}

        final int flags = SMBUtil.readInt4(data, offset + 16);
        if ((flags & ServerMessageBlock2.SMB2_FLAGS_SIGNED) == 0) {
            log.error("The server did not sign a message we expected to be signed");
            return true;
        }

        final byte[] sig = new byte[SIGNATURE_LENGTH];
        System.arraycopy(data, offset + SIGNATURE_OFFSET, sig, 0, SIGNATURE_LENGTH);

  (the latter if this is not a complete fix) to this comment
+ If referring to a repo other than `golang/go` you can use the
  `owner/repo#issue_number` syntax: `Fixes golang/tools#1234`
+ We do not use Signed-off-by lines in Go. Please don't add them.
  Our Gerrit server & GitHub bots enforce CLA compliance instead.

	// Save signature finally.
	req.URL.RawQuery += "&Signature=" + url.QueryEscape(signature)
	return nil
}

// Sign given request using Signature V2.
func signRequestV2(req *http.Request, accessKey, secretKey string) error {
	signer.SignV2(*req, accessKey, secretKey, false)
	return nil
}

// Sign given request using Signature V4.
func signRequestV4(req *http.Request, accessKey, secretKey string) error {

        @Test
        @DisplayName("Should handle signed/unsigned integer boundaries")
        void shouldHandleSignedUnsignedBoundaries() {
            // Test that GENERIC_READ is the highest bit (0x80000000)
            assertEquals(0x80000000, ACE.GENERIC_READ, "GENERIC_READ should be 0x80000000");
            assertTrue(ACE.GENERIC_READ < 0, "GENERIC_READ should be negative when treated as signed int");

<!--- Link to relevant issues or forum discussions here -->

### Contributor Checklist
- [ ] [Review Contribution Guidelines](https://github.com/gradle/gradle/blob/master/CONTRIBUTING.md).
- [ ] Make sure that all commits are [signed off](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---signoff) to indicate that you agree to the terms of [Developer Certificate of Origin](https://developercertificate.org/).

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package jcifs.dcerpc.ndr;

/**
 * NDR representation of a short integer (2-byte signed integer).
 */
public class NdrShort extends NdrObject {

    /**
     * The short integer value.
     */
    public int value;

    /**
     * Constructs an NdrShort with the specified value.
     *

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package jcifs.smb1.dcerpc.ndr;

/**
 * NDR representation of a short integer (2-byte signed integer).
 */
public class NdrShort extends NdrObject {

    /**
     * The short integer value.
     */
    public int value;

    /**
     * Constructs an NdrShort with the specified value.
     *

  "token_type": "Bearer",
  "expires_in": 3600
}
```

### 4. JWT Claims

The id_token received is a signed JSON Web Token (JWT). Use a JWT decoder to decode the id_token to access the payload of the token that includes following JWT claims:

import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement

object TlsUtil {
  val password = "password".toCharArray()

  private val localhost: HandshakeCertificates by lazy {
    // Generate a self-signed cert for the server to serve and the client to trust.
    val heldCertificate =
      HeldCertificate
        .Builder()
        .commonName("localhost")
        .addSubjectAlternativeName("localhost")

        }
    }

    @Nested
    @DisplayName("Signed Flag Tests")
    class SignedFlagTests {

        @Test
        @DisplayName("Should detect signed flag")
        void testIsSigned() {
            assertFalse(echoResponse.isSigned());

            echoResponse.addFlags(ServerMessageBlock2.SMB2_FLAGS_SIGNED);

            assertTrue(echoResponse.isSigned());
        }

        @Test