Move var

Signed-off-by: Craig Perkins <[email protected]>

src/main/java/org/opensearch/security/ssl/http/netty/Netty4HttpRequestHeaderVerifier.java

@@ -81,8 +81,6 @@ public void channelRead0(ChannelHandlerContext ctx, DefaultHttpRequest msg) thro
         try (ThreadContext.StoredContext ignore = threadPool.getThreadContext().stashContext()) {
             injectUser(msg, threadContext);
 
-            boolean shouldSkipAuthentication = SecurityRestUtils.shouldSkipAuthentication(requestChannel);
-
             // If request channel is completed and a response is sent, then there was a failure during authentication
             restFilter.checkAndAuthenticateRequest(requestChannel);
 
@@ -91,6 +89,7 @@ public void channelRead0(ChannelHandlerContext ctx, DefaultHttpRequest msg) thro
 
             requestChannel.getQueuedResponse().ifPresent(response -> ctx.channel().attr(EARLY_RESPONSE).set(response));
 
+            boolean shouldSkipAuthentication = SecurityRestUtils.shouldSkipAuthentication(requestChannel);
             boolean shouldDecompress = !shouldSkipAuthentication && requestChannel.getQueuedResponse().isEmpty();
 
             if (requestChannel.getQueuedResponse().isEmpty() || shouldSkipAuthentication) {