From 3216c8ab10693ad2d6954a21c1bda314ec1481b4 Mon Sep 17 00:00:00 2001
From: Weida Hong <wdhongtw@gmail.com>
Date: Sat, 9 Sep 2023 18:36:05 +0800
Subject: [PATCH] Adjust forward auth to avoid connection leak

---
 pkg/middlewares/auth/forward.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/middlewares/auth/forward.go b/pkg/middlewares/auth/forward.go
index 92f8b95ff..708ea85dc 100644
--- a/pkg/middlewares/auth/forward.go
+++ b/pkg/middlewares/auth/forward.go
@@ -126,6 +126,7 @@ func (fa *forwardAuth) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
 		rw.WriteHeader(http.StatusInternalServerError)
 		return
 	}
+	defer forwardResponse.Body.Close()
 
 	body, readError := io.ReadAll(forwardResponse.Body)
 	if readError != nil {
@@ -136,7 +137,6 @@ func (fa *forwardAuth) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
 		rw.WriteHeader(http.StatusInternalServerError)
 		return
 	}
-	defer forwardResponse.Body.Close()
 
 	// Pass the forward response's body and selected headers if it
 	// didn't return a response within the range of [200, 300).