diff --git a/provider/provider.go b/provider/provider.go
index 1bfde65..8dbff39 100644
--- a/provider/provider.go
+++ b/provider/provider.go
@@ -85,6 +85,10 @@ func (p ProviderConfig) Authenticate(t *OAuth2Token) error {
 	ctx := context.Background()
 	resultChannel := make(chan *oauth2.Token)
 	errorChannel := make(chan error)
+	Mux := http.NewServeMux()
+	server := &http.Server{
+		Handler: Mux,
+	}
 
 	provider, err := oidc.NewProvider(ctx, p.ProviderURL)
 	if err != nil {
@@ -156,12 +160,12 @@ func (p ProviderConfig) Authenticate(t *OAuth2Token) error {
 		authCodeOptions = append(authCodeOptions, oauth2.SetAuthURLParam("nonce", nonce))
 	}
 
-	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+	Mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
 		url := config.AuthCodeURL(state, authCodeOptions...)
 		http.Redirect(w, r, url, http.StatusFound)
 	})
 
-	http.HandleFunc("/auth/callback", func(w http.ResponseWriter, r *http.Request) {
+	Mux.HandleFunc("/auth/callback", func(w http.ResponseWriter, r *http.Request) {
 		if r.URL.Query().Get("state") != state {
 			http.Error(w, "state did not match", http.StatusBadRequest)
 			errorChannel <- errors.New("state did not match")
@@ -222,7 +226,6 @@ func (p ProviderConfig) Authenticate(t *OAuth2Token) error {
 	cmd.Start()
 	cmd.Process.Release()
 
-	server := &http.Server{}
 	go func() {
 		server.Serve(listener)
 	}()