Use back keycloak-js instead of initiate login in the backend for account

Closes #40463 (cherry picked from commit 360ff7050c) Signed-off-by: rmartinc <rmartinc@redhat.com>
2025-12-16 20:15:46 -06:00 · 2025-11-03 13:50:11 +01:00
parent 5995815bcc
commit ff09872db0
5 changed files with 48 additions and 12 deletions
--- a/js/apps/account-ui/maven-resources/theme/keycloak.v3/account/messages/messages_en.properties
+++ b/js/apps/account-ui/maven-resources/theme/keycloak.v3/account/messages/messages_en.properties
@@ -213,4 +213,22 @@ emptyUserOrganizationsInstructions=You have not joined any organizations yet.
 searchOrganization=Search for organization
 organizationList=List of organizations
 domains=Domains
-refresh=Refresh
+refresh=Refresh
+# standard error responses OAuth
+invalid_request=Invalid request
+unauthorized_client=Unauthorized client
+access_denied=Access denied
+unsupported_response_type=Unsupported response type
+invalid_scope=Invalid scope
+server_error=Server error
+temporarily_unavailable=Temporarily unavailable
+# standard error responses OIDC
+interaction_required=Interaction required
+login_required=Login required
+account_selection_required=Account selection required
+consent_required=Consent required
+invalid_request_uri=Invalid request uri
+invalid_request_object=Invalid request object
+request_not_supported=Request not supported
+request_uri_not_supported=Request uri not supported
+registration_not_supported=Registration not supported
--- a/js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties
+++ b/js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties
@@ -3295,3 +3295,21 @@ deleteConfirmUsers_one=Delete user {{name}}?
 deleteConfirmUsers_other=Delete {{count}} users?
 signatureMaxExp=Max expiration
 signatureMaxExpHelp=Maximum expiration allowed for the JWT. Tokens need to be generated right before authentication. After this period will be considered invalid because they are too old. If undefined the default value is 60 seconds.
+# standard error responses OAuth
+invalid_request=Invalid request
+unauthorized_client=Unauthorized client
+access_denied=Access denied
+unsupported_response_type=Unsupported response type
+invalid_scope=Invalid scope
+server_error=Server error
+temporarily_unavailable=Temporarily unavailable
+# standard error responses OIDC
+interaction_required=Interaction required
+login_required=Login required
+account_selection_required=Account selection required
+consent_required=Consent required
+invalid_request_uri=Invalid request uri
+invalid_request_object=Invalid request object
+request_not_supported=Request not supported
+request_uri_not_supported=Request uri not supported
+registration_not_supported=Registration not supported
--- a/js/libs/ui-shared/src/context/ErrorPage.tsx
+++ b/js/libs/ui-shared/src/context/ErrorPage.tsx
@@ -5,18 +5,19 @@ import {
  Page,
  Text,
  TextContent,
-  TextVariants,
 } from "@patternfly/react-core";
 import { useTranslation } from "react-i18next";
+import { getNetworkErrorMessage } from "../utils/errors";

 type ErrorPageProps = {
  error?: unknown;
 };

 export const ErrorPage = (props: ErrorPageProps) => {
-  const { t } = useTranslation();
+  const { t, i18n } = useTranslation();
  const error = props.error;
  const errorMessage = getErrorMessage(error);
+  const networkErrorMessage = getNetworkErrorMessage(error);

  function onRetry() {
    location.href = location.origin + location.pathname;
@@ -37,9 +38,12 @@ export const ErrorPage = (props: ErrorPageProps) => {
        ]}
      >
        <TextContent>
-          <Text>{t("somethingWentWrongDescription")}</Text>
-          {errorMessage && (
-            <Text component={TextVariants.small}>{errorMessage}</Text>
+          {errorMessage ? (
+            <Text>{t(errorMessage)}</Text>
+          ) : networkErrorMessage && i18n.exists(networkErrorMessage) ? (
+            <Text>{t(networkErrorMessage)}</Text>
+          ) : (
+            <Text>{t("somethingWentWrongDescription")}</Text>
          )}
        </TextContent>
      </Modal>
@@ -48,10 +52,6 @@ export const ErrorPage = (props: ErrorPageProps) => {
 };

 function getErrorMessage(error: unknown): string | null {
-  if (typeof error === "string") {
-    return error;
-  }
-
  if (error instanceof Error) {
    return error.message;
  }
--- a/js/libs/ui-shared/src/context/KeycloakContext.tsx
+++ b/js/libs/ui-shared/src/context/KeycloakContext.tsx
@@ -67,7 +67,7 @@ export const KeycloakProvider = <T extends BaseEnvironment>({

    const init = () =>
      keycloak.init({
-        onLoad: "check-sso",
+        onLoad: "login-required",
        pkceMethod: "S256",
        responseMode: "query",
      });
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/AbstractBaseBrokerTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/AbstractBaseBrokerTest.java
@@ -322,7 +322,7 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {

    // Completely logout from realm and confirm logout if present
    protected void logoutFromRealm(String contextRoot, String realm, String initiatingIdp, String idTokenHint, String clientId, String redirectUri) {
-        final String defaultRedirectUri = redirectUri != null ? redirectUri : getAccountUrl(contextRoot, realm);
+        final String defaultRedirectUri = redirectUri != null ? redirectUri : oauth.getLoginFormUrl();
        final String defaultClientId = (idTokenHint == null && clientId == null) ? "test-app" : clientId;

        executeLogoutFromRealm(contextRoot, realm, initiatingIdp, idTokenHint, defaultClientId, defaultRedirectUri);