@GwtCompatible
public interface Cache<K, V> {

  /**
   * Returns the value associated with {@code key} in this cache, or {@code null} if there is no
   * cached value for {@code key}.
   *
   * @since 11.0
   */
  @CanIgnoreReturnValue // TODO(b/27479612): consider removing this?
  @Nullable V getIfPresent(@CompatibleWith("K") Object key);

  /**

    /**
     * Returns the flags for this ACE. The <code>isInherited()</code>
     * method checks the <code>FLAGS_INHERITED</code> bit in these flags.
     *
     * @return the ACE flags
     */
    int getFlags();

    /**
     * Returns true if this ACE is an inherited ACE and false if it is a direct ACE.
     * <p>
     * Note: For reasons not fully understood, <code>FLAGS_INHERITED</code> may

  /** Returns the lifecycle state of the service. */
  State state();

  /**
   * If the service is {@linkplain State#STARTING starting} or {@linkplain State#RUNNING running},
   * this initiates service shutdown and returns immediately. If the service is {@linkplain
   * State#NEW new}, it is {@linkplain State#TERMINATED terminated} without having been started nor
   * stopped. If the service has already been stopped, this method returns immediately without

		return true
	}
	return false
}

// ParseHTTP parses the SSE-C copy headers and returns the SSE-C client key
// on success. Regular SSE-C headers are ignored.
func (ssecCopy) ParseHTTP(h http.Header) (key [32]byte, err error) {
	if h.Get(xhttp.AmzServerSideEncryptionCopyCustomerAlgorithm) != xhttp.AmzEncryptionAES {
		return key, ErrInvalidCustomerAlgorithm
	}
	if h.Get(xhttp.AmzServerSideEncryptionCopyCustomerKey) == "" {

        .build()
    return@lazy HandshakeCertificates
      .Builder()
      .heldCertificate(heldCertificate)
      .addTrustedCertificate(heldCertificate.certificate)
      .build()
  }

  /** Returns an SSL client for this host's localhost address. */
  @JvmStatic
  fun localhost(): HandshakeCertificates = localhost

  /** Returns a trust manager that trusts `trustedCertificates`. */

                return s;
            }
            final int v = Integer.parseInt(matcher.group(1));
            if ("-".equals(matcher.group(2))) {
                if (version >= v) {
                    return matcher.group(3);
                }
            } else if (v == version) {
                return matcher.group(3);
            }
            return null;
        }).filter(s -> s != null).toArray(n -> new String[n]);

      int k = 0;
      for (; ; ) {
        if (k++ >= count) return false;
        if (o.equals(items[i])) {
          removeAt(i);
          return true;
        }
        i = inc(i);
      }
    } finally {
      monitor.leave();
    }
  }

  /**
   * Returns {@code true} if this queue contains the specified element. More formally, returns

        assertEquals("jcifs.smb", clazz.getPackage().getName());
    }

    // Happy path: shouldForceSigning returns the configured value
    @ParameterizedTest
    @ValueSource(booleans = { true, false })
    @DisplayName("shouldForceSigning returns stubbed boolean value")
    void shouldForceSigningReturns(boolean expected) {
        when(locator.shouldForceSigning()).thenReturn(expected);

That way, using `secrets.compare_digest()` in your application code, it will be safe against this whole range of security attacks.

### Return the error { #return-the-error }

After detecting that the credentials are incorrect, return an `HTTPException` with a status code 401 (the same returned when no credentials are provided) and add the header `WWW-Authenticate` to make the browser show the login prompt again:

    }

  /** Returns true if [certificate] matches [ipAddress]. */
  private fun verifyIpAddress(
    ipAddress: String,
    certificate: X509Certificate,
  ): Boolean {
    val canonicalIpAddress = ipAddress.toCanonicalHost()

    return getSubjectAltNames(certificate, ALT_IPA_NAME).any {
      canonicalIpAddress == it.toCanonicalHost()
    }
  }

  /** Returns true if [certificate] matches [hostname]. */