keycloak-theme-editor 0.1.0

package/bin/cli.js

@@ -0,0 +1,1270 @@
+#!/usr/bin/env node
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+
+// node_modules/tsafe/esm/assert.mjs
+function assert(condition, msg) {
+  if (arguments.length === 0) {
+    condition = true;
+  }
+  if (refOfIs !== void 0) {
+    refOfIs = void 0;
+    return;
+  }
+  if (!condition) {
+    const error = new AssertionError(typeof msg === "function" ? msg() : msg);
+    if (Error.captureStackTrace) {
+      Error.captureStackTrace(error, assert);
+    }
+    throw error;
+  }
+}
+function is(value) {
+  const ref = {};
+  if (refOfIs !== void 0) {
+    refOfIs = void 0;
+    throw new Error(errorMessage);
+  }
+  refOfIs = ref;
+  Promise.resolve().then(() => {
+    if (refOfIs === ref) {
+      throw new Error(errorMessage);
+    }
+  });
+  return null;
+}
+var AssertionError, refOfIs, errorMessage;
+var init_assert = __esm({
+  "node_modules/tsafe/esm/assert.mjs"() {
+    AssertionError = class extends Error {
+      constructor(msg) {
+        super(`Wrong assertion encountered` + (!msg ? "" : `: "${msg}"`));
+        this.originalMessage = msg;
+        Object.setPrototypeOf(this, new.target.prototype);
+      }
+    };
+    refOfIs = void 0;
+    errorMessage = "Wrong usage of the `is` function refer to https://docs.tsafe.dev/is";
+  }
+});
+
+// node_modules/keycloakify/tools/Object.fromEntries.js
+var init_Object_fromEntries = __esm({
+  "node_modules/keycloakify/tools/Object.fromEntries.js"() {
+    if (!Object.fromEntries) {
+      Object.defineProperty(Object, "fromEntries", {
+        value: function(entries) {
+          if (!entries || !entries[Symbol.iterator]) {
+            throw new Error("Object.fromEntries() requires a single iterable argument");
+          }
+          const o = {};
+          Object.keys(entries).forEach((key) => {
+            const [k, v] = entries[key];
+            o[k] = v;
+          });
+          return o;
+        }
+      });
+    }
+  }
+});
+
+// node_modules/keycloakify/tools/structuredCloneButFunctions.js
+function structuredCloneButFunctions(o) {
+  if (!(o instanceof Object)) {
+    return o;
+  }
+  if (typeof o === "function") {
+    return o;
+  }
+  if (o instanceof Array) {
+    return o.map(structuredCloneButFunctions);
+  }
+  return Object.fromEntries(Object.entries(o).map(([key, value]) => [key, structuredCloneButFunctions(value)]));
+}
+var init_structuredCloneButFunctions = __esm({
+  "node_modules/keycloakify/tools/structuredCloneButFunctions.js"() {
+    init_Object_fromEntries();
+  }
+});
+
+// node_modules/keycloakify/tools/deepAssign.js
+function deepAssign(params) {
+  const { target, source } = params;
+  Object.keys(source).forEach((key) => {
+    var dereferencedSource = source[key];
+    if (dereferencedSource === void 0) {
+      delete target[key];
+      return;
+    }
+    if (dereferencedSource instanceof Date) {
+      assign({
+        target,
+        key,
+        value: new Date(dereferencedSource.getTime())
+      });
+      return;
+    }
+    if (dereferencedSource instanceof Array) {
+      assign({
+        target,
+        key,
+        value: structuredCloneButFunctions(dereferencedSource)
+      });
+      return;
+    }
+    if (dereferencedSource instanceof Function || !(dereferencedSource instanceof Object)) {
+      assign({
+        target,
+        key,
+        value: dereferencedSource
+      });
+      return;
+    }
+    if (!(target[key] instanceof Object)) {
+      target[key] = {};
+    }
+    const dereferencedTarget = target[key];
+    assert(is(dereferencedTarget));
+    assert(is(dereferencedSource));
+    deepAssign({
+      target: dereferencedTarget,
+      source: dereferencedSource
+    });
+  });
+}
+function assign(params) {
+  const { target, key, value } = params;
+  Object.defineProperty(target, key, {
+    enumerable: true,
+    writable: true,
+    configurable: true,
+    value
+  });
+}
+var init_deepAssign = __esm({
+  "node_modules/keycloakify/tools/deepAssign.js"() {
+    init_assert();
+    init_structuredCloneButFunctions();
+  }
+});
+
+// node_modules/keycloakify/bin/shared/constants.js
+var WELL_KNOWN_DIRECTORY_BASE_NAME, KEYCLOAKIFY_LOGGING_VERSION, KEYCLOAKIFY_LOGGING_JAR_BASENAME;
+var init_constants = __esm({
+  "node_modules/keycloakify/bin/shared/constants.js"() {
+    WELL_KNOWN_DIRECTORY_BASE_NAME = {
+      KEYCLOAKIFY_DEV_RESOURCES: "keycloakify-dev-resources",
+      RESOURCES_COMMON: "resources-common",
+      DIST: "dist"
+    };
+    KEYCLOAKIFY_LOGGING_VERSION = "1.0.3";
+    KEYCLOAKIFY_LOGGING_JAR_BASENAME = `keycloakify-logging-${KEYCLOAKIFY_LOGGING_VERSION}.jar`;
+  }
+});
+
+// node_modules/tsafe/esm/id.mjs
+var id;
+var init_id = __esm({
+  "node_modules/tsafe/esm/id.mjs"() {
+    id = (x) => x;
+  }
+});
+
+// node_modules/keycloakify/lib/BASE_URL.js
+var BASE_URL;
+var init_BASE_URL = __esm({
+  "node_modules/keycloakify/lib/BASE_URL.js"() {
+    init_assert();
+    BASE_URL = (() => {
+      vite: {
+        let BASE_URL2;
+        try {
+          BASE_URL2 = import.meta.env.BASE_URL;
+          assert(typeof BASE_URL2 === "string");
+        } catch (_a) {
+          break vite;
+        }
+        return BASE_URL2;
+      }
+      webpack: {
+        let BASE_URL2;
+        try {
+          BASE_URL2 = process.env.PUBLIC_URL;
+          assert(typeof BASE_URL2 === "string");
+        } catch (_b) {
+          break webpack;
+        }
+        return BASE_URL2 === "" ? "/" : `${BASE_URL2}/`;
+      }
+      return "/";
+    })();
+  }
+});
+
+// node_modules/keycloakify/login/KcContext/kcContextMocks.js
+var kcContextMocks_exports = {};
+__export(kcContextMocks_exports, {
+  kcContextCommonMock: () => kcContextCommonMock,
+  kcContextMocks: () => kcContextMocks
+});
+var attributesByName, resourcesPath, kcContextCommonMock, loginUrl, kcContextMocks;
+var init_kcContextMocks = __esm({
