tokenRequest, err := createServiceAccountToken(ctx, its.kubeClient, its.tokenNamespace, its.tokenServiceAccount,
				its.audiences, its.expirationSeconds)
			if err == nil {
				its.Token = tokenRequest.Status.Token
				its.Expires = tokenRequest.Status.ExpirationTimestamp.Time
			} else {
				log.Infof("GetRequestMetadata failed to recreate token: %v", err.Error())
			}
		}
		token = its.Token
		its.mu.Unlock()

	threadCount := []int{1, 16, 256}
	for _, tokens := range tokenCount {
		for _, threads := range threadCount {
			newSingleBenchmark(tokens, threads).run(b)
		}
	}
}

func newSingleBenchmark(tokens, threads int) *singleBenchmark {
	s := &singleBenchmark{
		threadCount: threads,
		tokenCount:  tokens,
	}
	s.makeTokens()
	return s
}

	}
}

func (t KubernetesTokenPlugin) GetPlatformCredential() (string, error) {
	if t.path == "" {
		return "", nil
	}
	tok, err := os.ReadFile(t.path)
	if err != nil {
		log.Warnf("failed to fetch token from file: %v", err)
		return "", nil
	}
	return strings.TrimSpace(string(tok)), nil
}

func (t KubernetesTokenPlugin) GetIdentityProvider() string {
	return ""
}

func (t KubernetesTokenPlugin) Stop() {

	}
	tokens := []bootstraptokenv1.BootstrapToken{{
		Token:       token,
		Description: "Proxy for managing TTL for the kubeadm-certs secret",
		TTL: &metav1.Duration{
			Duration: kubeadmconstants.DefaultCertTokenDuration,
		},
	}}

	if err := nodebootstraptokenphase.CreateNewTokens(client, tokens); err != nil {
		return "", errors.Wrap(err, "error creating token")
	}

			tokenID := strings.TrimPrefix(key, bootstrapapi.JWSSignatureKeyPrefix)
			sigs[tokenID] = value
			delete(newCM.Data, key)
		}
	}

	// Now recompute signatures and store them on the new map
	tokens := e.getTokens(ctx)
	for tokenID, tokenValue := range tokens {
		sig, err := jws.ComputeDetachedSignature(content, tokenID, tokenValue)
		if err != nil {

Sergei Gavrilov <******@****.***> 1657207540 +0200

Sergei Gavrilov <******@****.***> 1657207540 +0200

	// This is traditionally the client identifier issued to the application that
	// requested the client grants.
	Audience string `xml:",omitempty"`

	// The temporary security credentials, which include an access key ID, a secret
	// access key, and a security (or session) token.
	//
	// Note: The size of the security token that STS APIs return is not fixed. We

						new := &Line{Token: tokens[1:], InBlock: true}
						stmt.Line[j+1] = new
						return new
					}
				}
			}
		}
	}

	new := &Line{Token: tokens}
	x.Stmt = append(x.Stmt, new)
	return new
}

func (x *FileSyntax) updateLine(line *Line, tokens ...string) {
	if line.InBlock {
		tokens = tokens[1:]
	}
	line.Token = tokens
}

						},
						{
							prefix: "[Token2]",
							jwt:    jwt.TokenIssuer2,
							path:   "/token1",
							allow:  false,
						},
						{
							prefix: "[Token2]",
							jwt:    jwt.TokenIssuer2,
							path:   "/token2",
							allow:  true,
						},
						{
							prefix: "[Token3]",
							jwt:    jwt.TokenIssuer1,
							path:   "/token3",
							allow:  false,
						},
						{