From 9454c17ca1537fe102aa2779e1c65b6ecbaf6b61 Mon Sep 17 00:00:00 2001
From: Yarden6260 <30807572+Yarden6260@users.noreply.github.com>
Date: Thu, 26 Sep 2019 17:31:40 +0300
Subject: [PATCH 1/2] Start authentication flow if user guest

When a user is already authenticated as guest and try to login, authentication flow is skipped and the user stays connected as guest.
Added skip condition to check that connected user is not guest.
---
 classes/loginflow/authcode.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/classes/loginflow/authcode.php b/classes/loginflow/authcode.php
index a446cfd..7f21fc4 100644
--- a/classes/loginflow/authcode.php
+++ b/classes/loginflow/authcode.php
@@ -106,7 +106,7 @@ public function handleredirect() {
             // Response from OP.
             $this->handleauthresponse($requestparams);
         } else {
-            if (isloggedin() && empty($justauth) && empty($promptaconsent)) {
+            if (isloggedin() && !isguestuser() && empty($justauth) && empty($promptaconsent)) {
                 if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) {
                     $urltogo = $SESSION->wantsurl;
                     unset($SESSION->wantsurl);

From 5e7a835b81066a4090fd32cd4c84955d04f7fdbe Mon Sep 17 00:00:00 2001
From: Yarden6260 <30807572+Yarden6260@users.noreply.github.com>
Date: Thu, 26 Sep 2019 18:20:36 +0300
Subject: [PATCH 2/2] Start authentication flow if user guest

When a user is already authenticated as guest and try to login, authentication flow is skipped and the user stays connected as guest.
Added skip condition to check that connected user is not guest and logout guest user before authentication flow starts.
---
 classes/loginflow/authcode.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/classes/loginflow/authcode.php b/classes/loginflow/authcode.php
index 7f21fc4..acc7bc4 100644
--- a/classes/loginflow/authcode.php
+++ b/classes/loginflow/authcode.php
@@ -107,6 +107,8 @@ public function handleredirect() {
             $this->handleauthresponse($requestparams);
         } else {
             if (isloggedin() && !isguestuser() && empty($justauth) && empty($promptaconsent)) {
+                global $USER;
+                if($USER->id )
                 if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) {
                     $urltogo = $SESSION->wantsurl;
                     unset($SESSION->wantsurl);
@@ -116,6 +118,10 @@ public function handleredirect() {
                 redirect($urltogo);
                 die();
             }
+            //Handle Guest account session termination
+            if(isguestuser()){
+                require_logout();
+            }
             // Initial login request.
             $stateparams = ['forceflow' => 'authcode'];
             $extraparams = [];