+  "node_modules/keycloakify/login/KcContext/kcContextMocks.js"() {
+    init_Object_fromEntries();
+    init_constants();
+    init_id();
+    init_assert();
+    init_BASE_URL();
+    attributesByName = Object.fromEntries(id([
+      {
+        validators: {
+          length: {
+            "ignore.empty.value": true,
+            min: "3",
+            max: "255"
+          }
+        },
+        displayName: "${username}",
+        annotations: {},
+        required: true,
+        autocomplete: "username",
+        readOnly: false,
+        name: "username"
+      },
+      {
+        validators: {
+          length: {
+            max: "255",
+            "ignore.empty.value": true
+          },
+          email: {
+            "ignore.empty.value": true
+          },
+          pattern: {
+            "ignore.empty.value": true,
+            pattern: "gmail\\.com$"
+          }
+        },
+        displayName: "${email}",
+        annotations: {},
+        required: true,
+        autocomplete: "email",
+        readOnly: false,
+        name: "email"
+      },
+      {
+        validators: {
+          length: {
+            max: "255",
+            "ignore.empty.value": true
+          }
+        },
+        displayName: "${firstName}",
+        annotations: {},
+        required: true,
+        readOnly: false,
+        name: "firstName"
+      },
+      {
+        validators: {
+          length: {
+            max: "255",
+            "ignore.empty.value": true
+          }
+        },
+        displayName: "${lastName}",
+        annotations: {},
+        required: true,
+        readOnly: false,
+        name: "lastName"
+      }
+    ]).map((attribute) => [attribute.name, attribute]));
+    resourcesPath = `${BASE_URL}${WELL_KNOWN_DIRECTORY_BASE_NAME.KEYCLOAKIFY_DEV_RESOURCES}/login`;
+    kcContextCommonMock = {
+      themeVersion: "0.0.0",
+      keycloakifyVersion: "0.0.0",
+      themeType: "login",
+      themeName: "my-theme-name",
+      url: {
+        loginAction: "#",
+        resourcesPath,
+        resourcesCommonPath: `${resourcesPath}/${WELL_KNOWN_DIRECTORY_BASE_NAME.RESOURCES_COMMON}`,
+        loginRestartFlowUrl: "#",
+        loginUrl: "#",
+        ssoLoginInOtherTabsUrl: "#"
+      },
+      realm: {
+        name: "myrealm",
+        displayName: "myrealm",
+        displayNameHtml: "myrealm",
+        internationalizationEnabled: true,
+        registrationEmailAsUsername: false
+      },
+      messagesPerField: {
+        get: () => "",
+        existsError: () => false,
+        printIfExists: function(fieldName, text) {
+          return this.get(fieldName) !== "" ? text : void 0;
+        },
+        exists: function(fieldName) {
+          return this.get(fieldName) !== "";
+        },
+        getFirstError: function(...fieldNames) {
+          for (const fieldName of fieldNames) {
+            if (this.existsError(fieldName)) {
+              return this.get(fieldName);
+            }
+          }
+          return "";
+        }
+      },
+      locale: {
+        supported: [
+          /* spell-checker: disable */
+          ["de", "Deutsch"],
+          ["no", "Norsk"],
+          ["ru", "\u0420\u0443\u0441\u0441\u043A\u0438\u0439"],
+          ["sv", "Svenska"],
+          ["pt-BR", "Portugu\xEAs (Brasil)"],
+          ["lt", "Lietuvi\u0173"],
+          ["en", "English"],
+          ["it", "Italiano"],
+          ["fr", "Fran\xE7ais"],
+          ["zh-CN", "\u4E2D\u6587\u7B80\u4F53"],
+          ["es", "Espa\xF1ol"],
+          ["cs", "\u010Ce\u0161tina"],
+          ["ja", "\u65E5\u672C\u8A9E"],
+          ["sk", "Sloven\u010Dina"],
+          ["pl", "Polski"],
+          ["ca", "Catal\xE0"],
+          ["nl", "Nederlands"],
+          ["tr", "T\xFCrk\xE7e"],
+          ["ar", "\u0627\u0644\u0639\u0631\u0628\u064A\u0629"],
+          ["da", "Dansk"],
+          ["el", "\u0395\u03BB\u03BB\u03B7\u03BD\u03B9\u03BA\u03AC"],
+          ["fa", "\u0641\u0627\u0631\u0633\u06CC"],
+          ["fi", "Suomi"],
+          ["hu", "Magyar"],
+          ["ka", "\u10E5\u10D0\u10E0\u10D7\u10E3\u10DA\u10D8"],
+          ["lv", "Latvie\u0161u"],
+          ["pt", "Portugu\xEAs"],
+          ["th", "\u0E44\u0E17\u0E22"],
+          ["uk", "\u0423\u043A\u0440\u0430\u0457\u043D\u0441\u044C\u043A\u0430"],
+          ["zh-TW", "\u4E2D\u6587\u7E41\u9AD4"]
+          /* spell-checker: enable */
+        ].map(([languageTag, label]) => {
+          {
+            assert;
+            assert;
+          }
+          return {
+            languageTag,
+            label,
+            url: "https://gist.github.com/garronej/52baaca1bb925f2296ab32741e062b8e"
+          };
+        }),
+        currentLanguageTag: "en"
+      },
+      auth: {
+        showUsername: false,
+        showResetCredentials: false,
+        showTryAnotherWayLink: false
+      },
+      client: {
+        clientId: "myApp",
+        attributes: {}
+      },
+      scripts: [],
+      isAppInitiatedAction: false,
+      properties: {},
+      "x-keycloakify": {
+        messages: {}
+      }
+    };
+    loginUrl = Object.assign(Object.assign({}, kcContextCommonMock.url), { loginResetCredentialsUrl: "#", registrationUrl: "#", oauth2DeviceVerificationAction: "#", oauthAction: "#" });
+    kcContextMocks = [
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login.ftl", url: loginUrl, realm: Object.assign(Object.assign({}, kcContextCommonMock.realm), { loginWithEmailAllowed: true, rememberMe: true, password: true, resetPasswordAllowed: true, registrationAllowed: true }), auth: kcContextCommonMock.auth, social: {
+        displayInfo: true
+      }, usernameHidden: false, login: {}, registrationDisabled: false, enableWebAuthnConditionalUI: false, authenticators: {
+        authenticators: []
