From 38c952cb9a9533d29d812d2a3730d53515be3d9b Mon Sep 17 00:00:00 2001
From: Gurukishore Bolisetty <gurukishore.bolisetty1@digital.homeoffice.gov.uk>
Date: Tue, 22 Oct 2024 12:12:22 +0100
Subject: [PATCH 1/6] updated keycloack to latest version V15.1.1.

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 82baf31..b3bb574 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -12,7 +12,7 @@ services:
 
   keycloak:
     container_name: keycloak
-    image: quay.io/ukhomeofficedigital/keycloak:v15.0.2
+    image: quay.io/ukhomeofficedigital/keycloak:v15.1.1
     ports:
     - "8080:8080"
     links:

From 3910c5b2ecc591cf636c6916ec900137047a6928 Mon Sep 17 00:00:00 2001
From: Gurukishore Bolisetty <gurukishore.bolisetty1@digital.homeoffice.gov.uk>
Date: Tue, 22 Oct 2024 12:13:19 +0100
Subject: [PATCH 2/6] updated term messages

---
 govuk-internal-dq/login/messages/messages_en.properties | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/govuk-internal-dq/login/messages/messages_en.properties b/govuk-internal-dq/login/messages/messages_en.properties
index e83c605..8249631 100644
--- a/govuk-internal-dq/login/messages/messages_en.properties
+++ b/govuk-internal-dq/login/messages/messages_en.properties
@@ -8,3 +8,12 @@ termsText=<h2>It is an offence to continue without proper authority.</h2>\
 <p>Communications using this service will also be monitored and may be recorded to secure the effective operation and for other lawful business purposes.</p>\
 <p>Communications using these services will also be monitored and may be recorded to secure the effective operation and for other lawful business purposes.</p>\
 <p>Unauthorised access or attempts to alter, destroy or damage data, programs or equipment could result in criminal prosecution under the Computer Misuse Act (1990)</p>
+loginTotpStep1=Install the Google  Authenticator  app  on your  mobile.
+loginTotpStep2=Open  the app and, using  the camera  on your  phone, scan the QR code below.
+loginTotpStep3=Google  Authenticator  will provide  a one-time code. Enter this code into the box below. Select ''Continue''.
+loginTotpOneTime=Code from Google Authenticator
+emailVerifyTitle=Verify your email
+emailVerifyInstruction1=An email with instructions to verify your email address has been sent to you.
+emailVerifyInstruction2=If you haven''t received the verification code,
+emailVerifyInstruction3=you can
+emailResentClickMessage=get the email resent
\ No newline at end of file

From fcc55cdbbcad5a25e27b9e3ffdc6d3783f925680 Mon Sep 17 00:00:00 2001
From: Gurukishore Bolisetty <gurukishore.bolisetty1@digital.homeoffice.gov.uk>
Date: Tue, 22 Oct 2024 12:13:55 +0100
Subject: [PATCH 3/6] revert keycloack version to v15.0.0

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index b3bb574..2ddb5a2 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -12,7 +12,7 @@ services:
 
   keycloak:
     container_name: keycloak
-    image: quay.io/ukhomeofficedigital/keycloak:v15.1.1
+    image: quay.io/ukhomeofficedigital/keycloak:v15.0.0
     ports:
     - "8080:8080"
     links:

From 3d9dbab30c990cf7380d2f950a0029636d8014c8 Mon Sep 17 00:00:00 2001
From: Gurukishore Bolisetty <gurukishore.bolisetty1@digital.homeoffice.gov.uk>
Date: Tue, 22 Oct 2024 12:15:42 +0100
Subject: [PATCH 4/6] updated govuk-internal-dq with otp config

---
 govuk-internal-dq/login-config-totp.ftl | 35 ++++++++++++
 govuk-internal-dq/login-otp.ftl         | 71 +++++++++++++++++++++++++
 2 files changed, 106 insertions(+)
 create mode 100644 govuk-internal-dq/login-config-totp.ftl
 create mode 100644 govuk-internal-dq/login-otp.ftl

