}
				if !oauth2Token.Valid() {
					return nil, errors.New("invalid token")
				}

				return &credentials.WebIdentityToken{
					Token:  oauth2Token.Extra("id_token").(string),
					Expiry: int(oauth2Token.Expiry.Sub(time.Now().UTC()).Seconds()),
				}, nil
			}
		}

		sts, err := credentials.NewSTSWebIdentity(stsEndpoint, getWebTokenExpiry)
		if err != nil {

      return true;
    }
  },

  /**
   * The entry's expiration timestamp has passed. This can occur when using {@link
   * CacheBuilder#expireAfterWrite} or {@link CacheBuilder#expireAfterAccess}.
   */
  EXPIRED {
    @Override
    boolean wasEvicted() {
      return true;
    }
  },

  /**
   * The entry was evicted due to size constraints. This can occur when using {@link

        }
    }

    /**
     * Rotate all expired keys based on configured interval
     */
    private void rotateExpiredKeys() {
        if (closed) {
            return;
        }

        long now = System.currentTimeMillis();
        java.util.List<String> sessionsToRotate = new java.util.ArrayList<>();

        // Find expired keys

	transitionMissedImmediateTasks = "transition_missed_immediate_tasks"
	versionsScanned                = "versions_scanned"
)

var (
	ilmExpiryPendingTasksMD             = NewGaugeMD(expiryPendingTasks, "Number of pending ILM expiry tasks in the queue")
	ilmTransitionActiveTasksMD          = NewGaugeMD(transitionActiveTasks, "Number of active ILM transition tasks")

    }

    @Test
    void testGetTrustedDomains_ExpiredCache() throws IOException, SmbAuthException {
        // Set up an expired cache entry
        Dfs.CacheEntry expiredEntry = new Dfs.CacheEntry(-1); // Expired
        testDfs._domains = expiredEntry;
        testDfs.setDisabled(true); // Set disabled to avoid NullPointerException

        when(auth.getDomain()).thenReturn("domain.com");

  # tlsCert: /etc/dex/tls.crt
  # tlsKey: /etc/dex/tls.key

  # Configuration for telemetry
  telemetry:
    http: 0.0.0.0:5558

# Uncomment this block to enable configuration for the expiration time durations.
expiry:
  signingKeys: "3h"
  idTokens: "3h"

  # Options for controlling the logger.
  logger:
    level: "debug"
    format: "text" # can also be "json"

# Default values shown below
oauth2:

pkg syscall (darwin-386), type RoutingMessage interface, unexported methods
pkg syscall (darwin-386), type RtMetrics struct
pkg syscall (darwin-386), type RtMetrics struct, Expire int32
pkg syscall (darwin-386), type RtMetrics struct, Filler [4]uint32
pkg syscall (darwin-386), type RtMetrics struct, Hopcount uint32
pkg syscall (darwin-386), type RtMetrics struct, Locks uint32

   * Load cookies from the jar for an HTTP request to [url]. This method returns a possibly
   * empty list of cookies for the network request.
   *
   * Simple implementations will return the accepted cookies that have not yet expired and that
   * [match][Cookie.matches] [url].
   */
  fun loadForRequest(url: HttpUrl): List<Cookie>

  companion object {
    /** A cookie jar that never accepts any cookies. */
    @JvmField

    className: String,
    cause: Throwable,
  ): Boolean =
    when (className) {
      "okhttp3.recipes.CheckHandshake" -> true // by design
      "okhttp3.recipes.RequestBodyCompression" -> true // expired token
      else -> false
    }

      return true;
    }
  },

  /**
   * The entry's expiration timestamp has passed. This can occur when using {@link
   * CacheBuilder#expireAfterWrite} or {@link CacheBuilder#expireAfterAccess}.
   */
  EXPIRED {
    @Override
    boolean wasEvicted() {
      return true;
    }
  },

  /**
   * The entry was evicted due to size constraints. This can occur when using {@link