mrparkers · mrparkers · Sep 18, 2020 · Sep 3, 2020
diff --git a/docs-old/resources/keycloak_realm.md b/docs-old/resources/keycloak_realm.md
@@ -116,6 +116,7 @@ The attributes below should be specified as [Go duration strings](https://golang
 - `sso_session_max_lifespan_remember_me` - (Optional) The maximum amount of time before a "remember me" session expires regardless of activity.
 - `offline_session_idle_timeout` - (Optional) The amount of time an offline session can be idle before it expires.
 - `offline_session_max_lifespan` - (Optional) The maximum amount of time before an offline session expires regardless of activity.
+- `offline_session_max_lifespan_enabled` - (Optional) Enable `offline_session_max_lifespan`.
 - `access_token_lifespan` - (Optional) The amount of time an access token can be used before it expires.
 - `access_token_lifespan_for_implicit_flow` - (Optional) The amount of time an access token issued with the OpenID Connect Implicit Flow can be used before it expires.
 - `access_code_lifespan` - (Optional) The maximum amount of time a client has to finish the authorization code flow.

diff --git a/docs/resources/realm.md b/docs/resources/realm.md
@@ -118,6 +118,7 @@ The arguments below should be specified as [Go duration strings](https://golang.
 - `sso_session_max_lifespan` - (Optional) The maximum amount of time before a session expires regardless of activity.
 - `offline_session_idle_timeout` - (Optional) The amount of time an offline session can be idle before it expires.
 - `offline_session_max_lifespan` - (Optional) The maximum amount of time before an offline session expires regardless of activity.
+- `offline_session_max_lifespan_enabled` - (Optional) Enable `offline_session_max_lifespan`.
 - `access_token_lifespan` - (Optional) The amount of time an access token can be used before it expires.
 - `access_token_lifespan_for_implicit_flow` - (Optional) The amount of time an access token issued with the OpenID Connect Implicit Flow can be used before it expires.
 - `access_code_lifespan` - (Optional) The maximum amount of time a client has to finish the authorization code flow.

diff --git a/keycloak/realm.go b/keycloak/realm.go
@@ -58,6 +58,7 @@ type Realm struct {
  SsoSessionMaxLifespanRememberMe int `json:"ssoSessionMaxLifespanRememberMe,omitempty"`
  OfflineSessionIdleTimeout int `json:"offlineSessionIdleTimeout,omitempty"`
  OfflineSessionMaxLifespan int `json:"offlineSessionMaxLifespan,omitempty"`
+ OfflineSessionMaxLifespanEnabled bool `json:"offlineSessionMaxLifespanEnabled,omitempty"`
  AccessTokenLifespan int `json:"accessTokenLifespan,omitempty"`
  AccessTokenLifespanForImplicitFlow int `json:"accessTokenLifespanForImplicitFlow,omitempty"`
  AccessCodeLifespan int `json:"accessCodeLifespan,omitempty"`

diff --git a/provider/data_source_keycloak_realm.go b/provider/data_source_keycloak_realm.go
@@ -196,6 +196,10 @@ func dataSourceKeycloakRealm() *schema.Resource {
  Type: schema.TypeString,
  Computed: true,
  },
+ "offline_session_max_lifespan_enabled": {
+ Type: schema.TypeBool,
+ Computed: true,
+ },
  "access_token_lifespan": {
  Type: schema.TypeString,
  Computed: true,

diff --git a/provider/resource_keycloak_realm.go b/provider/resource_keycloak_realm.go
@@ -228,6 +228,11 @@ func resourceKeycloakRealm() *schema.Resource {
  Computed: true,
  DiffSuppressFunc: suppressDurationStringDiff,
  },
+ "offline_session_max_lifespan_enabled": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Default: false,
+ },
  "access_token_lifespan": {
  Type: schema.TypeString,
  Optional: true,
@@ -616,6 +621,10 @@ func getRealmFromData(data *schema.ResourceData) (*keycloak.Realm, error) {
  realm.OfflineSessionMaxLifespan = offlineSessionMaxLifespanDurationString
  }
 
+ if offlineSessionMaxLifespanEnabled, ok := data.GetOk("offline_session_max_lifespan_enabled"); ok {
+ realm.OfflineSessionMaxLifespanEnabled = offlineSessionMaxLifespanEnabled.(bool)
+ }
+
  if accessTokenLifespan := data.Get("access_token_lifespan").(string); accessTokenLifespan != "" {
  accessTokenLifespanDurationString, err := getSecondsFromDurationString(accessTokenLifespan)
  if err != nil {
@@ -841,6 +850,7 @@ func setRealmData(data *schema.ResourceData, realm *keycloak.Realm) {
  data.Set("sso_session_max_lifespan_remember_me", getDurationStringFromSeconds(realm.SsoSessionMaxLifespanRememberMe))
  data.Set("offline_session_idle_timeout", getDurationStringFromSeconds(realm.OfflineSessionIdleTimeout))
  data.Set("offline_session_max_lifespan", getDurationStringFromSeconds(realm.OfflineSessionMaxLifespan))
+ data.Set("offline_session_max_lifespan_enabled", realm.OfflineSessionMaxLifespanEnabled)
  data.Set("access_token_lifespan", getDurationStringFromSeconds(realm.AccessTokenLifespan))
  data.Set("access_token_lifespan_for_implicit_flow", getDurationStringFromSeconds(realm.AccessTokenLifespanForImplicitFlow))
  data.Set("access_code_lifespan", getDurationStringFromSeconds(realm.AccessCodeLifespan))