t.Errorf("Expected le='0.050' api=PutObject metrics but got '%v'", le)
	}
	if value := capitalPutObjects[0].Value; value != 1 {
		t.Errorf("Expected le='0.050' api=PutObject value to be 1 but got '%v'", value)
	}
	if le := capitalPutObjects[1].VariableLabels["le"]; le != "5.000" {
		t.Errorf("Expected le='5.000' api=PutObject metrics but got '%v'", le)
	}
	if value := capitalPutObjects[1].Value; value != 2 {

		if err != nil && testCase.shouldPass {
			t.Errorf("Test %d: %s: Expected to pass, but failed with: <ERROR> %s", i+1, instanceType, err.Error())
		}
		if err == nil && !testCase.shouldPass {
			t.Errorf("Test %d: %s: Expected to fail with <ERROR> \"%s\", but passed instead", i+1, instanceType, testCase.err.Error())
		}
		// Failed as expected, but does it fail for the expected reason.
		if err != nil && !testCase.shouldPass {

	}

	if err := DB.Model(&User{}).Select("name, sum(age) as total").Where("name LIKE ?", "groupby%").Group("name").Having("name = ?", "groupby1").Row().Scan(&name, &total); err != nil {
		t.Errorf("no error should happen, but got %v", err)
	}

	if name != "groupby1" || total != 660 {
		t.Errorf("name should be groupby, but got %v, total should be 660, but got %v", name, total)

			if r.Name != relation.Name {
				t.Errorf("schema %v relation name expects %v, but got %v", s, r.Name, relation.Name)
			}

			if r.Type != relation.Type {
				t.Errorf("schema %v relation name expects %v, but got %v", s, r.Type, relation.Type)
			}

			if r.Schema.Name != relation.Schema {
				t.Errorf("schema %v relation's schema expects %v, but got %v", s, relation.Schema, r.Schema.Name)
			}

	if err == nil || !errors.Is(err, errAuthentication) {
		c.Fatalf("expected err(%s) but got (%s)", errAuthentication, err)
	}

	newSSHCon = newSSHConnMock("dillon")
	_, err = sshPubKeyAuth(newSSHCon, testKey)
	if err == nil || !errors.Is(err, errNoSuchUser) {
		c.Fatalf("expected err(%s) but got (%s)", errNoSuchUser, err)
	}
}

func (s *TestSuiteIAM) SFTPPublicKeyAuthentication(c *check) {

			t.Errorf("Test case %d: Expected \"%v\" but failed \"%v\"", i+1, testCase.sipHash, sipHashElement)
		}
	}

	if sipHashElement := hashKey("SIPMOD", "This will fail", -1, testUUID); sipHashElement != -1 {
		t.Errorf("Test: Expected \"-1\" but got \"%v\"", sipHashElement)
	}

	if err := DB.Create(&yasuo).Error; err != nil {
		t.Fatalf("should be able to create data, but got %v", err)
	}

	if yasuo.ID == "" {
		t.Fatal("should be able to has ID, but got zero value")
	}

	var result Yasuo
	if err := DB.First(&result, "id = ?", yasuo.ID).Error; err != nil || yasuo.Name != "jinzhu" {
		t.Errorf("No error should happen, but got %v", err)
	}

	if err := DB.Create(&yasuo).Error; err != nil {
		t.Fatalf("should be able to create data, but got %v", err)
	}

	if yasuo.ID == "" {
		t.Fatal("should be able to has ID, but got zero value")
	}

	var result Yasuo
	if err := DB.First(&result, "id = ?", yasuo.ID).Error; err != nil || yasuo.Name != "jinzhu" {
		t.Errorf("No error should happen, but got %v", err)
	}

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Return some error
    ...
```

But by using the `secrets.compare_digest()` it will be secure against a type of attacks called "timing attacks".

### Timing Attacks { #timing-attacks }

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

And the spec says that the fields have to be named like that. So `user-name` or `email` wouldn't work.

But don't worry, you can show it as you wish to your final users in the frontend.

And your database models can use any other names you want.

But for the login *path operation*, we need to use these names to be compatible with the spec (and be able to, for example, use the integrated API documentation system).