keycloak
diff --git a/‎js/apps/account-ui/src/account-security/SigningIn.tsx‎
Lines changed: 17 additions & 45 deletions b/‎js/apps/account-ui/src/account-security/SigningIn.tsx‎
Lines changed: 17 additions & 45 deletions
diff --git a/‎js/apps/account-ui/src/api/methods.ts‎
Lines changed: 0 additions & 10 deletions b/‎js/apps/account-ui/src/api/methods.ts‎
Lines changed: 0 additions & 10 deletions
diff --git a/‎js/apps/account-ui/src/index.ts‎
Lines changed: 0 additions & 1 deletion b/‎js/apps/account-ui/src/index.ts‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎model/storage-private/src/main/java/org/keycloak/migration/migrators/MigrateTo24_0_3.java‎
Lines changed: 56 additions & 0 deletions b/‎model/storage-private/src/main/java/org/keycloak/migration/migrators/MigrateTo24_0_3.java‎
Lines changed: 56 additions & 0 deletions
diff --git a/‎model/storage-private/src/main/java/org/keycloak/storage/datastore/DefaultMigrationManager.java‎
Lines changed: 2 additions & 0 deletions b/‎model/storage-private/src/main/java/org/keycloak/storage/datastore/DefaultMigrationManager.java‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎server-spi-private/src/main/java/org/keycloak/authentication/AbstractAuthenticationFlowContext.java‎
Lines changed: 6 additions & 0 deletions b/‎server-spi-private/src/main/java/org/keycloak/authentication/AbstractAuthenticationFlowContext.java‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎server-spi-private/src/main/java/org/keycloak/authentication/AuthenticationFlowCallback.java‎
Lines changed: 5 additions & 1 deletion b/‎server-spi-private/src/main/java/org/keycloak/authentication/AuthenticationFlowCallback.java‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎server-spi-private/src/main/java/org/keycloak/authentication/CredentialAction.java‎
Lines changed: 37 additions & 0 deletions b/‎server-spi-private/src/main/java/org/keycloak/authentication/CredentialAction.java‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎server-spi-private/src/main/java/org/keycloak/authentication/CredentialRegistrator.java‎
Lines changed: 4 additions & 1 deletion b/‎server-spi-private/src/main/java/org/keycloak/authentication/CredentialRegistrator.java‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎server-spi-private/src/main/java/org/keycloak/authentication/RequiredActionProvider.java‎
Lines changed: 3 additions & 3 deletions b/‎server-spi-private/src/main/java/org/keycloak/authentication/RequiredActionProvider.java‎
Lines changed: 3 additions & 3 deletions
@@ -19,12 +19,10 @@ import {
 } from "@patternfly/react-core/deprecated";
 import { CSSProperties, useState } from "react";
 import { Trans, useTranslation } from "react-i18next";
-import { ContinueCancelModal, useAlerts } from "ui-shared";
-import { deleteCredentials, getCredentials } from "../api/methods";
+import { getCredentials } from "../api/methods";
 import {
   CredentialContainer,
   CredentialMetadataRepresentation,
-  CredentialRepresentation,
 } from "../api/representations";
 import { EmptyRow } from "../components/datalist/EmptyRow";
 import { Page } from "../components/page/Page";
@@ -70,16 +68,15 @@ const MobileLink = ({ title, onClick, testid }: MobileLinkProps) => {
 export const SigningIn = () => {
   const { t } = useTranslation();
   const context = useEnvironment();
-  const { addAlert, addError } = useAlerts();
   const { login } = context.keycloak;
 
   const [credentials, setCredentials] = useState<CredentialContainer[]>();
-  const [key, setKey] = useState(1);
-  const refresh = () => setKey(key + 1);
 
-  usePromise((signal) => getCredentials({ signal, context }), setCredentials, [
-    key,
-  ]);
+  usePromise(
+    (signal) => getCredentials({ signal, context }),
+    setCredentials,
+    [],
+  );
 
   const credentialRowCells = (
     credMetadata: CredentialMetadataRepresentation,
@@ -115,9 +112,6 @@ export const SigningIn = () => {
     return items;
   };
 
