diff --git a/roles/keycloak/files/theme/archlinux/account/index.ftl b/roles/keycloak/files/theme/archlinux/account/index.ftl
index 236954873b113ca41c3647b9d4af00304edd402c..c44ec921efa3ab21cecea33665bebea2ac7e47b3 100644
--- a/roles/keycloak/files/theme/archlinux/account/index.ftl
+++ b/roles/keycloak/files/theme/archlinux/account/index.ftl
@@ -57,7 +57,7 @@
<#if referrer??>
var referrer = '${referrer}';
var referrerName = '${referrerName}';
- var referrerUri = '${referrer_uri?no_esc}';
+ var referrerUri = '${referrer_uri}'.replace('&', '&');
</#if>
<#if msg??>
@@ -146,7 +146,7 @@
<div id="spinner_screen" style="display:block; height:100%">
<div style="width: 320px; height: 328px; text-align: center; position: absolute; top:0; bottom: 0; left: 0; right: 0; margin: auto;">
<#if properties.logo?has_content>
- <img src="${resourceUrl}${properties.logoDark}" alt="Logo" class="brand">
+ <img src="${resourceUrl}${properties.logo}" alt="Logo" class="brand">
<#else>
<img src="${resourceUrl}/public/archlinux-logo-dark.svg" alt="Logo" class="brand">
</#if>
diff --git a/roles/keycloak/files/theme/archlinux/login/login-config-totp.ftl b/roles/keycloak/files/theme/archlinux/login/login-config-totp.ftl
index a7cd43885b30cba59f3bb25d39113677ed95084a..2c1ebcc3f25c2966180a96708a6184b284cb5101 100644
--- a/roles/keycloak/files/theme/archlinux/login/login-config-totp.ftl
+++ b/roles/keycloak/files/theme/archlinux/login/login-config-totp.ftl
@@ -1,49 +1,46 @@
<#import "template.ftl" as layout>
-<@layout.registrationLayout displayInfo=true displayRequiredFields=true; section>
+<@layout.registrationLayout displayRequiredFields=false displayMessage=!messagesPerField.existsError('totp','userLabel'); section>
<#if section = "header">
${msg("loginTotpTitle")}
-
<#elseif section = "form">
-
- <div class="alert alert-warning">
- <span class="${properties.kcFeedbackWarningIcon}"></span>
- ${kcSanitize(msg("totp-registration-warning"))?no_esc}
- </div>
-
- <ol id="kc-totp-settings">
- <li>
- <p>${msg("loginTotpStep1")}</p>
-
- <ul id="kc-totp-supported-apps">
- <div style="margin-bottom: 10px; float: left; width: 40%">
- <h4>Android</h4>
- <ul style="margin-top: -5px;">
- <li><a target="_blank" rel="noopener noreferrer" href="https://getaegis.app/">Aegis</a></li>
- <li><a target="_blank" rel="noopener noreferrer" href="https://github.com/andOTP/andOTP">andOTP</a></li>
- <li><a target="_blank" rel="noopener noreferrer" href="https://github.com/helloworld1/FreeOTPPlus">FreeOTP+</a></li>
- </ul>
- </div>
- <div style="margin-bottom: 10px; float: left; width: 60%">
- <h4>iOS</h4>
- <ul style="margin-top: -5px;">
- <li><a target="_blank" rel="noopener noreferrer" href="https://authy.com/">Authy</a></li>
- <li><a target="_blank" rel="noopener noreferrer" href="https://lastpass.com/auth/">LastPass Authenticator</a></li>
- <li><a target="_blank" rel="noopener noreferrer" href="https://cooperrs.de/otpauth.html ">OTP Auth</a></li>
- </ul>
- </div>
- </ul>
- </li>
-
- <#if mode?? && mode = "manual">
+ <div class="alert alert-warning">
+ <span class="${properties.kcFeedbackWarningIcon}"></span>
+ ${kcSanitize(msg("totp-registration-warning"))?no_esc}
+ </div>
+ <ol id="kc-totp-settings">
<li>
- <p>${msg("loginTotpManualStep2")}</p>
- <p><span id="kc-totp-secret-key">${totp.totpSecretEncoded}</span></p>
- <p><a href="${totp.qrUrl}" id="mode-barcode">${msg("loginTotpScanBarcode")}</a></p>
+ <p>${msg("loginTotpStep1")}</p>
+
+ <ul id="kc-totp-supported-apps">
+ <div style="margin-bottom: 10px; float: left; width: 40%">
+ <h4>Android</h4>
+ <ul style="margin-top: -5px;">
+ <li><a target="_blank" rel="noopener noreferrer" href="https://getaegis.app/">Aegis</a></li>
+ <li><a target="_blank" rel="noopener noreferrer" href="https://github.com/andOTP/andOTP">andOTP</a></li>
+ <li><a target="_blank" rel="noopener noreferrer" href="https://github.com/helloworld1/FreeOTPPlus">FreeOTP+</a></li>
+ </ul>
+ </div>
