Commit c3a68db3 authored by Kristian Klausen's avatar Kristian Klausen 🎉
Browse files

Merge branch 'keycloak-terms-and-conditions' into 'master'

Add Keycloak terms and conditions

See merge request !482
parents 3f55e251 4ff17e87
Pipeline #10890 passed with stage
in 1 minute and 2 seconds
configureTotpMessage=<p>You need to set up a Mobile Authenticator to activate your account.</p> configureTotpMessage=<p>You need to set up a Mobile Authenticator to activate your account.</p>
termsText=By clicking on the "Accept" button below, you hereby accept and agree on behalf of yourself and, if you are being given access as a third party representative of an owner, on behalf of such owner, to be bound by the following terms and conditions:
totp-registration-warning=<p><strong>Warning</strong>: For security reasons, we may not be able to restore access to accounts with two-factor authentication enabled if you lose your two-factor authentication credentials. For this reason, it is highly recommended that you <strong>backup your credentials</strong>.</p> totp-registration-warning=<p><strong>Warning</strong>: For security reasons, we may not be able to restore access to accounts with two-factor authentication enabled if you lose your two-factor authentication credentials. For this reason, it is highly recommended that you <strong>backup your credentials</strong>.</p>
webauthn-registration-warning=<p><strong>Warning</strong>: For security reasons, we may not be able to restore access to accounts with two-factor authentication enabled if you lose your two-factor authentication device. For this reason, it is highly recommended that you also set up a TOTP authenticator on top of your WebAuthn device (or a second WebAuthn device) in order to have an additional login method in place. This can be done from your account page.</p> webauthn-registration-warning=<p><strong>Warning</strong>: For security reasons, we may not be able to restore access to accounts with two-factor authentication enabled if you lose your two-factor authentication device. For this reason, it is highly recommended that you also set up a TOTP authenticator on top of your WebAuthn device (or a second WebAuthn device) in order to have an additional login method in place. This can be done from your account page.</p>
<#import "template.ftl" as layout>
<@layout.registrationLayout displayMessage=false; section>
<#if section = "header">
${msg("termsTitle")}
<#elseif section = "form">
<div id="kc-terms-text">
${kcSanitize(msg("termsText"))?no_esc}
<ul style="margin-top: 10px;">
<li><a target="_blank" rel="noopener noreferrer" href="https://terms.archlinux.org/docs/code-of-conduct/">Code of Conduct</a></li>
<li><a target="_blank" rel="noopener noreferrer" href="https://terms.archlinux.org/docs/terms-of-service/">Terms of Service</a></li>
<li><a target="_blank" rel="noopener noreferrer" href="https://terms.archlinux.org/docs/privacy-policy/">Privacy Policy</a></li>
</ul>
</div>
<form class="form-actions" action="${url.loginAction}" method="POST">
<input class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonLargeClass!}" name="accept" id="kc-accept" type="submit" value="${msg("doAccept")}"/>
<input class="${properties.kcButtonClass!} ${properties.kcButtonDefaultClass!} ${properties.kcButtonLargeClass!}" name="cancel" id="kc-decline" type="submit" value="${msg("doDecline")}"/>
</form>
<div class="clearfix"></div>
</#if>
</@layout.registrationLayout>
...@@ -121,6 +121,14 @@ resource "keycloak_realm" "archlinux" { ...@@ -121,6 +121,14 @@ resource "keycloak_realm" "archlinux" {
} }
} }
resource "keycloak_required_action" "custom-terms-and-conditions" {
realm_id = "archlinux"
alias = "terms_and_conditions"
default_action = true
enabled = true
name = "Terms and Conditions"
}
resource "keycloak_required_action" "configure_otp" { resource "keycloak_required_action" "configure_otp" {
realm_id = "archlinux" realm_id = "archlinux"
alias = "CONFIGURE_TOTP" alias = "CONFIGURE_TOTP"
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment