if s3Err != ErrNone {
		return s3Err
	}

	// Extract date, if not present throw error.
	var date string
	if date = req.Header.Get(xhttp.AmzDate); date == "" {
		if date = r.Header.Get(xhttp.Date); date == "" {
			return ErrMissingDateHeader
		}
	}

	// Parse date header.
	t, e := time.Parse(iso8601Format, date)
	if e != nil {
		return ErrMalformedDate
	}

	// Query string.

	// ErrInvalidRetentionDate - indicates that retention date needs to be in ISO 8601 format
	ErrInvalidRetentionDate = errors.New("date must be provided in ISO 8601 format")
	// ErrPastObjectLockRetainDate - indicates that retention date must be in the future
	ErrPastObjectLockRetainDate = errors.New("the retain until date must be in the future")
	// ErrUnknownWORMModeDirective - indicates that the retention mode is invalid

	return strings.HasPrefix(r.URL.Path, kmsPathPrefix)
}

// Supported Amz date headers.
var amzDateHeaders = []string{
	// Do not change this order, x-amz-date value should be
	// validated first.
	"x-amz-date",
	"date",
}

// parseAmzDateHeader - parses supported amz date headers, in
// supported amz date formats.
func parseAmzDateHeader(req *http.Request) (time.Time, APIErrorCode) {

          },
          "exemplar": true,
          "expr": "sum by (bucket) (rate(minio_bucket_traffic_sent_bytes{job=\"$scrape_jobs\"}[$__rate_interval]))",
          "interval": "1m",
          "intervalFactor": 2,
          "legendFormat": "Data Sent [{{bucket}}]",
          "refId": "A"
        }
      ],
      "title": "Total Data Sent Rate",
      "type": "timeseries"
    },
    {
      "datasource": {

	ActualSize int64             `json:"actualSize"` // Original size of the part without compression or encryption bytes.
	ModTime    time.Time         `json:"modTime"`    // Date and time at which the part was uploaded.
	Index      []byte            `json:"index,omitempty" msg:"index,omitempty"`
	Checksums  map[string]string `json:"crc,omitempty" msg:"crc,omitempty"` // Content Checksums
}

				c.client = client
				c.lock.Unlock()

				prevCertificate = certificate
			}
		}
	}()

	go c.refreshKMSMasterKeyCache(logger)
	return c, nil
}

// Request KES keep an up-to-date copy of the KMS master key to allow minio to start up even if KMS is down. The
// cached key may still be evicted if the period of this function is longer than that of KES .cache.expiry.unused

	// Object content should be written to http.ResponseWriter
	return false
}

// returns true if object was modified after givenTime.
func ifModifiedSince(objTime time.Time, givenTime time.Time) bool {
	// The Date-Modified header truncates sub-second precision, so
	// use mtime < t+1s instead of mtime <= t to check for unmodified.
	return objTime.After(givenTime.Add(1 * time.Second))
}

	"$key":                     true,
	"$success_action_redirect": true,
	"$redirect":                true,
	"$success_action_status":   true,
	"$x-amz-algorithm":         false,
	"$x-amz-credential":        false,
	"$x-amz-date":              false,
}

var postPolicyIgnoreKeys = map[string]bool{
	"Policy":              true,
	xhttp.AmzSignature:    true,
	xhttp.ContentEncoding: true,
	http.CanonicalHeaderKey(xhttp.AmzChecksumAlgo):   true,

	errAuthentication     = errors.New("Authentication failed, check your access credentials")
	errNoAuthToken        = errors.New("JWT token missing")
	errSkewedAuthTime     = errors.New("Skewed authentication date/time")
	errMalformedAuth      = errors.New("Malformed authentication input")
)

type cacheKey struct {
	accessKey, secretKey, audience string
}

			return err
		}

		if p.Version == 0 {
			// This means that policy was in the old version (without any
			// timestamp info). We fetch the mod time of the file and save
			// that as create and update date.
			p.CreateDate = objInfo.ModTime
			p.UpdateDate = objInfo.ModTime
		}

		m[policy] = p
		return nil
	}
}