+ <div style="margin-bottom: 10px; float: left; width: 60%">
+ <h4>iOS</h4>
+ <ul style="margin-top: -5px;">
+ <li><a target="_blank" rel="noopener noreferrer" href="https://authy.com/">Authy</a></li>
+ <li><a target="_blank" rel="noopener noreferrer" href="https://lastpass.com/auth/">LastPass Authenticator</a></li>
+ <li><a target="_blank" rel="noopener noreferrer" href="https://cooperrs.de/otpauth.html ">OTP Auth</a></li>
+ </ul>
+ </div>
+ </ul>
</li>
- <li>
- <p>${msg("loginTotpManualStep3")}</p>
- <p>
+
+ <#if mode?? && mode = "manual">
+ <li>
+ <p>${msg("loginTotpManualStep2")}</p>
+ <p><span id="kc-totp-secret-key">${totp.totpSecretEncoded}</span></p>
+ <p><a href="${totp.qrUrl}" id="mode-barcode">${msg("loginTotpScanBarcode")}</a></p>
+ </li>
+ <li>
+ <p>${msg("loginTotpManualStep3")}</p>
+ <p>
<ul>
<li id="kc-totp-type">${msg("loginTotpType")}: ${msg("loginTotp." + totp.policy.type)}</li>
<li id="kc-totp-algorithm">${msg("loginTotpAlgorithm")}: ${totp.policy.getAlgorithmKey()}</li>
@@ -54,58 +51,75 @@
<li id="kc-totp-counter">${msg("loginTotpCounter")}: ${totp.policy.initialCounter}</li>
</#if>
</ul>
- </p>
- </li>
- <#else>
+ </p>
+ </li>
+ <#else>
+ <li>
+ <p>${msg("loginTotpStep2")}</p>
+ <img id="kc-totp-secret-qr-code" src="data:image/png;base64, ${totp.totpSecretQrCode}" alt="Figure: Barcode"><br/>
+ <p><a href="${totp.manualUrl}" id="mode-manual">${msg("loginTotpUnableToScan")}</a></p>
+ </li>
+ </#if>
<li>
- <p>${msg("loginTotpStep2")}</p>
- <img id="kc-totp-secret-qr-code" src="data:image/png;base64, ${totp.totpSecretQrCode}" alt="Figure: Barcode"><br/>
- <p><a href="${totp.manualUrl}" id="mode-manual">${msg("loginTotpUnableToScan")}</a></p>
+ <p>${msg("loginTotpStep3")}</p>
+ <p>${msg("loginTotpStep3DeviceName")}</p>
</li>
- </#if>
- <li>
- <p>${msg("loginTotpStep3")}</p>
- <p>${msg("loginTotpStep3DeviceName")}</p>
- </li>
- </ol>
+ </ol>
- <form action="${url.loginAction}" class="${properties.kcFormClass!}" id="kc-totp-settings-form" method="post">
- <div class="${properties.kcFormGroupClass!}">
- <div class="${properties.kcInputWrapperClass!}">
- <label for="totp" class="control-label">${msg("authenticatorCode")}</label> <span class="required">*</span>
- </div>
- <div class="${properties.kcInputWrapperClass!}">
- <input type="text" id="totp" name="totp" autocomplete="off" class="${properties.kcInputClass!}" />
- </div>
- <input type="hidden" id="totpSecret" name="totpSecret" value="${totp.totpSecret}" />
- <#if mode??><input type="hidden" id="mode" name="mode" value="${mode}"/></#if>
- </div>
+ <form action="${url.loginAction}" class="${properties.kcFormClass!}" id="kc-totp-settings-form" method="post">
+ <div class="${properties.kcFormGroupClass!}">
+ <div class="${properties.kcInputWrapperClass!}">
+ <label for="totp" class="control-label">${msg("authenticatorCode")}</label> <span class="required">*</span>
+ </div>
+ <div class="${properties.kcInputWrapperClass!}">
+ <input type="text" id="totp" name="totp" autocomplete="off" class="${properties.kcInputClass!}"
+ aria-invalid="<#if messagesPerField.existsError('totp')>true</#if>"
+ />
+
+ <#if messagesPerField.existsError('totp')>
+ <span id="input-error-otp-code" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
+ ${kcSanitize(messagesPerField.get('totp'))?no_esc}
+ </span>
+ </#if>
- <div class="${properties.kcFormGroupClass!}" ${messagesPerField.printIfExists('userLabel',properties.kcFormGroupErrorClass!)}">
- <div class="${properties.kcInputWrapperClass!}">
- <label for="userLabel" class="control-label">${msg("loginTotpDeviceName")}</label> <#if totp.otpCredentials?size gte 1><span class="required">*</span></#if>
+ </div>
+ <input type="hidden" id="totpSecret" name="totpSecret" value="${totp.totpSecret}" />
+ <#if mode??><input type="hidden" id="mode" name="mode" value="${mode}"/></#if>
</div>
- <div class="${properties.kcInputWrapperClass!}">
- <input type="text" class="form-control" id="userLabel" name="userLabel" autocomplete="off">
