From 343436821042d3613c3ca7fa931f766c20385a1d Mon Sep 17 00:00:00 2001
From: "David J. Allen" <davidallendj@gmail.com>
Date: Sat, 24 Feb 2024 09:09:05 -0700
Subject: [PATCH] Minor changes

---
 go.mod            | 1 +
 go.sum            | 2 ++
 internal/opaal.go | 7 +++++--
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/go.mod b/go.mod
index 456b485..6b0d91b 100644
--- a/go.mod
+++ b/go.mod
@@ -3,6 +3,7 @@ module davidallendj/opaal
 go 1.22.0
 
 require (
+	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/lestrrat-go/jwx v1.2.28
 	github.com/spf13/cobra v1.8.0
 	gopkg.in/yaml.v2 v2.4.0
diff --git a/go.sum b/go.sum
index bd6cd57..3a07bf3 100644
--- a/go.sum
+++ b/go.sum
@@ -7,6 +7,8 @@ github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etly
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
 github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
+github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
+github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/lestrrat-go/backoff/v2 v2.0.8 h1:oNb5E5isby2kiro9AgdHLv5N5tint1AnDVVf2E2un5A=
diff --git a/internal/opaal.go b/internal/opaal.go
index 14f84d7..e3dd05e 100644
--- a/internal/opaal.go
+++ b/internal/opaal.go
@@ -169,7 +169,7 @@ func Login(config *Config) error {
 		fmt.Printf("failed to fetch JWK: %v\n", err)
 	} else {
 		fmt.Printf("Attempting to add issuer to authorization server...\n")
-		err = AddTrustedIssuer(config.ActionUrls.TrustedIssuers, *idp, subject, time.Duration(1000), config.Scope)
+		err = AddTrustedIssuer(config.ActionUrls.TrustedIssuers, idp, subject, time.Duration(1000), config.Scope)
 		if err != nil {
 			return fmt.Errorf("failed to add trusted issuer: %v", err)
 		}
@@ -256,8 +256,11 @@ func FetchAccessToken(remoteUrl string, clientId string, jwt string, scopes []st
 	return token, nil
 }
 
-func AddTrustedIssuer(remoteUrl string, idp oidc.IdentityProvider, subject string, duration time.Duration, scope []string) error {
+func AddTrustedIssuer(remoteUrl string, idp *oidc.IdentityProvider, subject string, duration time.Duration, scope []string) error {
 	// hydra endpoint: /admin/trust/grants/jwt-bearer/issuers
+	if idp == nil {
+		return fmt.Errorf("identity provided is nil")
+	}
 	jwkstr, err := json.Marshal(idp.Key)
 	if err != nil {
 		return fmt.Errorf("failed to marshal JWK: %v", err)