "utf8"));
+    fs.writeFileSync(pathJoin(buildOptions.publicDirPath, "keycloak-resources", ".gitignore"), Buffer.from("*", "utf8"));
 
-    const buildDirPath = pathJoin(projectDirPath, "build");
-
-    if (process.platform === "win32" && !fs.existsSync(buildDirPath)) {
-        fs.mkdirSync(buildDirPath);
-    }
-
-    try {
-        fs.symlinkSync(buildDirPath, pathJoin(keycloakDirInPublicDir, "resources", "build"));
-    } catch (error) {
-        if (process.platform !== "win32") {
-            throw error;
-        }
-    }
-
-    console.log(`${pathRelative(projectDirPath, keycloakDirInPublicDir)} directory created.`);
+    console.log(`${pathRelative(reactAppRootDirPath, reservedDirPath)} directory created.`);
 })();

src/bin/download-builtin-keycloak-theme.ts

@@ -4,15 +4,23 @@ import { downloadAndUnzip } from "./tools/downloadAndUnzip";
 import { promptKeycloakVersion } from "./promptKeycloakVersion";
 import { getLogger } from "./tools/logger";
 import { readBuildOptions } from "./keycloakify/BuildOptions";
+import { assert } from "tsafe/assert";
+import type { BuildOptions } from "./keycloakify/BuildOptions";
 import * as child_process from "child_process";
 import * as fs from "fs";
 
-export async function downloadBuiltinKeycloakTheme(params: { projectDirPath: string; keycloakVersion: string; destDirPath: string }) {
-    const { projectDirPath, keycloakVersion, destDirPath } = params;
+export type BuildOptionsLike = {
+    cacheDirPath: string;
+};
+
+assert<BuildOptions extends BuildOptionsLike ? true : false>();
+
+export async function downloadBuiltinKeycloakTheme(params: { keycloakVersion: string; destDirPath: string; buildOptions: BuildOptionsLike }) {
+    const { keycloakVersion, destDirPath, buildOptions } = params;
 
     await downloadAndUnzip({
         "doUseCache": true,
-        projectDirPath,
+        "cacheDirPath": buildOptions.cacheDirPath,
         destDirPath,
         "url": `https://github.com/keycloak/keycloak/archive/refs/tags/${keycloakVersion}.zip`,
         "specificDirsToExtract": ["", "-community"].map(ext => `keycloak-${keycloakVersion}/themes/src/main/resources${ext}/theme`),
@@ -74,7 +82,7 @@ export async function downloadBuiltinKeycloakTheme(params: { projectDirPath: str
 
 async function main() {
     const buildOptions = readBuildOptions({
-        "projectDirPath": process.cwd(),
+        "reactAppRootDirPath": process.cwd(),
         "processArgv": process.argv.slice(2)
     });
 
@@ -86,9 +94,9 @@ async function main() {
     logger.log(`Downloading builtins theme of Keycloak ${keycloakVersion} here ${destDirPath}`);
 
     await downloadBuiltinKeycloakTheme({
-        "projectDirPath": process.cwd(),
         keycloakVersion,
-        destDirPath
+        destDirPath,
+        buildOptions
     });
 }
 

src/bin/eject-keycloak-page.ts

@@ -2,14 +2,7 @@
 
 import { getProjectRoot } from "./tools/getProjectRoot";
 import cliSelect from "cli-select";
-import {
-    loginThemePageIds,
-    accountThemePageIds,
-    type LoginThemePageId,
-    type AccountThemePageId,
-    themeTypes,
-    type ThemeType
-} from "./keycloakify/generateFtl";
+import { loginThemePageIds, accountThemePageIds, type LoginThemePageId, type AccountThemePageId } from "./keycloakify/generateFtl";
 import { capitalize } from "tsafe/capitalize";
 import { readFile, writeFile } from "fs/promises";
 import { existsSync } from "fs";
@@ -17,10 +10,13 @@ import { join as pathJoin, relative as pathRelative } from "path";
 import { kebabCaseToCamelCase } from "./tools/kebabCaseToSnakeCase";
 import { assert, Equals } from "tsafe/assert";
 import { getThemeSrcDirPath } from "./getSrcDirPath";
+import { themeTypes, type ThemeType } from "./constants";
 
 (async () => {
     console.log("Select a theme type");
 
+    const reactAppRootDirPath = process.cwd();
+
     const { value: themeType } = await cliSelect<ThemeType>({
         "values": [...themeTypes]
     }).catch(() => {
@@ -49,7 +45,7 @@ import { getThemeSrcDirPath } from "./getSrcDirPath";
 
     const pageBasename = capitalize(kebabCaseToCamelCase(pageId)).replace(/ftl$/, "tsx");
 
-    const { themeSrcDirPath } = getThemeSrcDirPath({ "projectDirPath": process.cwd() });
+    const { themeSrcDirPath } = getThemeSrcDirPath({ reactAppRootDirPath });
 
     const targetFilePath = pathJoin(themeSrcDirPath, themeType, "pages", pageBasename);
 

src/bin/getSrcDirPath.ts

@@ -2,15 +2,15 @@ import * as fs from "fs";
 import { exclude } from "tsafe";
 import { crawl } from "./tools/crawl";
 import { join as pathJoin } from "path";
-import { themeTypes } from "./keycloakify/generateFtl";
+import { themeTypes } from "./constants";
 
 const themeSrcDirBasenames = ["keycloak-theme", "keycloak_theme"];
 
 /** Can't catch error, if the directory isn't found, this function will just exit the process with an error message. */
-export function getThemeSrcDirPath(params: { projectDirPath: string }) {
-    const { projectDirPath } = params;
+export function getThemeSrcDirPath(params: { reactAppRootDirPath: string }) {
+    const { reactAppRootDirPath } = params;
 
-    const srcDirPath = pathJoin(projectDirPath, "src");
+    const srcDirPath = pathJoin(reactAppRootDirPath, "src");
 
     const themeSrcDirPath: string | undefined = crawl({ "dirPath": srcDirPath, "returnedPathsType": "relative to dirPath" })
         .map(fileRelativePath => {

src/bin/initialize-email-theme.ts

@@ -10,17 +10,17 @@ import { getLogger } from "./tools/logger";
 import { getThemeSrcDirPath } from "./getSrcDirPath";
 
 export async function main() {
-    const projectDirPath = process.cwd();
+    const reactAppRootDirPath = process.cwd();
 
-    const { isSilent } = readBuildOptions({
-        projectDirPath,
+    const buildOptions = readBuildOptions({
+        reactAppRootDirPath,
         "processArgv": process.argv.slice(2)
     });
 
-    const logger = getLogger({ isSilent });
+    const logger = getLogger({ "isSilent": buildOptions.isSilent });
 
     const { themeSrcDirPath } = getThemeSrcDirPath({
-        projectDirPath
+        reactAppRootDirPath
     });
 
     const emailThemeSrcDirPath = pathJoin(themeSrcDirPath, "email");
@@ -36,9 +36,9 @@ export async function main() {
     const builtinKeycloakThemeTmpDirPath = pathJoin(emailThemeSrcDirPath, "..", "tmp_xIdP3_builtin_keycloak_theme");
 
     await downloadBuiltinKeycloakTheme({
-        projectDirPath,
         keycloakVersion,
-        "destDirPath": builtinKeycloakThemeTmpDirPath
+        "destDirPath": builtinKeycloakThemeTmpDirPath,
+        buildOptions
     });
 
     transformCodebase({

src/bin/keycloakify/BuildOptions.ts

@@ -1,34 +1,34 @@
-import { assert } from "tsafe/assert";
-import { id } from "tsafe/id";
 import { parse as urlParse } from "url";
-import { typeGuard } from "tsafe/typeGuard";
-import { symToStr } from "tsafe/symToStr";
-import { bundlers, getParsedPackageJson, type Bundler } from "./parsedPackageJson";
-import { join as pathJoin, sep as pathSep } from "path";
+import { getParsedPackageJson } from "./parsedPackageJson";
+import { join as pathJoin } from "path";
 import parseArgv from "minimist";
+import { getAbsoluteAndInOsFormatPath } from "../tools/getAbsoluteAndInOsFormatPath";
 
 /** Consolidated build option gathered form CLI arguments and config in package.json */
 export type BuildOptions = {
     isSilent: boolean;
     themeVersion: string;
-    themeName: string;
-    extraThemeNames: string[];
+    themeNames: string[];
     extraThemeProperties: string[] | undefined;
     groupId: string;
     artifactId: string;
-    bundler: Bundler;
-    keycloakVersionDefaultAssets: string;
+    doCreateJar: boolean;
+    loginThemeResourcesFromKeycloakVersion: string;
+    reactAppRootDirPath: string;
     /** Directory of your built react project. Defaults to {cwd}/build */
     reactAppBuildDirPath: string;
     /** Directory that keycloakify outputs to. Defaults to {cwd}/build_keycloak */
     keycloakifyBuildDirPath: string;
+    publicDirPath: string;
+    cacheDirPath: string;
     /** If your app is hosted under a subpath, it's the case in CRA if you have "homepage": "https://example.com/my-app" in your package.json
      * In this case the urlPathname will be "/my-app/" */
     urlPathname: string | undefined;
+    doBuildRetrocompatAccountTheme: boolean;
 };
 
-export function readBuildOptions(params: { projectDirPath: string; processArgv: string[] }): BuildOptions {
-    const { projectDirPath, processArgv } = params;
+export function readBuildOptions(params: { reactAppRootDirPath: string; processArgv: string[] }): BuildOptions {
+    const { reactAppRootDirPath, processArgv } = params;
 
     const { isSilentCliParamProvided } = (() => {
         const argv = parseArgv(processArgv);
@@ -38,35 +38,36 @@ export function readBuildOptions(params: { projectDirPath: string; processArgv:
         };
     })();
 
-    const parsedPackageJson = getParsedPackageJson({ projectDirPath });
+    const parsedPackageJson = getParsedPackageJson({ reactAppRootDirPath });
 
     const { name, keycloakify = {}, version, homepage } = parsedPackageJson;
 
-    const { extraThemeProperties, groupId, artifactId, bundler, keycloakVersionDefaultAssets, extraThemeNames = [] } = keycloakify ?? {};
+    const { extraThemeProperties, groupId, artifactId, doCreateJar, loginThemeResourcesFromKeycloakVersion } = keycloakify ?? {};
 
-    const themeName =
-        keycloakify.themeName ??
-        name
-            .replace(/^@(.*)/, "$1")
-            .split("/")
-            .join("-");
+    const themeNames = (() => {
+        if (keycloakify.themeName === undefined) {
+            return [
+                name
+                    .replace(/^@(.*)/, "$1")
+                    .split("/")
+                    .join("-")
+            ];
+        }
+
+        if (typeof keycloakify.themeName === "string") {
+            return [keycloakify.themeName];
+        }
+
+        return keycloakify.themeName;
+    })();
 
     return {
-        themeName,
-        extraThemeNames,
-        "bundler": (() => {
-            const { KEYCLOAKIFY_BUNDLER } = process.env;
-
-            assert(
-                typeGuard<Bundler | undefined>(KEYCLOAKIFY_BUNDLER, [undefined, ...id<readonly string[]>(bundlers)].includes(KEYCLOAKIFY_BUNDLER)),
-                `${symToStr({ KEYCLOAKIFY_BUNDLER })} should be one of ${bundlers.join(", ")}`
-            );
-
-            return KEYCLOAKIFY_BUNDLER ?? bundler ?? "keycloakify";
-        })(),
-        "artifactId": process.env.KEYCLOAKIFY_ARTIFACT_ID ?? artifactId ?? `${themeName}-keycloak-theme`,
+        reactAppRootDirPath,
+        themeNames,
+        "doCreateJar": doCreateJar ?? true,
+        "artifactId": process.env.KEYCLOAKIFY_ARTIFACT_ID ?? artifactId ?? `${themeNames[0]}-keycloak-theme`,
         "groupId": (() => {
-            const fallbackGroupId = `${themeName}.keycloak`;
+            const fallbackGroupId = `${themeNames[0]}.keycloak`;
 
             return (
                 process.env.KEYCLOAKIFY_GROUP_ID ??
@@ -83,41 +84,58 @@ export function readBuildOptions(params: { projectDirPath: string; processArgv:
         "themeVersion": process.env.KEYCLOAKIFY_THEME_VERSION ?? process.env.KEYCLOAKIFY_VERSION ?? version ?? "0.0.0",
         extraThemeProperties,
         "isSilent": isSilentCliParamProvided,
-        "keycloakVersionDefaultAssets": keycloakVersionDefaultAssets ?? "11.0.3",
+        "loginThemeResourcesFromKeycloakVersion": loginThemeResourcesFromKeycloakVersion ?? "11.0.3",
+        "publicDirPath": (() => {
+            let { PUBLIC_DIR_PATH } = process.env;
+
+            if (PUBLIC_DIR_PATH !== undefined) {
+                return getAbsoluteAndInOsFormatPath({
+                    "pathIsh": PUBLIC_DIR_PATH,
+                    "cwd": reactAppRootDirPath
+                });
+            }
+
+            return pathJoin(reactAppRootDirPath, "public");
+        })(),
         "reactAppBuildDirPath": (() => {
-            let { reactAppBuildDirPath = undefined } = parsedPackageJson.keycloakify ?? {};
+            const { reactAppBuildDirPath } = parsedPackageJson.keycloakify ?? {};
 
-            if (reactAppBuildDirPath === undefined) {
-                return pathJoin(projectDirPath, "build");
+            if (reactAppBuildDirPath !== undefined) {
+                return getAbsoluteAndInOsFormatPath({
+                    "pathIsh": reactAppBuildDirPath,
+                    "cwd": reactAppRootDirPath
+                });
             }
 
-            if (pathSep === "\\") {
-                reactAppBuildDirPath = reactAppBuildDirPath.replace(/\//g, pathSep);
-            }
-
-            if (reactAppBuildDirPath.startsWith(`.${pathSep}`)) {
-                return pathJoin(projectDirPath, reactAppBuildDirPath);
-            }
-
-            return reactAppBuildDirPath;
+            return pathJoin(reactAppRootDirPath, "build");
         })(),
         "keycloakifyBuildDirPath": (() => {
-            let { keycloakifyBuildDirPath = undefined } = parsedPackageJson.keycloakify ?? {};
+            const { keycloakifyBuildDirPath } = parsedPackageJson.keycloakify ?? {};
 
-            if (keycloakifyBuildDirPath === undefined) {
-                return pathJoin(projectDirPath, "build_keycloak");
+            if (keycloakifyBuildDirPath !== undefined) {
+                return getAbsoluteAndInOsFormatPath({
+                    "pathIsh": keycloakifyBuildDirPath,
+                    "cwd": reactAppRootDirPath
+                });
             }
 
-            if (pathSep === "\\") {
-                keycloakifyBuildDirPath = keycloakifyBuildDirPath.replace(/\//g, pathSep);
-            }
-
-            if (keycloakifyBuildDirPath.startsWith(`.${pathSep}`)) {
-                return pathJoin(projectDirPath, keycloakifyBuildDirPath);
-            }
-
-            return keycloakifyBuildDirPath;
+            return pathJoin(reactAppRootDirPath, "build_keycloak");
         })(),
+        "cacheDirPath": pathJoin(
+            (() => {
+                let { XDG_CACHE_HOME } = process.env;
+
+                if (XDG_CACHE_HOME !== undefined) {
+                    return getAbsoluteAndInOsFormatPath({
+                        "pathIsh": XDG_CACHE_HOME,
+                        "cwd": reactAppRootDirPath
+                    });
+                }
+
+                return pathJoin(reactAppRootDirPath, "node_modules", ".cache");
+            })(),
+            "keycloakify"
+        ),
         "urlPathname": (() => {
             const { homepage } = parsedPackageJson;
 
@@ -133,6 +151,7 @@ export function readBuildOptions(params: { projectDirPath: string; processArgv:
 
             const out = url.pathname.replace(/([^/])$/, "$1/");
             return out === "/" ? undefined : out;
-        })()
+        })(),
+        "doBuildRetrocompatAccountTheme": parsedPackageJson.keycloakify?.doBuildRetrocompatAccountTheme ?? true
     };
 }

src/bin/keycloakify/generateFtl/generateFtl.ts

@@ -8,13 +8,9 @@ import { objectKeys } from "tsafe/objectKeys";
 import { ftlValuesGlobalName } from "../ftlValuesGlobalName";
 import type { BuildOptions } from "../BuildOptions";
 import { assert } from "tsafe/assert";
-
-export const themeTypes = ["login", "account"] as const;
-
-export type ThemeType = (typeof themeTypes)[number];
+import type { ThemeType } from "../../constants";
 
 export type BuildOptionsLike = {
-    themeName: string;
     themeVersion: string;
     urlPathname: string | undefined;
 };
@@ -22,6 +18,7 @@ export type BuildOptionsLike = {
 assert<BuildOptions extends BuildOptionsLike ? true : false>();
 
 export function generateFtlFilesCodeFactory(params: {
+    themeName: string;
     indexHtmlCode: string;
     //NOTE: Expected to be an empty object if external assets mode is enabled.
     cssGlobalsToDefine: Record<string, string>;
@@ -30,7 +27,7 @@ export function generateFtlFilesCodeFactory(params: {
     themeType: ThemeType;
     fieldNames: string[];
 }) {
-    const { cssGlobalsToDefine, indexHtmlCode, buildOptions, keycloakifyVersion, themeType, fieldNames } = params;
+    const { themeName, cssGlobalsToDefine, indexHtmlCode, buildOptions, keycloakifyVersion, themeType, fieldNames } = params;
 
     const $ = cheerio.load(indexHtmlCode);
 
@@ -104,7 +101,7 @@ export function generateFtlFilesCodeFactory(params: {
             .replace("KEYCLOAKIFY_VERSION_xEdKd3xEdr", keycloakifyVersion)
             .replace("KEYCLOAKIFY_THEME_VERSION_sIgKd3xEdr3dx", buildOptions.themeVersion)
             .replace("KEYCLOAKIFY_THEME_TYPE_dExKd3xEdr", themeType)
-            .replace("KEYCLOAKIFY_THEME_NAME_cXxKd3xEer", buildOptions.themeName),
+            .replace("KEYCLOAKIFY_THEME_NAME_cXxKd3xEer", themeName),
         "<!-- xIdLqMeOedErIdLsPdNdI9dSlxI -->": [
             "<#if scripts??>",
             "    <#list scripts as script>",
@@ -124,6 +121,27 @@ export function generateFtlFilesCodeFactory(params: {
         ].join("\n")
     );
 
+    // Remove part of the document marked as ignored.
+    {
+        const startTags = $('meta[name="keycloakify-ignore-start"]');
+
+        startTags.each((...[, startTag]) => {
+            const $startTag = $(startTag);
+            const $endTag = $startTag.nextAll('meta[name="keycloakify-ignore-end"]').first();
+
+            if ($endTag.length) {
+                let currentNode = $startTag.next();
+                while (currentNode.length && !currentNode.is($endTag)) {
+                    currentNode.remove();
+                    currentNode = $startTag.next();
+                }
+
+                $startTag.remove();
+                $endTag.remove();
+            }
+        });
+    }
+
     const partiallyFixedIndexHtmlCode = $.html();
 
     function generateFtlFilesCode(params: { pageId: string }): {

src/bin/keycloakify/generateJavaStackFiles.ts

@@ -1,84 +0,0 @@
-import * as fs from "fs";
-import { join as pathJoin, dirname as pathDirname } from "path";
-import { assert } from "tsafe/assert";
-import type { BuildOptions } from "./BuildOptions";
-import type { ThemeType } from "./generateFtl";
-
-export type BuildOptionsLike = {
-    themeName: string;
-    extraThemeNames: string[];
-    groupId: string;
-    artifactId: string;
-    themeVersion: string;
-};
-
-assert<BuildOptions extends BuildOptionsLike ? true : false>();
-
-export function generateJavaStackFiles(params: {
-    keycloakThemeBuildingDirPath: string;
-    implementedThemeTypes: Record<ThemeType | "email", boolean>;
-    buildOptions: BuildOptionsLike;
-}): {
-    jarFilePath: string;
-} {
-    const {
-        buildOptions: { groupId, themeName, extraThemeNames, themeVersion, artifactId },
-        keycloakThemeBuildingDirPath,
-        implementedThemeTypes
-    } = params;
-
-    {
-        const { pomFileCode } = (function generatePomFileCode(): {
-            pomFileCode: string;
-        } {
-            const pomFileCode = [
-                `<?xml version="1.0"?>`,
-                `<project xmlns="http://maven.apache.org/POM/4.0.0"`,
-                `	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"`,
-                `	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">`,
-                `	<modelVersion>4.0.0</modelVersion>`,
-                `	<groupId>${groupId}</groupId>`,
-                `	<artifactId>${artifactId}</artifactId>`,
-                `	<version>${themeVersion}</version>`,
-                `	<name>${artifactId}</name>`,
-                `	<description />`,
-                `</project>`
-            ].join("\n");
-
-            return { pomFileCode };
-        })();
-
-        fs.writeFileSync(pathJoin(keycloakThemeBuildingDirPath, "pom.xml"), Buffer.from(pomFileCode, "utf8"));
-    }
-
-    {
-        const themeManifestFilePath = pathJoin(keycloakThemeBuildingDirPath, "src", "main", "resources", "META-INF", "keycloak-themes.json");
-
-        try {
-            fs.mkdirSync(pathDirname(themeManifestFilePath));
-        } catch {}
-
-        fs.writeFileSync(
-            themeManifestFilePath,
-            Buffer.from(
-                JSON.stringify(
-                    {
-                        "themes": [themeName, ...extraThemeNames].map(themeName => ({
-                            "name": themeName,
-                            "types": Object.entries(implementedThemeTypes)
-                                .filter(([, isImplemented]) => isImplemented)
-                                .map(([themeType]) => themeType)
-                        }))
-                    },
-                    null,
-                    2
-                ),
-                "utf8"
-            )
-        );
-    }
-
-    return {
-        "jarFilePath": pathJoin(keycloakThemeBuildingDirPath, "target", `${artifactId}-${themeVersion}.jar`)
-    };
-}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/AccountPages.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public enum AccountPages {
+  ACCOUNT,
+  PASSWORD,
+  TOTP,
+  FEDERATED_IDENTITY,
+  LOG,
+  SESSIONS,
+  APPLICATIONS,
+  RESOURCES,
+  RESOURCE_DETAIL;
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/AccountProvider.java

@@ -0,0 +1,76 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account;
+
+import jakarta.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.MultivaluedMap;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.UriInfo;
+import java.util.List;
+import org.keycloak.events.Event;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.UserModel;
+import org.keycloak.models.UserSessionModel;
+import org.keycloak.models.utils.FormMessage;
+import org.keycloak.provider.Provider;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public interface AccountProvider extends Provider {
+
+  AccountProvider setUriInfo(UriInfo uriInfo);
+
+  AccountProvider setHttpHeaders(HttpHeaders httpHeaders);
+
+  Response createResponse(AccountPages page);
+
+  AccountProvider setError(Response.Status status, String message, Object... parameters);
+
+  AccountProvider setErrors(Response.Status status, List<FormMessage> messages);
+
+  AccountProvider setSuccess(String message, Object... parameters);
+
+  AccountProvider setWarning(String message, Object... parameters);
+
+  AccountProvider setUser(UserModel user);
+
+  AccountProvider setProfileFormData(MultivaluedMap<String, String> formData);
+
+  AccountProvider setRealm(RealmModel realm);
+
+  AccountProvider setReferrer(String[] referrer);
+
+  AccountProvider setEvents(List<Event> events);
+
+  AccountProvider setSessions(List<UserSessionModel> sessions);
+
+  AccountProvider setPasswordSet(boolean passwordSet);
+
+  AccountProvider setStateChecker(String stateChecker);
+
+  AccountProvider setIdTokenHint(String idTokenHint);
+
+  AccountProvider setFeatures(
+      boolean social,
+      boolean events,
+      boolean passwordUpdateSupported,
+      boolean authorizationSupported);
+
+  AccountProvider setAttribute(String key, String value);
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/AccountProviderFactory.java

@@ -0,0 +1,25 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account;
+
+import org.keycloak.provider.ProviderFactory;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public interface AccountProviderFactory extends ProviderFactory<AccountProvider> {}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/AccountSpi.java

@@ -0,0 +1,50 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account;
+
+import com.google.auto.service.AutoService;
+import org.keycloak.provider.Provider;
+import org.keycloak.provider.ProviderFactory;
+import org.keycloak.provider.Spi;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+@AutoService(Spi.class)
+public class AccountSpi implements Spi {
+
+  @Override
+  public boolean isInternal() {
+    return true;
+  }
+
+  @Override
+  public String getName() {
+    return "account";
+  }
+
+  @Override
+  public Class<? extends Provider> getProviderClass() {
+    return AccountProvider.class;
+  }
+
+  @Override
+  public Class<? extends ProviderFactory> getProviderFactoryClass() {
+    return AccountProviderFactory.class;
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/FreeMarkerAccountProvider.java

@@ -0,0 +1,424 @@
+/*
+ * Copyright 2022 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.keycloak.forms.account.freemarker;
+
+import jakarta.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.MultivaluedMap;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
+import jakarta.ws.rs.core.UriBuilder;
+import jakarta.ws.rs.core.UriInfo;
+import java.io.IOException;
+import java.net.URI;
+import java.text.MessageFormat;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Properties;
+import org.jboss.logging.Logger;
+import org.keycloak.events.Event;
+import org.keycloak.forms.account.AccountPages;
+import org.keycloak.forms.account.AccountProvider;
+import org.keycloak.forms.account.freemarker.model.AccountBean;
+import org.keycloak.forms.account.freemarker.model.AccountFederatedIdentityBean;
+import org.keycloak.forms.account.freemarker.model.ApplicationsBean;
+import org.keycloak.forms.account.freemarker.model.AuthorizationBean;
+import org.keycloak.forms.account.freemarker.model.FeaturesBean;
+import org.keycloak.forms.account.freemarker.model.LogBean;
+import org.keycloak.forms.account.freemarker.model.PasswordBean;
+import org.keycloak.forms.account.freemarker.model.RealmBean;
+import org.keycloak.forms.account.freemarker.model.ReferrerBean;
+import org.keycloak.forms.account.freemarker.model.SessionsBean;
+import org.keycloak.forms.account.freemarker.model.TotpBean;
+import org.keycloak.forms.account.freemarker.model.UrlBean;
+import org.keycloak.forms.login.MessageType;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.UserModel;
+import org.keycloak.models.UserSessionModel;
+import org.keycloak.models.utils.FormMessage;
+import org.keycloak.services.util.CacheControlUtil;
+import org.keycloak.theme.FreeMarkerException;
+import org.keycloak.theme.Theme;
+import org.keycloak.theme.beans.AdvancedMessageFormatterMethod;
+import org.keycloak.theme.beans.LocaleBean;
+import org.keycloak.theme.beans.MessageBean;
+import org.keycloak.theme.beans.MessageFormatterMethod;
+import org.keycloak.theme.beans.MessagesPerFieldBean;
+import org.keycloak.theme.freemarker.FreeMarkerProvider;
+import org.keycloak.utils.MediaType;
+import org.keycloak.utils.StringUtil;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class FreeMarkerAccountProvider implements AccountProvider {
+
+  private static final Logger logger = Logger.getLogger(FreeMarkerAccountProvider.class);
+
+  protected UserModel user;
+  protected MultivaluedMap<String, String> profileFormData;
+  protected Response.Status status = Response.Status.OK;
+  protected RealmModel realm;
+  protected String[] referrer;
+  protected List<Event> events;
+  protected String stateChecker;
+  protected String idTokenHint;
+  protected List<UserSessionModel> sessions;
+  protected boolean identityProviderEnabled;
+  protected boolean eventsEnabled;
+  protected boolean passwordUpdateSupported;
+  protected boolean passwordSet;
+  protected KeycloakSession session;
+  protected FreeMarkerProvider freeMarker;
+  protected HttpHeaders headers;
+  protected Map<String, Object> attributes;
+
+  protected UriInfo uriInfo;
+
+  protected List<FormMessage> messages = null;
+  protected MessageType messageType = MessageType.ERROR;
+  private boolean authorizationSupported;
+
+  public FreeMarkerAccountProvider(KeycloakSession session) {
+    this.session = session;
+    this.freeMarker = session.getProvider(FreeMarkerProvider.class);
+  }
+
+  public AccountProvider setUriInfo(UriInfo uriInfo) {
+    this.uriInfo = uriInfo;
+    return this;
+  }
+
+  @Override
+  public AccountProvider setHttpHeaders(HttpHeaders httpHeaders) {
+    this.headers = httpHeaders;
+    return this;
+  }
+
+  @Override
+  public Response createResponse(AccountPages page) {
+    Map<String, Object> attributes = new HashMap<>();
+
+    if (this.attributes != null) {
+      attributes.putAll(this.attributes);
+    }
+
+    Theme theme;
+    try {
+      theme = getTheme();
+    } catch (IOException e) {
+      logger.error("Failed to create theme", e);
+      return Response.serverError().build();
+    }
+
+    Locale locale = session.getContext().resolveLocale(user);
+    Properties messagesBundle = handleThemeResources(theme, locale, attributes);
+
+    URI baseUri = uriInfo.getBaseUri();
+    UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder();
+    for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
+      baseUriBuilder.queryParam(e.getKey(), e.getValue().toArray());
+    }
+    URI baseQueryUri = baseUriBuilder.build();
+
+    if (stateChecker != null) {
+      attributes.put("stateChecker", stateChecker);
+    }
+
+    handleMessages(locale, messagesBundle, attributes);
+
+    if (referrer != null) {
+      attributes.put("referrer", new ReferrerBean(referrer));
+    }
+
+    if (realm != null) {
+      attributes.put("realm", new RealmBean(realm));
+    }
+
+    attributes.put(
+        "url",
+        new UrlBean(realm, theme, baseUri, baseQueryUri, uriInfo.getRequestUri(), idTokenHint));
+
+    if (realm.isInternationalizationEnabled()) {
+      UriBuilder b = UriBuilder.fromUri(baseQueryUri).path(uriInfo.getPath());
+      attributes.put("locale", new LocaleBean(realm, locale, b, messagesBundle));
+    }
+
+    attributes.put(
+        "features",
+        new FeaturesBean(
+            identityProviderEnabled,
+            eventsEnabled,
+            passwordUpdateSupported,
+            authorizationSupported));
+    attributes.put("account", new AccountBean(user, profileFormData));
+
+    switch (page) {
+      case TOTP:
+        attributes.put("totp", new TotpBean(session, realm, user, uriInfo.getRequestUriBuilder()));
+        break;
+      case FEDERATED_IDENTITY:
+        attributes.put(
+            "federatedIdentity",
+            new AccountFederatedIdentityBean(
+                session, realm, user, uriInfo.getBaseUri(), stateChecker));
+        break;
+      case LOG:
+        attributes.put("log", new LogBean(events));
+        break;
+      case SESSIONS:
+        attributes.put("sessions", new SessionsBean(realm, sessions));
+        break;
+      case APPLICATIONS:
+        attributes.put("applications", new ApplicationsBean(session, realm, user));
+        attributes.put("advancedMsg", new AdvancedMessageFormatterMethod(locale, messagesBundle));
+        break;
+      case PASSWORD:
+        attributes.put("password", new PasswordBean(passwordSet));
+        break;
+      case RESOURCES:
+        if (!realm.isUserManagedAccessAllowed()) {
+          return Response.status(Status.FORBIDDEN).build();
+        }
+        attributes.put("authorization", new AuthorizationBean(session, realm, user, uriInfo));
+      case RESOURCE_DETAIL:
+        if (!realm.isUserManagedAccessAllowed()) {
+          return Response.status(Status.FORBIDDEN).build();
+        }
+        attributes.put("authorization", new AuthorizationBean(session, realm, user, uriInfo));
+    }
+
+    return processTemplate(theme, page, attributes, locale);
+  }
+
+  /**
+   * Get Theme used for page rendering.
+   *
+   * @return theme for page rendering, never null
+   * @throws IOException in case of Theme loading problem
+   */
+  protected Theme getTheme() throws IOException {
+    return session.theme().getTheme(Theme.Type.ACCOUNT);
+  }
+
+  /**
+   * Load message bundle and place it into <code>msg</code> template attribute. Also load Theme
+   * properties and place them into <code>properties</code> template attribute.
+   *
+   * @param theme actual Theme to load bundle from
+   * @param locale to load bundle for
+   * @param attributes template attributes to add resources to
+   * @return message bundle for other use
+   */
+  protected Properties handleThemeResources(
+      Theme theme, Locale locale, Map<String, Object> attributes) {
+    Properties messagesBundle = new Properties();
+    try {
+      if (!StringUtil.isNotBlank(realm.getDefaultLocale())) {
+        messagesBundle.putAll(realm.getRealmLocalizationTextsByLocale(realm.getDefaultLocale()));
+      }
+      messagesBundle.putAll(theme.getMessages(locale));
+      messagesBundle.putAll(realm.getRealmLocalizationTextsByLocale(locale.toLanguageTag()));
+      attributes.put("msg", new MessageFormatterMethod(locale, messagesBundle));
+    } catch (IOException e) {
+      logger.warn("Failed to load messages", e);
+      messagesBundle = new Properties();
+    }
+    try {
+      attributes.put("properties", theme.getProperties());
+    } catch (IOException e) {
+      logger.warn("Failed to load properties", e);
+    }
+    return messagesBundle;
+  }
+
+  /**
+   * Handle messages to be shown on the page - set them to template attributes
+   *
+   * @param locale to be used for message text loading
+   * @param messagesBundle to be used for message text loading
+   * @param attributes template attributes to messages related info to
+   * @see #messageType
+   * @see #messages
+   */
+  protected void handleMessages(
+      Locale locale, Properties messagesBundle, Map<String, Object> attributes) {
+    MessagesPerFieldBean messagesPerField = new MessagesPerFieldBean();
+    if (messages != null) {
+      MessageBean wholeMessage = new MessageBean(null, messageType);
+      for (FormMessage message : this.messages) {
+        String formattedMessageText = formatMessage(message, messagesBundle, locale);
+        if (formattedMessageText != null) {
+          wholeMessage.appendSummaryLine(formattedMessageText);
+          messagesPerField.addMessage(message.getField(), formattedMessageText, messageType);
+        }
+      }
+      attributes.put("message", wholeMessage);
+    }
+    attributes.put("messagesPerField", messagesPerField);
+  }
+
+  /**
+   * Process FreeMarker template and prepare Response. Some fields are used for rendering also.
+   *
+   * @param theme to be used (provided by <code>getTheme()</code>)
+   * @param page to be rendered
+   * @param attributes pushed to the template
+   * @param locale to be used
+   * @return Response object to be returned to the browser, never null
+   */
+  protected Response processTemplate(
+      Theme theme, AccountPages page, Map<String, Object> attributes, Locale locale) {
+    try {
+      String result = freeMarker.processTemplate(attributes, Templates.getTemplate(page), theme);
+      Response.ResponseBuilder builder =
+          Response.status(status)
+              .type(MediaType.TEXT_HTML_UTF_8_TYPE)
+              .language(locale)
+              .entity(result);
+      builder.cacheControl(CacheControlUtil.noCache());
+      return builder.build();
+    } catch (FreeMarkerException e) {
+      logger.error("Failed to process template", e);
+      return Response.serverError().build();
+    }
+  }
+
+  public AccountProvider setPasswordSet(boolean passwordSet) {
+    this.passwordSet = passwordSet;
+    return this;
+  }
+
+  protected void setMessage(MessageType type, String message, Object... parameters) {
+    messageType = type;
+    messages = new ArrayList<>();
+    messages.add(new FormMessage(null, message, parameters));
+  }
+
+  protected String formatMessage(FormMessage message, Properties messagesBundle, Locale locale) {
+    if (message == null) return null;
+    if (messagesBundle.containsKey(message.getMessage())) {
+      return new MessageFormat(messagesBundle.getProperty(message.getMessage()), locale)
+          .format(message.getParameters());
+    } else {
+      return message.getMessage();
+    }
+  }
+
+  @Override
+  public AccountProvider setErrors(Response.Status status, List<FormMessage> messages) {
+    this.status = status;
+    this.messageType = MessageType.ERROR;
+    this.messages = new ArrayList<>(messages);
+    return this;
+  }
+
+  @Override
+  public AccountProvider setError(Response.Status status, String message, Object... parameters) {
+    this.status = status;
+    setMessage(MessageType.ERROR, message, parameters);
+    return this;
+  }
+
+  @Override
+  public AccountProvider setSuccess(String message, Object... parameters) {
+    setMessage(MessageType.SUCCESS, message, parameters);
+    return this;
+  }
+
+  @Override
+  public AccountProvider setWarning(String message, Object... parameters) {
+    setMessage(MessageType.WARNING, message, parameters);
+    return this;
+  }
+
+  @Override
+  public AccountProvider setUser(UserModel user) {
+    this.user = user;
+    return this;
+  }
+
+  @Override
+  public AccountProvider setProfileFormData(MultivaluedMap<String, String> formData) {
+    this.profileFormData = formData;
+    return this;
+  }
+
+  @Override
+  public AccountProvider setRealm(RealmModel realm) {
+    this.realm = realm;
+    return this;
+  }
+
+  @Override
+  public AccountProvider setReferrer(String[] referrer) {
+    this.referrer = referrer;
+    return this;
+  }
+
+  @Override
+  public AccountProvider setEvents(List<Event> events) {
+    this.events = events;
+    return this;
+  }
+
+  @Override
+  public AccountProvider setSessions(List<UserSessionModel> sessions) {
+    this.sessions = sessions;
+    return this;
+  }
+
+  @Override
+  public AccountProvider setStateChecker(String stateChecker) {
+    this.stateChecker = stateChecker;
+    return this;
+  }
+
+  @Override
+  public AccountProvider setIdTokenHint(String idTokenHint) {
+    this.idTokenHint = idTokenHint;
+    return this;
+  }
+
+  @Override
+  public AccountProvider setFeatures(
+      boolean identityProviderEnabled,
+      boolean eventsEnabled,
+      boolean passwordUpdateSupported,
+      boolean authorizationSupported) {
+    this.identityProviderEnabled = identityProviderEnabled;
+    this.eventsEnabled = eventsEnabled;
+    this.passwordUpdateSupported = passwordUpdateSupported;
+    this.authorizationSupported = authorizationSupported;
+    return this;
+  }
+
+  @Override
+  public AccountProvider setAttribute(String key, String value) {
+    if (attributes == null) {
+      attributes = new HashMap<>();
+    }
+    attributes.put(key, value);
+    return this;
+  }
+
+  @Override
+  public void close() {}
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/FreeMarkerAccountProviderFactory.java

