[keycloak-user] Custom Account/Login Theme manual OTP issue - totp.policy.getAlgorithmKey()

Adrien DESBIAUX adesbiaux at vente-privee.com
Tue Oct 9 07:25:53 EDT 2018 

Hi everyone,


I am facing an issue with custom Account and login theme.

I am not sure I am doing something wrong or if there is an actual "bug".


The issue is about the OTP manual setting. When running in a custom theme (copy paste of Base Account or Login themes), as stated in the documentation: https://www.keycloak.org/docs/3.4/server_development/index.html#creating-a-theme


it sounds like `totp.policy.getAlgorithmKey()` for example is not found.

Same in the Login theme that reuse the OTP setup.


An example of error trace:


keycloak_1  | 11:13:24,178 ERROR [freemarker.runtime] (default task-20) Error executing FreeMarker template: freemarker.core.InvalidReferenceException: The following has evaluated to null or missing:

keycloak_1  | ==> totp.policy.getAlgorithmKey  [in template "login-config-totp.ftl" at line 37, column 74]

keycloak_1  |

keycloak_1  | ----

keycloak_1  | Tip: It's the step after the last dot that caused this error, not those before it.

keycloak_1  | ----

keycloak_1  | Tip: If the failing expression is known to be legally refer to something that's sometimes null or missing, either specify a default value like myOptionalVar!myDefault, or use <#if myOptionalVar??>when-present<#else>when-missing</#if>. (These only cover the last step of the expression; to cover the whole expression, use parenthesis: (myOptionalVar.foo)!myDefault, (myOptionalVar.foo)??

keycloak_1  | ----

keycloak_1  |

keycloak_1  | ----

keycloak_1  | FTL stack trace ("~" means nesting-related):

keycloak_1  | - Failed at: ${totp.policy.getAlgorithmKey()}  [in template "login-config-totp.ftl" at line 37, column 72]

keycloak_1  | ~ Reached through: #nested "form"  [in template "template.ftl" in macro "registrationLayout" at line 60, column 17]

keycloak_1  | ~ Reached through: @layout.registrationLayout displayInf...  [in template "login-config-totp.ftl" at line 2, column 1]



The issue is easly reproducible by:


- Copy paste theme/base/login or theme/base/account to the custom theme folder

- Force OTP for users

- On OTP setup page choose "manual mode"

- The server will throw a 500 error


What can be done to overcome that issue? I don't have any ideas at the moment on how to workaround it.


Cheers,

More information about the keycloak-user mailing list