baschno/buun-stack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(keycloak): set access token lifespan

Browse Source
This commit is contained in:
Masaki Yatsu
2025-09-19 15:16:01 +09:00
parent f4a73377c3
commit 7bc24641d8
2 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
keycloak/scripts/create-client.ts
View File

@@ -29,6 +29,7 @@ const main = async () => {
const directAccessGrants = process.env.KEYCLOAK_CLIENT_DIRECT_ACCESS_GRANTS;
const pkceMethod = process.env.KEYCLOAK_CLIENT_PKCE_METHOD;
const postLogoutRedirectUris = process.env.KEYCLOAK_POST_LOGOUT_REDIRECT_URIS;
const accessTokenLifespan = process.env.KEYCLOAK_ACCESS_TOKEN_LIFESPAN;
const kcAdminClient = new KcAdminClient({
baseUrl: `https://${keycloakHost}`,
@@ -96,6 +97,13 @@ const main = async () => {
console.log(`Setting Post Logout Redirect URIs: ${postLogoutUris.join(', ')}`);
}
// Add access token lifespan if provided
if (accessTokenLifespan && accessTokenLifespan !== '') {
clientConfig.attributes = clientConfig.attributes || {};
clientConfig.attributes['access.token.lifespan'] = accessTokenLifespan;
console.log(`Setting Access Token Lifespan: ${accessTokenLifespan} seconds`);
}
if (directAccessGrants === 'true') {
console.log('Enabling Direct Access Grants (Resource Owner Password Credentials)');
}