How does the module handle if an access token expires?

Say the user connects to the site, goes to the toilet, comes back after thirty minutes and clicks on a fboauth link that performs an fb graph query? Does the module renew this token?

If the user clicks on a FBOAuth action link (such as the Connect button or the Deauthorize link), it retrieves a token from Facebook that is ensured to work. I think some times the token will actually be the same as the existing token (thus being "renewed" for a while), but I'm not 100% certain on that. As I said in another issue, the intention of FB OAuth is that you would perform an action on Facebook after explicitly doing a request, so your token should always be valid.

In the event that you're doing an action after the initial authorization, FBOAuth with just use the token you've provided and pass it directly to Facebook. In the event that it failed because it expired, you would likely receive an error (or no data at all) in the return of your request.