Add setting oidc_refresh_tokens_enabled

README.md

@@ -209,6 +209,12 @@ $CONFIG = array (
     //	- 'plain'
     // The default value is empty, which won't apply the PKCE flow.
     'oidc_login_code_challenge_method' => '',
+
+    // If OIDC server has refresh tokens enabled and
+    // you want to manage session at OIDC server by storing
+    // and refreshing tokens. Defaults to false.
+    'oidc_refresh_tokens_enabled' => false,
+
 );
 ```
 ### Usage with [Keycloak](https://www.keycloak.org/)

lib/AppInfo/Application.php

@@ -127,7 +127,8 @@ public function boot(IBootContext $context): void
                 });
             }
 
-            if (!$this->tokenService->refreshTokens()) {
+            $refreshTokensEnabled = $this->config->getSystemValue('oidc_refresh_tokens_enabled', false);
+            if ($refreshTokensEnabled && !$this->tokenService->refreshTokens()) {
                 $userSession->logout();
             }
 

lib/Controller/LoginController.php

@@ -94,8 +94,11 @@ public function oidc()
             $oidc->authenticate();
 
             $tokenResponse = $oidc->getTokenResponse();
-            $this->tokenService->storeTokens($tokenResponse);
+            $refreshTokensEnabled = $this->config->getSystemValue('oidc_refresh_tokens_enabled', false);
 
+            if ($refreshTokensEnabled) {
+                $this->tokenService->storeTokens($tokenResponse);
+            }
             $user = null;
             if ($this->config->getSystemValue('oidc_login_use_id_token', false)) {
                 // Get user information from ID Token