@@ -0,0 +1,51 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker;
+
+import com.google.auto.service.AutoService;
+import org.keycloak.Config;
+import org.keycloak.forms.account.AccountProvider;
+import org.keycloak.forms.account.AccountProviderFactory;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.KeycloakSessionFactory;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+@AutoService(AccountProviderFactory.class)
+public class FreeMarkerAccountProviderFactory implements AccountProviderFactory {
+
+  @Override
+  public AccountProvider create(KeycloakSession session) {
+    return new FreeMarkerAccountProvider(session);
+  }
+
+  @Override
+  public void init(Config.Scope config) {}
+
+  @Override
+  public void postInit(KeycloakSessionFactory factory) {}
+
+  @Override
+  public void close() {}
+
+  @Override
+  public String getId() {
+    return "freemarker";
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/Templates.java

@@ -0,0 +1,51 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker;
+
+import org.keycloak.forms.account.AccountPages;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class Templates {
+
+  public static String getTemplate(AccountPages page) {
+    switch (page) {
+      case ACCOUNT:
+        return "account.ftl";
+      case PASSWORD:
+        return "password.ftl";
+      case TOTP:
+        return "totp.ftl";
+      case FEDERATED_IDENTITY:
+        return "federatedIdentity.ftl";
+      case LOG:
+        return "log.ftl";
+      case SESSIONS:
+        return "sessions.ftl";
+      case APPLICATIONS:
+        return "applications.ftl";
+      case RESOURCES:
+        return "resources.ftl";
+      case RESOURCE_DETAIL:
+        return "resource-detail.ftl";
+      default:
+        throw new IllegalArgumentException();
+    }
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/AccountBean.java

@@ -0,0 +1,91 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+import jakarta.ws.rs.core.MultivaluedMap;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import org.jboss.logging.Logger;
+import org.keycloak.models.Constants;
+import org.keycloak.models.UserModel;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class AccountBean {
+
+  private static final Logger logger = Logger.getLogger(AccountBean.class);
+
+  private final UserModel user;
+  private final MultivaluedMap<String, String> profileFormData;
+
+  // TODO: More proper multi-value attribute support
+  private final Map<String, String> attributes = new HashMap<>();
+
+  public AccountBean(UserModel user, MultivaluedMap<String, String> profileFormData) {
+    this.user = user;
+    this.profileFormData = profileFormData;
+
+    for (Map.Entry<String, List<String>> attr : user.getAttributes().entrySet()) {
+      List<String> attrValue = attr.getValue();
+      if (attrValue.size() > 0) {
+        attributes.put(attr.getKey(), attrValue.get(0));
+      }
+
+      if (attrValue.size() > 1) {
+        logger.warnf(
+            "There are more values for attribute '%s' of user '%s' . Will display just first value",
+            attr.getKey(), user.getUsername());
+      }
+    }
+
+    if (profileFormData != null) {
+      for (String key : profileFormData.keySet()) {
+        if (key.startsWith(Constants.USER_ATTRIBUTES_PREFIX)) {
+          String attribute = key.substring(Constants.USER_ATTRIBUTES_PREFIX.length());
+          attributes.put(attribute, profileFormData.getFirst(key));
+        }
+      }
+    }
+  }
+
+  public String getFirstName() {
+    return profileFormData != null ? profileFormData.getFirst("firstName") : user.getFirstName();
+  }
+
+  public String getLastName() {
+    return profileFormData != null ? profileFormData.getFirst("lastName") : user.getLastName();
+  }
+
+  public String getUsername() {
+    if (profileFormData != null && profileFormData.containsKey("username")) {
+      return profileFormData.getFirst("username");
+    } else {
+      return user.getUsername();
+    }
+  }
+
+  public String getEmail() {
+    return profileFormData != null ? profileFormData.getFirst("email") : user.getEmail();
+  }
+
+  public Map<String, String> getAttributes() {
+    return attributes;
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/AccountFederatedIdentityBean.java

@@ -0,0 +1,157 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+import java.net.URI;
+import java.util.List;
+import java.util.Objects;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+import org.keycloak.models.FederatedIdentityModel;
+import org.keycloak.models.IdentityProviderModel;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.OrderedModel;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.UserModel;
+import org.keycloak.models.utils.KeycloakModelUtils;
+import org.keycloak.services.resources.account.AccountFormService;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ * @author <a href="mailto:velias@redhat.com">Vlastimil Elias</a>
+ */
+public class AccountFederatedIdentityBean {
+
+  private static OrderedModel.OrderedModelComparator<FederatedIdentityEntry>
+      IDP_COMPARATOR_INSTANCE = new OrderedModel.OrderedModelComparator<>();
+
+  private final List<FederatedIdentityEntry> identities;
+  private final boolean removeLinkPossible;
+  private final KeycloakSession session;
+
+  public AccountFederatedIdentityBean(
+      KeycloakSession session, RealmModel realm, UserModel user, URI baseUri, String stateChecker) {
+    this.session = session;
+
+    AtomicInteger availableIdentities = new AtomicInteger(0);
+    this.identities =
+        realm
+            .getIdentityProvidersStream()
+            .filter(IdentityProviderModel::isEnabled)
+            .map(
+                provider -> {
+                  String providerId = provider.getAlias();
+
+                  FederatedIdentityModel identity =
+                      getIdentity(
+                          session.users().getFederatedIdentitiesStream(realm, user), providerId);
+
+                  if (identity != null) {
+                    availableIdentities.getAndIncrement();
+                  }
+
+                  String displayName =
+                      KeycloakModelUtils.getIdentityProviderDisplayName(session, provider);
+                  return new FederatedIdentityEntry(
+                      identity,
+                      displayName,
+                      provider.getAlias(),
+                      provider.getAlias(),
+                      provider.getConfig() != null ? provider.getConfig().get("guiOrder") : null);
+                })
+            .sorted(IDP_COMPARATOR_INSTANCE)
+            .collect(Collectors.toList());
+
+    // Removing last social provider is not possible if you don't have other possibility to
+    // authenticate
+    this.removeLinkPossible =
+        availableIdentities.get() > 1
+            || user.getFederationLink() != null
+            || AccountFormService.isPasswordSet(session, realm, user);
+  }
+
+  private FederatedIdentityModel getIdentity(
+      Stream<FederatedIdentityModel> identities, String providerId) {
+    return identities
+        .filter(
+            federatedIdentityModel ->
+                Objects.equals(federatedIdentityModel.getIdentityProvider(), providerId))
+        .findFirst()
+        .orElse(null);
+  }
+
+  public List<FederatedIdentityEntry> getIdentities() {
+    return identities;
+  }
+
+  public boolean isRemoveLinkPossible() {
+    return removeLinkPossible;
+  }
+
+  public static class FederatedIdentityEntry implements OrderedModel {
+
+    private FederatedIdentityModel federatedIdentityModel;
+    private final String providerId;
+    private final String providerName;
+    private final String guiOrder;
+    private final String displayName;
+
+    public FederatedIdentityEntry(
+        FederatedIdentityModel federatedIdentityModel,
+        String displayName,
+        String providerId,
+        String providerName,
+        String guiOrder) {
+      this.federatedIdentityModel = federatedIdentityModel;
+      this.displayName = displayName;
+      this.providerId = providerId;
+      this.providerName = providerName;
+      this.guiOrder = guiOrder;
+    }
+
+    public String getProviderId() {
+      return providerId;
+    }
+
+    public String getProviderName() {
+      return providerName;
+    }
+
+    public String getUserId() {
+      return federatedIdentityModel != null ? federatedIdentityModel.getUserId() : null;
+    }
+
+    public String getUserName() {
+      return federatedIdentityModel != null ? federatedIdentityModel.getUserName() : null;
+    }
+
+    public boolean isConnected() {
+      return federatedIdentityModel != null;
+    }
+
+    @Override
+    public String getGuiOrder() {
+      return guiOrder;
+    }
+
+    public String getDisplayName() {
+      return displayName;
+    }
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/ApplicationsBean.java

@@ -0,0 +1,258 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+import java.util.ArrayList;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+import java.util.function.Predicate;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+import org.keycloak.common.util.MultivaluedHashMap;
+import org.keycloak.models.ClientModel;
+import org.keycloak.models.ClientScopeModel;
+import org.keycloak.models.Constants;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.OrderedModel;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.RoleModel;
+import org.keycloak.models.UserConsentModel;
+import org.keycloak.models.UserModel;
+import org.keycloak.protocol.oidc.TokenManager;
+import org.keycloak.services.managers.UserSessionManager;
+import org.keycloak.services.resources.admin.permissions.AdminPermissions;
+import org.keycloak.services.util.ResolveRelative;
+import org.keycloak.storage.StorageId;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class ApplicationsBean {
+
+  private List<ApplicationEntry> applications = new LinkedList<>();
+
+  public ApplicationsBean(KeycloakSession session, RealmModel realm, UserModel user) {
+    Set<ClientModel> offlineClients =
+        new UserSessionManager(session).findClientsWithOfflineToken(realm, user);
+
+    this.applications =
+        this.getApplications(session, realm, user)
+            .filter(
+                client ->
+                    !isAdminClient(client)
+                        || AdminPermissions.realms(session, realm, user).isAdmin())
+            .map(client -> toApplicationEntry(session, realm, user, client, offlineClients))
+            .filter(Objects::nonNull)
+            .collect(Collectors.toList());
+  }
+
+  public static boolean isAdminClient(ClientModel client) {
+    return client.getClientId().equals(Constants.ADMIN_CLI_CLIENT_ID)
+        || client.getClientId().equals(Constants.ADMIN_CONSOLE_CLIENT_ID);
+  }
+
+  private Stream<ClientModel> getApplications(
+      KeycloakSession session, RealmModel realm, UserModel user) {
+    Predicate<ClientModel> bearerOnly = ClientModel::isBearerOnly;
+    Stream<ClientModel> clients = realm.getClientsStream().filter(bearerOnly.negate());
+
+    Predicate<ClientModel> isLocal = client -> new StorageId(client.getId()).isLocal();
+    return Stream.concat(
+            clients,
+            session
+                .users()
+                .getConsentsStream(realm, user.getId())
+                .map(UserConsentModel::getClient)
+                .filter(isLocal.negate()))
+        .distinct();
+  }
+
+  private void processRoles(
+      Set<RoleModel> inputRoles,
+      List<RoleModel> realmRoles,
+      MultivaluedHashMap<String, ClientRoleEntry> clientRoles) {
+    for (RoleModel role : inputRoles) {
+      if (role.getContainer() instanceof RealmModel) {
+        realmRoles.add(role);
+      } else {
+        ClientModel currentClient = (ClientModel) role.getContainer();
+        ClientRoleEntry clientRole =
+            new ClientRoleEntry(
+                currentClient.getClientId(),
+                currentClient.getName(),
+                role.getName(),
+                role.getDescription());
+        clientRoles.add(currentClient.getClientId(), clientRole);
+      }
+    }
+  }
+
+  public List<ApplicationEntry> getApplications() {
+    return applications;
+  }
+
+  public static class ApplicationEntry {
+
+    private KeycloakSession session;
+    private final List<RoleModel> realmRolesAvailable;
+    private final MultivaluedHashMap<String, ClientRoleEntry> resourceRolesAvailable;
+    private final ClientModel client;
+    private final List<String> clientScopesGranted;
+    private final List<String> additionalGrants;
+
+    public ApplicationEntry(
+        KeycloakSession session,
+        List<RoleModel> realmRolesAvailable,
+        MultivaluedHashMap<String, ClientRoleEntry> resourceRolesAvailable,
+        ClientModel client,
+        List<String> clientScopesGranted,
+        List<String> additionalGrants) {
+      this.session = session;
+      this.realmRolesAvailable = realmRolesAvailable;
+      this.resourceRolesAvailable = resourceRolesAvailable;
+      this.client = client;
+      this.clientScopesGranted = clientScopesGranted;
+      this.additionalGrants = additionalGrants;
+    }
+
+    public List<RoleModel> getRealmRolesAvailable() {
+      return realmRolesAvailable;
+    }
+
+    public MultivaluedHashMap<String, ClientRoleEntry> getResourceRolesAvailable() {
+      return resourceRolesAvailable;
+    }
+
+    public List<String> getClientScopesGranted() {
+      return clientScopesGranted;
+    }
+
+    public String getEffectiveUrl() {
+      return ResolveRelative.resolveRelativeUri(
+          session, getClient().getRootUrl(), getClient().getBaseUrl());
+    }
+
+    public ClientModel getClient() {
+      return client;
+    }
+
+    public List<String> getAdditionalGrants() {
+      return additionalGrants;
+    }
+  }
+
+  // Same class used in OAuthGrantBean as well. Maybe should be merged into common-freemarker...
+  public static class ClientRoleEntry {
+
+    private final String clientId;
+    private final String clientName;
+    private final String roleName;
+    private final String roleDescription;
+
+    public ClientRoleEntry(
+        String clientId, String clientName, String roleName, String roleDescription) {
+      this.clientId = clientId;
+      this.clientName = clientName;
+      this.roleName = roleName;
+      this.roleDescription = roleDescription;
+    }
+
+    public String getClientId() {
+      return clientId;
+    }
+
+    public String getClientName() {
+      return clientName;
+    }
+
+    public String getRoleName() {
+      return roleName;
+    }
+
+    public String getRoleDescription() {
+      return roleDescription;
+    }
+  }
+
+  /**
+   * Constructs a {@link ApplicationEntry} from the specified parameters.
+   *
+   * @param session a reference to the {@code Keycloak} session.
+   * @param realm a reference to the realm.
+   * @param user a reference to the user.
+   * @param client a reference to the client that contains the applications.
+   * @param offlineClients a {@link Set} containing the offline clients.
+   * @return the constructed {@link ApplicationEntry} instance or {@code null} if the user can't
+   *     access the applications in the specified client.
+   */
+  private ApplicationEntry toApplicationEntry(
+      final KeycloakSession session,
+      final RealmModel realm,
+      final UserModel user,
+      final ClientModel client,
+      final Set<ClientModel> offlineClients) {
+
+    // Construct scope parameter with all optional scopes to see all potentially available roles
+    Stream<ClientScopeModel> allClientScopes =
+        Stream.concat(
+            client.getClientScopes(true).values().stream(),
+            client.getClientScopes(false).values().stream());
+    allClientScopes = Stream.concat(allClientScopes, Stream.of(client)).distinct();
+
+    Set<RoleModel> availableRoles = TokenManager.getAccess(user, client, allClientScopes);
+
+    // Don't show applications, which user doesn't have access into (any available roles)
+    // unless this is can be changed by approving/revoking consent
+    if (!isAdminClient(client) && availableRoles.isEmpty() && !client.isConsentRequired()) {
+      return null;
+    }
+
+    List<RoleModel> realmRolesAvailable = new LinkedList<>();
+    MultivaluedHashMap<String, ClientRoleEntry> resourceRolesAvailable = new MultivaluedHashMap<>();
+    processRoles(availableRoles, realmRolesAvailable, resourceRolesAvailable);
+
+    List<ClientScopeModel> orderedScopes = new LinkedList<>();
+    if (client.isConsentRequired()) {
+      UserConsentModel consent =
+          session.users().getConsentByClient(realm, user.getId(), client.getId());
+
+      if (consent != null) {
+        orderedScopes.addAll(consent.getGrantedClientScopes());
+      }
+    }
+    List<String> clientScopesGranted =
+        orderedScopes.stream()
+            .sorted(OrderedModel.OrderedModelComparator.getInstance())
+            .map(ClientScopeModel::getConsentScreenText)
+            .collect(Collectors.toList());
+
+    List<String> additionalGrants = new ArrayList<>();
+    if (offlineClients.contains(client)) {
+      additionalGrants.add("${offlineToken}");
+    }
+    return new ApplicationEntry(
+        session,
+        realmRolesAvailable,
+        resourceRolesAvailable,
+        client,
+        clientScopesGranted,
+        additionalGrants);
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/AuthorizationBean.java