+      }, challenge: "", userVerification: "not specified", rpId: "", createTimeout: "0", isUserIdentified: "false", shouldDisplayAuthenticators: false })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { url: Object.assign(Object.assign({}, loginUrl), { registrationAction: "#" }), isAppInitiatedAction: false, passwordRequired: true, recaptchaRequired: false, pageId: "register.ftl", profile: {
+        attributesByName
+      }, scripts: [
+        //"https://www.google.com/recaptcha/api.js"
+      ] })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "info.ftl", messageHeader: "<Message header>", requiredActions: void 0, skipLink: false, actionUri: "#", client: {
+        clientId: "myApp",
+        baseUrl: "#",
+        attributes: {}
+      }, message: {
+        type: "info",
+        summary: "This is the info message from the Keycloak server (in real environment, this message is localized)"
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "error.ftl", client: {
+        clientId: "myApp",
+        baseUrl: "#",
+        attributes: {}
+      }, message: {
+        type: "error",
+        summary: "This is the error message from the Keycloak server (in real environment, this message is localized)"
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-reset-password.ftl", realm: Object.assign(Object.assign({}, kcContextCommonMock.realm), { loginWithEmailAllowed: false, duplicateEmailsAllowed: false }), url: loginUrl, auth: {} })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-verify-email.ftl", user: {
+        email: "john.doe@gmail.com"
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "terms.ftl" })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-oauth2-device-verify-user-code.ftl", url: loginUrl })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-oauth-grant.ftl", oauth: {
+        code: "5-1N4CIzfi1aprIQjmylI-9e3spLCWW9i5d-GDcs-Sw",
+        clientScopesRequested: [
+          { consentScreenText: "${profileScopeConsentText}" },
+          { consentScreenText: "${rolesScopeConsentText}" },
+          { consentScreenText: "${emailScopeConsentText}" }
+        ],
+        client: "account"
+      }, url: loginUrl })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-otp.ftl", otpLogin: {
+        userOtpCredentials: [
+          {
+            id: "id1",
+            userLabel: "label1"
+          },
+          {
+            id: "id2",
+            userLabel: "label2"
+          }
+        ]
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-username.ftl", url: loginUrl, realm: Object.assign(Object.assign({}, kcContextCommonMock.realm), { loginWithEmailAllowed: true, rememberMe: true, password: true, resetPasswordAllowed: true, registrationAllowed: true }), social: {
+        displayInfo: true
+      }, usernameHidden: false, login: {}, registrationDisabled: false, challenge: "", userVerification: "not specified", rpId: "", createTimeout: "0", isUserIdentified: "false" })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-password.ftl", url: loginUrl, realm: Object.assign(Object.assign({}, kcContextCommonMock.realm), { resetPasswordAllowed: true }), enableWebAuthnConditionalUI: false, authenticators: {
+        authenticators: []
+      }, challenge: "", userVerification: "not specified", rpId: "", createTimeout: "0", isUserIdentified: "false", shouldDisplayAuthenticators: false })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "webauthn-authenticate.ftl", url: loginUrl, authenticators: {
+        authenticators: []
+      }, realm: Object.assign(Object.assign({}, kcContextCommonMock.realm), { password: true, registrationAllowed: true }), challenge: "", userVerification: "not specified", rpId: "", createTimeout: "0", isUserIdentified: "false", shouldDisplayAuthenticators: false })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-update-password.ftl" })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "link-idp-action.ftl", idpDisplayName: "FranceConnect" })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-update-profile.ftl", profile: {
+        attributesByName
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-idp-link-confirm.ftl", idpAlias: "FranceConnect" })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-idp-link-email.ftl", idpAlias: "FranceConnect", brokerContext: {
+        username: "anUsername"
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-config-totp.ftl", totp: {
+        totpSecretEncoded: "KVVF G2BY N4YX S6LB IUYT K2LH IFYE 4SBV",
+        qrUrl: "#",
+        totpSecretQrCode: "iVBORw0KGgoAAAANSUhEUgAAAPYAAAD2AQAAAADNaUdlAAACM0lEQVR4Xu3OIZJgOQwDUDFd2UxiurLAVnnbHw4YGDKtSiWOn4Gxf81//7r/+q8b4HfLGBZDK9d85NmNR+sB42sXvOYrN5P1DcgYYFTGfOlbzE8gzwy3euweGizw7cfdl34/GRhlkxjKNV+5AebPXPORX1JuB9x8ZfbyyD2y1krWAKsbMq1HnqQDaLfa77p4+MqvzEGSqvSAD/2IHW2yHaigR9tX3m8dDIYGcNf3f+gDpVBZbZU77zyJ6Rlcy+qoTMG887KAPD9hsh6a1Sv3gJUHGHUAxSMzj7zqDDe7Phmt2eG+8UsMxjRGm816MAO+8VMl1R1jGHOrZB/5Zo/WXAPgxixm9Mo96vDGrM1eOto8c4Ax4wF437mifOXlpiPzCnN7Y9l95NnEMxgMY9AAGA8fucH14Y1aVb6N/cqrmyh0BVht7k1e+bU8LK0Cg5vmVq9c5vHIjOfqxDIfeTraNVTwewa4wVe+SW5N+uP1qACeudUZbqGOfA6VZV750Noq2Xx3kpveV44ZelSV1V7KFHzkWyVrrlUwG0Pl9pWnoy3vsQoME6vKI69i5osVgwWzHT7zjmJtMcNUSVn1oYMd7ZodbgowZl45VG0uVuLPUr1yc79uaQBag/mqR34xhlWyHm1prplHboCWdZ4TeZjsK8+dI+jbz1C5hl65mcpgB5dhcj8+dGO+0Ko68+lD37JDD83dpDLzzK+TrQyaVwGj6pUboGV+7+AyN8An/pf84/7rv/4/1l4OCc/1BYMAAAAASUVORK5CYII=",
+        manualUrl: "#",
+        totpSecret: "G4nsI8lQagRMUchH8jEG",
+        otpCredentials: [],
+        supportedApplications: ["FreeOTP", "Google Authenticator"],
+        policy: {
+          algorithm: "HmacSHA1",
+          digits: 6,
+          lookAheadWindow: 1,
+          type: "totp",
+          period: 30,
+          getAlgorithmKey: () => "SHA1"
+        }
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "logout-confirm.ftl", url: Object.assign(Object.assign({}, kcContextCommonMock.url), { logoutConfirmAction: "Continuer?" }), client: {
+        clientId: "myApp",
+        baseUrl: "#",
+        attributes: {}
+      }, logoutConfirm: { code: "123", skipLink: false } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "idp-review-user-profile.ftl", profile: {