+ <div class="${properties.kcFormGroupClass!}">
+ <div class="${properties.kcInputWrapperClass!}">
+ <label for="userLabel" class="control-label">${msg("loginTotpDeviceName")}</label> <#if totp.otpCredentials?size gte 1><span class="required">*</span></#if>
+ </div>
+
+ <div class="${properties.kcInputWrapperClass!}">
+ <input type="text" class="${properties.kcInputClass!}" id="userLabel" name="userLabel" autocomplete="off"
+ aria-invalid="<#if messagesPerField.existsError('userLabel')>true</#if>"
+ />
+
+ <#if messagesPerField.existsError('userLabel')>
+ <span id="input-error-otp-label" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
+ ${kcSanitize(messagesPerField.get('userLabel'))?no_esc}
+ </span>
+ </#if>
+ </div>
</div>
- </div>
- <#if isAppInitiatedAction??>
- <input type="submit"
- class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonLargeClass!}"
- id="saveTOTPBtn" value="${msg("doSubmit")}"
- />
- <button type="submit"
- class="${properties.kcButtonClass!} ${properties.kcButtonDefaultClass!} ${properties.kcButtonLargeClass!} ${properties.kcButtonLargeClass!}"
- id="cancelTOTPBtn" name="cancel-aia" value="true" />${msg("doCancel")}
- </button>
- <#else>
- <input type="submit"
- class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonBlockClass!} ${properties.kcButtonLargeClass!}"
- id="saveTOTPBtn" value="${msg("doSubmit")}"
- />
- </#if>
- </form>
+ <#if isAppInitiatedAction??>
+ <input type="submit"
+ class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonLargeClass!}"
+ id="saveTOTPBtn" value="${msg("doSubmit")}"
+ />
+ <button type="submit"
+ class="${properties.kcButtonClass!} ${properties.kcButtonDefaultClass!} ${properties.kcButtonLargeClass!} ${properties.kcButtonLargeClass!}"
+ id="cancelTOTPBtn" name="cancel-aia" value="true" />${msg("doCancel")}
+ </button>
+ <#else>
+ <input type="submit"
+ class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonBlockClass!} ${properties.kcButtonLargeClass!}"
+ id="saveTOTPBtn" value="${msg("doSubmit")}"
+ />
+ </#if>
+ </form>
</#if>
</@layout.registrationLayout>
\ No newline at end of file
diff --git a/roles/keycloak/files/theme/archlinux/login/webauthn-register.ftl b/roles/keycloak/files/theme/archlinux/login/webauthn-register.ftl
index 92c21c0be5ad80cc01cadcfbc59d1ed62a7e6d4a..110c3f0e513552af7c989190a881ec97a7ba8ba2 100644
--- a/roles/keycloak/files/theme/archlinux/login/webauthn-register.ftl
+++ b/roles/keycloak/files/theme/archlinux/login/webauthn-register.ftl
@@ -26,6 +26,14 @@
<script type="text/javascript">
function registerSecurityKey() {
+
+ // Check if WebAuthn is supported by this browser
+ if (!window.PublicKeyCredential) {
+ $("#error").val("${msg("webauthn-unsupported-browser-text")?no_esc}");
+ $("#register").submit();
+ return;
+ }
+
// mandatory parameters
let challenge = "${challenge}";
let userid = "${userid}";
@@ -167,4 +175,4 @@
</#if>
</#if>
- </@layout.registrationLayout>
+ </@layout.registrationLayout>
\ No newline at end of file
diff --git a/roles/keycloak/files/theme/archlinux/welcome/index.ftl b/roles/keycloak/files/theme/archlinux/welcome/index.ftl
index 47436bd6d4faf1f9857c7673c4c4f52618c56fe7..1070f3379c06cda557295b0bb2b9d4dfb4711015 100644
--- a/roles/keycloak/files/theme/archlinux/welcome/index.ftl
+++ b/roles/keycloak/files/theme/archlinux/welcome/index.ftl
@@ -29,7 +29,7 @@
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="robots" content="noindex, nofollow">
- <link rel="shortcut icon" href="${resourcesCommonPath}/img/favicon.ico" />
+ <link rel="shortcut icon" href="${resourcesPath}/img/favicon.ico" />
<#if properties.stylesCommon?has_content>
<#list properties.stylesCommon?split(' ') as style>
@@ -127,7 +127,7 @@
</div>
</div>
<div class='footer'>
- <#if properties.displayFooter = "true">
+ <#if properties.displayCommunityLinks = "true">
<a href="http://www.jboss.org"><img src="welcome-content/jboss_community.png" alt="JBoss and JBoss Community"></a>
</#if>
</div>