diff --git a/govuk-internal-dq/login-config-totp.ftl b/govuk-internal-dq/login-config-totp.ftl
new file mode 100644
index 0000000..faa85ed
--- /dev/null
+++ b/govuk-internal-dq/login-config-totp.ftl
@@ -0,0 +1,35 @@
+<#import "template.ftl" as layout>
+<@layout.registrationLayout displayInfo=true; section>
+    <#if section = "title">
+        ${msg("loginTotpTitle")}
+    <#elseif section = "header">
+        ${msg("loginTotpTitle")}
+    <#elseif section = "form">
+<ol id="kc-totp-settings" class="list list-number">
+    <li>
+        <p>${msg("loginTotpStep1")}</p>
+        </li>
+    <li>
+        <p>${msg("loginTotpStep2")}</p>
+        <img id="kc-totp-secret-qr-code" src="data:image/png;base64, ${totp.totpSecretQrCode}" alt="Figure: Barcode"><br/>
+        <span class="code">${totp.totpSecretEncoded}</span>
+        </li>
+    <li>
+        <p>${msg("loginTotpStep3")}</p>
+        </li>
+    </ol>
+    <form action="${url.loginAction}" class="${properties.kcFormClass!}" id="kc-totp-settings-form" method="post">
+        <div class="${properties.kcFormGroupClass!}">
+            <div class="${properties.kcLabelWrapperClass!}">
+                <label for="totp" class="${properties.kcLabelClass!}">${msg("loginTotpOneTime")}</label>
+            </div>
+            <div class="${properties.kcInputWrapperClass!}">
+                <input type="text" id="totp" name="totp" autocomplete="off" class="${properties.kcInputClass!}" />
+            </div>
+            <input type="hidden" id="totpSecret" name="totpSecret" value="${totp.totpSecret}" />
+        </div>
+
+        <input class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonLargeClass!}" type="submit" value="${msg("doSubmit")}"/>
+    </form>
+    </#if>
+</@layout.registrationLayout>
diff --git a/govuk-internal-dq/login-otp.ftl b/govuk-internal-dq/login-otp.ftl
new file mode 100644
index 0000000..ee4f0ad
--- /dev/null
+++ b/govuk-internal-dq/login-otp.ftl
@@ -0,0 +1,71 @@
+<#import "template.ftl" as layout>
+    <@layout.registrationLayout; section>
+        <#if section="header">
+            ${msg("doLogIn")}
+            <#elseif section="form">
+                <form id="kc-otp-login-form" class="${properties.kcFormClass!}" action="${url.loginAction}"
+                    method="post">
+                    <#if otpLogin.userOtpCredentials?size gt 1>
+                        <div class="${properties.kcFormGroupClass!}">
+                            <div class="${properties.kcInputWrapperClass!}">
+                                <#list otpLogin.userOtpCredentials as otpCredential>
+                                    <div class="${properties.kcSelectOTPListClass!}">
+                                    <input type="hidden" value="${otpCredential.id}">
+                                        <div class="${properties.kcSelectOTPListItemClass!}">
+                                            <span class="${properties.kcAuthenticatorOtpCircleClass!}"></span>
+                                            <h2 class="${properties.kcSelectOTPItemHeadingClass!}">
+                                                ${otpCredential.userLabel}
+                                            </h2>
+                                        </div>
+                                    </div>
+                                </#list>
+                            </div>
+                        </div>
+                    </#if>
+
+                    <div class="${properties.kcFormGroupClass!}">
+                        <div class="${properties.kcLabelWrapperClass!}">
+                            <label for="otp" class="${properties.kcLabelClass!}">${msg("loginOtpOneTime")}</label>
+                        </div>
+                        <p>The one-time code is available in the Google Authenticator application, which you downloaded to your mobile phone when you set up this account</p>
+
+                        <div class="${properties.kcInputWrapperClass!}">
+                            <input id="otp" name="otp" autocomplete="off" type="text" class="${properties.kcInputClass!}"
+                            autofocus/>
+                        </div>
+                    </div>
+
+                    <div class="${properties.kcFormGroupClass!}">
+                        <div id="kc-form-options" class="${properties.kcFormOptionsClass!}">
+                            <div class="${properties.kcFormOptionsWrapperClass!}">
+                            </div>
+                        </div>
+
+                        <div id="kc-form-buttons" class="${properties.kcFormButtonsClass!}">
+                            <input
+                                class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonBlockClass!} ${properties.kcButtonLargeClass!}"
+                                name="login" id="kc-login" type="submit" value="${msg("doLogIn")}" />
+                        </div>
+                    </div>
+                </form>
+            <script type="text/javascript" src="${url.resourcesCommonPath}/node_modules/jquery/dist/jquery.min.js"></script>
+            <script type="text/javascript">
+            $(document).ready(function() {
+                // Card Single Select
+                $('.card-pf-view-single-select').click(function() {
+                  if ($(this).hasClass('active'))
+                  { $(this).removeClass('active'); $(this).children().removeAttr('name'); }
+                  else
+                  { $('.card-pf-view-single-select').removeClass('active');
+                  $('.card-pf-view-single-select').children().removeAttr('name');
+                  $(this).addClass('active'); $(this).children().attr('name', 'selectedCredentialId'); }
+                });
+
+                var defaultCred = $('.card-pf-view-single-select')[0];
+                if (defaultCred) {
+                    defaultCred.click();
+                }
+              });
+            </script>
+        </#if>
+    </@layout.registrationLayout>
\ No newline at end of file