+        attributesByName
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "update-email.ftl", profile: {
+        attributesByName: {
+          email: attributesByName["email"]
+        }
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "select-authenticator.ftl", auth: {
+        authenticationSelections: [
+          {
+            authExecId: "f607f83c-537e-42b7-99d7-c52d459afe84",
+            displayName: "otp-display-name",
+            helpText: "otp-help-text",
+            iconCssClass: "kcAuthenticatorOTPClass"
+          },
+          {
+            authExecId: "5ed881b1-84cd-4e9b-b4d9-f329ea61a58c",
+            displayName: "webauthn-display-name",
+            helpText: "webauthn-help-text",
+            iconCssClass: "kcAuthenticatorWebAuthnClass"
+          }
+        ]
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "saml-post-form.ftl", samlPost: {
+        url: "#"
+      } })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "login-page-expired.ftl" })),
+      id(Object.assign(Object.assign({}, kcContextCommonMock), { pageId: "frontchannel-logout.ftl", logout: {
+        clients: [
+          {
+            name: "myApp",
+            frontChannelLogoutUrl: "#"
+          },
+          {
+            name: "myApp2",
+            frontChannelLogoutUrl: "#"
+          }
+        ]
+      } })),
+      id(Object.assign(Object.assign({ pageId: "webauthn-register.ftl" }, kcContextCommonMock), { challenge: "random-challenge-string", userid: "user123", username: "johndoe", signatureAlgorithms: ["ES256", "RS256"], rpEntityName: "Example Corp", rpId: "example.com", attestationConveyancePreference: "direct", authenticatorAttachment: "platform", requireResidentKey: "required", userVerificationRequirement: "preferred", createTimeout: 6e4, excludeCredentialIds: "credId123,credId456", isSetRetry: false, isAppInitiatedAction: true })),
+      id(Object.assign(Object.assign({ pageId: "delete-credential.ftl" }, kcContextCommonMock), { credentialLabel: "myCredential" })),
+      id(Object.assign(Object.assign({ pageId: "code.ftl" }, kcContextCommonMock), { code: {
+        success: true,
+        code: "123456"
+      } })),
+      id(Object.assign(Object.assign({ pageId: "delete-account-confirm.ftl" }, kcContextCommonMock), { triggered_from_aia: true })),
+      id(Object.assign(Object.assign({ pageId: "login-recovery-authn-code-config.ftl" }, kcContextCommonMock), { recoveryAuthnCodesConfigBean: {
+        generatedRecoveryAuthnCodesList: ["code123", "code456", "code789"],
+        generatedRecoveryAuthnCodesAsString: "code123, code456, code789",
+        generatedAt: (/* @__PURE__ */ new Date()).getTime()
+      } })),
+      id(Object.assign(Object.assign({ pageId: "login-recovery-authn-code-input.ftl" }, kcContextCommonMock), { recoveryAuthnCodesInputBean: {
+        codeNumber: 1234
+      } })),
+      id(Object.assign(Object.assign({ pageId: "login-reset-otp.ftl" }, kcContextCommonMock), { configuredOtpCredentials: {
+        userOtpCredentials: [
+          {
+            id: "otpId1",
+            userLabel: "OTP Device 1"
+          },
+          {
+            id: "otpId2",
+            userLabel: "OTP Device 2"
+          },
+          {
+            id: "otpId3",
+            userLabel: "Backup OTP"
+          }
+        ],
+        selectedCredentialId: "otpId2"
+      } })),
+      id(Object.assign(Object.assign({ pageId: "login-x509-info.ftl" }, kcContextCommonMock), { x509: {
+        formData: {
+          subjectDN: "CN=John Doe, O=Example Corp, C=US",
+          isUserEnabled: true,
+          username: "johndoe"
+        }
+      } })),
+      id(Object.assign(Object.assign({ pageId: "webauthn-error.ftl" }, kcContextCommonMock), { isAppInitiatedAction: true })),
+      id(Object.assign(Object.assign({ pageId: "login-passkeys-conditional-authenticate.ftl" }, kcContextCommonMock), { url: Object.assign(Object.assign({}, kcContextCommonMock.url), { registrationUrl: "#" }), realm: Object.assign(Object.assign({}, kcContextCommonMock.realm), { password: true, registrationAllowed: true }), registrationDisabled: false, isUserIdentified: "false", challenge: "", userVerification: "not specified", rpId: "", createTimeout: 0, authenticators: {
+        authenticators: []
+      }, shouldDisplayAuthenticators: false, login: {} })),
+      id(Object.assign(Object.assign({ pageId: "login-idp-link-confirm-override.ftl" }, kcContextCommonMock), { url: Object.assign(Object.assign({}, kcContextCommonMock.url), { loginRestartFlowUrl: "#" }), idpDisplayName: "Google" })),
+      id(Object.assign(Object.assign({ pageId: "select-organization.ftl" }, kcContextCommonMock), { user: {
+        organizations: [
+          {
+            alias: "acme-inc",
+            name: "Acme Incorporated"
+          },
+          {
+            alias: "northwind-traders",
+            name: "Northwind Traders"
+          },
+          {
+            alias: "contoso-labs",
+            name: "Contoso Labs"
+          },
+          {
+            alias: "shared-services"
+          }
+        ]
+      } }))
+    ];
+    {
+      assert();
+      assert();
+    }
+  }
+});
+
+// node_modules/tsafe/esm/exclude.mjs
+function exclude(target) {
+  const test = target instanceof Object ? (element) => target.indexOf(element) < 0 : (element) => element !== target;
+  return function(element) {
+    return test(element);
+  };
+}
+var init_exclude = __esm({
+  "node_modules/tsafe/esm/exclude.mjs"() {
+  }
+});
+
+// node_modules/keycloakify/login/KcContext/getKcContextMock.js
+function createGetKcContextMock(params) {
+  const { kcContextExtension, kcContextExtensionPerPage, overrides: overrides_global, overridesPerPage: overridesPerPage_global } = params;
+  function getKcContextMock2(params2) {
+    var _a;
+    const { pageId, overrides } = params2;
