Update KcContext type def, use an ext to get password policies.

src/bin/keycloakify/generateFtl/ftl_object_to_js_code_declaring_an_object.ftl

@@ -361,6 +361,10 @@
                         <#-- See: https://github.com/keycloakify/keycloakify/issues/534 -->
                         are_same_path(path, ["login"]) &&
                         key == "password"
+                    ) || (
+                        <#-- Remove realmAttributes added by https://github.com/jcputney/keycloak-theme-additional-info-extension for peace of mind. -->
+                        are_same_path(path, []) &&
+                        key == "realmAttributes"
                     )
                 >
                     <#local out_seq += ["/*If you need '" + path?join(".") + "." + key + "' on " + pageId + ", please submit an issue to the Keycloakify repo*/"]>

src/login/kcContext/KcContext.ts

@@ -38,6 +38,8 @@ export type KcContext =
     | KcContext.SelectAuthenticator
     | KcContext.SamlPostForm;
 
+assert<KcContext["themeType"] extends ThemeType ? true : false>();
+
 export declare namespace KcContext {
     export type Common = {
         themeVersion: string;
@@ -172,7 +174,8 @@ export declare namespace KcContext {
         };
     };
 
-    export type Register = RegisterUserProfile.CommonWithLegacy & {
+    /*
+    export type Register_legacy = RegisterUserProfile.CommonWithLegacy & {
         pageId: "register.ftl";
         register: {
             formData: {
@@ -184,35 +187,44 @@ export declare namespace KcContext {
             };
         };
     };
+    */
 
-    export type RegisterUserProfile = RegisterUserProfile.CommonWithLegacy & {
+    export type Register = Common & {
-        pageId: "register-user-profile.ftl";
+        pageId: "register.ftl";
         profile: {
-            context: "REGISTRATION_PROFILE";
             attributes: Attribute[];
             attributesByName: Record<string, Attribute>;
+            html5DataAnnotations: Record<string, string>;
         };
+        /**
+         * Theses values are added by: https://github.com/jcputney/keycloak-theme-additional-info-extension
+         * A Keycloak Java extension used as dependency in Keycloakify.
+         */
+        passwordPolicies?: PasswordPolicies;
     };
 
-    export namespace RegisterUserProfile {
+    export type RegisterUserProfile = Common & {
-        export type CommonWithLegacy = Common & {
+        pageId: "register-user-profile.ftl";
-            url: {
+        profile: {
-                registrationAction: string;
+            attributes: LegacyAttribute[];
-            };
+            attributesByName: Record<string, LegacyAttribute>;
-            passwordRequired: boolean;
-            recaptchaRequired: boolean;
-            recaptchaSiteKey?: string;
-            social: {
-                displayInfo: boolean;
-                providers?: {
-                    loginUrl: string;
-                    alias: string;
-                    providerId: string;
-                    displayName: string;
-                }[];
-            };
         };
-    }
+        url: {
+            registrationAction: string;
+        };
+        passwordRequired: boolean;
+        recaptchaRequired: boolean;
+        recaptchaSiteKey?: string;
+        social: {
+            displayInfo: boolean;
+            providers?: {
+                loginUrl: string;
+                alias: string;
+                providerId: string;
+                displayName: string;
+            }[];
+        };
+    };
 
     export type Info = Common & {
         pageId: "info.ftl";
@@ -456,8 +468,8 @@ export declare namespace KcContext {
     export type UpdateUserProfile = Common & {
         pageId: "update-user-profile.ftl";
         profile: {
-            attributes: Attribute[];
+            attributes: LegacyAttribute[];
-            attributesByName: Record<string, Attribute>;
+            attributesByName: Record<string, LegacyAttribute>;
         };
     };
 
@@ -465,8 +477,8 @@ export declare namespace KcContext {
         pageId: "idp-review-user-profile.ftl";
         profile: {
             context: "IDP_REVIEW";
-            attributes: Attribute[];
+            attributes: LegacyAttribute[];
-            attributesByName: Record<string, Attribute>;
+            attributesByName: Record<string, LegacyAttribute>;
         };
     };
 
@@ -516,13 +528,24 @@ export type Attribute = {
     displayName?: string;
     required: boolean;
     value?: string;
-    group?: string;
+    values?: string[];
-    groupDisplayHeader?: string;
+    group?: {
-    groupDisplayDescription?: string;
+        html5DataAnnotations: Record<string, string>;
+        displayHeader?: string;
+        name: string;
+        displayDescription?: string;
+    };
+    html5DataAnnotations: Record<string, string>;
     readOnly: boolean;
     validators: Validators;
     annotations: Record<string, string>;
-    groupAnnotations: Record<string, string>;
+    multivalued?: boolean;
+    /**
+     * NOTE: This is not a Keycloak attribute, it's a Keycloakify addition.
+     * usecase is to enable to hide the password confirmation if the theme is configured like that.
+     * SEE: https://github.com/keycloakify/keycloakify/issues/238#issuecomment-1874605774
+     */
+    hidden?: boolean;
     autocomplete?:
         | "on"
         | "off"
@@ -580,6 +603,13 @@ export type Attribute = {
         | "photo";
 };
 
+export type LegacyAttribute = Omit<Attribute, "group" | "html5DataAnnotations"> & {
+    group: string;
+    groupDisplayHeader?: string;
+    groupDisplayDescription?: string;
+    groupAnnotations: Record<string, string>;
+};
+
 export type Validators = Partial<{
     length: Validators.DoIgnoreEmpty & Validators.Range;
     double: Validators.DoIgnoreEmpty & Validators.Range;
@@ -639,4 +669,23 @@ export declare namespace Validators {
     assert<Equals<OnlyInExpected, never>>();
 }
 
-assert<KcContext["themeType"] extends ThemeType ? true : false>();
+export type PasswordPolicies = {
+    /** The minimum length of the password */
+    length?: number;
+    /** The minimum number of digits required in the password */
+    digits?: number;
+    /** The minimum number of lowercase characters required in the password */
+    lowerCase?: number;
+    /** The minimum number of uppercase characters required in the password */
+    upperCase?: number;
+    /** The minimum number of special characters required in the password */
+    specialChars?: number;
+    /** Whether the password can contain the username */
+    notUsername?: boolean;
+    /** Whether the password can contain the email address */
+    notEmail?: boolean;
+    /** The number of previous passwords that cannot be reused */
+    passwordHistory?: number;
+    /** The number of days before the password expires */
+    forceExpiredPasswordChange?: number;
+};