Description:    e.Err,
			HTTPStatusCode: http.StatusBadRequest,
		}
	default:
		switch {
		case errors.Is(err, errTooManyPolicies):
			apiErr = APIError{
				Code:           "XMinioAdminInvalidRequest",
				Description:    err.Error(),
				HTTPStatusCode: http.StatusBadRequest,
			}
		case errors.Is(err, errDecommissionAlreadyRunning):
			apiErr = APIError{
				Code:           "XMinioDecommissionNotAllowed",

		Description:    "A required parameter for the specified action is not supplied.",
		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrSTSInvalidParameterValue: {
		Code:           "InvalidParameterValue",
		Description:    "An invalid or out-of-range value was supplied for the input parameter.",
		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrSTSWebIdentityExpiredToken: {
		Code:           "ExpiredToken",

			HTTPStatusCode: http.StatusBadRequest,
		}, r.URL)
		return
	}
	if rc, _ := getReplicationConfig(ctx, bucket); rc != nil && v.Suspended() {
		writeErrorResponse(ctx, w, APIError{
			Code:           "InvalidBucketState",
			Description:    "A replication configuration is present on this bucket, bucket wide versioning cannot be suspended.",
			HTTPStatusCode: http.StatusBadRequest,
		}, r.URL)
		return
	}

		Message:    "Tier name must be in uppercase",
		StatusCode: http.StatusBadRequest,
	}
	// error returned when remote tier bucket is not found
	errTierBucketNotFound = AdminError{
		Code:       "XMinioAdminTierBucketNotFound",
		Message:    "Remote tier bucket not found",
		StatusCode: http.StatusBadRequest,
	}
	// error returned when remote tier credentials are invalid.

		log.Printf("%s %s", r.Method, r.RequestURI)

		if err := r.ParseForm(); err != nil {
			http.Error(w, err.Error(), http.StatusBadRequest)
			return
		}
		if r.Form.Get("state") != state {
			http.Error(w, "state did not match", http.StatusBadRequest)
			return
		}

		var getWebTokenExpiry func() (*credentials.WebIdentityToken, error)
		if clientSec == "" {

	for k, v := range h {
		if stringsHasPrefixFold(k, trim) {
			w.Header()[k[len(trim):]] = v
		}
	}
}

func fwdStatusToAPIError(statusCode int, resp *http.Response) *APIError {
	if statusCode < http.StatusBadRequest {
		return nil
	}
	desc := resp.Header.Get(xhttp.AmzFwdErrorMessage)
	if strings.TrimSpace(desc) == "" {
		apiErr := errorCodes.ToAPIErr(ErrInvalidRequest)
		return &apiErr
	}

}

func mainHandler(w http.ResponseWriter, r *http.Request) {
	body, err := io.ReadAll(r.Body)
	defer r.Body.Close()
	if err != nil {
		log.Printf("Error reading request body: %v", err)
		w.WriteHeader(http.StatusBadRequest)
		return
	}

	log.Printf(">>> %s %s\n", r.Method, r.URL.Path)
	var out bytes.Buffer
	json.Indent(&out, body, "", "    ")
	log.Printf("%s\n", out.String())

	w.WriteHeader(http.StatusOK)
}

package main

import (
	"encoding/json"
	"errors"
	"fmt"
	"log"
	"net/http"
)

func writeErrorResponse(w http.ResponseWriter, err error) {
	w.WriteHeader(http.StatusBadRequest)
	json.NewEncoder(w).Encode(map[string]string{
		"reason": fmt.Sprintf("%v", err),
	})
}

type Resp struct {
	User               string                 `json:"user"`

	flag.StringVar(&certFile, "cert-file", "", "Path to TLS cert file")
}

func writeErrorResponse(w http.ResponseWriter, err error) {
	w.WriteHeader(http.StatusBadRequest)
	json.NewEncoder(w).Encode(map[string]string{
		"error": fmt.Sprintf("%v", err),
	})
}

type Result struct {
	Result bool `json:"result"`
}

func mainHandler(w http.ResponseWriter, r *http.Request) {

	bucketPolicy, err := policy.ParseBucketPolicyConfig(bytes.NewReader(bucketPolicyBytes), bucket)
	if err != nil {
		writeErrorResponse(ctx, w, APIError{
			Code:           "MalformedPolicy",
			HTTPStatusCode: http.StatusBadRequest,
			Description:    err.Error(),
		}, r.URL)
		return
	}

	// Version in policy must not be empty
	if bucketPolicy.Version == "" {