libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

use the "remember me" max time if set for expires (#20413)

Browse source 
fixes: #9264
This commit is contained in:
Erik Jan de Wit 2023-05-31 21:25:20 +02:00 committed by GitHub
parent 3862f82c2d
commit f3c393f53e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
services/src/main/java/org/keycloak/services/resources/account/SessionResource.java
View file

@ -32,6 +32,7 @@ import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.keycloak.common.util.Time;
import org.keycloak.device.DeviceActivityManager;
import org.keycloak.models.AccountRoles;
import org.keycloak.models.ClientModel;
@ -160,7 +161,10 @@ public class SessionResource {
sessionRep.setIpAddress(s.getIpAddress());
sessionRep.setStarted(s.getStarted());
sessionRep.setLastAccess(s.getLastSessionRefresh());
sessionRep.setExpires(s.getStarted() + realm.getSsoSessionMaxLifespan());
int maxLifespan = s.isRememberMe() && realm.getSsoSessionMaxLifespanRememberMe() > 0
? realm.getSsoSessionMaxLifespanRememberMe() : realm.getSsoSessionMaxLifespan();
int expires = s.getStarted() + maxLifespan;
sessionRep.setExpires(expires);
sessionRep.setBrowser(device.getBrowser());
if (isCurrentSession(s)) {