@@ -0,0 +1,515 @@
+/*
+ * Copyright 2022 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+import jakarta.ws.rs.core.UriInfo;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Date;
+import java.util.EnumMap;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
+import org.keycloak.authorization.AuthorizationProvider;
+import org.keycloak.authorization.model.PermissionTicket;
+import org.keycloak.authorization.model.Policy;
+import org.keycloak.authorization.model.Resource;
+import org.keycloak.authorization.model.ResourceServer;
+import org.keycloak.authorization.model.Scope;
+import org.keycloak.authorization.store.PermissionTicketStore;
+import org.keycloak.common.util.Time;
+import org.keycloak.models.ClientModel;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.UserModel;
+import org.keycloak.models.utils.ModelToRepresentation;
+import org.keycloak.representations.idm.authorization.ScopeRepresentation;
+import org.keycloak.services.util.ResolveRelative;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class AuthorizationBean {
+
+  private final KeycloakSession session;
+  private final RealmModel realm;
+  private final UserModel user;
+  private final AuthorizationProvider authorization;
+  private final UriInfo uriInfo;
+  private ResourceBean resource;
+  private List<ResourceBean> resources;
+  private Collection<ResourceBean> userSharedResources;
+  private Collection<ResourceBean> requestsWaitingPermission;
+  private Collection<ResourceBean> resourcesWaitingOthersApproval;
+
+  public AuthorizationBean(
+      KeycloakSession session, RealmModel realm, UserModel user, UriInfo uriInfo) {
+    this.session = session;
+    this.realm = realm;
+    this.user = user;
+    this.uriInfo = uriInfo;
+    authorization = session.getProvider(AuthorizationProvider.class);
+    List<String> pathParameters = uriInfo.getPathParameters().get("resource_id");
+
+    if (pathParameters != null && !pathParameters.isEmpty()) {
+      Resource resource =
+          authorization
+              .getStoreFactory()
+              .getResourceStore()
+              .findById(realm, null, pathParameters.get(0));
+
+      if (resource != null && !resource.getOwner().equals(user.getId())) {
+        throw new RuntimeException(
+            "User [" + user.getUsername() + "] can not access resource [" + resource.getId() + "]");
+      }
+    }
+  }
+
+  public Collection<ResourceBean> getResourcesWaitingOthersApproval() {
+    if (resourcesWaitingOthersApproval == null) {
+      Map<PermissionTicket.FilterOption, String> filters =
+          new EnumMap<>(PermissionTicket.FilterOption.class);
+
+      filters.put(PermissionTicket.FilterOption.REQUESTER, user.getId());
+      filters.put(PermissionTicket.FilterOption.GRANTED, Boolean.FALSE.toString());
+
+      resourcesWaitingOthersApproval = toResourceRepresentation(findPermissions(filters));
+    }
+
+    return resourcesWaitingOthersApproval;
+  }
+
+  public Collection<ResourceBean> getResourcesWaitingApproval() {
+    if (requestsWaitingPermission == null) {
+      Map<PermissionTicket.FilterOption, String> filters =
+          new EnumMap<>(PermissionTicket.FilterOption.class);
+
+      filters.put(PermissionTicket.FilterOption.OWNER, user.getId());
+      filters.put(PermissionTicket.FilterOption.GRANTED, Boolean.FALSE.toString());
+
+      requestsWaitingPermission = toResourceRepresentation(findPermissions(filters));
+    }
+
+    return requestsWaitingPermission;
+  }
+
+  public List<ResourceBean> getResources() {
+    if (resources == null) {
+      resources =
+          authorization
+              .getStoreFactory()
+              .getResourceStore()
+              .findByOwner(realm, null, user.getId())
+              .stream()
+              .filter(Resource::isOwnerManagedAccess)
+              .map(ResourceBean::new)
+              .collect(Collectors.toList());
+    }
+    return resources;
+  }
+
+  public Collection<ResourceBean> getSharedResources() {
+    if (userSharedResources == null) {
+      Map<PermissionTicket.FilterOption, String> filters =
+          new EnumMap<>(PermissionTicket.FilterOption.class);
+
+      filters.put(PermissionTicket.FilterOption.REQUESTER, user.getId());
+      filters.put(PermissionTicket.FilterOption.GRANTED, Boolean.TRUE.toString());
+
+      PermissionTicketStore ticketStore =
+          authorization.getStoreFactory().getPermissionTicketStore();
+
+      userSharedResources =
+          toResourceRepresentation(ticketStore.find(realm, null, filters, null, null));
+    }
+    return userSharedResources;
+  }
+
+  public ResourceBean getResource() {
+    if (resource == null) {
+      String resourceId = uriInfo.getPathParameters().getFirst("resource_id");
+
+      if (resourceId != null) {
+        resource = getResource(resourceId);
+      }
+    }
+
+    return resource;
+  }
+
+  private ResourceBean getResource(String id) {
+    return new ResourceBean(
+        authorization.getStoreFactory().getResourceStore().findById(realm, null, id));
+  }
+
+  public static class RequesterBean {
+
+    private final Long createdTimestamp;
+    private final Long grantedTimestamp;
+    private UserModel requester;
+    private List<PermissionScopeBean> scopes = new ArrayList<>();
+    private boolean granted;
+
+    public RequesterBean(PermissionTicket ticket, AuthorizationProvider authorization) {
+      this.requester =
+          authorization
+              .getKeycloakSession()
+              .users()
+              .getUserById(authorization.getRealm(), ticket.getRequester());
+      granted = ticket.isGranted();
+      createdTimestamp = ticket.getCreatedTimestamp();
+      grantedTimestamp = ticket.getGrantedTimestamp();
+    }
+
+    public UserModel getRequester() {
+      return requester;
+    }
+
+    public List<PermissionScopeBean> getScopes() {
+      return scopes;
+    }
+
+    private void addScope(PermissionTicket ticket) {
+      if (ticket != null) {
+        scopes.add(new PermissionScopeBean(ticket));
+      }
+    }
+
+    public boolean isGranted() {
+      return (granted && scopes.isEmpty())
+          || scopes.stream().filter(permissionScopeBean -> permissionScopeBean.isGranted()).count()
+              > 0;
+    }
+
+    public Date getCreatedDate() {
+      return Time.toDate(createdTimestamp);
+    }
+
+    public Date getGrantedDate() {
+      if (grantedTimestamp == null) {
+        PermissionScopeBean permission =
+            scopes.stream()
+                .filter(permissionScopeBean -> permissionScopeBean.isGranted())
+                .findFirst()
+                .orElse(null);
+
+        if (permission == null) {
+          return null;
+        }
+
+        return permission.getGrantedDate();
+      }
+      return Time.toDate(grantedTimestamp);
+    }
+  }
+
+  public static class PermissionScopeBean {
+
+    private final Scope scope;
+    private final PermissionTicket ticket;
+
+    public PermissionScopeBean(PermissionTicket ticket) {
+      this.ticket = ticket;
+      scope = ticket.getScope();
+    }
+
+    public String getId() {
+      return ticket.getId();
+    }
+
+    public Scope getScope() {
+      return scope;
+    }
+
+    public boolean isGranted() {
+      return ticket.isGranted();
+    }
+
+    private Date getGrantedDate() {
+      if (isGranted()) {
+        return Time.toDate(ticket.getGrantedTimestamp());
+      }
+      return null;
+    }
+  }
+
+  public class ResourceBean {
+
+    private final ResourceServerBean resourceServer;
+    private final String ownerName;
+    private final UserModel userOwner;
+    private ClientModel clientOwner;
+    private Resource resource;
+    private Map<String, RequesterBean> permissions = new HashMap<>();
+    private Collection<RequesterBean> shares;
+
+    public ResourceBean(Resource resource) {
+      RealmModel realm = authorization.getRealm();
+      ResourceServer resourceServerModel = resource.getResourceServer();
+      resourceServer =
+          new ResourceServerBean(
+              realm.getClientById(resourceServerModel.getClientId()), resourceServerModel);
+      this.resource = resource;
+      userOwner =
+          authorization.getKeycloakSession().users().getUserById(realm, resource.getOwner());
+      if (userOwner == null) {
+        clientOwner = realm.getClientById(resource.getOwner());
+        ownerName = clientOwner.getClientId();
+      } else if (userOwner.getEmail() != null) {
+        ownerName = userOwner.getEmail();
+      } else {
+        ownerName = userOwner.getUsername();
+      }
+    }
+
+    public String getId() {
+      return resource.getId();
+    }
+
+    public String getName() {
+      return resource.getName();
+    }
+
+    public String getDisplayName() {
+      return resource.getDisplayName();
+    }
+
+    public String getIconUri() {
+      return resource.getIconUri();
+    }
+
+    public String getOwnerName() {
+      return ownerName;
+    }
+
+    public UserModel getUserOwner() {
+      return userOwner;
+    }
+
+    public ClientModel getClientOwner() {
+      return clientOwner;
+    }
+
+    public List<ScopeRepresentation> getScopes() {
+      return resource.getScopes().stream()
+          .map(ModelToRepresentation::toRepresentation)
+          .collect(Collectors.toList());
+    }
+
+    public Collection<RequesterBean> getShares() {
+      if (shares == null) {
+        Map<PermissionTicket.FilterOption, String> filters =
+            new EnumMap<>(PermissionTicket.FilterOption.class);
+
+        filters.put(PermissionTicket.FilterOption.RESOURCE_ID, this.resource.getId());
+        filters.put(PermissionTicket.FilterOption.GRANTED, Boolean.TRUE.toString());
+
+        shares = toPermissionRepresentation(findPermissions(filters));
+      }
+
+      return shares;
+    }
+
+    public Collection<ManagedPermissionBean> getPolicies() {
+      ResourceServer resourceServer = getResourceServer().getResourceServerModel();
+      RealmModel realm = resourceServer.getRealm();
+      Map<Policy.FilterOption, String[]> filters = new EnumMap<>(Policy.FilterOption.class);
+
+      filters.put(Policy.FilterOption.TYPE, new String[] {"uma"});
+      filters.put(Policy.FilterOption.RESOURCE_ID, new String[] {this.resource.getId()});
+      if (getUserOwner() != null) {
+        filters.put(Policy.FilterOption.OWNER, new String[] {getUserOwner().getId()});
+      } else {
+        filters.put(Policy.FilterOption.OWNER, new String[] {getClientOwner().getId()});
+      }
+
+      List<Policy> policies =
+          authorization
+              .getStoreFactory()
+              .getPolicyStore()
+              .find(realm, resourceServer, filters, null, null);
+
+      if (policies.isEmpty()) {
+        return Collections.emptyList();
+      }
+
+      return policies.stream()
+          .filter(
+              policy -> {
+                Map<PermissionTicket.FilterOption, String> filters1 =
+                    new EnumMap<>(PermissionTicket.FilterOption.class);
+
+                filters1.put(PermissionTicket.FilterOption.POLICY_ID, policy.getId());
+
+                return authorization
+                    .getStoreFactory()
+                    .getPermissionTicketStore()
+                    .find(realm, resourceServer, filters1, -1, 1)
+                    .isEmpty();
+              })
+          .map(ManagedPermissionBean::new)
+          .collect(Collectors.toList());
+    }
+
+    public ResourceServerBean getResourceServer() {
+      return resourceServer;
+    }
+
+    public Collection<RequesterBean> getPermissions() {
+      return permissions.values();
+    }
+
+    private void addPermission(PermissionTicket ticket, AuthorizationProvider authorization) {
+      permissions
+          .computeIfAbsent(ticket.getRequester(), key -> new RequesterBean(ticket, authorization))
+          .addScope(ticket);
+    }
+  }
+
+  private Collection<RequesterBean> toPermissionRepresentation(
+      List<PermissionTicket> permissionRequests) {
+    Map<String, RequesterBean> requests = new HashMap<>();
+
+    for (PermissionTicket ticket : permissionRequests) {
+      Resource resource = ticket.getResource();
+
+      if (!resource.isOwnerManagedAccess()) {
+        continue;
+      }
+
+      requests
+          .computeIfAbsent(
+              ticket.getRequester(), resourceId -> new RequesterBean(ticket, authorization))
+          .addScope(ticket);
+    }
+
+    return requests.values();
+  }
+
+  private Collection<ResourceBean> toResourceRepresentation(List<PermissionTicket> tickets) {
+    Map<String, ResourceBean> requests = new HashMap<>();
+
+    for (PermissionTicket ticket : tickets) {
+      Resource resource = ticket.getResource();
+
+      if (!resource.isOwnerManagedAccess()) {
+        continue;
+      }
+
+      requests
+          .computeIfAbsent(resource.getId(), resourceId -> getResource(resourceId))
+          .addPermission(ticket, authorization);
+    }
+
+    return requests.values();
+  }
+
+  private List<PermissionTicket> findPermissions(
+      Map<PermissionTicket.FilterOption, String> filters) {
+    return authorization
+        .getStoreFactory()
+        .getPermissionTicketStore()
+        .find(realm, null, filters, null, null);
+  }
+
+  public class ResourceServerBean {
+
+    private ClientModel clientModel;
+    private ResourceServer resourceServer;
+
+    public ResourceServerBean(ClientModel clientModel, ResourceServer resourceServer) {
+      this.clientModel = clientModel;
+      this.resourceServer = resourceServer;
+    }
+
+    public String getId() {
+      return resourceServer.getId();
+    }
+
+    public String getName() {
+      String name = clientModel.getName();
+
+      if (name != null) {
+        return name;
+      }
+
+      return clientModel.getClientId();
+    }
+
+    public String getClientId() {
+      return clientModel.getClientId();
+    }
+
+    public String getRedirectUri() {
+      Set<String> redirectUris = clientModel.getRedirectUris();
+
+      if (redirectUris.isEmpty()) {
+        return null;
+      }
+
+      return redirectUris.iterator().next();
+    }
+
+    public String getBaseUri() {
+      return ResolveRelative.resolveRelativeUri(
+          session, clientModel.getRootUrl(), clientModel.getBaseUrl());
+    }
+
+    public ResourceServer getResourceServerModel() {
+      return resourceServer;
+    }
+  }
+
+  public class ManagedPermissionBean {
+
+    private final Policy policy;
+    private List<ManagedPermissionBean> policies;
+
+    public ManagedPermissionBean(Policy policy) {
+      this.policy = policy;
+    }
+
+    public String getId() {
+      return policy.getId();
+    }
+
+    public Collection<ScopeRepresentation> getScopes() {
+      return policy.getScopes().stream()
+          .map(ModelToRepresentation::toRepresentation)
+          .collect(Collectors.toList());
+    }
+
+    public String getDescription() {
+      return this.policy.getDescription();
+    }
+
+    public Collection<ManagedPermissionBean> getPolicies() {
+      if (this.policies == null) {
+        this.policies =
+            policy.getAssociatedPolicies().stream()
+                .map(ManagedPermissionBean::new)
+                .collect(Collectors.toList());
+      }
+
+      return this.policies;
+    }
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/FeaturesBean.java

@@ -0,0 +1,56 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class FeaturesBean {
+
+  private final boolean identityFederation;
+  private final boolean log;
+  private final boolean passwordUpdateSupported;
+  private boolean authorization;
+
+  public FeaturesBean(
+      boolean identityFederation,
+      boolean log,
+      boolean passwordUpdateSupported,
+      boolean authorization) {
+    this.identityFederation = identityFederation;
+    this.log = log;
+    this.passwordUpdateSupported = passwordUpdateSupported;
+    this.authorization = authorization;
+  }
+
+  public boolean isIdentityFederation() {
+    return identityFederation;
+  }
+
+  public boolean isLog() {
+    return log;
+  }
+
+  public boolean isPasswordUpdateSupported() {
+    return passwordUpdateSupported;
+  }
+
+  public boolean isAuthorization() {
+    return authorization;
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/LogBean.java

@@ -0,0 +1,95 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+import java.util.Date;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import org.keycloak.events.Event;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class LogBean {
+
+  private List<EventBean> events;
+
+  public LogBean(List<Event> events) {
+    this.events = new LinkedList<EventBean>();
+    for (Event e : events) {
+      this.events.add(new EventBean(e));
+    }
+  }
+
+  public List<EventBean> getEvents() {
+    return events;
+  }
+
+  public static class EventBean {
+
+    private Event event;
+
+    public EventBean(Event event) {
+      this.event = event;
+    }
+
+    public Date getDate() {
+      return new Date(event.getTime());
+    }
+
+    public String getEvent() {
+      return event.getType().toString().toLowerCase().replace("_", " ");
+    }
+
+    public String getClient() {
+      return event.getClientId();
+    }
+
+    public String getIpAddress() {
+      return event.getIpAddress();
+    }
+
+    public List<DetailBean> getDetails() {
+      List<DetailBean> details = new LinkedList<DetailBean>();
+      if (event.getDetails() != null) {
+        for (Map.Entry<String, String> e : event.getDetails().entrySet()) {
+          details.add(new DetailBean(e));
+        }
+      }
+      return details;
+    }
+  }
+
+  public static class DetailBean {
+
+    private Map.Entry<String, String> entry;
+
+    public DetailBean(Map.Entry<String, String> entry) {
+      this.entry = entry;
+    }
+
+    public String getKey() {
+      return entry.getKey();
+    }
+
+    public String getValue() {
+      return entry.getValue().replace("_", " ");
+    }
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/PasswordBean.java

@@ -0,0 +1,34 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class PasswordBean {
+
+  private boolean passwordSet;
+
+  public PasswordBean(boolean passwordSet) {
+    this.passwordSet = passwordSet;
+  }
+
+  public boolean isPasswordSet() {
+    return passwordSet;
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/RealmBean.java

@@ -0,0 +1,75 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.keycloak.forms.account.freemarker.model;
+
+import java.util.Set;
+import java.util.stream.Collectors;
+import org.keycloak.models.RealmModel;
+
+/**
+ * @author <a href="mailto:gerbermichi@me.com">Michael Gerber</a>
+ */
+public class RealmBean {
+
+  private RealmModel realm;
+
+  public RealmBean(RealmModel realmModel) {
+    realm = realmModel;
+  }
+
+  public String getName() {
+    return realm.getName();
+  }
+
+  public String getDisplayName() {
+    String displayName = realm.getDisplayName();
+    if (displayName != null && displayName.length() > 0) {
+      return displayName;
+    } else {
+      return getName();
+    }
+  }
+
+  public String getDisplayNameHtml() {
+    String displayNameHtml = realm.getDisplayNameHtml();
+    if (displayNameHtml != null && displayNameHtml.length() > 0) {
+      return displayNameHtml;
+    } else {
+      return getDisplayName();
+    }
+  }
+
+  public boolean isInternationalizationEnabled() {
+    return realm.isInternationalizationEnabled();
+  }
+
+  public Set<String> getSupportedLocales() {
+    return realm.getSupportedLocalesStream().collect(Collectors.toSet());
+  }
+
+  public boolean isEditUsernameAllowed() {
+    return realm.isEditUsernameAllowed();
+  }
+
+  public boolean isRegistrationEmailAsUsername() {
+    return realm.isRegistrationEmailAsUsername();
+  }
+
+  public boolean isUserManagedAccessAllowed() {
+    return realm.isUserManagedAccessAllowed();
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/ReferrerBean.java

@@ -0,0 +1,38 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class ReferrerBean {
+
+  private String[] referrer;
+
+  public ReferrerBean(String[] referrer) {
+    this.referrer = referrer;
+  }
+
+  public String getName() {
+    return referrer[0];
+  }
+
+  public String getUrl() {
+    return referrer[1];
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/SessionsBean.java

@@ -0,0 +1,93 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+import java.util.Date;
+import java.util.HashSet;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Set;
+import org.keycloak.common.util.Time;
+import org.keycloak.models.ClientModel;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.UserSessionModel;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class SessionsBean {
+
+  private List<UserSessionBean> events;
+  private RealmModel realm;
+
+  public SessionsBean(RealmModel realm, List<UserSessionModel> sessions) {
+    this.events = new LinkedList<>();
+    for (UserSessionModel session : sessions) {
+      this.events.add(new UserSessionBean(realm, session));
+    }
+  }
+
+  public List<UserSessionBean> getSessions() {
+    return events;
+  }
+
+  public static class UserSessionBean {
+
+    private UserSessionModel session;
+    private RealmModel realm;
+
+    public UserSessionBean(RealmModel realm, UserSessionModel session) {
+      this.realm = realm;
+      this.session = session;
+    }
+
+    public String getId() {
+      return session.getId();
+    }
+
+    public String getIpAddress() {
+      return session.getIpAddress();
+    }
+
+    public Date getStarted() {
+      return Time.toDate(session.getStarted());
+    }
+
+    public Date getLastAccess() {
+      return Time.toDate(session.getLastSessionRefresh());
+    }
+
+    public Date getExpires() {
+      int maxLifespan =
+          session.isRememberMe() && realm.getSsoSessionMaxLifespanRememberMe() > 0
+              ? realm.getSsoSessionMaxLifespanRememberMe()
+              : realm.getSsoSessionMaxLifespan();
+      int max = session.getStarted() + maxLifespan;
+      return Time.toDate(max);
+    }
+
+    public Set<String> getClients() {
+      Set<String> clients = new HashSet<>();
+      for (String clientUUID : session.getAuthenticatedClientSessions().keySet()) {
+        ClientModel client = realm.getClientById(clientUUID);
+        clients.add(client.getClientId());
+      }
+      return clients;
+    }
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/TotpBean.java