+    const kcContextMock = structuredCloneButFunctions((_a = kcContextMocks.find((kcContextMock2) => kcContextMock2.pageId === pageId)) !== null && _a !== void 0 ? _a : Object.assign(Object.assign({}, kcContextCommonMock), { pageId }));
+    [
+      kcContextExtension,
+      kcContextExtensionPerPage[pageId],
+      overrides_global,
+      overridesPerPage_global === null || overridesPerPage_global === void 0 ? void 0 : overridesPerPage_global[pageId],
+      overrides
+    ].filter(exclude(void 0)).forEach((overrides2) => deepAssign({
+      target: kcContextMock,
+      source: overrides2
+    }));
+    return kcContextMock;
+  }
+  return { getKcContextMock: getKcContextMock2 };
+}
+var init_getKcContextMock = __esm({
+  "node_modules/keycloakify/login/KcContext/getKcContextMock.js"() {
+    init_deepAssign();
+    init_structuredCloneButFunctions();
+    init_kcContextMocks();
+    init_exclude();
+  }
+});
+
+// node_modules/keycloakify/login/KcContext/index.js
+var KcContext_exports = {};
+__export(KcContext_exports, {
+  createGetKcContextMock: () => createGetKcContextMock
+});
+var init_KcContext = __esm({
+  "node_modules/keycloakify/login/KcContext/index.js"() {
+    init_getKcContextMock();
+  }
+});
+
+// bin/cli.ts
+import { createServer } from "http";
+import fs2 from "fs";
+import path2 from "path";
+import process3 from "process";
+import { program } from "commander";
+import open from "open";
+import sirv from "sirv";
+import { watch } from "chokidar";
+import { createJiti } from "jiti";
+
+// tools/generate-preview.ts
+import { spawnSync } from "child_process";
+import fs from "fs";
+import os from "os";
+import path from "path";
+import process2 from "process";
+
+// tools/kc-context-mocks/kc-page.ts
+var { createGetKcContextMock: createGetKcContextMock2 } = await Promise.resolve().then(() => (init_KcContext(), KcContext_exports));
+var { kcContextMocks: kcContextMocks2 } = await Promise.resolve().then(() => (init_kcContextMocks(), kcContextMocks_exports));
+var socialProviders = [
+  { alias: "google", providerId: "google", displayName: "Google", loginUrl: "#" },
+  { alias: "github", providerId: "github", displayName: "GitHub", loginUrl: "#" },
+  { alias: "facebook", providerId: "facebook", displayName: "Facebook", loginUrl: "#" },
+  { alias: "microsoft", providerId: "microsoft", displayName: "Microsoft", loginUrl: "#" }
+];
+var favoritePetAttribute = {
+  name: "favoritePet",
+  displayName: "Favorite pet",
+  required: true,
+  readOnly: false,
+  annotations: { inputType: "select", inputOptionLabelsI18nPrefix: "favoritePet" },
+  html5DataAnnotations: {},
+  validators: { options: { options: ["dog", "cat", "bird", "reptile"] } },
+  values: []
+};
+var { getKcContextMock } = createGetKcContextMock2({
+  kcContextExtension: { properties: {} },
+  overrides: {
+    url: {
+      resourcesPath: "/keycloak-dev-resources",
+      resourcesCommonPath: "/keycloak-dev-resources/resources-common"
+    }
+  },
+  kcContextExtensionPerPage: {
+    "mock-extension-showcase.ftl": {
+      mockExtensionTitle: "KcContext mock extension showcase",
+      mockExtensionIntro: "This custom page demonstrates user-extensible mock fields rendered by a custom FTL template.",
+      mockExtensionSteps: "1) Checkout repository locally\n2) Add custom FTL page\n3) Provide page mocks\n4) Style in editor"
+    }
+  },
+  overridesPerPage: {
+    "login.ftl": { login: { username: "" }, social: { providers: socialProviders } },
+    "login-username.ftl": { login: { username: "" }, social: { providers: socialProviders } },
+    "register.ftl": {
+      termsAcceptanceRequired: true,
+      profile: {
+        attributesByName: {
+          email: { readOnly: true, values: ["john@example.com"] },
+          lastName: { readOnly: true, values: ["Doe"] },
+          favoritePet: favoritePetAttribute
+        }
+      }
+    }
+  }
+});
+
+// tools/kc-context-mocks/kc-page-story.ts
+var stories = {
+  "login": {
+    "minimal": {
+      realm: { internationalizationEnabled: false, rememberMe: false, registrationAllowed: false, resetPasswordAllowed: false },
+      social: { displayInfo: false, providers: [] }
+    },
+    "invalid-state": {
+      realm: { rememberMe: false, resetPasswordAllowed: false },
+      social: { displayInfo: false, providers: [] },
+      message: { type: "info", summary: "infoMessage" },
+      messagesPerField: { username: "Invalid username or password.", password: "Invalid username or password." }
+    }
+  }
+};
+
+// tools/kc-context-mocks/index.ts
+function resolveContextMocks() {
+  const pages = {};
+  const allPageIds = [
+    ...kcContextMocks2.map((m) => m.pageId),
+    "mock-extension-showcase.ftl"
+  ];
+  for (const pageId of allPageIds) {
+    const name = pageId.replace(".ftl", "");
+    const ctx = JSON.parse(JSON.stringify(getKcContextMock({ pageId })));
+    pages[name] = ctx;
+    for (const [storyId, override] of Object.entries(stories[name] ?? {})) {
+      pages[`${name}@${storyId}`] = JSON.parse(JSON.stringify(
+        getKcContextMock({ pageId, overrides: override })
+      ));
+    }
+  }
+  return { common: {}, pages };
+}
+
+// tools/generate-preview.ts
+var MIN_JAVA = 25;
+var isWindows = process2.platform === "win32";
+var SCRIPT_TAG_PATTERN = /<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi;
+function stripScriptTags(html) {
+  if (!html) {
+    return "";
+  }
+  return html.replace(SCRIPT_TAG_PATTERN, "");
+}
+function readJson(filePath) {
+  if (!fs.existsSync(filePath)) {
+    return null;
+  }
+  try {
+    return JSON.parse(fs.readFileSync(filePath, "utf8"));
+  } catch {
+    return null;
+  }
+}
+function getJavaMajorVersion() {
+  const result = spawnSync("java", ["-version"], {
+    stdio: ["ignore", "pipe", "pipe"],
+    encoding: "utf8",
+    shell: isWindows
+  });
+  if (result.status !== 0) {
+    return null;
+  }
+  const match = `${result.stdout || ""}
