// Setup
        TestLoginCredential credential = new TestLoginCredential("user", "pass");
        authenticator.setLoginCredential(credential);

        HtmlResponse metadataResponse = null; // Would need proper LastaFlute context to create
        authenticator.setResponseForType(SsoResponseType.METADATA, metadataResponse);

        String logoutUrl = "https://sso.example.com/logout";

{* ../../docs_src/cors/tutorial001.py hl[2,6:11,13:19] *}


The default parameters used by the `CORSMiddleware` implementation are restrictive by default, so you'll need to explicitly enable particular origins, methods, or headers, in order for browsers to be permitted to use them in a Cross-Domain context.

The following arguments are supported:

If you want to play with JWT tokens and see how they work, check <a href="https://jwt.io/" class="external-link" target="_blank">https://jwt.io</a>.

## Install `PyJWT` { #install-pyjwt }

We need to install `PyJWT` to generate and verify the JWT tokens in Python.

Make sure you create a [virtual environment](../../virtual-environments.md){.internal-link target=_blank}, activate it, and then install `pyjwt`:

  // performed while holding this lock!
  //
  // Socket writes are guarded by frameWriter.
  //
  // Socket reads are unguarded but are only made by the reader thread.
  //
  // Certain operations (like SYN_STREAM) need to synchronize on both the frameWriter (to do
  // blocking I/O) and this (to create streams). Such operations must synchronize on 'this' last.
  // This ensures that we never wait for a blocking operation while holding 'this'.

	// HTTP request for testing when `objectLayer` is set to `nil`.
	// There is no need to use an existing bucket and valid input for creating the request
	// since the `objectLayer==nil`  check is performed before any other checks inside the handlers.

        // Given
        Smb2EncryptionContext context = new Smb2EncryptionContext(1, DialectVersion.SMB311, testEncryptionKey, testDecryptionKey);

        // When - initially should not need rotation
        assertFalse(context.needsKeyRotation(), "Should not need rotation initially");

        // Note: We can't directly test the byte limit without encrypting large amounts of data,

func countErrs(errs []error, err error) int {
	i := 0
	for _, err1 := range errs {
		if err1 == err || errors.Is(err1, err) {
			i++
		}
	}
	return i
}

// Does all errors indicate we need to initialize all disks?.
func shouldInitErasureDisks(errs []error) bool {
	return countErrs(errs, errUnformattedDisk) == len(errs)
}

// Check if unformatted disks are equal to 50%+1 of all the drives.

linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.

  The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.

  The Corresponding Source for a work in source code form is that
same work.

  2. Basic Permissions.

    if (entryBelowLb != null) {
      // { <
      Range<C> rangeBelowLb = entryBelowLb.getValue();
      if (rangeBelowLb.upperBound.compareTo(lbToAdd) >= 0) {
        // { < }, and we will need to coalesce
        if (rangeBelowLb.upperBound.compareTo(ubToAdd) >= 0) {
          // { < > }
          ubToAdd = rangeBelowLb.upperBound;
          /*

import okio.ByteString.Companion.encodeUtf8

private val QUOTED_STRING_DELIMITERS = "\"\\".encodeUtf8()
private val TOKEN_DELIMITERS = "\t ,=".encodeUtf8()

/**
 * Parse RFC 7235 challenges. This is awkward because we need to look ahead to know how to
 * interpret a token.
 *
 * For example, the first line has a parameter name/value pair and the second line has a single
 * token68:
 *
 * ```
 * WWW-Authenticate: Digest foo=bar