@@ -0,0 +1,125 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+import static org.keycloak.utils.CredentialHelper.createUserStorageCredentialRepresentation;
+
+import jakarta.ws.rs.core.UriBuilder;
+import java.util.Collections;
+import java.util.List;
+import java.util.stream.Collectors;
+import org.keycloak.authentication.otp.OTPApplicationProvider;
+import org.keycloak.credential.CredentialModel;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.OTPPolicy;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.UserModel;
+import org.keycloak.models.credential.OTPCredentialModel;
+import org.keycloak.models.utils.HmacOTP;
+import org.keycloak.models.utils.RepresentationToModel;
+import org.keycloak.representations.idm.CredentialRepresentation;
+import org.keycloak.utils.TotpUtils;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class TotpBean {
+
+  private final RealmModel realm;
+  private final String totpSecret;
+  private final String totpSecretEncoded;
+  private final String totpSecretQrCode;
+  private final boolean enabled;
+  private KeycloakSession session;
+  private final UriBuilder uriBuilder;
+  private final List<CredentialModel> otpCredentials;
+  private final List<String> supportedApplications;
+
+  public TotpBean(
+      KeycloakSession session, RealmModel realm, UserModel user, UriBuilder uriBuilder) {
+    this.session = session;
+    this.uriBuilder = uriBuilder;
+    this.enabled = user.credentialManager().isConfiguredFor(OTPCredentialModel.TYPE);
+    if (enabled) {
+      List<CredentialModel> otpCredentials =
+          user.credentialManager()
+              .getStoredCredentialsByTypeStream(OTPCredentialModel.TYPE)
+              .collect(Collectors.toList());
+
+      if (otpCredentials.isEmpty()) {
+        // Credential is configured on userStorage side. Create the "fake" credential similar like
+        // we do for the new account console
+        CredentialRepresentation credential =
+            createUserStorageCredentialRepresentation(OTPCredentialModel.TYPE);
+        this.otpCredentials = Collections.singletonList(RepresentationToModel.toModel(credential));
+      } else {
+        this.otpCredentials = otpCredentials;
+      }
+    } else {
+      this.otpCredentials = Collections.EMPTY_LIST;
+    }
+
+    this.realm = realm;
+    this.totpSecret = HmacOTP.generateSecret(20);
+    this.totpSecretEncoded = TotpUtils.encode(totpSecret);
+    this.totpSecretQrCode = TotpUtils.qrCode(totpSecret, realm, user);
+
+    OTPPolicy otpPolicy = realm.getOTPPolicy();
+    this.supportedApplications =
+        session.getAllProviders(OTPApplicationProvider.class).stream()
+            .filter(p -> p.supports(otpPolicy))
+            .map(OTPApplicationProvider::getName)
+            .collect(Collectors.toList());
+  }
+
+  public boolean isEnabled() {
+    return enabled;
+  }
+
+  public String getTotpSecret() {
+    return totpSecret;
+  }
+
+  public String getTotpSecretEncoded() {
+    return totpSecretEncoded;
+  }
+
+  public String getTotpSecretQrCode() {
+    return totpSecretQrCode;
+  }
+
+  public String getManualUrl() {
+    return uriBuilder.replaceQueryParam("mode", "manual").build().toString();
+  }
+
+  public String getQrUrl() {
+    return uriBuilder.replaceQueryParam("mode", "qr").build().toString();
+  }
+
+  public OTPPolicy getPolicy() {
+    return realm.getOTPPolicy();
+  }
+
+  public List<String> getSupportedApplications() {
+    return supportedApplications;
+  }
+
+  public List<CredentialModel> getOtpCredentials() {
+    return otpCredentials;
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/forms/account/freemarker/model/UrlBean.java

@@ -0,0 +1,121 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.forms.account.freemarker.model;
+
+import java.io.IOException;
+import java.net.URI;
+import org.jboss.logging.Logger;
+import org.keycloak.models.RealmModel;
+import org.keycloak.services.AccountUrls;
+import org.keycloak.theme.Theme;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class UrlBean {
+
+  private static final Logger logger = Logger.getLogger(UrlBean.class);
+  private String realm;
+  private Theme theme;
+  private URI baseURI;
+  private URI baseQueryURI;
+  private URI currentURI;
+  private String idTokenHint;
+
+  public UrlBean(
+      RealmModel realm,
+      Theme theme,
+      URI baseURI,
+      URI baseQueryURI,
+      URI currentURI,
+      String idTokenHint) {
+    this.realm = realm.getName();
+    this.theme = theme;
+    this.baseURI = baseURI;
+    this.baseQueryURI = baseQueryURI;
+    this.currentURI = currentURI;
+    this.idTokenHint = idTokenHint;
+  }
+
+  public String getApplicationsUrl() {
+    return AccountUrls.accountApplicationsPage(baseQueryURI, realm).toString();
+  }
+
+  public String getAccountUrl() {
+    return AccountUrls.accountPage(baseQueryURI, realm).toString();
+  }
+
+  public String getPasswordUrl() {
+    return AccountUrls.accountPasswordPage(baseQueryURI, realm).toString();
+  }
+
+  public String getSocialUrl() {
+    return AccountUrls.accountFederatedIdentityPage(baseQueryURI, realm).toString();
+  }
+
+  public String getTotpUrl() {
+    return AccountUrls.accountTotpPage(baseQueryURI, realm).toString();
+  }
+
+  public String getLogUrl() {
+    return AccountUrls.accountLogPage(baseQueryURI, realm).toString();
+  }
+
+  public String getSessionsUrl() {
+    return AccountUrls.accountSessionsPage(baseQueryURI, realm).toString();
+  }
+
+  public String getLogoutUrl() {
+    return AccountUrls.accountLogout(baseQueryURI, currentURI, realm, idTokenHint).toString();
+  }
+
+  public String getResourceUrl() {
+    return AccountUrls.accountResourcesPage(baseQueryURI, realm).toString();
+  }
+
+  public String getResourceDetailUrl(String id) {
+    return AccountUrls.accountResourceDetailPage(id, baseQueryURI, realm).toString();
+  }
+
+  public String getResourceGrant(String id) {
+    return AccountUrls.accountResourceGrant(id, baseQueryURI, realm).toString();
+  }
+
+  public String getResourceShare(String id) {
+    return AccountUrls.accountResourceShare(id, baseQueryURI, realm).toString();
+  }
+
+  public String getResourcesPath() {
+    URI uri = AccountUrls.themeRoot(baseURI);
+    return uri.getPath() + "/" + theme.getType().toString().toLowerCase() + "/" + theme.getName();
+  }
+
+  public String getResourcesCommonPath() {
+    URI uri = AccountUrls.themeRoot(baseURI);
+    String commonPath = "";
+    try {
+      commonPath = theme.getProperties().getProperty("import");
+    } catch (IOException ex) {
+      logger.warn("Failed to load properties", ex);
+    }
+    if (commonPath == null || commonPath.isEmpty()) {
+      commonPath = "/common/keycloak";
+    }
+    return uri.getPath() + "/" + commonPath;
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/services/AccountUrls.java

@@ -0,0 +1,115 @@
+package org.keycloak.services;
+
+import jakarta.ws.rs.core.UriBuilder;
+import java.net.URI;
+import lombok.extern.jbosslog.JBossLog;
+import org.keycloak.OAuth2Constants;
+import org.keycloak.protocol.oidc.OIDCLoginProtocol;
+import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
+import org.keycloak.services.resources.LoginActionsService;
+import org.keycloak.services.resources.RealmsResource;
+import org.keycloak.services.resources.account.AccountFormService;
+
+@JBossLog
+public class AccountUrls extends Urls {
+
+  private static UriBuilder realmLogout(URI baseUri) {
+    return tokenBase(baseUri).path(OIDCLoginProtocolService.class, "logout");
+  }
+
+  public static UriBuilder accountBase(URI baseUri) {
+    return realmBase(baseUri).path(RealmsResource.class, "getAccountService");
+  }
+
+  private static UriBuilder tokenBase(URI baseUri) {
+    return realmBase(baseUri).path("{realm}/protocol/" + OIDCLoginProtocol.LOGIN_PROTOCOL);
+  }
+
+  public static URI accountApplicationsPage(URI baseUri, String realmName) {
+    return accountBase(baseUri).path(AccountFormService.class, "applicationsPage").build(realmName);
+  }
+
+  public static URI accountPage(URI baseUri, String realmName) {
+    return accountPageBuilder(baseUri).build(realmName);
+  }
+
+  public static UriBuilder accountPageBuilder(URI baseUri) {
+    return accountBase(baseUri).path(AccountFormService.class, "accountPage");
+  }
+
+  public static URI accountPasswordPage(URI baseUri, String realmName) {
+    return accountBase(baseUri).path(AccountFormService.class, "passwordPage").build(realmName);
+  }
+
+  public static URI accountFederatedIdentityPage(URI baseUri, String realmName) {
+    return accountBase(baseUri)
+        .path(AccountFormService.class, "federatedIdentityPage")
+        .build(realmName);
+  }
+
+  public static URI accountFederatedIdentityUpdate(URI baseUri, String realmName) {
+    return accountBase(baseUri)
+        .path(AccountFormService.class, "processFederatedIdentityUpdate")
+        .build(realmName);
+  }
+
+  public static URI accountTotpPage(URI baseUri, String realmName) {
+    return accountBase(baseUri).path(AccountFormService.class, "totpPage").build(realmName);
+  }
+
+  public static URI accountLogPage(URI baseUri, String realmName) {
+    return accountBase(baseUri).path(AccountFormService.class, "logPage").build(realmName);
+  }
+
+  public static URI accountSessionsPage(URI baseUri, String realmName) {
+    return accountBase(baseUri).path(AccountFormService.class, "sessionsPage").build(realmName);
+  }
+
+  public static URI accountLogout(
+      URI baseUri, URI redirectUri, String realmName, String idTokenHint) {
+    return realmLogout(baseUri)
+        .queryParam(OAuth2Constants.POST_LOGOUT_REDIRECT_URI, redirectUri)
+        .queryParam(OAuth2Constants.ID_TOKEN_HINT, idTokenHint)
+        .build(realmName);
+  }
+
+  public static URI accountResourcesPage(URI baseUri, String realmName) {
+    return accountBase(baseUri).path(AccountFormService.class, "resourcesPage").build(realmName);
+  }
+
+  public static URI accountResourceDetailPage(String resourceId, URI baseUri, String realmName) {
+    return accountBase(baseUri)
+        .path(AccountFormService.class, "resourceDetailPage")
+        .build(realmName, resourceId);
+  }
+
+  public static URI accountResourceGrant(String resourceId, URI baseUri, String realmName) {
+    return accountBase(baseUri)
+        .path(AccountFormService.class, "grantPermission")
+        .build(realmName, resourceId);
+  }
+
+  public static URI accountResourceShare(String resourceId, URI baseUri, String realmName) {
+    return accountBase(baseUri)
+        .path(AccountFormService.class, "shareResource")
+        .build(realmName, resourceId);
+  }
+
+  public static URI loginActionUpdatePassword(URI baseUri, String realmName) {
+    return loginActionsBase(baseUri)
+        .path(LoginActionsService.class, "updatePassword")
+        .build(realmName);
+  }
+
+  public static URI loginActionUpdateTotp(URI baseUri, String realmName) {
+    return loginActionsBase(baseUri).path(LoginActionsService.class, "updateTotp").build(realmName);
+  }
+
+  public static URI loginActionEmailVerification(URI baseUri, String realmName) {
+    return loginActionEmailVerificationBuilder(baseUri).build(realmName);
+  }
+
+  public static String localeCookiePath(URI baseUri, String realmName) {
+    return realmBase(baseUri).path(realmName).build().getRawPath();
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/account-v1-java/services/resources/account/AccountFormServiceFactory.java

@@ -0,0 +1,64 @@
+package org.keycloak.services.resources.account;
+
+import com.google.auto.service.AutoService;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
+import java.util.Map;
+import lombok.extern.jbosslog.JBossLog;
+import org.keycloak.Config.Scope;
+import org.keycloak.events.EventBuilder;
+import org.keycloak.models.ClientModel;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.KeycloakSessionFactory;
+import org.keycloak.models.ProtocolMapperModel;
+import org.keycloak.models.RealmModel;
+import org.keycloak.provider.ProviderEvent;
+import org.keycloak.services.resource.AccountResourceProvider;
+import org.keycloak.services.resource.AccountResourceProviderFactory;
+import jakarta.ws.rs.NotFoundException;
+import org.keycloak.models.Constants;
+
+@JBossLog
+@AutoService(AccountResourceProviderFactory.class)
+public class AccountFormServiceFactory implements AccountResourceProviderFactory {
+
+  public static final String ID = "account-v1";
+
+  @Override
+  public String getId() {
+    return ID;
+  }
+
+  private ClientModel getAccountManagementClient(RealmModel realm) {
+    ClientModel client = realm.getClientByClientId(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
+    if (client == null || !client.isEnabled()) {
+      log.debug("account management not enabled");
+      throw new NotFoundException("account management not enabled");
+    }
+    return client;
+  }
+
+  @Override
+  public AccountResourceProvider create(KeycloakSession session) {
+    log.info("create");
+    RealmModel realm = session.getContext().getRealm();
+    ClientModel client = getAccountManagementClient(realm);
+    EventBuilder event = new EventBuilder​(realm, session, session.getContext().getConnection());
+    return new AccountFormService(session, client, event);
+  }
+
+  @Override
+  public void init(Scope config) {
+    log.info("init");
+  }
+
+  @Override
+  public void postInit(KeycloakSessionFactory factory) {
+    log.info("postInit");
+  }
+
+  @Override
+  public void close() {
+    log.info("close");
+  }
+}

src/bin/keycloakify/generateJavaStackFiles/bringInAccountV1.ts

@@ -0,0 +1,92 @@
+import * as fs from "fs";
+import { join as pathJoin, dirname as pathDirname } from "path";
+import { assert } from "tsafe/assert";
+import { Reflect } from "tsafe/Reflect";
+import type { BuildOptions } from "../BuildOptions";
+import { resources_common, lastKeycloakVersionWithAccountV1, accountV1 } from "../../constants";
+import { downloadBuiltinKeycloakTheme } from "../../download-builtin-keycloak-theme";
+import { transformCodebase } from "../../tools/transformCodebase";
+
+export type BuildOptionsLike = {
+    keycloakifyBuildDirPath: string;
+    cacheDirPath: string;
+};
+
+{
+    const buildOptions = Reflect<BuildOptions>();
+
+    assert<typeof buildOptions extends BuildOptionsLike ? true : false>();
+}
+
+export async function bringInAccountV1(params: { buildOptions: BuildOptionsLike }) {
+    const { buildOptions } = params;
+
+    const builtinKeycloakThemeTmpDirPath = pathJoin(buildOptions.keycloakifyBuildDirPath, "..", "tmp_yxdE2_builtin_keycloak_theme");
+
+    await downloadBuiltinKeycloakTheme({
+        "destDirPath": builtinKeycloakThemeTmpDirPath,
+        "keycloakVersion": lastKeycloakVersionWithAccountV1,
+        buildOptions
+    });
+
+    const accountV1DirPath = pathJoin(buildOptions.keycloakifyBuildDirPath, "src", "main", "resources", "theme", accountV1, "account");
+
+    transformCodebase({
+        "srcDirPath": pathJoin(builtinKeycloakThemeTmpDirPath, "base", "account"),
+        "destDirPath": accountV1DirPath
+    });
+
+    const commonResourceFilePaths = [
+        "node_modules/patternfly/dist/css/patternfly.min.css",
+        "node_modules/patternfly/dist/css/patternfly-additions.min.css"
+    ];
+
+    for (const relativeFilePath of commonResourceFilePaths.map(path => pathJoin(...path.split("/")))) {
+        const destFilePath = pathJoin(accountV1DirPath, "resources", resources_common, relativeFilePath);
+
+        fs.mkdirSync(pathDirname(destFilePath), { "recursive": true });
+
+        fs.cpSync(pathJoin(builtinKeycloakThemeTmpDirPath, "keycloak", "common", "resources", relativeFilePath), destFilePath);
+    }
+
+    const resourceFilePaths = ["css/account.css"];
+
+    for (const relativeFilePath of resourceFilePaths.map(path => pathJoin(...path.split("/")))) {
+        const destFilePath = pathJoin(accountV1DirPath, "resources", relativeFilePath);
+
+        fs.mkdirSync(pathDirname(destFilePath), { "recursive": true });
+
+        fs.cpSync(pathJoin(builtinKeycloakThemeTmpDirPath, "keycloak", "account", "resources", relativeFilePath), destFilePath);
+    }
+
+    fs.rmSync(builtinKeycloakThemeTmpDirPath, { "recursive": true });
+
+    fs.writeFileSync(
+        pathJoin(accountV1DirPath, "theme.properties"),
+        Buffer.from(
+            [
+                "accountResourceProvider=account-v1",
+                "",
+                "locales=ar,ca,cs,da,de,en,es,fr,fi,hu,it,ja,lt,nl,no,pl,pt-BR,ru,sk,sv,tr,zh-CN",
+                "",
+                "styles=" + [...resourceFilePaths, ...commonResourceFilePaths.map(path => `resources_common/${path}`)].join(" "),
+                "",
+                "##### css classes for form buttons",
+                "# main class used for all buttons",
+                "kcButtonClass=btn",
+                "# classes defining priority of the button - primary or default (there is typically only one priority button for the form)",
+                "kcButtonPrimaryClass=btn-primary",
+                "kcButtonDefaultClass=btn-default",
+                "# classes defining size of the button",
+                "kcButtonLargeClass=btn-lg",
+                ""
+            ].join("\n"),
+            "utf8"
+        )
+    );
+
+    transformCodebase({
+        "srcDirPath": pathJoin(__dirname, "account-v1-java"),
+        "destDirPath": pathJoin(buildOptions.keycloakifyBuildDirPath, "src", "main", "java", "org", "keycloak")
+    });
+}

src/bin/keycloakify/generateJavaStackFiles/generateJavaStackFiles.ts

@@ -0,0 +1,211 @@
+import * as fs from "fs";
+import { join as pathJoin, dirname as pathDirname } from "path";
+import { assert } from "tsafe/assert";
+import { Reflect } from "tsafe/Reflect";
+import type { BuildOptions } from "../BuildOptions";
+import { type ThemeType, retrocompatPostfix, accountV1 } from "../../constants";
+import { bringInAccountV1 } from "./bringInAccountV1";
+
+export type BuildOptionsLike = {
+    groupId: string;
+    artifactId: string;
+    themeVersion: string;
+    cacheDirPath: string;
+    keycloakifyBuildDirPath: string;
+    themeNames: string[];
+};
+
+{
+    const buildOptions = Reflect<BuildOptions>();
+
+    assert<typeof buildOptions extends BuildOptionsLike ? true : false>();
+}
+
+export async function generateJavaStackFiles(params: {
+    implementedThemeTypes: Record<ThemeType | "email", boolean>;
+    buildOptions: BuildOptionsLike;
+}): Promise<{
+    jarFilePath: string;
+}> {
+    const { implementedThemeTypes, buildOptions } = params;
+
+    {
+        const { pomFileCode } = (function generatePomFileCode(): {
+            pomFileCode: string;
+        } {
+            const pomFileCode = [
+                `<?xml version="1.0"?>`,
+                `<project xmlns="http://maven.apache.org/POM/4.0.0"`,
+                `	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"`,
+                `	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">`,
+                `	<modelVersion>4.0.0</modelVersion>`,
+                `	<groupId>${buildOptions.groupId}</groupId>`,
+                `	<artifactId>${buildOptions.artifactId}</artifactId>`,
+                `	<version>${buildOptions.themeVersion}</version>`,
+                `	<name>${buildOptions.artifactId}</name>`,
+                `	<description />`,
+                `	<packaging>jar</packaging>`,
+                `	<properties>`,
+                `	    <java.version>17</java.version>`,
+                `	    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>`,
+                `	    <keycloak.version>23.0.0</keycloak.version>`,
+                `	    <guava.version>32.0.0-jre</guava.version>`,
+                `	    <lombok.version>1.18.28</lombok.version>`,
+                `	    <auto-service.version>1.1.1</auto-service.version>`,
+                `	</properties>`,
+                `	<build>`,
+                `	    <plugins>`,
+                `	        <plugin>`,
+                `	            <artifactId>maven-compiler-plugin</artifactId>`,
+                `	            <version>3.11.0</version>`,
+                `	            <configuration>`,
+                `	                <source>\${java.version}</source>`,
+                `	                <target>\${java.version}</target>`,
+                `	                <compilerArgument>-Xlint:unchecked</compilerArgument>`,
+                `	                <compilerArgument>-Xlint:deprecation</compilerArgument>`,
+                `	                <useIncrementalCompilation>false</useIncrementalCompilation>`,
+                `	                <annotationProcessorPaths>`,
+                `	                    <path>`,
+                `	                        <groupId>com.google.auto.service</groupId>`,
+                `	                        <artifactId>auto-service</artifactId>`,
+                `	                        <version>\${auto-service.version}</version>`,
+                `	                    </path>`,
+                `	                    <path>`,
+                `	                        <groupId>org.projectlombok</groupId>`,
+                `	                        <artifactId>lombok</artifactId>`,
+                `	                        <version>\${lombok.version}</version>`,
+                `	                    </path>`,
+                `	                </annotationProcessorPaths>`,
+                `	            </configuration>`,
+                `	        </plugin>`,
+                `	        <plugin>`,
+                `	            <groupId>org.apache.maven.plugins</groupId>`,
+                `	            <artifactId>maven-jar-plugin</artifactId>`,
+                `	            <version>3.2.0</version>`,
+                `	            <configuration>`,
+                `	                <archive>`,
+                `	                    <manifestEntries>`,
+                `	                        <Dependencies>`,
+                `	                            <![CDATA[org.keycloak.keycloak-common,org.keycloak.keycloak-core,org.keycloak.keycloak-server-spi,org.keycloak.keycloak-server-spi-private,org.keycloak.keycloak-services,com.google.guava]]>`,
+                `	                        </Dependencies>`,
+                `	                    </manifestEntries>`,
+                `	                </archive>`,
+                `	            </configuration>`,
+                `	        </plugin>`,
+                `	        <plugin>`,
+                `	            <groupId>com.spotify.fmt</groupId>`,
+                `	            <artifactId>fmt-maven-plugin</artifactId>`,
+                `	            <version>2.20</version>`,
+                `	        </plugin>`,
+                `	    </plugins>`,
+                `	</build>`,
+                `	<dependencies>`,
+                `	    <dependency>`,
+                `	        <groupId>org.projectlombok</groupId>`,
+                `	        <artifactId>lombok</artifactId>`,
+                `	        <version>\${lombok.version}</version>`,
+                `	        <scope>provided</scope>`,
+                `	    </dependency>`,
+                `	    <dependency>`,
+                `	        <groupId>com.google.auto.service</groupId>`,
+                `	        <artifactId>auto-service</artifactId>`,
+                `	        <version>\${auto-service.version}</version>`,
+                `	        <scope>provided</scope>`,
+                `	    </dependency>`,
+                `	    <dependency>`,
+                `	        <groupId>org.keycloak</groupId>`,
+                `	        <artifactId>keycloak-server-spi</artifactId>`,
+                `	        <version>\${keycloak.version}</version>`,
+                `	        <scope>provided</scope>`,
+                `	    </dependency>`,
+                `	    <dependency>`,
+                `	        <groupId>org.keycloak</groupId>`,
+                `	        <artifactId>keycloak-server-spi-private</artifactId>`,
+                `	        <version>\${keycloak.version}</version>`,
+                `	        <scope>provided</scope>`,
+                `	    </dependency>`,
+                `	    <dependency>`,
+                `	        <groupId>org.keycloak</groupId>`,
+                `	        <artifactId>keycloak-services</artifactId>`,
+                `	        <version>\${keycloak.version}</version>`,
+                `	        <scope>provided</scope>`,
+                `	    </dependency>`,
+                `	    <dependency>`,
+                `	        <groupId>jakarta.ws.rs</groupId>`,
+                `	        <artifactId>jakarta.ws.rs-api</artifactId>`,
+                `	        <version>3.1.0</version>`,
+                `	        <scope>provided</scope>`,
+                `	    </dependency>`,
+                `	    <dependency>`,
+                `	        <groupId>com.google.guava</groupId>`,
+                `	        <artifactId>guava</artifactId>`,
+                `	        <version>\${guava.version}</version>`,
+                `	        <scope>provided</scope>`,
+                `	    </dependency>`,
+                `	</dependencies>`,
+                `</project>`
+            ].join("\n");
+
+            return { pomFileCode };
+        })();
+
+        fs.writeFileSync(pathJoin(buildOptions.keycloakifyBuildDirPath, "pom.xml"), Buffer.from(pomFileCode, "utf8"));
+    }
+
+    if (implementedThemeTypes.account) {
+        await bringInAccountV1({ buildOptions });
+    }
+
+    {
+        const themeManifestFilePath = pathJoin(buildOptions.keycloakifyBuildDirPath, "src", "main", "resources", "META-INF", "keycloak-themes.json");
+
+        try {
+            fs.mkdirSync(pathDirname(themeManifestFilePath));
+        } catch {}
+
+        fs.writeFileSync(
+            themeManifestFilePath,
+            Buffer.from(
+                JSON.stringify(
+                    {
+                        "themes": [
+                            ...(!implementedThemeTypes.account
+                                ? []
+                                : [
+                                      {
+                                          "name": accountV1,
+                                          "types": ["account"]
+                                      }
+                                  ]),
+                            ...buildOptions.themeNames
+                                .map(themeName => [
+                                    {
+                                        "name": themeName,
+                                        "types": Object.entries(implementedThemeTypes)
+                                            .filter(([, isImplemented]) => isImplemented)
+                                            .map(([themeType]) => themeType)
+                                    },
+                                    ...(!implementedThemeTypes.account
+                                        ? []
+                                        : [
+                                              {
+                                                  "name": `${themeName}${retrocompatPostfix}`,
+                                                  "types": ["account"]
+                                              }
+                                          ])
+                                ])
+                                .flat()
+                        ]
+                    },
+                    null,
+                    2
+                ),
+                "utf8"
+            )
+        );
+    }
+
+    return {
+        "jarFilePath": pathJoin(buildOptions.keycloakifyBuildDirPath, "target", `${buildOptions.artifactId}-${buildOptions.themeVersion}.jar`)
+    };
+}

src/bin/keycloakify/generateJavaStackFiles/index.ts

@@ -0,0 +1 @@
+export * from "./generateJavaStackFiles";

src/bin/keycloakify/generateStartKeycloakTestingContainer.ts

@@ -1,53 +1,52 @@
 import * as fs from "fs";
 import { join as pathJoin } from "path";
 import { assert } from "tsafe/assert";
+import { Reflect } from "tsafe/Reflect";
 import type { BuildOptions } from "./BuildOptions";
 
 export type BuildOptionsLike = {
-    themeName: string;
-    extraThemeNames: string[];
+    keycloakifyBuildDirPath: string;
 };
 
-assert<BuildOptions extends BuildOptionsLike ? true : false>();
+{
+    const buildOptions = Reflect<BuildOptions>();
+
+    assert<typeof buildOptions extends BuildOptionsLike ? true : false>();
+}
 
 generateStartKeycloakTestingContainer.basename = "start_keycloak_testing_container.sh";
 
 const containerName = "keycloak-testing-container";
 
 /** Files for being able to run a hot reload keycloak container */
-export function generateStartKeycloakTestingContainer(params: {
-    keycloakVersion: string;
-    keycloakThemeBuildingDirPath: string;
-    buildOptions: BuildOptionsLike;
-}) {
-    const {
-        keycloakThemeBuildingDirPath,
-        keycloakVersion,
-        buildOptions: { themeName, extraThemeNames }
-    } = params;
+export function generateStartKeycloakTestingContainer(params: { keycloakVersion: string; buildOptions: BuildOptionsLike }) {
+    const { keycloakVersion, buildOptions } = params;
+
+    const themeRelativeDirPath = pathJoin("src", "main", "resources", "theme");
+    const themeDirPath = pathJoin(buildOptions.keycloakifyBuildDirPath, themeRelativeDirPath);
 
     fs.writeFileSync(
-        pathJoin(keycloakThemeBuildingDirPath, generateStartKeycloakTestingContainer.basename),
+        pathJoin(buildOptions.keycloakifyBuildDirPath, generateStartKeycloakTestingContainer.basename),
         Buffer.from(
             [
                 "#!/usr/bin/env bash",
                 "",
                 `docker rm ${containerName} || true`,
                 "",
-                `cd "${keycloakThemeBuildingDirPath.replace(/\\/g, "/")}"`,
+                `cd "${buildOptions.keycloakifyBuildDirPath}"`,
                 "",
                 "docker run \\",
                 "   -p 8080:8080 \\",
                 `   --name ${containerName} \\`,
                 "   -e KEYCLOAK_ADMIN=admin \\",
                 "   -e KEYCLOAK_ADMIN_PASSWORD=admin \\",
-                ...[themeName, ...extraThemeNames].map(
-                    themeName =>
-                        `   -v "${pathJoin(keycloakThemeBuildingDirPath, "src", "main", "resources", "theme", themeName).replace(
-                            /\\/g,
-                            "/"
-                        )}":"/opt/keycloak/themes/${themeName}":rw \\`
-                ),
+                ...fs
+                    .readdirSync(themeDirPath)
+                    .filter(name => fs.lstatSync(pathJoin(themeDirPath, name)).isDirectory())
+                    .map(
+                        themeName =>
+                            `   -v "${pathJoin(".", themeRelativeDirPath, themeName).replace(/\\/g, "/")}":"/opt/keycloak/themes/${themeName}":rw \\`
+                    ),
                 `   -it quay.io/keycloak/keycloak:${keycloakVersion} \\`,
                 `   start-dev --features=declarative-user-profile`,
                 ""

src/bin/keycloakify/generateTheme/downloadKeycloakStaticResources.ts

@@ -1,29 +1,31 @@
 import { transformCodebase } from "../../tools/transformCodebase";
 import * as fs from "fs";
-import { join as pathJoin, relative as pathRelative, dirname as pathDirname } from "path";
-import type { ThemeType } from "../generateFtl";
+import { join as pathJoin, dirname as pathDirname } from "path";
 import { downloadBuiltinKeycloakTheme } from "../../download-builtin-keycloak-theme";
-import {
-    resourcesCommonDirPathRelativeToPublicDir,
-    resourcesDirPathRelativeToPublicDir,
-    basenameOfKeycloakDirInPublicDir
-} from "../../mockTestingResourcesPath";
-import * as crypto from "crypto";
+import { resources_common, type ThemeType } from "../../constants";
+import { BuildOptions } from "../BuildOptions";
 import { assert } from "tsafe/assert";
+import * as crypto from "crypto";
+
+export type BuildOptionsLike = {
+    cacheDirPath: string;
+};
+
+assert<BuildOptions extends BuildOptionsLike ? true : false>();
 
 export async function downloadKeycloakStaticResources(
     // prettier-ignore
     params: {
-        projectDirPath: string;
         themeType: ThemeType;
         themeDirPath: string;
         keycloakVersion: string;
         usedResources: {
             resourcesCommonFilePaths: string[];
-        } | undefined
+        } | undefined;
+        buildOptions: BuildOptionsLike;
     }
 ) {
-    const { projectDirPath, themeType, themeDirPath, keycloakVersion } = params;
+    const { themeType, themeDirPath, keycloakVersion, buildOptions } = params;
 
     // NOTE: Hack for 427
     const usedResources = (() => {
@@ -52,24 +54,25 @@ export async function downloadKeycloakStaticResources(
 
     const tmpDirPath = pathJoin(
         themeDirPath,
-        "..",
         `tmp_suLeKsxId_${crypto.createHash("sha256").update(`${themeType}-${keycloakVersion}`).digest("hex").slice(0, 8)}`
     );
 
     await downloadBuiltinKeycloakTheme({
-        projectDirPath,
         keycloakVersion,
-        "destDirPath": tmpDirPath
+        "destDirPath": tmpDirPath,
+        buildOptions
     });
 
+    const resourcesPath = pathJoin(themeDirPath, themeType, "resources");
+
     transformCodebase({
         "srcDirPath": pathJoin(tmpDirPath, "keycloak", themeType, "resources"),
-        "destDirPath": pathJoin(themeDirPath, pathRelative(basenameOfKeycloakDirInPublicDir, resourcesDirPathRelativeToPublicDir))
+        "destDirPath": resourcesPath
     });
 
     transformCodebase({
         "srcDirPath": pathJoin(tmpDirPath, "keycloak", "common", "resources"),
-        "destDirPath": pathJoin(themeDirPath, pathRelative(basenameOfKeycloakDirInPublicDir, resourcesCommonDirPathRelativeToPublicDir)),
+        "destDirPath": pathJoin(resourcesPath, resources_common),
         "transformSourceCode":
             usedResources === undefined
                 ? undefined

src/bin/keycloakify/generateTheme/generateMessageProperties.ts

@@ -1,4 +1,4 @@
-import type { ThemeType } from "../generateFtl";
+import type { ThemeType } from "../../constants";
 import { crawl } from "../../tools/crawl";
 import { join as pathJoin } from "path";
 import { readFileSync } from "fs";

src/bin/keycloakify/generateTheme/generateTheme.ts

@@ -1,13 +1,13 @@
 import { transformCodebase } from "../../tools/transformCodebase";
 import * as fs from "fs";
-import { join as pathJoin } from "path";
+import { join as pathJoin, basename as pathBasename, resolve as pathResolve } from "path";
 import { replaceImportsFromStaticInJsCode } from "../replacers/replaceImportsFromStaticInJsCode";
 import { replaceImportsInCssCode } from "../replacers/replaceImportsInCssCode";
-import { generateFtlFilesCodeFactory, loginThemePageIds, accountThemePageIds, themeTypes, type ThemeType } from "../generateFtl";
-import { basenameOfKeycloakDirInPublicDir } from "../../mockTestingResourcesPath";
+import { generateFtlFilesCodeFactory, loginThemePageIds, accountThemePageIds } from "../generateFtl";
+import { themeTypes, type ThemeType, lastKeycloakVersionWithAccountV1, keycloak_resources, retrocompatPostfix, accountV1 } from "../../constants";
 import { isInside } from "../../tools/isInside";
 import type { BuildOptions } from "../BuildOptions";
-import { assert } from "tsafe/assert";
+import { assert, type Equals } from "tsafe/assert";
 import { downloadKeycloakStaticResources } from "./downloadKeycloakStaticResources";
 import { readFieldNameUsage } from "./readFieldNameUsage";
 import { readExtraPagesNames } from "./readExtraPageNames";
@@ -15,36 +15,39 @@ import { generateMessageProperties } from "./generateMessageProperties";
 import { readStaticResourcesUsage } from "./readStaticResourcesUsage";
 
 export type BuildOptionsLike = {
-    themeName: string;
     extraThemeProperties: string[] | undefined;
     themeVersion: string;
-    keycloakVersionDefaultAssets: string;
+    loginThemeResourcesFromKeycloakVersion: string;
     urlPathname: string | undefined;
+    keycloakifyBuildDirPath: string;
+    reactAppBuildDirPath: string;
+    cacheDirPath: string;
+    doBuildRetrocompatAccountTheme: boolean;
 };
 
 assert<BuildOptions extends BuildOptionsLike ? true : false>();
 
 export async function generateTheme(params: {
-    projectDirPath: string;
-    reactAppBuildDirPath: string;
-    keycloakThemeBuildingDirPath: string;
+    themeName: string;
     themeSrcDirPath: string;
     keycloakifySrcDirPath: string;
     buildOptions: BuildOptionsLike;
     keycloakifyVersion: string;
 }): Promise<void> {
-    const {
-        projectDirPath,
-        reactAppBuildDirPath,
-        keycloakThemeBuildingDirPath,
-        themeSrcDirPath,
-        keycloakifySrcDirPath,
-        buildOptions,
-        keycloakifyVersion
-    } = params;
+    const { themeName, themeSrcDirPath, keycloakifySrcDirPath, buildOptions, keycloakifyVersion } = params;
 
-    const getThemeDirPath = (themeType: ThemeType | "email") =>
-        pathJoin(keycloakThemeBuildingDirPath, "src", "main", "resources", "theme", buildOptions.themeName, themeType);
+    const getThemeTypeDirPath = (params: { themeType: ThemeType | "email"; isRetrocompat?: true }) => {
+        const { themeType, isRetrocompat = false } = params;
+        return pathJoin(
+            buildOptions.keycloakifyBuildDirPath,
+            "src",
+            "main",
+            "resources",
+            "theme",
+            `${themeName}${isRetrocompat ? retrocompatPostfix : ""}`,
+            themeType
+        );
+    };
 
     let allCssGlobalsToDefine: Record<string, string> = {};
 
@@ -55,7 +58,7 @@ export async function generateTheme(params: {
             continue;
         }
 
-        const themeDirPath = getThemeDirPath(themeType);
+        const themeTypeDirPath = getThemeTypeDirPath({ themeType });
 
         copy_app_resources_to_theme_path: {
             const isFirstPass = themeType.indexOf(themeType) === 0;
@@ -65,13 +68,13 @@ export async function generateTheme(params: {
             }
 
             transformCodebase({
-                "destDirPath": pathJoin(themeDirPath, "resources", "build"),
-                "srcDirPath": reactAppBuildDirPath,
+                "destDirPath": pathJoin(themeTypeDirPath, "resources", "build"),
+                "srcDirPath": buildOptions.reactAppBuildDirPath,
                 "transformSourceCode": ({ filePath, sourceCode }) => {
                     //NOTE: Prevent cycles, excludes the folder we generated for debug in public/
                     if (
                         isInside({
-                            "dirPath": pathJoin(reactAppBuildDirPath, basenameOfKeycloakDirInPublicDir),
+                            "dirPath": pathJoin(buildOptions.reactAppBuildDirPath, keycloak_resources),
                             filePath
                         })
                     ) {
@@ -114,7 +117,8 @@ export async function generateTheme(params: {
             generateFtlFilesCode_glob !== undefined
                 ? generateFtlFilesCode_glob
                 : generateFtlFilesCodeFactory({
-                      "indexHtmlCode": fs.readFileSync(pathJoin(reactAppBuildDirPath, "index.html")).toString("utf8"),
+                      themeName,
+                      "indexHtmlCode": fs.readFileSync(pathJoin(buildOptions.reactAppBuildDirPath, "index.html")).toString("utf8"),
                       "cssGlobalsToDefine": allCssGlobalsToDefine,
                       buildOptions,
                       keycloakifyVersion,
@@ -142,75 +146,77 @@ export async function generateTheme(params: {
         ].forEach(pageId => {
             const { ftlCode } = generateFtlFilesCode({ pageId });
 
-            fs.mkdirSync(themeDirPath, { "recursive": true });
+            fs.mkdirSync(themeTypeDirPath, { "recursive": true });
 
-            fs.writeFileSync(pathJoin(themeDirPath, pageId), Buffer.from(ftlCode, "utf8"));
+            fs.writeFileSync(pathJoin(themeTypeDirPath, pageId), Buffer.from(ftlCode, "utf8"));
         });
 
         generateMessageProperties({
             themeSrcDirPath,
             themeType
         }).forEach(({ languageTag, propertiesFileSource }) => {
-            const messagesDirPath = pathJoin(themeDirPath, "messages");
+            const messagesDirPath = pathJoin(themeTypeDirPath, "messages");
 
-            fs.mkdirSync(pathJoin(themeDirPath, "messages"), { "recursive": true });
+            fs.mkdirSync(pathJoin(themeTypeDirPath, "messages"), { "recursive": true });
 
             const propertiesFilePath = pathJoin(messagesDirPath, `messages_${languageTag}.properties`);
 
             fs.writeFileSync(propertiesFilePath, Buffer.from(propertiesFileSource, "utf8"));
         });
 
-        //TODO: Remove this block we left it for now only for backward compatibility
-        // we now have a separate script for this
-        copy_keycloak_resources_to_public: {
-            const keycloakDirInPublicDir = pathJoin(reactAppBuildDirPath, "..", "public", basenameOfKeycloakDirInPublicDir);
-
-            if (fs.existsSync(keycloakDirInPublicDir)) {
-                break copy_keycloak_resources_to_public;
-            }
-
-            await downloadKeycloakStaticResources({
-                projectDirPath,
-                "keycloakVersion": buildOptions.keycloakVersionDefaultAssets,
-                "themeDirPath": keycloakDirInPublicDir,
-                themeType,
-                "usedResources": undefined
-            });
-
-            if (themeType !== themeTypes[0]) {
-                break copy_keycloak_resources_to_public;
-            }
-
-            fs.writeFileSync(
-                pathJoin(keycloakDirInPublicDir, "README.txt"),
-                Buffer.from(
-                    // prettier-ignore
-                    [
-                        "This is just a test folder that helps develop",
-                        "the login and register page without having to run a Keycloak container"
-                    ].join(" ")
-                )
-            );
-
-            fs.writeFileSync(pathJoin(keycloakDirInPublicDir, ".gitignore"), Buffer.from("*", "utf8"));
-        }
-
         await downloadKeycloakStaticResources({
-            projectDirPath,
-            "keycloakVersion": buildOptions.keycloakVersionDefaultAssets,
-            themeDirPath,
+            "keycloakVersion": (() => {
+                switch (themeType) {
+                    case "account":
+                        return lastKeycloakVersionWithAccountV1;
+                    case "login":
+                        return buildOptions.loginThemeResourcesFromKeycloakVersion;
+                }
+            })(),
+            "themeDirPath": pathResolve(pathJoin(themeTypeDirPath, "..")),
             themeType,
             "usedResources": readStaticResourcesUsage({
                 keycloakifySrcDirPath,
                 themeSrcDirPath,
                 themeType
-            })
+            }),
+            buildOptions
         });
 
         fs.writeFileSync(
-            pathJoin(themeDirPath, "theme.properties"),
-            Buffer.from([`parent=keycloak`, ...(buildOptions.extraThemeProperties ?? [])].join("\n\n"), "utf8")
+            pathJoin(themeTypeDirPath, "theme.properties"),
+            Buffer.from(
+                [
+                    `parent=${(() => {
+                        switch (themeType) {
+                            case "account":
+                                return accountV1;
+                            case "login":
+                                return "keycloak";
+                        }
+                        assert<Equals<typeof themeType, never>>(false);
+                    })()}`,
+                    ...(buildOptions.extraThemeProperties ?? [])
+                ].join("\n\n"),
+                "utf8"
+            )
         );
+
+        if (themeType === "account" && buildOptions.doBuildRetrocompatAccountTheme) {
+            transformCodebase({
+                "srcDirPath": themeTypeDirPath,
+                "destDirPath": getThemeTypeDirPath({ themeType, "isRetrocompat": true }),
+                "transformSourceCode": ({ filePath, sourceCode }) => {
+                    if (pathBasename(filePath) === "theme.properties") {
+                        return {
+                            "modifiedSourceCode": Buffer.from(sourceCode.toString("utf8").replace(`parent=${accountV1}`, "parent=keycloak"), "utf8")
+                        };
+                    }
+
+                    return { "modifiedSourceCode": sourceCode };
+                }
+            });
+        }
     }
 
     email: {
@@ -222,7 +228,7 @@ export async function generateTheme(params: {
 
         transformCodebase({
             "srcDirPath": emailThemeSrcDirPath,
-            "destDirPath": getThemeDirPath("email")
+            "destDirPath": getThemeTypeDirPath({ "themeType": "email" })
         });
     }
 }

src/bin/keycloakify/generateTheme/readExtraPageNames.ts

@@ -1,9 +1,10 @@
 import { crawl } from "../../tools/crawl";
-import { type ThemeType, accountThemePageIds, loginThemePageIds } from "../generateFtl";
+import { accountThemePageIds, loginThemePageIds } from "../generateFtl";
 import { id } from "tsafe/id";
 import { removeDuplicates } from "evt/tools/reducers/removeDuplicates";
 import * as fs from "fs";
 import { join as pathJoin } from "path";
+import type { ThemeType } from "../../constants";
 
 export function readExtraPagesNames(params: { themeSrcDirPath: string; themeType: ThemeType }): string[] {
     const { themeSrcDirPath, themeType } = params;

src/bin/keycloakify/generateTheme/readFieldNameUsage.ts

@@ -2,7 +2,7 @@ import { crawl } from "../../tools/crawl";
 import { removeDuplicates } from "evt/tools/reducers/removeDuplicates";
 import { join as pathJoin } from "path";
 import * as fs from "fs";
-import type { ThemeType } from "../generateFtl";
+import type { ThemeType } from "../../constants";
 
 /** Assumes the theme type exists */
 export function readFieldNameUsage(params: { keycloakifySrcDirPath: string; themeSrcDirPath: string; themeType: ThemeType }): string[] {

src/bin/keycloakify/generateTheme/readStaticResourcesUsage.ts

@@ -1,7 +1,7 @@
 import { crawl } from "../../tools/crawl";
 import { join as pathJoin, sep as pathSep } from "path";
 import * as fs from "fs";
-import type { ThemeType } from "../generateFtl";
+import type { ThemeType } from "../../constants";
 
 /** Assumes the theme type exists */
 export function readStaticResourcesUsage(params: { keycloakifySrcDirPath: string; themeSrcDirPath: string; themeType: ThemeType }): {

src/bin/keycloakify/keycloakify.ts

@@ -6,18 +6,16 @@ import { generateStartKeycloakTestingContainer } from "./generateStartKeycloakTe
 import * as fs from "fs";
 import { readBuildOptions } from "./BuildOptions";
 import { getLogger } from "../tools/logger";
-import jar from "../tools/jar";
 import { assert } from "tsafe/assert";
-import { Equals } from "tsafe";
 import { getThemeSrcDirPath } from "../getSrcDirPath";
 import { getProjectRoot } from "../tools/getProjectRoot";
 import { objectKeys } from "tsafe/objectKeys";
 
 export async function main() {
-    const projectDirPath = process.cwd();
+    const reactAppRootDirPath = process.cwd();
 
     const buildOptions = readBuildOptions({
-        projectDirPath,
+        reactAppRootDirPath,
         "processArgv": process.argv.slice(2)
     });
 
@@ -26,19 +24,14 @@ export async function main() {
 
     const keycloakifyDirPath = getProjectRoot();
 
-    const { themeSrcDirPath } = getThemeSrcDirPath({ projectDirPath });
+    const { themeSrcDirPath } = getThemeSrcDirPath({ reactAppRootDirPath });
 
-    for (const themeName of [buildOptions.themeName, ...buildOptions.extraThemeNames]) {
+    for (const themeName of buildOptions.themeNames) {
         await generateTheme({
-            projectDirPath,
-            "keycloakThemeBuildingDirPath": buildOptions.keycloakifyBuildDirPath,
+            themeName,
             themeSrcDirPath,
             "keycloakifySrcDirPath": pathJoin(keycloakifyDirPath, "src"),
-            "reactAppBuildDirPath": buildOptions.reactAppBuildDirPath,
-            "buildOptions": {
-                ...buildOptions,
-                "themeName": themeName
-            },
+            buildOptions,
             "keycloakifyVersion": (() => {
                 const version = JSON.parse(fs.readFileSync(pathJoin(keycloakifyDirPath, "package.json")).toString("utf8"))["version"];
 
@@ -49,8 +42,7 @@ export async function main() {
         });
     }
 
-    const { jarFilePath } = generateJavaStackFiles({
-        "keycloakThemeBuildingDirPath": buildOptions.keycloakifyBuildDirPath,
+    const { jarFilePath } = await generateJavaStackFiles({
         "implementedThemeTypes": (() => {
             const implementedThemeTypes = {
                 "login": false,
@@ -70,33 +62,13 @@ export async function main() {
         buildOptions
     });
 
-    switch (buildOptions.bundler) {
-        case "none":
-            logger.log("😱 Skipping bundling step, there will be no jar");
-            break;
-        case "keycloakify":
-            logger.log("🫶 Let keycloakify do its thang");
-            await jar({
-                "rootPath": buildOptions.keycloakifyBuildDirPath,
-                "version": buildOptions.themeVersion,
-                "groupId": buildOptions.groupId,
-                "artifactId": buildOptions.artifactId,
-                "targetPath": jarFilePath
-            });
-            break;
-        case "mvn":
-            logger.log("🫙 Run maven to deliver a jar");
-            child_process.execSync("mvn package", { "cwd": buildOptions.keycloakifyBuildDirPath });
-            break;
-        default:
-            assert<Equals<typeof buildOptions.bundler, never>>(false);
+    if (buildOptions.doCreateJar) {
+        child_process.execSync("mvn package", { "cwd": buildOptions.keycloakifyBuildDirPath });
     }
 
-    // We want, however, to test in a container running the latest Keycloak version
-    const containerKeycloakVersion = "21.1.2";
+    const containerKeycloakVersion = "23.0.0";
 
     generateStartKeycloakTestingContainer({
-        keycloakThemeBuildingDirPath: buildOptions.keycloakifyBuildDirPath,
         "keycloakVersion": containerKeycloakVersion,
         buildOptions
     });
@@ -104,9 +76,13 @@ export async function main() {
     logger.log(
         [
             "",
-            `✅ Your keycloak theme has been generated and bundled into .${pathSep}${pathRelative(projectDirPath, jarFilePath)} 🚀`,
-            `It is to be placed in "/opt/keycloak/providers" in the container running a quay.io/keycloak/keycloak Docker image.`,
-            "",
+            ...(!buildOptions.doCreateJar
+                ? []
+                : [
+                      `✅ Your keycloak theme has been generated and bundled into .${pathSep}${pathRelative(reactAppRootDirPath, jarFilePath)} 🚀`,
+                      `It is to be placed in "/opt/keycloak/providers" in the container running a quay.io/keycloak/keycloak Docker image.`,
+                      ""
+                  ]),
             //TODO: Restore when we find a good Helm chart for Keycloak.
             //"Using Helm (https://github.com/codecentric/helm-charts), edit to reflect:",
             "",
@@ -139,7 +115,7 @@ export async function main() {
             `To test your theme locally you can spin up a Keycloak ${containerKeycloakVersion} container image with the theme pre loaded by running:`,
             "",
             `👉 $ .${pathSep}${pathRelative(
-                projectDirPath,
+                reactAppRootDirPath,
                 pathJoin(buildOptions.keycloakifyBuildDirPath, generateStartKeycloakTestingContainer.basename)
             )} 👈`,
             "",
@@ -149,15 +125,15 @@ export async function main() {
             "- Log into the admin console 👉 http://localhost:8080/admin username: admin, password: admin 👈",
             `- Create a realm:                       Master         -> AddRealm   -> Name: myrealm`,
             `- Enable registration:                  Realm settings -> Login tab  -> User registration: on`,
-            `- Enable the Account theme (optional):  Realm settings -> Themes tab -> Account theme: ${buildOptions.themeName}`,
-            `                                        Clients        -> account    -> Login theme:   ${buildOptions.themeName}`,
-            `- Enable the email theme (optional):    Realm settings -> Themes tab -> Email theme:   ${buildOptions.themeName} (option will appear only if you have ran npx initialize-email-theme)`,
+            `- Enable the Account theme (optional):  Realm settings -> Themes tab -> Account theme: ${buildOptions.themeNames[0]}`,
+            `                                        Clients        -> account    -> Login theme:   ${buildOptions.themeNames[0]}`,
+            `- Enable the email theme (optional):    Realm settings -> Themes tab -> Email theme:   ${buildOptions.themeNames[0]} (option will appear only if you have ran npx initialize-email-theme)`,
             `- Create a client                       Clients        -> Create     -> Client ID:                       myclient`,
             `                                                                        Root URL:                        https://www.keycloak.org/app/`,
             `                                                                        Valid redirect URIs:             https://www.keycloak.org/app* http://localhost* (localhost is optional)`,
             `                                                                        Valid post logout redirect URIs: https://www.keycloak.org/app* http://localhost*`,
             `                                                                        Web origins:                     *`,
-            `                                                                        Login Theme:                     ${buildOptions.themeName}`,
+            `                                                                        Login Theme:                     ${buildOptions.themeNames[0]}`,
             `                                                                        Save (button at the bottom of the page)`,
             ``,
             `- Go to  👉  https://www.keycloak.org/app/ 👈 Click "Save" then "Sign in". You should see your login page`,

src/bin/keycloakify/parsedPackageJson.ts

@@ -4,8 +4,6 @@ import type { Equals } from "tsafe";
 import { z } from "zod";
 import { pathJoin } from "../tools/pathJoin";
 
-export const bundlers = ["mvn", "keycloakify", "none"] as const;
-export type Bundler = (typeof bundlers)[number];
 export type ParsedPackageJson = {
     name: string;
     version?: string;
@@ -15,12 +13,12 @@ export type ParsedPackageJson = {
         areAppAndKeycloakServerSharingSameDomain?: boolean;
         artifactId?: string;
         groupId?: string;
-        bundler?: Bundler;
-        keycloakVersionDefaultAssets?: string;
+        doCreateJar?: boolean;
+        loginThemeResourcesFromKeycloakVersion?: string;
         reactAppBuildDirPath?: string;
         keycloakifyBuildDirPath?: string;
-        themeName?: string;
-        extraThemeNames?: string[];
+        themeName?: string | string[];
+        doBuildRetrocompatAccountTheme?: boolean;
     };
 };
 
@@ -34,12 +32,12 @@ export const zParsedPackageJson = z.object({
             "areAppAndKeycloakServerSharingSameDomain": z.boolean().optional(),
             "artifactId": z.string().optional(),
             "groupId": z.string().optional(),
-            "bundler": z.enum(bundlers).optional(),
-            "keycloakVersionDefaultAssets": z.string().optional(),
+            "doCreateJar": z.boolean().optional(),
+            "loginThemeResourcesFromKeycloakVersion": z.string().optional(),
             "reactAppBuildDirPath": z.string().optional(),
             "keycloakifyBuildDirPath": z.string().optional(),
-            "themeName": z.string().optional(),
-            "extraThemeNames": z.array(z.string()).optional()
+            "themeName": z.union([z.string(), z.array(z.string())]).optional(),
+            "doBuildRetrocompatAccountTheme": z.boolean().optional()
         })
         .optional()
 });
@@ -47,11 +45,11 @@ export const zParsedPackageJson = z.object({
 assert<Equals<ReturnType<(typeof zParsedPackageJson)["parse"]>, ParsedPackageJson>>();
 
 let parsedPackageJson: undefined | ReturnType<(typeof zParsedPackageJson)["parse"]>;
-export function getParsedPackageJson(params: { projectDirPath: string }) {
-    const { projectDirPath } = params;
+export function getParsedPackageJson(params: { reactAppRootDirPath: string }) {
+    const { reactAppRootDirPath } = params;
     if (parsedPackageJson) {
         return parsedPackageJson;
     }
-    parsedPackageJson = zParsedPackageJson.parse(JSON.parse(fs.readFileSync(pathJoin(projectDirPath, "package.json")).toString("utf8")));
+    parsedPackageJson = zParsedPackageJson.parse(JSON.parse(fs.readFileSync(pathJoin(reactAppRootDirPath, "package.json")).toString("utf8")));
     return parsedPackageJson;
 }

src/bin/mockTestingResourcesPath.ts

@@ -1,5 +0,0 @@
-import { pathJoin } from "./tools/pathJoin";
-
-export const basenameOfKeycloakDirInPublicDir = "keycloak-resources";
-export const resourcesDirPathRelativeToPublicDir = pathJoin(basenameOfKeycloakDirInPublicDir, "resources");
-export const resourcesCommonDirPathRelativeToPublicDir = pathJoin(resourcesDirPathRelativeToPublicDir, "resources_common");

src/bin/tools/downloadAndUnzip.ts

@@ -162,7 +162,7 @@ export async function downloadAndUnzip(
     } & (
         | {
               doUseCache: true;
-              projectDirPath: string;
+              cacheDirPath: string;
           }
         | {
               doUseCache: false;
@@ -182,11 +182,10 @@ export async function downloadAndUnzip(
                   }
     });
 
