From 7f87dfeb41150015f5f4ff6909c0a44c1cc6a684 Mon Sep 17 00:00:00 2001
From: Masaki Yatsu <yatsu@yatsu.info>
Date: Fri, 19 Sep 2025 15:16:25 +0900
Subject: [PATCH] fix(lakekeeper): fix OIDC settings

---
 lakekeeper/justfile                        | 3 ++-
 lakekeeper/lakekeeper-values.gomplate.yaml | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/lakekeeper/justfile b/lakekeeper/justfile
index 9a3842a..3b97c42 100644
--- a/lakekeeper/justfile
+++ b/lakekeeper/justfile
@@ -116,7 +116,8 @@ create-oidc-client:
             realm=${KEYCLOAK_REALM} \
             client_id=lakekeeper \
             redirect_url="https://${LAKEKEEPER_HOST}/ui/callback" \
-            post_logout_redirect_uris="https://${LAKEKEEPER_HOST}/ui/logout,https://${LAKEKEEPER_HOST}/ui/,https://${LAKEKEEPER_HOST}/"
+            post_logout_redirect_uris="https://${LAKEKEEPER_HOST}/ui/logout,https://${LAKEKEEPER_HOST}/ui/,https://${LAKEKEEPER_HOST}/" \
+            access_token_lifespan="43200"
     fi
 
     # Add audience mapper to include 'lakekeeper' in JWT audience
diff --git a/lakekeeper/lakekeeper-values.gomplate.yaml b/lakekeeper/lakekeeper-values.gomplate.yaml
index 353a6ff..f14d976 100644
--- a/lakekeeper/lakekeeper-values.gomplate.yaml
+++ b/lakekeeper/lakekeeper-values.gomplate.yaml
@@ -11,7 +11,7 @@ catalog:
     LAKEKEEPER__OPENID_PROVIDER_URI: "https://{{ .Env.KEYCLOAK_HOST }}/realms/{{ .Env.KEYCLOAK_REALM }}"
     LAKEKEEPER__OPENID_AUDIENCE: "lakekeeper"
     LAKEKEEPER__UI__OPENID_CLIENT_ID: "lakekeeper"
-    LAKEKEEPER__UI__OPENID_SCOPE: "openid profile email"
+    LAKEKEEPER__UI__OPENID_SCOPE: "openid profile lakekeeper"
 
   # Secret management configuration
   secrets: