locationResponse:   []byte(""),
			errorResponse: APIErrorResponse{
				Resource: SlashSeparator + bucketName + SlashSeparator,
				Code:     "InvalidAccessKeyId",
				Message:  "The Access Key Id you provided does not exist in our records.",
			},
			shouldPass: false,
		},
	}

	for i, testCase := range testCases {
		if i != 1 {
			continue
		}

		queryParams map[string]string
		expected    APIErrorCode
	}{
		// (0) Should error without a set URL query.
		{
			expected: ErrInvalidQueryParams,
		},
		// (1) Should error on an invalid access key.
		{
			queryParams: map[string]string{
				"Expires":        "60",
				"Signature":      "badsignature",
				"AWSAccessKeyId": "Z7IXGOO6BZ0REAN1Q26I",
			},
			expected: ErrInvalidAccessKeyID,
		},

	}

	cred, err := auth.GetNewCredentialsWithMetadata(claims, secret)
	if err != nil {
		writeSTSErrorResponse(ctx, w, ErrSTSInternalError, err)
		return
	}

	// Set the parent of the temporary access key, so that it's access
	// policy is inherited from `user.AccessKey`.
	cred.ParentUser = user.AccessKey

	// Set the newly generated credentials.
	updatedAt, err := globalIAMSys.SetTempUser(ctx, cred.AccessKey, cred, "")

		return
	}

	// Check if anonymous (non-owner) has access to list objects.
	readable := globalPolicySys.IsAllowed(policy.BucketPolicyArgs{
		Action:          policy.ListBucketAction,
		BucketName:      bucket,
		ConditionValues: getConditionValues(r, "", auth.AnonymousCredentials),
		IsOwner:         false,
	})

	// Check if anonymous (non-owner) has access to upload objects.

@AutomaticFeature
class TestRegistration : Feature {
  override fun beforeAnalysis(access: Feature.BeforeAnalysisAccess) {
    // Presumably needed for parsing the testlist.txt file.
    RuntimeClassInitialization.initializeAtBuildTime(access.findClassByName("kotlin.text.Charsets"))

    registerKnownTests(access)

    registerJupiterClasses(access)

    registerParamProvider(access, "okhttp3.SampleTestProvider")

 * mask of the ACE, the whole access check fails. If the ACE is an "allow"
 * ACE and <i>all</i> of the bits in the desired access bits match bits in
 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)
 * are "allowed". If all of the desired access bits are not "allowed"

    /** The key of the message: Started a process to delete the document from index. */
    public static final String SUCCESS_delete_doc_from_index = "{success.delete_doc_from_index}";

    /** The key of the message: Deleted session data. */
    public static final String SUCCESS_crawling_info_delete_all = "{success.crawling_info_delete_all}";

* The client doesn't have access to that resource.
* The item the client was trying to access doesn't exist.
* etc.

In these cases, you would normally return an **HTTP status code** in the range of **400** (from 400 to 499).

This is similar to the 200 HTTP status codes (from 200 to 299). Those "200" status codes mean that somehow there was a "success" in the request.

 * mask of the ACE, the whole access check fails. If the ACE is an "allow"
 * ACE and <i>all</i> of the bits in the desired access bits match bits in
 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)
 * are "allowed". If all of the desired access bits are not "allowed"

	RET
TEXT ·a8(SB), 0, $0-0
	CMPL runtime·writeBarrier(SB), $0
	ADDQ AX, R15 // ERROR "when dynamic linking, R15 is clobbered by a global variable access and is used here"
	RET
TEXT ·a9(SB), 0, $0-0
	CMPL runtime·writeBarrier(SB), $0
	ORQ R15, R15 // ERROR "when dynamic linking, R15 is clobbered by a global variable access and is used here"
	RET
TEXT ·a10(SB), 0, $0-0