mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2025-12-17 04:24:48 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add missing fields for client offline session timeout and lifespan

Browse Source 
Closes #42369

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
This commit is contained in:
Alexander Schwartz
2025-09-12 14:23:14 +02:00
committed by GitHub
parent cb5a768129
commit a44da52013
4 changed files with 63 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/documentation/server_admin/topics/sessions/timeouts.adoc
View File

@@ -35,12 +35,17 @@ image:images/sessions-tab.png[Sessions Tab]
[[_offline-session-max-limited]] [[_offline-session-max-limited]]
|Offline Session Max Limited |Offline Session Max Limited
|This setting is for <<_offline-access, offline access>>. If this flag is *Enabled*, Offline Session Max can control the maximum time the offline token remains active, regardless of user activity. If the flag is *Disabled*, offline sessions never expire by lifespan, only by idle. Once this option is activated, the <<_offline-session-max, Offline Session Max>> (global option at realm level) and *Client Offline Session Max* (specific client level option in the *Advanced Settings* tab) can be configured. |This setting is for <<_offline-access, offline access>>. If this flag is *Enabled*, Offline Session Max can control the maximum time the offline token remains active, regardless of user activity. If the flag is *Disabled*, offline sessions never expire by lifespan, only by idle. Once this option is activated, the <<_offline-session-max, Offline Session Max>> and <<_client_offline-session-max, Client Offline Session Max>> (global option at realm level) can be configured.
[[_offline-session-max]] [[_offline-session-max]]
|Offline Session Max |Offline Session Max
|This setting is for <<_offline-access, offline access>>, and it is the maximum time before {project_name} revokes the corresponding offline token. This option controls the maximum amount of time the offline token remains active, regardless of user activity. |This setting is for <<_offline-access, offline access>>, and it is the maximum time before {project_name} revokes the corresponding offline token. This option controls the maximum amount of time the offline token remains active, regardless of user activity.
[[_client_offline-session-max]]
|Client Offline Session Max
|This setting is for <<_offline-access, offline access>>, and it is the maximum time before {project_name} revokes the corresponding offline token for the client. This option controls the maximum amount of time the offline token remains active, regardless of user activity.
Users can override it for individual clients in the *Advanced Settings* client tab.
|Login timeout |Login timeout
|The total time a logging in must take. If authentication takes longer than this time, the user must start the authentication process again. |The total time a logging in must take. If authentication takes longer than this time, the user must start the authentication process again.

53
js/apps/admin-ui/src/realm-settings/SessionsTab.tsx
View File

@@ -243,6 +243,32 @@ export const RealmSettingsSessionsTab = ({
/> />
</FormGroup> </FormGroup>
<FormGroup
label={t("clientOfflineSessionIdle")}
fieldId="clientOfflineSessionIdle"
labelIcon={
<HelpItem
helpText={t("clientOfflineSessionIdleHelp")}
fieldLabelId="clientOfflineSessionIdle"
/>
}
>
<Controller
name="clientOfflineSessionIdleTimeout"
control={control}
render={({ field }) => (
<TimeSelector
className="kc-client-offline-session-idle"
data-testid="client-offline-session-idle-input"
aria-label="client-offline-session-idle-input"
value={field.value!}
onChange={field.onChange}
units={["minute", "hour", "day"]}
/>
)}
/>
</FormGroup>
<FormGroup <FormGroup
hasNoPaddingTop hasNoPaddingTop
label={t("offlineSessionMaxLimited")} label={t("offlineSessionMaxLimited")}
@@ -298,6 +324,33 @@ export const RealmSettingsSessionsTab = ({
/> />
</FormGroup> </FormGroup>
)} )}
{offlineSessionMaxEnabled && (
<FormGroup
label={t("clientOfflineSessionMax")}
fieldId="clientOfflineSessionMax"
id="client-offline-session-max-label"
labelIcon={
<HelpItem
helpText={t("clientOfflineSessionMaxHelp")}
fieldLabelId="clientOfflineSessionMax"
/>
}
>
<Controller
name="clientOfflineSessionMaxLifespan"
control={control}
render={({ field }) => (
<TimeSelector
className="kc-client-offline-session-max"
data-testid="client-offline-session-max-input"
value={field.value!}
onChange={field.onChange}
units={["minute", "hour", "day"]}
/>
)}
/>
</FormGroup>
)}
</FormAccess> </FormAccess>
</FormPanel> </FormPanel>
<FormPanel <FormPanel

2
js/apps/admin-ui/src/realm-settings/realm-settings-section.css
View File

@@ -115,6 +115,8 @@ div#offline-session-max-label > .pf-v5-c-form__group-label {
.kc-offline-session-max-input, .kc-offline-session-max-input,
.kc-client-session-idle-input, .kc-client-session-idle-input,
.kc-client-session-max-input, .kc-client-session-max-input,
.kc-client-offline-session-max-input,
.kc-client-offline-session-idle-input,
.kc-login-timeout-input, .kc-login-timeout-input,
.kc-login-action-timeout-input, .kc-login-action-timeout-input,
.kc-access-token-lifespan-input, .kc-access-token-lifespan-input,

2
js/libs/keycloak-admin-client/src/defs/realmRepresentation.ts
View File

@@ -120,6 +120,8 @@ export default interface RealmRepresentation {
ssoSessionMaxLifespanRememberMe?: number; ssoSessionMaxLifespanRememberMe?: number;
clientSessionIdleTimeout?: number; clientSessionIdleTimeout?: number;
clientSessionMaxLifespan?: number; clientSessionMaxLifespan?: number;
clientOfflineSessionIdleTimeout?: number;
clientOfflineSessionMaxLifespan?: number;
supportedLocales?: string[]; supportedLocales?: string[];
// UserFederationMapperRepresentation // UserFederationMapperRepresentation
userFederationMappers?: any[]; userFederationMappers?: any[];