ErrNotImplemented     = errors.New("function not implemented")
	ErrAccessTokenExpired = errors.New("access_token expired or unauthorized")
)

// Provider implements identity provider specific admin operations, such as
// looking up users, fetching additional attributes etc.
type Provider interface {
	LoginWithUser(username, password string) error
	LoginWithClientID(clientID, clientSecret string) error
	LookupUser(userid string) (User, error)

This document explains the design approach of server side bucket replication. If you're looking to get started with replication, we suggest you go through the [Bucket replication guide](https://github.com/minio/minio/blob/master/docs/bucket/replication/README.md) first.

## Overview

	// IndexCB will return any index created but the compression.
	// Object must have been read at this point.
	IndexCB func() []byte

	// InclFreeVersions indicates that free versions need to be included
	// when looking up a version by fi.VersionID
	InclFreeVersions bool
	// SkipFreeVersion skips adding a free version when a tiered version is
	// being 'replaced'
	// Note: Used only when a tiered object is being expired.

- MinIO then checks if there are any policies [explicitly associated](#managing-usergroup-access-policy) with the user or their groups.
- On finding at least one associated policy, MinIO generates temporary credentials for the user storing the list of groups in a cryptographically secure session token. The temporary access key, secret key and session token are returned to the user.
- The user can now use these credentials to make requests to the MinIO server.

additionalAnnotation: [] ## Typically the deployment/statefulset includes checksums of secrets/config, ## So that when these change on a subsequent helm install, the deployment/statefulset ## is restarted. This can result in unnecessary restarts under GitOps tooling such as ## flux, so set to "true" to disable this behaviour. ignoreChartChecksums: false ## Additional arguments to pass to minio binary extraArgs: [] ## Internal port number for MinIO S3 API container ## Change service.port to change external port...

additionalAnnotation: [] ## Typically the deployment/statefulset includes checksums of secrets/config, ## So that when these change on a subsequent helm install, the deployment/statefulset ## is restarted. This can result in unnecessary restarts under GitOps tooling such as ## flux, so set to "true" to disable this behaviour. ignoreChartChecksums: false ## Additional arguments to pass to minio binary extraArgs: [] ## Internal port number for MinIO S3 API container ## Change service.port to change external port...

additionalAnnotation: {} ## Typically the deployment/statefulset includes checksums of secrets/config, ## So that when these change on a subsequent helm install, the deployment/statefulset ## is restarted. This can result in unnecessary restarts under GitOps tooling such as ## flux, so set to "true" to disable this behaviour. ignoreChartChecksums: false ## Additional arguments to pass to minio binary extraArgs: [] ## Additional volumes to minio container extraVolumes: [] ## Additional volumeMounts to minio container...

additionalAnnotation: {} ## Typically the deployment/statefulset includes checksums of secrets/config, ## So that when these change on a subsequent helm install, the deployment/statefulset ## is restarted. This can result in unnecessary restarts under GitOps tooling such as ## flux, so set to "true" to disable this behaviour. ignoreChartChecksums: false ## Additional arguments to pass to minio binary extraArgs: [] ## Additional volumes to minio container extraVolumes: [] ## Additional volumeMounts to minio container...

additionalAnnotation: {} ## Typically the deployment/statefulset includes checksums of secrets/config, ## So that when these change on a subsequent helm install, the deployment/statefulset ## is restarted. This can result in unnecessary restarts under GitOps tooling such as ## flux, so set to "true" to disable this behaviour. ignoreChartChecksums: false ## Additional arguments to pass to minio binary extraArgs: [] ## Additional volumes to minio container extraVolumes: [] ## Additional volumeMounts to minio container...

// An S3 implementation has to remember the content MD5 of objects
// in case of SSE-S3. However, storing the ETag of an encrypted
// object in plaintext may reveal some information about the object.
// For example, two objects with the same ETag are identical with
// a very high probability.
//
// Therefore, an S3 implementation may encrypt an ETag before storing
// it. In this case, the stored ETag may not be a well-formed S3 ETag.