From 4787622450902751d0fc508b6bc1771dd42d2248 Mon Sep 17 00:00:00 2001
From: Ionut Balutoiu <ibalutoiu@cloudbasesolutions.com>
Date: Tue, 18 Jul 2023 16:42:32 +0300
Subject: [PATCH] Fix `Content-Type` not being set on `invalidAuthResponse`

When `w.WriteHeader(...)` is called, the HTTP headers are written in
the HTTP response.

Therefore, calling `w.Header().Add(...)` after `w.WriteHeader(...)`
will not have any effect.

Signed-off-by: Ionut Balutoiu <ibalutoiu@cloudbasesolutions.com>
---
 auth/jwt.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auth/jwt.go b/auth/jwt.go
index 14dd857d..f5470bba 100644
--- a/auth/jwt.go
+++ b/auth/jwt.go
@@ -74,8 +74,8 @@ func (amw *jwtMiddleware) claimsToContext(ctx context.Context, claims *JWTClaims
 }
 
 func invalidAuthResponse(w http.ResponseWriter) {
-	w.WriteHeader(http.StatusUnauthorized)
 	w.Header().Add("Content-Type", "application/json")
+	w.WriteHeader(http.StatusUnauthorized)
 	if err := json.NewEncoder(w).Encode(
 		apiParams.APIErrorResponse{
 			Error: "Authentication failed",