From 26b8abe9e78bf13260fcf9703b50e44523b5cb94 Mon Sep 17 00:00:00 2001
From: Gurukishore Bolisetty <gurukishore.bolisetty1@digital.homeoffice.gov.uk>
Date: Tue, 22 Oct 2024 12:17:07 +0100
Subject: [PATCH 5/6] revert keycloack version to v15.0.2

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 2ddb5a2..82baf31 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -12,7 +12,7 @@ services:
 
   keycloak:
     container_name: keycloak
-    image: quay.io/ukhomeofficedigital/keycloak:v15.0.0
+    image: quay.io/ukhomeofficedigital/keycloak:v15.0.2
     ports:
     - "8080:8080"
     links:

From 64dd981cebad7f26fbc5be70aeaa6f052a61736e Mon Sep 17 00:00:00 2001
From: Gurukishore Bolisetty <gurukishore.bolisetty1@digital.homeoffice.gov.uk>
Date: Tue, 22 Oct 2024 16:15:58 +0100
Subject: [PATCH 6/6] updated text

---
 govuk-internal-dq/login-otp.ftl                         | 2 +-
 govuk-internal-dq/login/messages/messages_en.properties | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/govuk-internal-dq/login-otp.ftl b/govuk-internal-dq/login-otp.ftl
index ee4f0ad..90cb369 100644
--- a/govuk-internal-dq/login-otp.ftl
+++ b/govuk-internal-dq/login-otp.ftl
@@ -27,7 +27,7 @@
                         <div class="${properties.kcLabelWrapperClass!}">
                             <label for="otp" class="${properties.kcLabelClass!}">${msg("loginOtpOneTime")}</label>
                         </div>
-                        <p>The one-time code is available in the Google Authenticator application, which you downloaded to your mobile phone when you set up this account</p>
+                        <p>The one-time code is available in the FreeOTP Authenticator application, which you downloaded to your mobile phone when you set up this account</p>
 
                         <div class="${properties.kcInputWrapperClass!}">
                             <input id="otp" name="otp" autocomplete="off" type="text" class="${properties.kcInputClass!}"
diff --git a/govuk-internal-dq/login/messages/messages_en.properties b/govuk-internal-dq/login/messages/messages_en.properties
index 8249631..82b3142 100644
--- a/govuk-internal-dq/login/messages/messages_en.properties
+++ b/govuk-internal-dq/login/messages/messages_en.properties
@@ -8,10 +8,11 @@ termsText=<h2>It is an offence to continue without proper authority.</h2>\
 <p>Communications using this service will also be monitored and may be recorded to secure the effective operation and for other lawful business purposes.</p>\
 <p>Communications using these services will also be monitored and may be recorded to secure the effective operation and for other lawful business purposes.</p>\
 <p>Unauthorised access or attempts to alter, destroy or damage data, programs or equipment could result in criminal prosecution under the Computer Misuse Act (1990)</p>
-loginTotpStep1=Install the Google  Authenticator  app  on your  mobile.
+loginTotpStep1=Install the FreeOTP  Authenticator  app  on your  mobile.
 loginTotpStep2=Open  the app and, using  the camera  on your  phone, scan the QR code below.
-loginTotpStep3=Google  Authenticator  will provide  a one-time code. Enter this code into the box below. Select ''Continue''.
-loginTotpOneTime=Code from Google Authenticator
+loginTotpStep3=Enter the one-time code provided by the application and click Submit to finish the setup. 
+<p>rovide a Device Name to help you manage your OTP devices.</p>
+loginTotpOneTime=Code from FreeOTP Authenticator
 emailVerifyTitle=Verify your email
 emailVerifyInstruction1=An email with instructions to verify your email address has been sent to you.
 emailVerifyInstruction2=If you haven''t received the verification code,