+${result.stderr || ""}`.match(/version\s+"([^"]+)"/i);
+  if (!match) {
+    return null;
+  }
+  const major = Number.parseInt(match[1].split(/[._-]/)[0], 10);
+  return Number.isFinite(major) ? major : null;
+}
+function toForwardSlashPath(filePath) {
+  return filePath.replaceAll("\\", "/");
+}
+function mergeMocks(base, additional) {
+  return {
+    common: { ...base.common, ...additional.common },
+    pages: { ...base.pages, ...additional.pages }
+  };
+}
+function writeTempContextMocksFile(additionalMocks) {
+  const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "preview-context-mocks-"));
+  const filePath = path.join(tempDir, "kc-context-mocks.json");
+  let mocks = resolveContextMocks();
+  if (additionalMocks) {
+    mocks = mergeMocks(mocks, additionalMocks);
+  }
+  fs.writeFileSync(filePath, `${JSON.stringify(mocks, null, 2)}
+`, "utf8");
+  return { tempDir, filePath };
+}
+function resolveCustomMocksPath(packageRoot) {
+  const envPath = process2.env.PREVIEW_CUSTOM_MOCKS;
+  if (envPath) {
+    const resolvedPath = path.isAbsolute(envPath) ? envPath : path.resolve(packageRoot, envPath);
+    if (fs.existsSync(resolvedPath)) {
+      return resolvedPath;
+    }
+  }
+  return void 0;
+}
+function runJar(params) {
+  const { jarPath, contextMocksPath, packageRoot, outputDir, customMocksPath } = params;
+  const args = [
+    "-jar",
+    jarPath,
+    `--context-mocks=${toForwardSlashPath(contextMocksPath)}`,
+    `--input=${toForwardSlashPath(path.join(packageRoot, "public/keycloak-upstream"))}`,
+    `--overrides=${toForwardSlashPath(path.join(packageRoot, "public/keycloak-dev-resources/themes"))}`,
+    `--presets=${toForwardSlashPath(path.join(packageRoot, "public/keycloak-dev-resources/themes"))}`,
+    `--output=${toForwardSlashPath(outputDir)}`,
+    ...customMocksPath ? [`--custom-mocks=${toForwardSlashPath(customMocksPath)}`] : []
+  ];
+  return spawnSync("java", args, {
+    stdio: "inherit",
+    shell: isWindows
+  });
+}
+function runMaven(pomPath, contextMocksPath, customMocksPath) {
+  const execArgs = [
+    `--context-mocks=${toForwardSlashPath(contextMocksPath)}`,
+    ...customMocksPath ? [`--custom-mocks=${toForwardSlashPath(customMocksPath)}`] : []
+  ].join(" ");
+  const mavenOpts = [
+    process2.env.MAVEN_OPTS || "",
+    "--enable-native-access=ALL-UNNAMED",
+    "--sun-misc-unsafe-memory-access=allow"
+  ].filter(Boolean).join(" ");
+  return spawnSync("mvn", [
+    "-f",
+    pomPath,
+    "compile",
+    "exec:java",
+    "-Dexec.mainClass=com.keycloaktheme.preview.PreviewRendererMain",
+    `-Dexec.args="${execArgs}"`
+  ], {
+    stdio: "inherit",
+    shell: isWindows,
+    env: { ...process2.env, MAVEN_OPTS: mavenOpts }
+  });
+}
+function resolveExpectedDataPageId(pageId) {
+  const normalizedPageId = pageId.trim().replace(/\.html$/i, "");
+  if (!normalizedPageId) {
+    return "login";
+  }
+  return `login-${normalizedPageId}`;
+}
+function validateStoryHtmlContract(params) {
+  const { variantId, pageId, storyId, html } = params;
+  const trimmed = html.trim();
+  if (!/<html\b/i.test(trimmed) || !/<body\b/i.test(trimmed)) {
+    throw new Error(
+      `Invalid preview story markup for ${variantId}/${pageId}/${storyId}: expected a full HTML document with <html> and <body>.`
+    );
+  }
+  const match = trimmed.match(/<body\b[^>]*\bdata-page-id\s*=\s*(['"])([^'"]+)\1/i);
+  if (!match) {
+    throw new Error(
+      `Invalid preview story markup for ${variantId}/${pageId}/${storyId}: missing body[data-page-id].`
+    );
+  }
+  const actualPageId = match[2];
+  const expectedPageId = resolveExpectedDataPageId(pageId);
+  if (actualPageId !== expectedPageId) {
+    throw new Error(
+      `Invalid preview story markup for ${variantId}/${pageId}/${storyId}: expected data-page-id="${expectedPageId}", got "${actualPageId}".`
+    );
+  }
+}
+function normalizeStoriesForPage(params) {
+  const { variantId, pageId, rawPage } = params;
+  if (!rawPage || typeof rawPage !== "object" || Array.isArray(rawPage)) {
+    throw new Error(`Invalid preview page payload for ${variantId}/${pageId}: expected story object.`);
+  }
+  const rawStories = rawPage;
+  if (typeof rawStories.default !== "string") {
+    throw new Error(`Invalid preview page payload for ${variantId}/${pageId}: missing default story.`);
+  }
+  const stories2 = {};
+  for (const [storyId, storyHtml] of Object.entries(rawStories)) {
+    if (typeof storyHtml !== "string") {
+      throw new Error(`Invalid preview story payload for ${variantId}/${pageId}/${storyId}: expected string HTML.`);
+    }
+    const sanitizedStoryHtml = stripScriptTags(storyHtml);
+    validateStoryHtmlContract({
+      variantId,
+      pageId,
+      storyId,
+      html: sanitizedStoryHtml
+    });
+    stories2[storyId] = sanitizedStoryHtml;
+  }
+  return stories2;
+}
+function normalizeVariants(raw) {
+  const variants = {};
+  for (const [variantId, pages] of Object.entries(raw.variants)) {
+    const variantPages = {};
+    for (const [pageId, rawPage] of Object.entries(pages ?? {})) {
+      variantPages[pageId] = normalizeStoriesForPage({
+        variantId,
+        pageId,
+        rawPage
+      });
+    }
+    variants[variantId] = variantPages;
+  }
+  return variants;
+}
+function generatePreview(options = {}) {
+  const packageRoot = options.packageRoot ?? process2.cwd();
+  const outputPath = options.outputPath ?? path.join(packageRoot, "src", "features", "preview", "generated", "pages.json");
+  const log = options.quiet ? () => {
+  } : (msg) => process2.stdout.write(msg);
+  const javaVersion = getJavaMajorVersion();
+  if (!javaVersion || javaVersion < MIN_JAVA) {
+    const error = `Java ${MIN_JAVA}+ required (found ${javaVersion ?? "none"}). Set JAVA_HOME or add java to PATH.`;
+    process2.stderr.write(`${error}
+`);
+    return { success: false, outputPath, error };
+  }
+  log(`Generating preview artifacts (Java ${javaVersion})...