-  const label = (credential: CredentialRepresentation) =>
-    credential.userLabel || t(credential.type as TFuncKey);
-
   if (!credentials) {
     return <Spinner />;
   }
@@ -205,41 +199,19 @@ export const SigningIn = () => {
                               aria-labelledby={`cred-${meta.credential.id}`}
                             >
                               {container.removeable ? (
-                                <ContinueCancelModal
-                                  buttonTitle={t("delete")}
-                                  buttonTestRole="remove"
-                                  modalTitle={t("removeCred", {
-                                    name: label(meta.credential),
-                                  })}
-                                  continueLabel={t("confirm")}
-                                  cancelLabel={t("cancel")}
-                                  buttonVariant="danger"
-                                  onContinue={async () => {
-                                    try {
-                                      await deleteCredentials(
-                                        context,
-                                        meta.credential,
-                                      );
-                                      addAlert(
-                                        t("successRemovedMessage", {
-                                          userLabel: label(meta.credential),
-                                        }),
-                                      );
-                                      refresh();
-                                    } catch (error) {
-                                      addError(
-                                        t("errorRemovedMessage", {
-                                          userLabel: label(meta.credential),
-                                          error,
-                                        }).toString(),
-                                      );
-                                    }
+                                <Button
+                                  variant="danger"
+                                  data-testrole="remove"
+                                  onClick={() => {
+                                    login({
+                                      action:
+                                        "delete_credential:" +
+                                        meta.credential.id,
+                                    });
                                   }}
                                 >
-                                  {t("stopUsingCred", {
-                                    name: label(meta.credential),
-                                  })}
-                                </ContinueCancelModal>
+                                  {t("delete")}
+                                </Button>
                               ) : (
                                 <Button
                                   variant="secondary"
 
@@ -4,7 +4,6 @@ import { parseResponse } from "./parse-response";
 import {
   ClientRepresentation,
   CredentialContainer,
-  CredentialRepresentation,
   DeviceRepresentation,
   Group,
   LinkedAccountRepresentation,
@@ -99,15 +98,6 @@ export async function getCredentials({ signal, context }: CallOptions) {
   return parseResponse<CredentialContainer[]>(response);
 }
 
-export async function deleteCredentials(
-  context: KeycloakContext,
-  credential: CredentialRepresentation,
-) {
-  return request("/credentials/" + credential.id, context, {
-    method: "DELETE",
-  });
-}
-
 export async function getLinkedAccounts({ signal, context }: CallOptions) {
   const response = await request("/linked-accounts", context, { signal });
   return parseResponse<LinkedAccountRepresentation[]>(response);
 
@@ -42,7 +42,6 @@ export { SharedWith } from "./resources/SharedWith";
 export { ShareTheResource } from "./resources/ShareTheResource";
 export {
   deleteConsent,
-  deleteCredentials,
   deleteSession,
   getApplications,
   getCredentials,
 
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2024 Red Hat, Inc. and/or its affiliates
+ *  and other contributors as indicated by the @author tags.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.keycloak.migration.migrators;
+
+import org.jboss.logging.Logger;
+import org.keycloak.migration.ModelVersion;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.utils.DefaultRequiredActions;
+import org.keycloak.representations.idm.RealmRepresentation;
+
+/**
+ * @author <a href="mailto:[email protected]">Marek Posolda</a>
+ */
+public class MigrateTo24_0_3 implements Migration {
+
+    private static final Logger LOG = Logger.getLogger(MigrateTo24_0_3.class);
+
+    public static final ModelVersion VERSION = new ModelVersion("24.0.3");
+
+    @Override
+    public void migrate(KeycloakSession session) {
+        session.realms().getRealmsStream().forEach(realm -> migrateRealm(session, realm));
+    }
+
+    @Override
+    public void migrateImport(KeycloakSession session, RealmModel realm, RealmRepresentation rep, boolean skipUserDependent) {
+        migrateRealm(session, realm);
+    }
+
+    @Override
+    public ModelVersion getVersion() {
+        return VERSION;
+    }
+
+    private void migrateRealm(KeycloakSession session, RealmModel realm) {
+        DefaultRequiredActions.addDeleteCredentialAction(realm);
+    }
+}
@@ -38,6 +38,7 @@
 import org.keycloak.migration.migrators.MigrateTo22_0_0;
 import org.keycloak.migration.migrators.MigrateTo23_0_0;
 import org.keycloak.migration.migrators.MigrateTo24_0_0;
+import org.keycloak.migration.migrators.MigrateTo24_0_3;
 import org.keycloak.migration.migrators.MigrateTo25_0_0;
 import org.keycloak.migration.migrators.MigrateTo2_0_0;
 import org.keycloak.migration.migrators.MigrateTo2_1_0;
@@ -115,6 +116,7 @@ public class DefaultMigrationManager implements MigrationManager {
             new MigrateTo22_0_0(),
             new MigrateTo23_0_0(),
             new MigrateTo24_0_0(),
+            new MigrateTo24_0_3(),
             new MigrateTo25_0_0()
     };
 
 
@@ -21,6 +21,7 @@
 import org.keycloak.common.ClientConnection;
 import org.keycloak.events.EventBuilder;
 import org.keycloak.models.AuthenticationExecutionModel;
+import org.keycloak.models.AuthenticationFlowModel;
 import org.keycloak.models.AuthenticatorConfigModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
@@ -57,6 +58,11 @@ public interface AbstractAuthenticationFlowContext {
      */
     AuthenticationExecutionModel getExecution();
 
+    /**
+     * @return the top level flow (root flow) of this authentication
+     */
+    AuthenticationFlowModel getTopLevelFlow();
+
     /**
      * Current realm
      *
 
@@ -18,6 +18,8 @@
 
 package org.keycloak.authentication;
 
+import org.keycloak.models.AuthenticationFlowModel;
+
 /**
  * Callback to be triggered during various lifecycle events of authentication flow.
  *
@@ -40,7 +42,9 @@ public interface AuthenticationFlowCallback extends Authenticator {
     /**
      * Triggered after the top authentication flow is successfully finished.
      * It is really suitable for last verification of successful authentication
+     *
+     * @param topFlow which was successfully finished
      */
-    default void onTopFlowSuccess() {
+    default void onTopFlowSuccess(AuthenticationFlowModel topFlow) {
     }
 }
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 Red Hat, Inc. and/or its affiliates
+ *  and other contributors as indicated by the @author tags.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.keycloak.authentication;
+
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.sessions.AuthenticationSessionModel;
+
+/**
+ * Marking any required action implementation, that is supposed to work with user credentials
+ *
+ * @author <a href="mailto:[email protected]">Marek Posolda</a>
+ */
+public interface CredentialAction {
+
+    /**
+     * @return credential type, which this action is able to register. This should refer to the same value as returned by {@link org.keycloak.credential.CredentialProvider#getType} of the
+     * corresponding credential provider and {@link AuthenticatorFactory#getReferenceCategory()} of the corresponding authenticator
+     */
+    String getCredentialType(KeycloakSession session, AuthenticationSessionModel authenticationSession);
+}
@@ -1,4 +1,7 @@
 package org.keycloak.authentication;
 
-public interface CredentialRegistrator {
+/**
+ * Marking implementation of the action, which is able to register credential of the particular type
+ */
+public interface CredentialRegistrator extends CredentialAction {
 }
@@ -38,14 +38,14 @@ public interface RequiredActionProvider extends Provider {
     default InitiatedActionSupport initiatedActionSupport() {
         return InitiatedActionSupport.NOT_SUPPORTED;
     }
-    
+
     /**
      * Callback to let the action know that an application-initiated action
      * was canceled.
-     * 
+     *
      * @param session The Keycloak session.
      * @param authSession The authentication session.
-     * 
+     *
      */
     default void initiatedActionCanceled(KeycloakSession session, AuthenticationSessionModel authSession) {
         return;
Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,8 @@`
`18`	`18`
`19`	`19`	`package org.keycloak.authentication;`
`20`	`20`
	`21`	`+import org.keycloak.models.AuthenticationFlowModel;`
	`22`	`+`
`21`	`23`	`/**`
`22`	`24`	`* Callback to be triggered during various lifecycle events of authentication flow.`
`23`	`25`	`*`
`@@ -40,7 +42,9 @@ public interface AuthenticationFlowCallback extends Authenticator {`
`40`	`42`	`/**`
`41`	`43`	`* Triggered after the top authentication flow is successfully finished.`
`42`	`44`	`* It is really suitable for last verification of successful authentication`
	`45`	`+ *`
	`46`	`+ * @param topFlow which was successfully finished`
`43`	`47`	`*/`
`44`		`- default void onTopFlowSuccess() {`
	`48`	`+ default void onTopFlowSuccess(AuthenticationFlowModel topFlow) {`
`45`	`49`	`}`
`46`	`50`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,7 @@`
`1`	`1`	`package org.keycloak.authentication;`
`2`	`2`
`3`		`-public interface CredentialRegistrator {`
	`3`	`+/**`
	`4`	`+ * Marking implementation of the action, which is able to register credential of the particular type`
	`5`	`+ */`
	`6`	`+public interface CredentialRegistrator extends CredentialAction {`
`4`	`7`	`}`