}

  private fun newEventSource(accept: String? = null): EventSource {
    val builder =
      Request
        .Builder()
        .url(server.url("/"))
    if (accept != null) {
      builder.header("Accept", accept)
    }
    val request = builder.build()
    val factory = createFactory(client)

  @SuppressWarnings("GoodTime") // should accept a java.time.Duration
  @CanIgnoreReturnValue
  public FakeTicker advance(long time, TimeUnit timeUnit) {
    return advance(timeUnit.toNanos(time));
  }

  /** Advances the ticker value by {@code nanoseconds}. */
  @SuppressWarnings("GoodTime") // should accept a java.time.Duration
  @CanIgnoreReturnValue
  public FakeTicker advance(long nanoseconds) {

  @SuppressWarnings("GoodTime") // should accept a java.time.Duration
  @CanIgnoreReturnValue
  public FakeTicker advance(long time, TimeUnit timeUnit) {
    return advance(timeUnit.toNanos(time));
  }

  /** Advances the ticker value by {@code nanoseconds}. */
  @SuppressWarnings("GoodTime") // should accept a java.time.Duration
  @CanIgnoreReturnValue
  public FakeTicker advance(long nanoseconds) {

        Map<String, List<String>> properties = new HashMap<>();
        properties.put("Accept", Collections.singletonList("application/json"));
        when(mockConnection.getRequestProperties()).thenReturn(properties);
        // Need to mock getRequestProperty as well since it delegates to wrapped connection
        when(mockConnection.getRequestProperty("Accept")).thenReturn("application/json");

        // Act

  @JvmStatic
  fun createFactory(callFactory: Call.Factory): EventSource.Factory =
    EventSource.Factory { request, listener ->
      val actualRequest =
        if (request.header("Accept") == null) {
          request.newBuilder().addHeader("Accept", "text/event-stream").build()
        } else {
          request
        }

      RealEventSource(actualRequest, listener).apply {
        connect(callFactory)
      }
    }

            root.accept(new DependencyGraphDumper(
                    l -> sb.append(l).append("\n"),
                    DependencyGraphDumper.defaultsWith(
                            List.of(DependencyGraphDumper.artifactProperties(List.of(ArtifactProperties.TYPE))))));
            logger.debug("TYPES: Before transform:\n {}", sb);
        }
        root.accept(new TypeDeriverVisitor(registry));

         5a:d1:35:2d:fc:31:3a:10:e7:0c
```

> Observe the `Subject: CN = consoleAdmin` field.

Also, note that the certificate has to contain the `Extended Key Usage: TLS Web Client Authentication`. Otherwise, MinIO would not accept the certificate as client certificate.

Now, the STS certificate-based authentication happens in 4 steps:

- Client sends HTTP `POST` request over a TLS connection hitting the MinIO TLS STS API.

        .newRequest(server.url("/").toUri())
        .header("Accept", "text/plain")
    val response = request.send()
    assertThat(response.status).isEqualTo(200)
    assertThat(response.contentAsString).isEqualTo("hello, Jetty HTTP Client")

    val recorded = server.takeRequest()
    assertThat(recorded.headers["Accept"]).isEqualTo("text/plain")
    assertThat(recorded.headers["Accept-Encoding"]).isEqualTo("gzip")

                throwError.accept(messages -> fessConfig.invalidIndexRequiredFields(doc)
                        .stream()
                        .forEach(s -> messages.addErrorsPropertyRequired("doc." + s, s)));
            }

            if (!fessConfig.validateIndexArrayFields(doc)) {
                throwError.accept(messages -> fessConfig.invalidIndexArrayFields(doc)

* `allow_origin_regex` - 一个正则表达式字符串，匹配的源允许跨域请求。例如 `'https://.*\.example\.org'`。
* `allow_methods` - 一个允许跨域请求的 HTTP 方法列表。默认为 `['GET']`。你可以使用 `['*']` 来允许所有标准方法。
* `allow_headers` - 一个允许跨域请求的 HTTP 请求头列表。默认为 `[]`。你可以使用 `['*']` 允许所有的请求头。`Accept`、`Accept-Language`、`Content-Language` 以及 `Content-Type` 这几个请求头在[简单 CORS 请求](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests)中总是被允许。
* `allow_credentials` - 指示跨域请求支持 cookies。默认是 `False`。