.that(loader.wasCalled())
          .isFalse();
    }

    // wait for entries to expire, but don't call expireEntries
    ticker.advance(EXPIRING_TIME * 10, MILLISECONDS);

    // add a single unexpired entry
    cache.getUnchecked(KEY_PREFIX + 11);

    // collections views shouldn't expose expired entries
    assertThat(Iterators.size(cache.asMap().entrySet().iterator())).isEqualTo(1);

	valid       bool
	errors      int32
}{
	{
		"basic",
		"",
		defaultKeyFunc,
		&MapClaims{
			MapClaims: jwt.MapClaims{
				"foo": "bar",
			},
		},
		true,
		0,
	},
	{
		"basic expired",
		"", // autogen
		defaultKeyFunc,
		&MapClaims{
			MapClaims: jwt.MapClaims{
				"foo": "bar",
				"exp": float64(time.Now().Unix() - 100),
			},
		},
		false,
		-1,
	},
	{
		"basic nbf",

  /**
   * Returns the time that this cookie expires, in the same format as [System.currentTimeMillis].
   * This is December 31, 9999 if the cookie is not [persistent], in which case it will expire at the
   * end of the current session.
   *
   * This may return a value less than the current time, in which case the cookie is already
   * expired. Webservers may return expired cookies as a mechanism to delete previously set cookies

		Description:    "The web identity token that was passed is expired or is not valid. Get a new identity token from the identity provider and then retry the request.",
		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrSTSClientGrantsExpiredToken: {
		Code:           "ExpiredToken",

		},
		// (3) Should give an expired request if it has expired.
		{
			queryParams: map[string]string{
				"Expires":        "60",
				"Signature":      "badsignature",
				"AWSAccessKeyId": accessKey,
			},
			expected: ErrExpiredPresignRequest,
		},
		// (4) Should error when the signature does not match.
		{
			queryParams: map[string]string{
				"Expires":        fmt.Sprintf("%d", now.Unix()+60),

            "No process is on the other end of the pipe.", "More data is available.", "This user account has expired.",
            "The user is not allowed to log on from this workstation.", "The user is not allowed to log on at this time.",
            "The password of this user has expired.", };

            "No process is on the other end of the pipe.", "More data is available.", "This user account has expired.",
            "The user is not allowed to log on from this workstation.", "The user is not allowed to log on at this time.",
            "The password of this user has expired.", };

	purgeStart := time.Now()

	// Purge expired STS credentials.

	// Scan STS users on disk and purge expired ones.
	stsAccountsFromStore := map[string]UserIdentity{}
	stsAccPoliciesFromStore := xsync.NewMapOf[string, MappedPolicy]()
	for _, item := range listedConfigItems[stsListKey] {
		userName := path.Dir(item)
		// loadUser() will delete expired user during the load.

package org.codelibs.fess.exception;

/**
 * Exception thrown when an invalid access token is encountered.
 * This exception is typically used in authentication and authorization contexts
 * where a provided access token is invalid, expired, or malformed.
 */
public class InvalidAccessTokenException extends FessSystemException {

    /** Serial version UID for serialization */
    private static final long serialVersionUID = 1L;

    /**
     * Check if cache entry is expired
     *
     * @return true if expired
     */
    public boolean isExpired() {
        return System.currentTimeMillis() - lastUpdateTime > maxAge;
    }

    /**
     * Check if cache needs refresh
     *
     * @return true if refresh needed
     */
    public boolean needsRefresh() {
        return isExpired() || hasChanges;
    }

    /**