From 66c5c13edab0b1aec67dd381ef5e3e18323af934 Mon Sep 17 00:00:00 2001 From: pmellati Date: Thu, 3 Sep 2020 16:14:36 +1000 Subject: [PATCH] Add offline_session_max_lifespan_enabled attribute to realm. --- docs-old/resources/keycloak_realm.md | 1 + docs/resources/realm.md | 1 + keycloak/realm.go | 1 + provider/data_source_keycloak_realm.go | 4 ++++ provider/resource_keycloak_realm.go | 10 ++++++++++ 5 files changed, 17 insertions(+) diff --git a/docs-old/resources/keycloak_realm.md b/docs-old/resources/keycloak_realm.md index 07f12e954..f0d7bd6c9 100644 --- a/docs-old/resources/keycloak_realm.md +++ b/docs-old/resources/keycloak_realm.md @@ -116,6 +116,7 @@ The attributes below should be specified as [Go duration strings](https://golang - `sso_session_max_lifespan_remember_me` - (Optional) The maximum amount of time before a "remember me" session expires regardless of activity. - `offline_session_idle_timeout` - (Optional) The amount of time an offline session can be idle before it expires. - `offline_session_max_lifespan` - (Optional) The maximum amount of time before an offline session expires regardless of activity. +- `offline_session_max_lifespan_enabled` - (Optional) Enable `offline_session_max_lifespan`. - `access_token_lifespan` - (Optional) The amount of time an access token can be used before it expires. - `access_token_lifespan_for_implicit_flow` - (Optional) The amount of time an access token issued with the OpenID Connect Implicit Flow can be used before it expires. - `access_code_lifespan` - (Optional) The maximum amount of time a client has to finish the authorization code flow. diff --git a/docs/resources/realm.md b/docs/resources/realm.md index cb3b432ea..0160b2792 100644 --- a/docs/resources/realm.md +++ b/docs/resources/realm.md @@ -118,6 +118,7 @@ The arguments below should be specified as [Go duration strings](https://golang. - `sso_session_max_lifespan` - (Optional) The maximum amount of time before a session expires regardless of activity. - `offline_session_idle_timeout` - (Optional) The amount of time an offline session can be idle before it expires. - `offline_session_max_lifespan` - (Optional) The maximum amount of time before an offline session expires regardless of activity. +- `offline_session_max_lifespan_enabled` - (Optional) Enable `offline_session_max_lifespan`. - `access_token_lifespan` - (Optional) The amount of time an access token can be used before it expires. - `access_token_lifespan_for_implicit_flow` - (Optional) The amount of time an access token issued with the OpenID Connect Implicit Flow can be used before it expires. - `access_code_lifespan` - (Optional) The maximum amount of time a client has to finish the authorization code flow. diff --git a/keycloak/realm.go b/keycloak/realm.go index d62dd40d4..f1b6f530b 100644 --- a/keycloak/realm.go +++ b/keycloak/realm.go @@ -58,6 +58,7 @@ type Realm struct { SsoSessionMaxLifespanRememberMe int `json:"ssoSessionMaxLifespanRememberMe,omitempty"` OfflineSessionIdleTimeout int `json:"offlineSessionIdleTimeout,omitempty"` OfflineSessionMaxLifespan int `json:"offlineSessionMaxLifespan,omitempty"` + OfflineSessionMaxLifespanEnabled bool `json:"offlineSessionMaxLifespanEnabled,omitempty"` AccessTokenLifespan int `json:"accessTokenLifespan,omitempty"` AccessTokenLifespanForImplicitFlow int `json:"accessTokenLifespanForImplicitFlow,omitempty"` AccessCodeLifespan int `json:"accessCodeLifespan,omitempty"` diff --git a/provider/data_source_keycloak_realm.go b/provider/data_source_keycloak_realm.go index 992ce463f..563f5dd4d 100644 --- a/provider/data_source_keycloak_realm.go +++ b/provider/data_source_keycloak_realm.go @@ -196,6 +196,10 @@ func dataSourceKeycloakRealm() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "offline_session_max_lifespan_enabled": { + Type: schema.TypeBool, + Computed: true, + }, "access_token_lifespan": { Type: schema.TypeString, Computed: true, diff --git a/provider/resource_keycloak_realm.go b/provider/resource_keycloak_realm.go index 9fe27859d..1a7286214 100644 --- a/provider/resource_keycloak_realm.go +++ b/provider/resource_keycloak_realm.go @@ -228,6 +228,11 @@ func resourceKeycloakRealm() *schema.Resource { Computed: true, DiffSuppressFunc: suppressDurationStringDiff, }, + "offline_session_max_lifespan_enabled": { + Type: schema.TypeBool, + Optional: true, + Default: false, + }, "access_token_lifespan": { Type: schema.TypeString, Optional: true, @@ -616,6 +621,10 @@ func getRealmFromData(data *schema.ResourceData) (*keycloak.Realm, error) { realm.OfflineSessionMaxLifespan = offlineSessionMaxLifespanDurationString } + if offlineSessionMaxLifespanEnabled, ok := data.GetOk("offline_session_max_lifespan_enabled"); ok { + realm.OfflineSessionMaxLifespanEnabled = offlineSessionMaxLifespanEnabled.(bool) + } + if accessTokenLifespan := data.Get("access_token_lifespan").(string); accessTokenLifespan != "" { accessTokenLifespanDurationString, err := getSecondsFromDurationString(accessTokenLifespan) if err != nil { @@ -841,6 +850,7 @@ func setRealmData(data *schema.ResourceData, realm *keycloak.Realm) { data.Set("sso_session_max_lifespan_remember_me", getDurationStringFromSeconds(realm.SsoSessionMaxLifespanRememberMe)) data.Set("offline_session_idle_timeout", getDurationStringFromSeconds(realm.OfflineSessionIdleTimeout)) data.Set("offline_session_max_lifespan", getDurationStringFromSeconds(realm.OfflineSessionMaxLifespan)) + data.Set("offline_session_max_lifespan_enabled", realm.OfflineSessionMaxLifespanEnabled) data.Set("access_token_lifespan", getDurationStringFromSeconds(realm.AccessTokenLifespan)) data.Set("access_token_lifespan_for_implicit_flow", getDurationStringFromSeconds(realm.AccessTokenLifespanForImplicitFlow)) data.Set("access_code_lifespan", getDurationStringFromSeconds(realm.AccessCodeLifespan))