defaultInterNodeJWTExpiry = 100 * 365 * 24 * time.Hour
)

var (
	errInvalidAccessKeyID = errors.New("The access key ID you provided does not exist in our records")
	errAccessKeyDisabled  = errors.New("The access key you provided is disabled")
	errAuthentication     = errors.New("Authentication failed, check your access credentials")
	errNoAuthToken        = errors.New("JWT token missing")

     *
     * @param server the server name to connect to
     * @param access the desired access rights
     * @param policyHandle the policy handle to be populated
     */
    public MsrpcSamrConnect2(final String server, final int access, final SamrPolicyHandle policyHandle) {
        super(server, access, policyHandle);
        this.ptype = 0;
        this.flags = DCERPC_FIRST_FRAG | DCERPC_LAST_FRAG;
    }

     *
     * @param server the server name to connect to
     * @param access the desired access rights
     * @param policyHandle the policy handle to be populated
     */
    public MsrpcSamrConnect4(final String server, final int access, final SamrPolicyHandle policyHandle) {
        super(server, 2, access, policyHandle);
        ptype = 0;
        flags = DCERPC_FIRST_FRAG | DCERPC_LAST_FRAG;
    }

     *
     * @param handle the domain handle
     * @param access the desired access rights
     * @param rid the relative identifier of the alias
     * @param aliasHandle the alias handle to be populated
     */
    public MsrpcSamrOpenAlias(final SamrDomainHandle handle, final int access, final int rid, final SamrAliasHandle aliasHandle) {
        super(handle, access, rid, aliasHandle);
        ptype = 0;

     * @throws FessSystemException if no access token is available
     */
    public String getServerPath() {
        return getSessionManager().getAttribute(Constants.SEARCH_ENGINE_API_ACCESS_TOKEN, String.class)
                .map(token -> ADMIN_SERVER + token)
                .orElseThrow(() -> new FessSystemException("Cannot create an access token."));
    }

    /**

    /**
     * CORS header for specifying allowed headers.
     */
    protected static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";

    /**
     * CORS header for specifying allowed HTTP methods.
     */
    protected static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";

    /**

        super();
    }

    /**
     * Determines whether the current request is authorized to access admin API endpoints.
     * This method validates the access token and checks if the associated permissions
     * allow admin access according to the Fess configuration.
     *
     * @return true if admin access is allowed, false otherwise
     */
    @Override
    protected boolean isAccessAllowed() {
        try {

    /**
     * Indicates whether network access to remote repositories has been disabled.
     *
     * @return {@code true} if remote access has been disabled, {@code false} otherwise.
     */
    @Override
    boolean isOffline();

    /**
     * Enables/disables network access to remote repositories.
     *
     * @param offline {@code true} to disable remote access, {@code false} to allow network access.

    }

    /**
     * Pre-processes API requests by checking access authorization before executing the action.
     * If access is not allowed, returns an unauthorized error response.
     *
     * @param runtime the action runtime context containing request information
     * @return ActionResponse with unauthorized error if access denied, otherwise delegates to parent
     */
    @Override

     * @param mode the access mode ("r" for read-only, "rw" for read-write)
     * @param sharing the sharing flags for file access
     * @param tc the CIFS context to use for the connection
     * @throws SmbException if an SMB error occurs
     * @throws MalformedURLException if the URL is malformed
     */
    @SuppressWarnings("resource")