"token_type": "Bearer",
  "expires_in": 3600
}
```

### 4. JWT Claims

The id_token received is a signed JSON Web Token (JWT). Use a JWT decoder to decode the id_token to access the payload of the token that includes following JWT claims:

import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement

object TlsUtil {
  val password = "password".toCharArray()

  private val localhost: HandshakeCertificates by lazy {
    // Generate a self-signed cert for the server to serve and the client to trust.
    val heldCertificate =
      HeldCertificate
        .Builder()
        .commonName("localhost")
        .addSubjectAlternativeName("localhost")

    }

  val basicConstraints: Extension
    get() {
      return tbsCertificate.extensions.first {
        it.id == ObjectIdentifiers.BASIC_CONSTRAINTS
      }
    }

  /** Returns true if the certificate was signed by [issuer]. */
  @Throws(SignatureException::class)
  fun checkSignature(issuer: PublicKey): Boolean {
    val signedData = CertificateAdapters.tbsCertificate.toDer(tbsCertificate)

     * environments and only to carry test data.
     *
     * The server’s TLS certificate **does not need to be signed** by a trusted certificate
     * authority. Instead, it will trust any well-formed certificate, even if it is self-signed.
     * This is necessary for testing against localhost or in development environments where a
     * certificate authority is not possible.
     *

			partNumberMarker: "",
			maxParts:         "",
			expectedErr:      noSuchUploadErr,
		},
	}

	// string to represent V2 signed HTTP request.
	reqV2Str := "V2 Signed HTTP request"
	// string to represent V4 signed HTTP request.
	reqV4Str := "V4 Signed HTTP request"
	// Collection of HTTP request and ResponseRecorder and request type string.
	type inputReqRec struct {
		req     *http.Request

   *
   * @since 33.2.0
   */
  public static final String SEC_GPC = "Sec-GPC";

  /**
   * The HTTP <a
   * href="https://wicg.github.io/turtledove/#handling-direct-from-seller-signals">{@code
   * Ad-Auction-Signals}</a> header field name.
   *
   * @since 33.0.0
   */
  public static final String AD_AUCTION_SIGNALS = "Ad-Auction-Signals";

  /**

Centrémonos en los parámetros declarados:

* Aunque esta función es una dependencia ("dependable") en sí misma, también declara otra dependencia (depende de algo más).
    * Depende del `query_extractor`, y asigna el valor que devuelve al parámetro `q`.
* También declara una `last_query` cookie opcional, como un `str`.
    * Si el usuario no proporcionó ningún query `q`, usamos el último query utilizado, que guardamos previamente en una cookie.

    @Override
    public boolean verify(final byte[] data, final int offset, final int l, final int extraPad, final CommonServerMessageBlock m) {

        final ServerMessageBlock msg = (ServerMessageBlock) m;

        if ((msg.getFlags2() & SmbConstants.FLAGS2_SECURITY_SIGNATURES) == 0) {
            // signature requirements need to be checked somewhere else
            log.warn("Expected signed response, but is not signed");

            assertEquals(0xFFFFFFFF, Smb2Constants.UNSPECIFIED_TREEID, "Unspecified TreeId must be 0xFFFFFFFF");
            assertEquals(-1, Smb2Constants.UNSPECIFIED_TREEID, "Unspecified TreeId as signed int should be -1");
        }

        @Test
        @DisplayName("Unspecified SessionId should be 0xFFFFFFFFFFFFFFFF")
        void testUnspecifiedSessionId() {

     * deal with the cases where rounding towards 0 is wrong, which typically depends on the sign of
     * p / q.
     *
     * signum is 1 if p and q are both nonnegative or both negative, and -1 otherwise.
     */
    int signum = 1 | (int) ((p ^ q) >> (Long.SIZE - 1));
    boolean increment;
    switch (mode) {
      case UNNECESSARY: