return ErrRequestNotReadyYet
	}

	if UTCNow().Sub(pSignValues.Date) > pSignValues.Expires {
		return ErrExpiredPresignRequest
	}

	// Save the date and expires.
	t := pSignValues.Date
	expireSeconds := int(pSignValues.Expires / time.Second)

	// Construct new query.
	query := make(url.Values)
	clntHashedPayload := req.Form.Get(xhttp.AmzContentSha256)

    * Esos certificados en realidad son **adquiridos** del tercero, no "generados".
* Los certificados tienen una **vida útil**.
    * Ellos **expiran**.
    * Y luego necesitan ser **renovados**, **adquiridos nuevamente** del tercero.
* La encriptación de la conexión ocurre a nivel de **TCP**.
    * Esa es una capa **debajo de HTTP**.

            "No process is on the other end of the pipe.", "More data is available.", "This user account has expired.",
            "The user is not allowed to log on from this workstation.", "The user is not allowed to log on at this time.",
            "The password of this user has expired.", };

            "No process is on the other end of the pipe.", "More data is available.", "This user account has expired.",
            "The user is not allowed to log on from this workstation.", "The user is not allowed to log on at this time.",
            "The password of this user has expired.", };

				nonExistentUsers = append(nonExistentUsers, ndn.String())
				continue
			}
			return nil, err
		}
		if len(searchResult.Entries) == 0 {
			// DN was not found - this means this user account is
			// expired.
			ndn, err := ldap.ParseDN(dn)
			if err != nil {
				return nil, err
			}
			nonExistentUsers = append(nonExistentUsers, ndn.String())
		}
	}
	return nonExistentUsers, nil
}

	purgeStart := time.Now()

	// Purge expired STS credentials.

	// Scan STS users on disk and purge expired ones.
	stsAccountsFromStore := map[string]UserIdentity{}
	stsAccPoliciesFromStore := xsync.NewMapOf[string, MappedPolicy]()
	for _, item := range listedConfigItems[stsListKey] {
		userName := path.Dir(item)
		// loadUser() will delete expired user during the load.

	c.Issuer = issuer
}

// SetAudience sets audience for these claims
func (c *StandardClaims) SetAudience(aud string) {
	c.Audience = aud
}

// SetExpiry sets expiry in unix epoch secs
func (c *StandardClaims) SetExpiry(t time.Time) {
	c.ExpiresAt = t.Unix()
}

// SetAccessKey sets access key as jwt subject and custom
// "accessKey" field.

 * This is an interface for handling timeouts.
 *
 * @author higa
 *
 */
@FunctionalInterface
public interface TimeoutTarget {

    /**
     * Describes the processing for a timeout.
     */
    void expired();

package org.codelibs.fess.exception;

/**
 * Exception thrown when an invalid access token is encountered.
 * This exception is typically used in authentication and authorization contexts
 * where a provided access token is invalid, expired, or malformed.
 */
public class InvalidAccessTokenException extends FessSystemException {

    /** Serial version UID for serialization */
    private static final long serialVersionUID = 1L;

        jobLog.setId("test-log-1");
        jobLog.setJobName("Test Job");
        jobLog.setEndTime(null);

        MonitorTarget target = new MonitorTarget(jobLog);
        try {
            target.expired();
            // If it succeeds, check that lastUpdated is set
            assertNotNull(jobLog.getLastUpdated());
        } catch (Exception e) {
            // Expected in test environment due to missing client