From f16df2a4e75c3a5ef157b29675d732ea2092f003 Mon Sep 17 00:00:00 2001
From: Harshavardhana <harsha@minio.io>
Date: Fri, 11 Oct 2019 15:07:08 -0700
Subject: [PATCH] Avoid crash in PopulatePublicKey() by re-initializing the
 args (#8388)

This is to avoid nil pointer dereference when method by pointer
reference and method by value reference are implemented.

Fixes #8387
---
 pkg/iam/openid/jwt.go | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/pkg/iam/openid/jwt.go b/pkg/iam/openid/jwt.go
index 4e0574178..57dcdb840 100644
--- a/pkg/iam/openid/jwt.go
+++ b/pkg/iam/openid/jwt.go
@@ -62,14 +62,11 @@ func (r *JWKSArgs) PopulatePublicKey() error {
 		return err
 	}
 
-	r.publicKeys = make(map[string]crypto.PublicKey)
 	for _, key := range jwk.Keys {
-		var publicKey crypto.PublicKey
-		publicKey, err = key.DecodePublicKey()
+		r.publicKeys[key.Kid], err = key.DecodePublicKey()
 		if err != nil {
 			return err
 		}
-		r.publicKeys[key.Kid] = publicKey
 	}
 
 	return nil
@@ -215,10 +212,18 @@ func LookupConfig(args JWKSArgs, transport *http.Transport, closeRespFn func(io.
 	if err != nil {
 		return args, err
 	}
-	args.URL = u
-	if err := args.PopulatePublicKey(); err != nil {
+
+	args = JWKSArgs{
+		URL:         u,
+		publicKeys:  make(map[string]crypto.PublicKey),
+		transport:   transport,
+		closeRespFn: closeRespFn,
+	}
+
+	if err = args.PopulatePublicKey(); err != nil {
 		return args, err
 	}
+
 	return args, nil
 }