KEYCLOAK-8008 Ensure InputStream are closed

services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthorizationEndpointRequestParserProcessor.java

@@ -68,11 +68,12 @@ public class AuthorizationEndpointRequestParserProcessor {
             if (requestParam != null) {
                 new AuthzEndpointRequestObjectParser(session, requestParam, client).parseRequest(request);
             } else if (requestUriParam != null) {
-                InputStream is = session.getProvider(HttpClientProvider.class).get(requestUriParam);
+                try (InputStream is = session.getProvider(HttpClientProvider.class).get(requestUriParam)) {
                     String retrievedRequest = StreamUtil.readString(is);
 
                     new AuthzEndpointRequestObjectParser(session, retrievedRequest, client).parseRequest(request);
                 }
+            }
 
             return request;
 

services/src/main/java/org/keycloak/protocol/oidc/utils/JWKSHttpUtils.java

@@ -36,8 +36,9 @@ import java.security.PublicKey;
 public class JWKSHttpUtils {
 
     public static JSONWebKeySet sendJwksRequest(KeycloakSession session, String jwksURI) throws IOException {
-        InputStream is = session.getProvider(HttpClientProvider.class).get(jwksURI);
+        try (InputStream is = session.getProvider(HttpClientProvider.class).get(jwksURI)){
             String keySetString = StreamUtil.readString(is);
             return JsonSerialization.readValue(keySetString, JSONWebKeySet.class);
         }
+    }
 }