diff --git a/env_options.go b/env_options.go
index 9db2d89a..058b90c6 100644
--- a/env_options.go
+++ b/env_options.go
@@ -40,7 +40,7 @@ func (cfg EnvOptions) LoadEnvForStruct(options interface{}) {
 		envName := field.Tag.Get("env")
 		cfgName := field.Tag.Get("cfg")
 		if cfgName == "" && flagName != "" {
-			cfgName = strings.Replace(flagName, "-", "_", -1)
+			cfgName = strings.ReplaceAll(flagName, "-", "_")
 		}
 		if envName == "" || cfgName == "" {
 			// resolvable fields must have the `env` and `cfg` struct tag
diff --git a/oauthproxy.go b/oauthproxy.go
index 5af2e9cb..01c18c39 100644
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -119,7 +119,7 @@ func (u *UpstreamProxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		r.Header.Set("GAP-Auth", w.Header().Get("GAP-Auth"))
 		u.auth.SignRequest(r)
 	}
-	if u.wsHandler != nil && strings.ToLower(r.Header.Get("Connection")) == "upgrade" && r.Header.Get("Upgrade") == "websocket" {
+	if u.wsHandler != nil && strings.EqualFold(r.Header.Get("Connection"), "upgrade") && r.Header.Get("Upgrade") == "websocket" {
 		u.wsHandler.ServeHTTP(w, r)
 	} else {
 		u.handler.ServeHTTP(w, r)
diff --git a/pkg/sessions/cookie/session_store.go b/pkg/sessions/cookie/session_store.go
index 960be905..ac9cfaf2 100644
--- a/pkg/sessions/cookie/session_store.go
+++ b/pkg/sessions/cookie/session_store.go
@@ -136,18 +136,18 @@ func splitCookie(c *http.Cookie) []*http.Cookie {
 	valueBytes := []byte(c.Value)
 	count := 0
 	for len(valueBytes) > 0 {
-		new := copyCookie(c)
-		new.Name = fmt.Sprintf("%s_%d", c.Name, count)
+		newCookie := copyCookie(c)
+		newCookie.Name = fmt.Sprintf("%s_%d", c.Name, count)
 		count++
 		if len(valueBytes) < maxCookieLength {
-			new.Value = string(valueBytes)
+			newCookie.Value = string(valueBytes)
 			valueBytes = []byte{}
 		} else {
 			newValue := valueBytes[:maxCookieLength]
 			valueBytes = valueBytes[maxCookieLength:]
-			new.Value = string(newValue)
+			newCookie.Value = string(newValue)
 		}
-		cookies = append(cookies, new)
+		cookies = append(cookies, newCookie)
 	}
 	return cookies
 }
diff --git a/providers/google.go b/providers/google.go
index 4748631d..dee67e06 100644
--- a/providers/google.go
+++ b/providers/google.go
@@ -195,9 +195,10 @@ func userInGroup(service *admin.Service, groups []string, email string) bool {
 		r, err := req.Do()
 		if err != nil {
 			err, ok := err.(*googleapi.Error)
-			if ok && err.Code == 404 {
+			switch {
+			case ok && err.Code == 404:
 				logger.Printf("error checking membership in group %s: group does not exist", group)
-			} else if ok && err.Code == 400 {
+			case ok && err.Code == 400:
 				// It is possible for Members.HasMember to return false even if the email is a group member.
 				// One case that can cause this is if the user email is from a different domain than the group,
 				// e.g. "member@otherdomain.com" in the group "group@mydomain.com" will result in a 400 error
@@ -215,7 +216,7 @@ func userInGroup(service *admin.Service, groups []string, email string) bool {
 				if r.Status == "ACTIVE" {
 					return true
 				}
-			} else {
+			default:
 				logger.Printf("error checking group membership: %v", err)
 			}
 			continue