"errors"
	"fmt"
	"net/http"
	"net/url"
	"path"
	"strings"
	"sync"
)

// Token - parses the output from IDP id_token.
type Token struct {
	AccessToken string `json:"access_token"`
	Expiry      int    `json:"expires_in"`
}

// KeycloakProvider implements Provider interface for KeyCloak Identity Provider.
type KeycloakProvider struct {
	sync.Mutex

	oeConfig DiscoveryDoc
	client   http.Client

        assertNotNull(WitnessRegistration.WitnessRegistrationState.UNREGISTERING);
        assertNotNull(WitnessRegistration.WitnessRegistrationState.FAILED);
        assertNotNull(WitnessRegistration.WitnessRegistrationState.EXPIRED);
    }

    @Test
    void testEnumToStringConversions() {
        // Test that enum toString methods work properly
        assertEquals("CLUSTER_WITNESS", WitnessServiceType.CLUSTER_WITNESS.toString());

      },
      "created": {
        "type": "date",
        "format": "date_optional_time"
      },
      "timestamp": {
        "type": "date",
        "format": "date_optional_time"
      },
      "expires": {
        "type": "date",
        "format": "date_optional_time"
      },
      "digest": {
        "type": "text",
        "index": false
      },
      "doc_id": {
        "type": "keyword"

var (
	// Minio endpoint (for STS API)
	stsEndpoint string

	// User account credentials
	minioUsername string
	minioPassword string

	// Display credentials flag
	displayCreds bool

	// Credential expiry duration
	expiryDuration time.Duration

	// Bucket to list
	bucketToList string

	// Session policy file (FIXME: add support in minio-go)
	sessionPolicyFile string
)

func init() {

)

var (
	// LDAP integrated Minio endpoint
	stsEndpoint string

	// LDAP credentials
	ldapUsername string
	ldapPassword string

	// Display credentials flag
	displayCreds bool

	// Credential expiry duration
	expiryDuration time.Duration

	// Bucket to list
	bucketToList string

	// Session policy file
	sessionPolicyFile string
)

func init() {

| user               | string                                  | Identifier for owner of requested credentials          |
| maxValiditySeconds | integer (>= 900 seconds and < 365 days) | Maximum allowed expiry duration for the credentials    |
| claims             | key-value pairs                         | Claims to be associated with the requested credentials |

                // This is a duplicate check, as preWriteCleanup already purged expired
                // entries, but let's accommodate an incorrect expiration queue.
                enqueueNotification(
                    entryKey, hash, value, valueReference.getWeight(), RemovalCause.EXPIRED);
              } else {
                recordLockedRead(e, now);
                statsCounter.recordHits(1);

			objInfo := fi.ToObjectInfo(bucket, object, versioned)

			evt := evalActionFromLifecycle(ctx, *lc, lr, rcfg, objInfo)
			switch {
			case evt.Action.DeleteRestored(): // if restored copy has expired,delete it synchronously
				applyExpiryOnTransitionedObject(ctx, newObjectLayerFn(), objInfo, evt, lcEventSrc_Heal)
				return false
			case evt.Action.Delete():

labels.incrementalCrawling=Verificar data da última modificação
labels.errorCount=Número de erros
labels.errorLog=Log de erros
labels.errorName=Nome do erro
labels.expiredTime=Data de expiração
labels.expires=Expira
labels.failureCountThreshold=Limite de falhas
labels.fileConfigName=Nome da configuração de rastreamento de arquivo
labels.fileName=Nome do arquivo
labels.handlerName=Nome do manipulador
labels.handlerParameter=Parâmetro

      },
      "created": {
        "type": "date",
        "format": "date_optional_time"
      },
      "timestamp": {
        "type": "date",
        "format": "date_optional_time"
      },
      "expires": {
        "type": "date",
        "format": "date_optional_time"
      },
      "digest": {
        "type": "text",
        "index": false
      },
      "doc_id": {
        "type": "keyword"