From fe727f3106625fa698fdbe0d92bce0b417d677f6 Mon Sep 17 00:00:00 2001
From: Anthony Romano <anthony.romano@coreos.com>
Date: Wed, 7 Jun 2017 16:44:20 -0700
Subject: [PATCH] auth: reject empty signing method for JWT token provider

---
 auth/jwt.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/auth/jwt.go b/auth/jwt.go
index 214ae48c8..12ccc62c6 100644
--- a/auth/jwt.go
+++ b/auth/jwt.go
@@ -97,7 +97,9 @@ func prepareOpts(opts map[string]string) (jwtSignMethod, jwtPubKeyPath, jwtPrivK
 			return "", "", "", ErrInvalidAuthOpts
 		}
 	}
-
+	if len(jwtSignMethod) == 0 {
+		return "", "", "", ErrInvalidAuthOpts
+	}
 	return jwtSignMethod, jwtPubKeyPath, jwtPrivKeyPath, nil
 }