return false, err
			}
			resp, err := client.Do(req)
			if err != nil {
				lastError = formatError(fmt.Sprintf("error: %v", err))
				return false, nil
			}
			defer func() {
				_ = resp.Body.Close()
			}()
			if resp.StatusCode != http.StatusOK {
				lastError = formatError(fmt.Sprintf("status code: %d", resp.StatusCode))
				return false, nil
			}

			return true, nil

      if (i == 0) {
        head = chain;
      }
    }
  }

  @SuppressWarnings("GuardedBy")
  @Benchmark
  int time(int reps) {
    int dummy = 0;
    for (int i = 0; i < reps; i++) {
      // TODO(b/145386688): This access should be guarded by 'this.segment', which is not currently
      // held
      segment.removeEntryFromChain(chain, head);
      dummy += segment.count;

					authenticated, tt.expectedAuthenticated)
			}
			if resp != nil && tt.expectedUser != nil && !reflect.DeepEqual(resp.User, tt.expectedUser) {
				t.Errorf("Plugin returned incorrect user. Got %#v, expected %#v",
					resp.User, tt.expectedUser)
			}
			if resp != nil && tt.expectedAuds != nil && !reflect.DeepEqual(resp.Audiences, tt.expectedAuds) {

	alpnFieldRegex           = regexp.MustCompile(string(AlpnField) + "=(.*)")
)

func ParseResponses(req *proto.ForwardEchoRequest, resp *proto.ForwardEchoResponse) Responses {
	responses := make([]Response, len(resp.Output))
	for i, output := range resp.Output {
		responses[i] = parseResponse(output)
		responses[i].RequestURL = req.Url
	}
	return responses
}

func parseResponse(output string) Response {

	}

	req.Header.Set("Content-Type", "application/json")

	resp, err := target.httpClient.Do(req)
	if err != nil {
		return err
	}
	defer xhttp.DrainBody(resp.Body)

	if resp.StatusCode < 200 || resp.StatusCode > 299 {
		return fmt.Errorf("sending event failed with %v", resp.Status)
	}

	return nil
}

	for _, rr := range r {
		if f(rr) {
			matched = append(matched, rr)
		}
	}
	return matched
}

func (r Responses) String() string {
	out := ""
	for i, resp := range r {
		out += fmt.Sprintf("Response[%d]:\n%s", i, resp.String())
	}
	return out

	if len(token) == 0 {
		// The space before the token case
		if len(parts) == 3 {
			warning.AddWarning(req.Context(), "", invalidTokenWithSpaceWarning)
		}
		return nil, false, nil
	}

	resp, ok, err := a.auth.AuthenticateToken(req.Context(), token)
	// if we authenticated successfully, go ahead and remove the bearer token so that no one
	// is ever tempted to use it inside of the API server
	if ok {

		Writes(metav1.APIGroup{}))
	return ws
}

// handle returns a handler which will return the api.GroupAndVersion of the group.
func (s *APIGroupHandler) handle(req *restful.Request, resp *restful.Response) {
	s.ServeHTTP(resp.ResponseWriter, req.Request)
}

func (s *APIGroupHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {

	ctx := metadata.NewOutgoingContext(context.Background(), metadata.Pairs("ClusterID", c.opts.ClusterID))
	resp, err := c.client.CreateCertificate(ctx, req)
	if err != nil {
		return nil, fmt.Errorf("create certificate: %v", err)
	}

	if len(resp.CertChain) <= 1 {
		return nil, errors.New("invalid empty CertChain")
	}

	return resp.CertChain, nil
}

func (c *CitadelClient) getTLSOptions() *istiogrpc.TLSOptions {

            }

        // submit the first response
        // this response should satisfy the very first request
        val resp1 = newModelResponse().also(nextResponse::put)
        val (_, asyncResp1) = pendingTasks[0]
        assertThat(
            asyncResp1.await(),
            sameInstance(resp1)
        )

        // now we expect to receive the most recent request since the last request that got a response,