From 60866f980927c57417560b5b80bb99371de423de Mon Sep 17 00:00:00 2001
From: Bart Gloudemans <bart@supportthesystem.org>
Date: Mon, 16 Sep 2024 15:44:48 +0200
Subject: [PATCH] CS early return

---
 src/OpenIDConnectClient.php | 55 ++++++++++++++++++-------------------
 1 file changed, 26 insertions(+), 29 deletions(-)

diff --git a/src/OpenIDConnectClient.php b/src/OpenIDConnectClient.php
index d9d01d02..37a11f98 100644
--- a/src/OpenIDConnectClient.php
+++ b/src/OpenIDConnectClient.php
@@ -376,27 +376,26 @@ public function handleCode(string $code, string $state = null): bool
         $this->accessToken = $token_json->access_token;
 
         // If this is a valid claim
-        if ($this->verifyJWTClaims($claims, $token_json->access_token)) {
-
-            // Clean up the session a little
-            $this->unsetNonce();
+        if (!$this->verifyJWTClaims($claims, $token_json->access_token)) {
+            throw new OpenIDConnectClientException ('Unable to verify JWT claims');
+        }
 
-            // Save the full response
-            $this->tokenResponse = $token_json;
+        // Clean up the session a little
+        $this->unsetNonce();
 
-            // Save the verified claims
-            $this->verifiedClaims = $claims;
+        // Save the full response
+        $this->tokenResponse = $token_json;
 
-            // Save the refresh token, if we got one
-            if (isset($token_json->refresh_token)) {
-                $this->refreshToken = $token_json->refresh_token;
-            }
+        // Save the verified claims
+        $this->verifiedClaims = $claims;
 
-            // Success!
-            return true;
+        // Save the refresh token, if we got one
+        if (isset($token_json->refresh_token)) {
+            $this->refreshToken = $token_json->refresh_token;
         }
 
-        throw new OpenIDConnectClientException ('Unable to verify JWT claims');
+        // Success!
+        return true;
     }
 
     /**
@@ -421,25 +420,23 @@ public function handleClaims(string $id_token, string $accessToken = null, strin
         $this->idToken = $id_token;
 
         // If this is a valid claim
-        if ($this->verifyJWTClaims($claims, $accessToken)) {
-
-            // Clean up the session a little
-            $this->unsetNonce();
+        if (!$this->verifyJWTClaims($claims, $accessToken)) {
+            throw new OpenIDConnectClientException ('Unable to verify JWT claims');
+        }
 
-            // Save the verified claims
-            $this->verifiedClaims = $claims;
+        // Clean up the session a little
+        $this->unsetNonce();
 
-            // Save the access token
-            if ($accessToken) {
-                $this->accessToken = $accessToken;
-            }
-
-            // Success!
-            return true;
+        // Save the verified claims
+        $this->verifiedClaims = $claims;
 
+        // Save the access token
+        if ($accessToken) {
+            $this->accessToken = $accessToken;
         }
 
-        throw new OpenIDConnectClientException ('Unable to verify JWT claims');
+        // Success!
+        return true;
     }
 
     /**