diff --git a/connector/oidc/oidc.go b/connector/oidc/oidc.go
index 1ec1bb989e..59ee3f90da 100644
--- a/connector/oidc/oidc.go
+++ b/connector/oidc/oidc.go
@@ -329,7 +329,7 @@ func (c *oidcConnector) HandleCallback(s connector.Scopes, r *http.Request) (ide
 	}
 
 	ctx := context.WithValue(r.Context(), oauth2.HTTPClient, c.httpClient)
-	token := &oauth2.Token{}
+	var token *oauth2.Token
 	if q.Has("code") {
 		// exchange code to token
 		var opts []oauth2.AuthCodeOption
diff --git a/server/oauth2.go b/server/oauth2.go
index af9162e27d..1d4b2be808 100644
--- a/server/oauth2.go
+++ b/server/oauth2.go
@@ -93,7 +93,7 @@ func tokenErr(w http.ResponseWriter, typ, description string, statusCode int) er
 	return nil
 }
 
-// nolint
+//nolint
 const (
 	errInvalidRequest          = "invalid_request"
 	errUnauthorizedClient      = "unauthorized_client"