From d38ca8c922a88278c0d15eee161a89c7b163ca4c Mon Sep 17 00:00:00 2001 From: Jeffrey Parker Date: Wed, 18 Mar 2026 10:28:09 -0400 Subject: [PATCH] Close intermediate 429 responses before retry to prevent resource leaks When a request receives a 429 rate limit response and the client retries, the previous Response (and its underlying connection) was not being closed. This could leak connections from the OkHttp connection pool under sustained rate limiting. Close the response body before sleeping and retrying. --- duo-client/src/main/java/com/duosecurity/client/Http.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/duo-client/src/main/java/com/duosecurity/client/Http.java b/duo-client/src/main/java/com/duosecurity/client/Http.java index fadb3fa..7b3b7e6 100644 --- a/duo-client/src/main/java/com/duosecurity/client/Http.java +++ b/duo-client/src/main/java/com/duosecurity/client/Http.java @@ -318,6 +318,10 @@ private Response executeRequest(Request request) throws Exception { return response; } + // Close the 429 response to release the connection back to the pool before retrying + if (response.body() != null) { + response.close(); + } sleep(backoffMs + nextRandomInt(1000)); backoffMs *= BACKOFF_FACTOR; }