// it still should only have executed once due to memoization
    assertEquals(1, countingSupplier.calls);

    Thread.sleep(150);

    assertEquals(20, (int) memoizedSupplier.get());
    // old value expired
    assertEquals(2, countingSupplier.calls);

    assertEquals(20, (int) memoizedSupplier.get());
    // it still should only have executed twice due to memoization
    assertEquals(2, countingSupplier.calls);
  }

			z.ContentEncoding, bts, err = msgp.ReadStringBytes(bts)
			if err != nil {
				err = msgp.WrapError(err, "ContentEncoding")
				return
			}
		case "Expires":
			z.Expires, bts, err = msgp.ReadTimeBytes(bts)
			if err != nil {
				err = msgp.WrapError(err, "Expires")
				return
			}
		case "CacheControl":
			z.CacheControl, bts, err = msgp.ReadStringBytes(bts)
			if err != nil {

    * Un "token" es solo un string con algún contenido que podemos usar luego para verificar a este usuario.
    * Normalmente, un token se establece para que expire después de algún tiempo.
        * Así que, el usuario tendrá que volver a iniciar sesión más adelante.

}
```

These credentials can now be used to perform MinIO API operations, these credentials automatically expire in 1hr. To understand more about credential expiry duration and client grants STS API read further [here](https://github.com/minio/minio/blob/master/docs/sts/client-grants.md).

## Explore Further

        .build()
    val urlWithIpAddress = urlWithIpAddress(server, "/path/foo")
    server.enqueue(
      MockResponse
        .Builder()
        .addHeader(
          "Set-Cookie: a=android; " +
            "expires=Fri, 31-Dec-9999 23:59:59 GMT; " +
            "path=/path; " +
            "domain=${urlWithIpAddress.host}; " +
            "secure",
        ).build(),
    )
    get(urlWithIpAddress)

        try {
            rateLimiter.checkAttempt(username, ip);
            fail("Should be locked out");
        } catch (SmbException e) {
            // Expected
        }

        // Wait for lockout to expire
        Thread.sleep(2100); // Lockout is 2 seconds in test setup

        // Should be allowed again
        assertTrue(rateLimiter.checkAttempt(username, ip), "Should be allowed after lockout expiry");
    }

That way, you can create a token with an expiration of, let's say, 1 week. And then when the user comes back the next day with the token, you know that user is still logged in to your system.

            attributes.put("refreshtoken", tr.getRefreshToken() == null ? "null" : tr.getRefreshToken());
            attributes.put("tokentype", tr.getTokenType());
            attributes.put("expire", tr.getExpiresInSeconds());
            attributes.put("jwtheader", jwtHeader);
            attributes.put("jwtclaim", jwtClaim);
            attributes.put("jwtsignature", jwtSignature);

      Header("content-range", ""),
      Header("content-type", ""),
      Header("cookie", ""),
      Header("date", ""),
      Header("etag", ""),
      Header("expect", ""),
      Header("expires", ""),
      Header("from", ""),
      Header("host", ""),
      Header("if-match", ""),
      Header("if-modified-since", ""),
      Header("if-none-match", ""),
      Header("if-range", ""),

     * <p>
     * This method will attempt
     * to resolve SIDs using a cache and cache the results of any SIDs that
     * required resolving with the authority. SID cache entries are currently not
     * expired because under normal circumstances SID information never changes.
     *
     * @param authorityServerName
     *            The hostname of the server that should be queried. For maximum efficiency this should be the hostname