-    const cacheRoot = !rest.doUseCache
-        ? `tmp_${Math.random().toString().slice(2, 12)}`
-        : pathJoin(process.env.XDG_CACHE_HOME ?? pathJoin(rest.projectDirPath, "node_modules", ".cache"), "keycloakify");
-    const zipFilePath = pathJoin(cacheRoot, `${zipFileBasename}.zip`);
-    const extractDirPath = pathJoin(cacheRoot, `tmp_unzip_${zipFileBasename}`);
+    const cacheDirPath = !rest.doUseCache ? `tmp_${Math.random().toString().slice(2, 12)}` : rest.cacheDirPath;
+
+    const zipFilePath = pathJoin(cacheDirPath, `${zipFileBasename}.zip`);
+    const extractDirPath = pathJoin(cacheDirPath, `tmp_unzip_${zipFileBasename}`);
 
     if (!(await exists(zipFilePath))) {
         const opts = await getFetchOptions();
@@ -226,7 +225,7 @@ export async function downloadAndUnzip(
     });
 
     if (!rest.doUseCache) {
-        await rm(cacheRoot, { "recursive": true });
+        await rm(cacheDirPath, { "recursive": true });
     } else {
         await rm(extractDirPath, { "recursive": true });
     }

src/bin/tools/getAbsoluteAndInOsFormatPath.ts

@@ -0,0 +1,15 @@
+import { isAbsolute as pathIsAbsolute, sep as pathSep, join as pathJoin } from "path";
+
+export function getAbsoluteAndInOsFormatPath(params: { pathIsh: string; cwd: string }): string {
+    const { pathIsh, cwd } = params;
+
+    let pathOut = pathIsh;
+
+    pathOut = pathOut.replace(/\//g, pathSep);
+
+    if (!pathIsAbsolute(pathOut)) {
+        pathOut = pathJoin(cwd, pathOut);
+    }
+
+    return pathOut;
+}

src/bin/tools/jar.ts

@@ -1,99 +0,0 @@
-import { dirname, relative, sep, join } from "path";
-import { createWriteStream } from "fs";
-
-import walk from "./walk";
-import { ZipFile } from "yazl";
-import { mkdir } from "fs/promises";
-import trimIndent from "./trimIndent";
-
-export type ZipEntry = { zipPath: string } & ({ fsPath: string } | { buffer: Buffer });
-export type ZipEntryGenerator = AsyncGenerator<ZipEntry, void, unknown>;
-
-type CommonJarArgs = {
-    groupId: string;
-    artifactId: string;
-    version: string;
-};
-
-export type JarStreamArgs = CommonJarArgs & {
-    asyncPathGeneratorFn(): ZipEntryGenerator;
-};
-
-export type JarArgs = CommonJarArgs & {
-    targetPath: string;
-    rootPath: string;
-};
-
-export async function jarStream({ groupId, artifactId, version, asyncPathGeneratorFn }: JarStreamArgs) {
-    const manifestPath = "META-INF/MANIFEST.MF";
-    const manifestData = Buffer.from(trimIndent`
-            Manifest-Version: 1.0
-            Archiver-Version: Plexus Archiver
-            Created-By: Keycloakify
-            Built-By: unknown
-            Build-Jdk: 19.0.0
-            `);
-
-    const pomPropsPath = `META-INF/maven/${groupId}/${artifactId}/pom.properties`;
-    const pomPropsData = Buffer.from(trimIndent`
-            # Generated by keycloakify
-            # ${new Date()}
-            artifactId=${artifactId}
-            groupId=${groupId}
-            version=${version}
-            `);
-
-    const zipFile = new ZipFile();
-
-    for await (const entry of asyncPathGeneratorFn()) {
-        if ("buffer" in entry) {
-            zipFile.addBuffer(entry.buffer, entry.zipPath);
-        } else if ("fsPath" in entry) {
-            if (entry.fsPath.endsWith(sep)) {
-                zipFile.addEmptyDirectory(entry.zipPath);
-            } else {
-                zipFile.addFile(entry.fsPath, entry.zipPath);
-            }
-        }
-    }
-
-    zipFile.addBuffer(manifestData, manifestPath);
-    zipFile.addBuffer(pomPropsData, pomPropsPath);
-
-    zipFile.end();
-
-    return zipFile;
-}
-
-/**
- * Create a jar archive, using the resources found at `rootPath` (a directory) and write the
- * archive to `targetPath` (a file). Use `groupId`, `artifactId` and `version` to define
- * the contents of the pom.properties file which is going to be added to the archive.
- * The root directory is expectedto have a conventional maven/gradle folder structure with a
- * single `pom.xml` file at the root and a `src/main/resources` directory containing all
- * application resources.
- */
-export default async function jar({ groupId, artifactId, version, rootPath, targetPath }: JarArgs) {
-    await mkdir(dirname(targetPath), { recursive: true });
-
-    const asyncPathGeneratorFn = async function* (): ZipEntryGenerator {
-        const resourcesPath = join(rootPath, "src", "main", "resources");
-        for await (const fsPath of walk(resourcesPath)) {
-            const zipPath = relative(resourcesPath, fsPath).split(sep).join("/");
-            yield { fsPath, zipPath };
-        }
-        yield {
-            fsPath: join(rootPath, "pom.xml"),
-            zipPath: `META-INF/maven/${groupId}/${artifactId}/pom.xml`
-        };
-    };
-
-    const zipFile = await jarStream({ groupId, artifactId, version, asyncPathGeneratorFn });
-
-    await new Promise<void>(async (resolve, reject) => {
-        zipFile.outputStream
-            .pipe(createWriteStream(targetPath, { encoding: "binary" }))
-            .on("close", () => resolve())
-            .on("error", e => reject(e));
-    });
-}

src/bin/tools/pathJoin.ts

@@ -2,5 +2,5 @@ export function pathJoin(...path: string[]): string {
     return path
         .map((part, i) => (i === 0 ? part : part.replace(/^\/+/, "")))
         .map((part, i) => (i === path.length - 1 ? part : part.replace(/\/+$/, "")))
-        .join("/");
+        .join(typeof process !== "undefined" && process.platform === "win32" ? "\\" : "/");
 }

src/bin/tools/walk.ts

@@ -1,19 +0,0 @@
-import { readdir } from "fs/promises";
-import { resolve, sep } from "path";
-
-/**
- * Asynchronously and recursively walk a directory tree, yielding every file and directory
- * found. Directory paths will _always_ end with a path separator.
- *
- * @param root the starting directory
- * @returns AsyncGenerator
- */
-export default async function* walk(root: string): AsyncGenerator<string, void, unknown> {
-    for (const entry of await readdir(root, { withFileTypes: true })) {
-        const absolutePath = resolve(root, entry.name);
-        if (entry.isDirectory()) {
-            yield absolutePath.endsWith(sep) ? absolutePath : absolutePath + sep;
-            yield* walk(absolutePath);
-        } else yield absolutePath.endsWith(sep) ? absolutePath.substring(0, absolutePath.length - 1) : absolutePath;
-    }
-}

src/login/kcContext/KcContext.ts

@@ -1,4 +1,5 @@
-import type { LoginThemePageId, ThemeType } from "keycloakify/bin/keycloakify/generateFtl";
+import type { LoginThemePageId } from "keycloakify/bin/keycloakify/generateFtl";
+import { type ThemeType } from "keycloakify/bin/constants";
 import { assert } from "tsafe/assert";
 import type { Equals } from "tsafe";
 import type { MessageKey } from "../i18n/i18n";
@@ -39,6 +40,7 @@ export type KcContext =
 
 export declare namespace KcContext {
     export type Common = {
+        themeVersion: string;
         keycloakifyVersion: string;
         themeType: "login";
         themeName: string;

src/login/kcContext/createGetKcContext.ts

@@ -8,9 +8,8 @@ import { assert } from "tsafe/assert";
 import type { ExtendKcContext } from "./getKcContextFromWindow";
 import { getKcContextFromWindow } from "./getKcContextFromWindow";
 import { pathJoin } from "keycloakify/bin/tools/pathJoin";
-import { pathBasename } from "keycloakify/tools/pathBasename";
-import { resourcesCommonDirPathRelativeToPublicDir } from "keycloakify/bin/mockTestingResourcesPath";
 import { symToStr } from "tsafe/symToStr";
+import { resources_common } from "keycloakify/bin/constants";
 
 export function createGetKcContext<KcContextExtension extends { pageId: string } = never>(params?: {
     mockData?: readonly DeepPartial<ExtendKcContext<KcContextExtension>>[];
@@ -148,11 +147,7 @@ export function createGetKcContext<KcContextExtension extends { pageId: string }
             return { "kcContext": undefined as any };
         }
 
-        {
-            const { url } = realKcContext;
-
-            url.resourcesCommonPath = pathJoin(url.resourcesPath, pathBasename(resourcesCommonDirPathRelativeToPublicDir));
-        }
+        realKcContext.url.resourcesCommonPath = pathJoin(realKcContext.url.resourcesPath, resources_common);
 
         return { "kcContext": realKcContext as any };
     }

src/login/kcContext/kcContextMocks.ts

@@ -1,13 +1,11 @@
 import "minimal-polyfills/Object.fromEntries";
 import type { KcContext, Attribute } from "./KcContext";
-import { resourcesCommonDirPathRelativeToPublicDir, resourcesDirPathRelativeToPublicDir } from "keycloakify/bin/mockTestingResourcesPath";
+import { resources_common, keycloak_resources } from "keycloakify/bin/constants";
 import { pathJoin } from "keycloakify/bin/tools/pathJoin";
 import { id } from "tsafe/id";
 import { assert, type Equals } from "tsafe/assert";
 import type { LoginThemePageId } from "keycloakify/bin/keycloakify/generateFtl";
 
-const PUBLIC_URL = (typeof process !== "object" ? undefined : process.env?.["PUBLIC_URL"]) || "/";
-
 const attributes: Attribute[] = [
     {
         "validators": {
@@ -102,14 +100,19 @@ const attributes: Attribute[] = [
 
 const attributesByName = Object.fromEntries(attributes.map(attribute => [attribute.name, attribute])) as any;
 
+const PUBLIC_URL = (typeof process !== "object" ? undefined : process.env?.["PUBLIC_URL"]) || "/";
+
+const resourcesPath = pathJoin(PUBLIC_URL, keycloak_resources, "login", "resources");
+
 export const kcContextCommonMock: KcContext.Common = {
+    "themeVersion": "0.0.0",
     "keycloakifyVersion": "0.0.0",
     "themeType": "login",
     "themeName": "my-theme-name",
     "url": {
         "loginAction": "#",
-        "resourcesPath": pathJoin(PUBLIC_URL, resourcesDirPathRelativeToPublicDir),
-        "resourcesCommonPath": pathJoin(PUBLIC_URL, resourcesCommonDirPathRelativeToPublicDir),
+        resourcesPath,
+        "resourcesCommonPath": pathJoin(resourcesPath, resources_common),
         "loginRestartFlowUrl": "/auth/realms/myrealm/login-actions/restart?client_id=account&tab_id=HoAx28ja4xg",
         "loginUrl": "/auth/realms/myrealm/login-actions/authenticate?client_id=account&tab_id=HoAx28ja4xg"
     },

src/login/pages/Info.tsx

@@ -8,7 +8,10 @@ export default function Info(props: PageProps<Extract<KcContext, { pageId: "info
 
     const { msgStr, msg } = i18n;
 
-    assert(kcContext.message !== undefined);
+    assert(
+        kcContext.message !== undefined,
+        "No message in kcContext.message, there will always be a message in production context, add it in your mock"
+    );
 
     const { messageHeader, message, requiredActions, skipLink, pageRedirectUri, actionUri, client } = kcContext;
 

stories/login/pages/Info.stories.tsx

@@ -21,4 +21,13 @@ const meta: ComponentMeta<any> = {
 
 export default meta;
 
-export const Default = () => <PageStory />;
+export const Default = () => (
+    <PageStory
+        kcContext={{
+            message: {
+                summary: "This is the server message",
+                type: "info"
+            }
+        }}
+    />
+);

test/bin/jar.spec.ts

@@ -1,131 +0,0 @@
-import jar, { jarStream, type ZipEntryGenerator } from "keycloakify/bin/tools/jar";
-import { fromBuffer, Entry, ZipFile } from "yauzl";
-import { it, describe, assert, afterAll } from "vitest";
-import { Readable } from "stream";
-import { tmpdir } from "os";
-import { mkdtemp, cp, mkdir, rm, writeFile } from "fs/promises";
-import path from "path";
-import { createReadStream } from "fs";
-import walk from "keycloakify/bin/tools/walk";
-
-type AsyncIterable<T> = {
-    [Symbol.asyncIterator](): AsyncIterableIterator<T>;
-};
-
-async function arrayFromAsync<T>(asyncIterable: AsyncIterable<T>) {
-    const chunks: T[] = [];
-    for await (const chunk of asyncIterable) chunks.push(chunk);
-    return chunks;
-}
-
-async function readToBuffer(stream: NodeJS.ReadableStream) {
-    return Buffer.concat(await arrayFromAsync(stream as AsyncIterable<Buffer>));
-}
-
-function unzipBuffer(buffer: Buffer) {
-    return new Promise<ZipFile>((resolve, reject) =>
-        fromBuffer(buffer, { lazyEntries: true }, (err, zipFile) => {
-            if (err !== null) {
-                reject(err);
-            } else {
-                resolve(zipFile);
-            }
-        })
-    );
-}
-
-function readEntry(zipFile: ZipFile, entry: Entry): Promise<Readable> {
-    return new Promise<Readable>((resolve, reject) => {
-        zipFile.openReadStream(entry, (err, stream) => {
-            if (err !== null) {
-                reject(err);
-            } else {
-                resolve(stream);
-            }
-        });
-    });
-}
-
-function readAll(zipFile: ZipFile): Promise<Map<string, Buffer>> {
-    return new Promise<Map<string, Buffer>>((resolve, reject) => {
-        const entries1: Map<string, Buffer> = new Map();
-        zipFile.on("entry", async (entry: Entry) => {
-            const stream = await readEntry(zipFile, entry);
-            const buffer = await readToBuffer(stream);
-            entries1.set(entry.fileName, buffer);
-            zipFile.readEntry();
-        });
-        zipFile.on("end", () => resolve(entries1));
-        zipFile.on("error", e => reject(e));
-        zipFile.readEntry();
-    });
-}
-
-describe("jar", () => {
-    const coords = { artifactId: "someArtifactId", groupId: "someGroupId", version: "1.2.3" };
-
-    const tmpDirs: string[] = [];
-
-    afterAll(async () => {
-        await Promise.all(tmpDirs.map(dir => rm(dir, { force: true, recursive: true })));
-    });
-
-    it("creates jar artifacts without error", async () => {
-        async function* mockFiles(): ZipEntryGenerator {
-            yield { zipPath: "foo", buffer: Buffer.from("foo") };
-        }
-
-        const zipped = await jarStream({ ...coords, asyncPathGeneratorFn: mockFiles });
-        const buffered = await readToBuffer(zipped.outputStream);
-        const unzipped = await unzipBuffer(buffered);
-        const entries = await readAll(unzipped);
-
-        assert.equal(entries.size, 3);
-        assert.isOk(entries.has("foo"));
-        assert.isOk(entries.has("META-INF/MANIFEST.MF"));
-        assert.isOk(entries.has("META-INF/maven/someGroupId/someArtifactId/pom.properties"));
-
-        assert.equal("foo", entries.get("foo")?.toString("utf-8"));
-
-        const manifest = entries.get("META-INF/MANIFEST.MF")?.toString("utf-8");
-        const pomProperties = entries.get("META-INF/maven/someGroupId/someArtifactId/pom.properties")?.toString("utf-8");
-
-        assert.isOk(manifest?.includes("Created-By: Keycloakify"));
-        assert.isOk(pomProperties?.includes("1.2.3"));
-        assert.isOk(pomProperties?.includes("someGroupId"));
-        assert.isOk(pomProperties?.includes("someArtifactId"));
-    });
-
-    it("creates a jar from _real_ files without error", async () => {
-        const tmp = await mkdtemp(path.join(tmpdir(), "kc-jar-test-"));
-
-        tmpDirs.push(tmp);
-
-        const rootPath = path.join(tmp, "root");
-        const resourcesPath = path.join(tmp, "root", "src", "main", "resources");
-        const targetPath = path.join(tmp, "jar.jar");
-
-        await mkdir(resourcesPath, { recursive: true });
-        await writeFile(path.join(rootPath, "pom.xml"), "foo", "utf-8");
-
-        await cp(path.dirname(__dirname), resourcesPath, { recursive: true });
-
-        await jar({ ...coords, rootPath, targetPath });
-
-        const buffered = await readToBuffer(createReadStream(targetPath));
-        const unzipped = await unzipBuffer(buffered);
-        const entries = await readAll(unzipped);
-        const zipPaths = Array.from(entries.keys());
-
-        assert.isOk(entries.has("META-INF/MANIFEST.MF"));
-        assert.isOk(entries.has("META-INF/maven/someGroupId/someArtifactId/pom.properties"));
-        assert.isOk(entries.has("META-INF/maven/someGroupId/someArtifactId/pom.xml"));
-
-        for await (const fsPath of walk(resourcesPath)) {
-            if (!fsPath.endsWith(path.sep)) {
-                const rel = path.relative(resourcesPath, fsPath).replace(path.sep === "/" ? /\//g : /\\/g, "/");
-                assert.isOk(zipPaths.includes(rel), `missing '${rel}' (${rel}, '${zipPaths.join("', '")}')`);
-            }
-        }
-    });
-});

test/bin/setupSampleReactProject.spec.ts

@@ -24,7 +24,7 @@ vi.mock("keycloakify/bin/keycloakify/parsed-package-json", async () => ({
 
 vi.mock("keycloakify/bin/promptKeycloakVersion", async () => ({
     ...((await vi.importActual("keycloakify/bin/promptKeycloakVersion")) as Record<string, unknown>),
-    promptKeycloakVersion: () => ({ keycloakVersion: "11.0.3" })
+    promptKeycloakVersion: () => ({ "keycloakVersion": "11.0.3" })
 }));
 
 const nativeCwd = process.cwd;
@@ -52,19 +52,25 @@ describe("Sample Project", () => {
             await setupSampleReactProject(sampleReactProjectDirPath);
             await initializeEmailTheme();
 
-            const projectDirPath = process.cwd();
+            const reactAppRootDirPath = process.cwd();
 
             const destDirPath = pathJoin(
                 readBuildOptions({
                     "processArgv": ["--silent"],
-                    projectDirPath
+                    reactAppRootDirPath
                 }).keycloakifyBuildDirPath,
                 "src",
                 "main",
                 "resources",
                 "theme"
             );
-            await downloadBuiltinKeycloakTheme({ destDirPath, "keycloakVersion": "11.0.3", projectDirPath });
+            await downloadBuiltinKeycloakTheme({
+                destDirPath,
+                "keycloakVersion": "11.0.3",
+                "buildOptions": {
+                    "cacheDirPath": pathJoin(reactAppRootDirPath, "node_modules", ".cache", "keycloakify")
+                }
+            });
         },
         { timeout: 90000 }
     );
@@ -80,19 +86,25 @@ describe("Sample Project", () => {
             await setupSampleReactProject(pathJoin(sampleReactProjectDirPath, "custom_input"));
             await initializeEmailTheme();
 
-            const projectDirPath = process.cwd();
+            const reactAppRootDirPath = process.cwd();
 
             const destDirPath = pathJoin(
                 readBuildOptions({
                     "processArgv": ["--silent"],
-                    projectDirPath
+                    reactAppRootDirPath
                 }).keycloakifyBuildDirPath,
                 "src",
                 "main",
                 "resources",
                 "theme"
             );
-            await downloadBuiltinKeycloakTheme({ destDirPath, "keycloakVersion": "11.0.3", projectDirPath });
+            await downloadBuiltinKeycloakTheme({
+                destDirPath,
+                "keycloakVersion": "11.0.3",
+                buildOptions: {
+                    "cacheDirPath": pathJoin(reactAppRootDirPath, "node_modules", ".cache", "keycloakify")
+                }
+            });
         },
         { timeout: 90000 }
     );

test/bin/tools/trimIndet.spec.ts

@@ -1,65 +0,0 @@
-import trimIndent from "keycloakify/bin/tools/trimIndent";
-import { it, describe, assert } from "vitest";
-
-describe("trimIndent", () => {
-    it("does not change a left-aligned string as expected", () => {
-        const txt = trimIndent`lorem
-ipsum`;
-        assert.equal(txt, ["lorem", "ipsum"].join("\n"));
-    });
-
-    it("removes leading and trailing empty lines from a left-aligned string", () => {
-        const txt = trimIndent`
-lorem
-ipsum
-`;
-        assert.equal(txt, ["lorem", "ipsum"].join("\n"));
-    });
-
-    it("removes indent from an aligned string", () => {
-        const txt = trimIndent`
-            lorem
-            ipsum
-        `;
-        assert.equal(txt, ["lorem", "ipsum"].join("\n"));
-    });
-
-    it("removes indent from unaligned string", () => {
-        const txt = trimIndent`
-            lorem
-                ipsum
-        `;
-        assert.equal(txt, ["lorem", "    ipsum"].join("\n"));
-    });
-
-    it("removes only first and last empty line", () => {
-        const txt = trimIndent`
-
-            lorem
-            ipsum
-
-            `;
-
-        assert.equal(txt, ["", "lorem", "ipsum", ""].join("\n"));
-    });
-
-    it("interpolates non-strings", () => {
-        const d = new Date();
-        const txt = trimIndent`
-            lorem
-            ${d}
-            ipsum`;
-
-        assert.equal(txt, ["lorem", String(d), "ipsum"].join("\n"));
-    });
-
-    it("inderpolates preserving new-lines in the interpolated bits", () => {
-        const a = ["ipsum", "dolor", "sit"].join("\n");
-        const txt = trimIndent`
-            lorem
-            ${a}
-            amet
-            `;
-        assert.equal(txt, ["lorem", "ipsum", "dolor", "sit", "amet"].join("\n"));
-    });
-});