From c73d9f695609d92e26da9f28dd91523f1d6b6c9c Mon Sep 17 00:00:00 2001
From: Jonathan Daggerhart <jonathan@daggerhart.com>
Date: Thu, 14 Sep 2017 11:49:41 -0400
Subject: [PATCH] new setting allows administrator to determine if users should
 be redirected when their acces token expires.

---
 includes/openid-connect-generic-client-wrapper.php | 5 ++++-
 includes/openid-connect-generic-settings-page.php  | 6 ++++++
 openid-connect-generic.php                         | 3 ++-
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/includes/openid-connect-generic-client-wrapper.php b/includes/openid-connect-generic-client-wrapper.php
index a2ceeb2..b516e18 100644
--- a/includes/openid-connect-generic-client-wrapper.php
+++ b/includes/openid-connect-generic-client-wrapper.php
@@ -159,7 +159,10 @@ class OpenID_Connect_Generic_Client_Wrapper {
 
 		if ( ! $refresh_token ) {
 			wp_logout();
-			$this->error_redirect( new WP_Error( 'access-token-expired', __( 'Session expired. Please login again.' ) ) );
+
+			if ( $this->settings->redirect_on_logout ) {
+				$this->error_redirect( new WP_Error( 'access-token-expired', __( 'Session expired. Please login again.' ) ) );
+			}
 		}
 
 		$token_result = $this->client->request_new_tokens( $refresh_token );
diff --git a/includes/openid-connect-generic-settings-page.php b/includes/openid-connect-generic-settings-page.php
index ea05468..2d9ca50 100644
--- a/includes/openid-connect-generic-settings-page.php
+++ b/includes/openid-connect-generic-settings-page.php
@@ -163,6 +163,12 @@ class OpenID_Connect_Generic_Settings_Page {
 				'type'        => 'checkbox',
 				'section'     => 'user_settings',
 			),
+			'redirect_on_logout'   => array(
+				'title'       => __( 'Redirect to the login screen session is expired' ),
+				'description' => __( 'When enabled, this will automatically redirect the user back to the WordPress login page if their access token has expired.' ),
+				'type'        => 'checkbox',
+				'section'     => 'user_settings',
+			),
 			'enable_logging'    => array(
 				'title'       => __( 'Enable Logging' ),
 				'description' => __( 'Very simple log messages for debugging purposes.' ),
diff --git a/openid-connect-generic.php b/openid-connect-generic.php
index 0b11eb0..2b77586 100644
--- a/openid-connect-generic.php
+++ b/openid-connect-generic.php
@@ -207,8 +207,9 @@ class OpenID_Connect_Generic {
 				'alternate_redirect_uri' => 0,
 				'link_existing_users' => 0,
 				'redirect_user_back' => 0,
+				'redirect_on_logout' => 1,
 				'enable_logging'  => 0,
-				'log_limit'       => 1000, 
+				'log_limit'       => 1000,
 			)
 		);