+`);
+  const { tempDir, filePath } = writeTempContextMocksFile(options.additionalMocks);
+  const customMocksPath = options.customMocksPath ?? resolveCustomMocksPath(packageRoot);
+  const outputDir = path.dirname(outputPath);
+  fs.mkdirSync(outputDir, { recursive: true });
+  let result;
+  if (options.jarPath) {
+    result = runJar({
+      jarPath: options.jarPath,
+      contextMocksPath: filePath,
+      packageRoot,
+      outputDir,
+      customMocksPath
+    });
+  } else {
+    const pomPath = path.join(packageRoot, "tools", "preview-renderer", "pom.xml");
+    result = runMaven(pomPath, filePath, customMocksPath);
+  }
+  fs.rmSync(tempDir, { recursive: true, force: true });
+  if (result.status !== 0) {
+    return { success: false, outputPath, error: `Java renderer exited with code ${result.status}` };
+  }
+  const raw = readJson(outputPath);
+  if (!raw?.variants || Object.keys(raw.variants).length === 0) {
+    return { success: false, outputPath, error: `Generated artifact is missing variants: ${outputPath}` };
+  }
+  const variants = normalizeVariants(raw);
+  const pagesData = {
+    generatedAt: raw.generatedAt,
+    keycloakTag: raw.keycloakTag,
+    variants
+  };
+  fs.writeFileSync(outputPath, `${JSON.stringify(pagesData, null, 2)}
+`, "utf8");
+  log("Preview generation complete.\n");
+  return { success: true, outputPath, pagesData };
+}
+var isDirectRun = process2.argv[1]?.replace(/\\/g, "/").endsWith("tools/generate-preview.ts") || process2.argv[1]?.replace(/\\/g, "/").endsWith("tools/generate-preview");
+if (isDirectRun) {
+  const result = generatePreview();
+  if (!result.success) {
+    process2.exitCode = 1;
+  }
+}
+
+// bin/cli.ts
+var PACKAGE_ROOT = path2.resolve(import.meta.dirname, "..");
+var DEFAULT_PORT = 4800;
+var MIN_JAVA2 = 25;
+var sseClients = /* @__PURE__ */ new Set();
+function resolveUserPagesDir(pagesArg) {
+  if (pagesArg) {
+    const resolved = path2.resolve(pagesArg);
+    if (!fs2.existsSync(resolved)) {
+      console.error(`Pages directory not found: ${resolved}`);
+      process3.exit(1);
+    }
+    return resolved;
+  }
+  const conventions = ["./pages", "./keycloak-theme", "./src/keycloak-theme"];
+  for (const dir of conventions) {
+    const resolved = path2.resolve(dir);
+    if (fs2.existsSync(resolved)) {
+      console.log(`Auto-discovered pages directory: ${resolved}`);
+      return resolved;
+    }
+  }
+  return void 0;
+}
+async function loadUserMocks(pagesDir) {
+  const kcPagePath = path2.join(pagesDir, "kc-page.ts");
+  const kcPageJsPath = path2.join(pagesDir, "kc-page.js");
+  const userPageFile = fs2.existsSync(kcPagePath) ? kcPagePath : fs2.existsSync(kcPageJsPath) ? kcPageJsPath : null;
+  if (!userPageFile) {
+    return void 0;
+  }
+  console.log(`Loading user page mocks from: ${userPageFile}`);
+  const jiti = createJiti(pagesDir, { interopDefault: true });
+  const userPage = await jiti.import(userPageFile);
+  if (!userPage.getKcContextMock || !userPage.kcContextMocks) {
+    console.warn("Warning: kc-page.ts must export getKcContextMock and kcContextMocks. Skipping user mocks.");
+    return void 0;
+  }
+  const storyPath = path2.join(pagesDir, "kc-page-story.ts");
+  const storyJsPath = path2.join(pagesDir, "kc-page-story.js");
+  const storyFile = fs2.existsSync(storyPath) ? storyPath : fs2.existsSync(storyJsPath) ? storyJsPath : null;
+  let userStories = {};
+  if (storyFile) {
+    const storyModule = await jiti.import(storyFile);
+    userStories = storyModule.stories ?? {};
+  }
+  const pages = {};
+  for (const mock of userPage.kcContextMocks) {
+    const name = mock.pageId.replace(".ftl", "");
+    pages[name] = JSON.parse(JSON.stringify(
+      userPage.getKcContextMock({ pageId: mock.pageId })
+    ));
+    for (const [storyId, override] of Object.entries(userStories[name] ?? {})) {
+      pages[`${name}@${storyId}`] = JSON.parse(JSON.stringify(
+        userPage.getKcContextMock({ pageId: mock.pageId, overrides: override })
+      ));
+    }
+  }
+  return { common: {}, pages };
+}
+function broadcastSSE(event, data) {
+  const message = `event: ${event}
+data: ${data ?? ""}
+
+`;
+  for (const client of sseClients) {
+    client.write(message);
+  }
+}
+function startServer(opts) {
+  const { port, distDir, pagesJsonPath, publicDir } = opts;
+  const serveDist = sirv(distDir, { single: true, dev: true });
+  const servePublic = sirv(publicDir, { dev: true });
+  const server = createServer((req, res) => {
+    const url = req.url ?? "/";
+    if (url === "/api/pages.json") {
+      if (!fs2.existsSync(pagesJsonPath)) {
+        res.writeHead(404, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "pages.json not generated yet" }));
+        return;
+      }
+      res.writeHead(200, {
+        "Content-Type": "application/json",
+        "Cache-Control": "no-cache"
+      });
+      fs2.createReadStream(pagesJsonPath).pipe(res);
+      return;
+    }
+    if (url === "/api/events") {
+      res.writeHead(200, {
+        "Content-Type": "text/event-stream",
+        "Cache-Control": "no-cache",
+        "Connection": "keep-alive"
+      });
+      res.write("event: connected\ndata: \n\n");
+      sseClients.add(res);
+      req.on("close", () => sseClients.delete(res));
+      return;
+    }
+    if (url.startsWith("/keycloak-upstream/") || url.startsWith("/keycloak-dev-resources/")) {
+      servePublic(req, res, () => {
+        res.writeHead(404);
+        res.end("Not found");
+      });
+      return;
+    }
+    serveDist(req, res, () => {
+      res.writeHead(404);
+      res.end("Not found");
+    });
+  });
+  server.listen(port, () => {
+    console.log(`
+  Keycloak Theme Editor running at:
+`);
+    console.log(`    http://localhost:${port}
+`);
+  });
+  return server;
+}
+function startWatcher(opts) {
+  const { pagesDir, jarPath, outputPath, additionalMocks } = opts;
+  let debounceTimer = null;
+  const watcher = watch(pagesDir, {
+    ignoreInitial: true,
+    ignored: /(^|[/\\])\../
+    // ignore dotfiles
+  });
+  function regenerate() {
+    console.log("File change detected, regenerating previews...");
+    const result = generatePreview({
+      packageRoot: PACKAGE_ROOT,
+      jarPath,
+      outputPath,
+      additionalMocks,
+      quiet: true
+    });
+    if (result.success) {
+      console.log("Previews regenerated.");
+      broadcastSSE("pages-updated");
+    } else {
+      console.error("Preview regeneration failed:", result.error);
+    }
+  }
+  watcher.on("all", (_event, filePath) => {
+    if (!filePath.endsWith(".ftl") && !filePath.endsWith(".properties")) {
+      return;
+    }
+    if (debounceTimer) {
+      clearTimeout(debounceTimer);
+    }
+    debounceTimer = setTimeout(regenerate, 300);
+  });
+  return watcher;
+}
+function initProject() {
+  const pagesDir = path2.resolve("pages");
+  if (fs2.existsSync(pagesDir)) {
+    console.error(`Directory already exists: ${pagesDir}`);
+    process3.exit(1);
+  }
+  const loginDir = path2.join(pagesDir, "login");
+  fs2.mkdirSync(loginDir, { recursive: true });
+  fs2.writeFileSync(path2.join(loginDir, "my-custom-page.ftl"), `<#import "template.ftl" as layout>
+<@layout.registrationLayout displayMessage=true; section>
+    <#if section = "header">
+        \${msg("loginAccountTitle")}
+    <#elseif section = "form">
+        <div id="kc-form">
+            <p>This is a custom page. Edit this template and it will live-reload in the editor.</p>
+        </div>
+    </#if>
+</@layout.registrationLayout>
+`);
+  fs2.writeFileSync(path2.join(pagesDir, "kc-page.ts"), `import { createGetKcContextMock } from "keycloakify/login/KcContext";
+export { kcContextMocks } from "keycloakify/login/KcContext/kcContextMocks";
+
+export const { getKcContextMock } = createGetKcContextMock({
+  kcContextExtension: { properties: {} },
+  overrides: {
+    url: {
+      resourcesPath: "/keycloak-dev-resources",
+      resourcesCommonPath: "/keycloak-dev-resources/resources-common",
+    },
+  },
+  kcContextExtensionPerPage: {
+    // Add custom page context here:
+    // "my-custom-page.ftl": { myField: "value" },
+  },
+  overridesPerPage: {},
+});
+`);
+  fs2.writeFileSync(path2.join(pagesDir, "kc-page-story.ts"), `// Define story variants for different page states.
+// Each story renders the page with different mock context values.
+export const stories: Record<string, Record<string, Record<string, unknown>>> = {
+  // Example:
+  // "login": {
+  //   "with-error": {
+  //     message: { type: "error", summary: "Invalid credentials" },
+  //   },
+  // },
+};
+`);
+  console.log(`
+Created pages directory: ${pagesDir}
+`);
+  console.log("Files:");
+  console.log("  pages/login/my-custom-page.ftl   \u2014 example custom FTL template");
+  console.log("  pages/kc-page.ts                 \u2014 page context mocks (requires keycloakify)");
+  console.log("  pages/kc-page-story.ts           \u2014 story variants for different states");
+  console.log("\nNext steps:");
+  console.log("  npm install keycloakify           \u2014 install keycloakify for custom page mocks");
+  console.log("  npx keycloak-theme-editor         \u2014 start the editor (auto-discovers ./pages)");
+  console.log("");
+}
+async function main() {
+  program.name("keycloak-theme-editor").description("Visual theme editor for Keycloak login pages").option("--pages <dir>", "Path to custom FTL pages directory").option("--port <number>", "Port to run the editor on", String(DEFAULT_PORT)).option("--no-open", "Do not open browser automatically");
+  program.command("init").description("Scaffold a pages directory with example custom FTL + mocks").action(() => {
+    initProject();
+    process3.exit(0);
+  });
+  program.parse();
+  const opts = program.opts();
+  const port = Number.parseInt(opts.port, 10);
+  const userPagesDir = resolveUserPagesDir(opts.pages);
+  const javaVersion = getJavaMajorVersion();
+  if (!javaVersion || javaVersion < MIN_JAVA2) {
+    console.error(`Java ${MIN_JAVA2}+ is required (found ${javaVersion ?? "none"}).`);
+    console.error("Install Java and ensure it is on your PATH, or set JAVA_HOME.");
+    process3.exit(1);
+  }
+  const jarPath = path2.join(PACKAGE_ROOT, "tools", "preview-renderer", "preview-renderer.jar");
+  const distDir = path2.join(PACKAGE_ROOT, "dist");
+  const publicDir = path2.join(PACKAGE_ROOT, "public");
+  const outputDir = fs2.mkdtempSync(path2.join(import.meta.dirname, ".preview-"));
+  const pagesJsonPath = path2.join(outputDir, "pages.json");
+  if (!fs2.existsSync(jarPath)) {
+    console.error(`Renderer JAR not found at ${jarPath}`);
+    console.error('Run "npm run build:jar" first, or reinstall the package.');
+    process3.exit(1);
+  }
+  if (!fs2.existsSync(distDir)) {
+    console.error(`Built SPA not found at ${distDir}`);
+    console.error('Run "npm run build" first, or reinstall the package.');
+    process3.exit(1);
+  }
+  let additionalMocks;
+  if (userPagesDir) {
+    additionalMocks = await loadUserMocks(userPagesDir);
+  }
+  console.log("Generating preview pages...");
+  const result = generatePreview({
+    packageRoot: PACKAGE_ROOT,
+    jarPath,
+    outputPath: pagesJsonPath,
+    additionalMocks
+  });
+  if (!result.success) {
+    console.error("Failed to generate previews:", result.error);
+    process3.exit(1);
+  }
+  startServer({ port, distDir, pagesJsonPath, publicDir });
+  if (userPagesDir) {
+    startWatcher({ pagesDir: userPagesDir, jarPath, outputPath: pagesJsonPath, additionalMocks });
+    console.log(`  Watching for changes in: ${userPagesDir}`);
+  }
+  if (opts.open) {
+    await open(`http://localhost:${port}`);
+  }
+  process3.on("SIGINT", () => {
+    fs2.rmSync(outputDir, { recursive: true, force: true });
+    process3.exit(0);
+  });
+  process3.on("SIGTERM", () => {
+    fs2.rmSync(outputDir, { recursive: true, force: true });
+    process3.exit(0);
+  });
+}
+main().catch((err) => {
+  console.error(err);
+  process3.exit(1);
+});