// transfer rate for small uploads
	XferRateSml *XferStats `json:"smallTransferRate" msg:"st"`
	// Endpoint is the replication target endpoint
	Endpoint string `json:"-"`
	// Secure is true if the replication target endpoint is secure
	Secure bool `json:"-"`
}

func (sr *SRStats) update(st replStat, dID string) {
	sr.lock.Lock()
	defer sr.lock.Unlock()
	srs, ok := sr.M[dID]
	if !ok {
		srs = &SRStatus{

)

var getLambdaEventData = func(bucket, object string, cred auth.Credentials, r *http.Request) (levent.Event, error) {
	host := globalLocalNodeName
	secure := globalIsTLS
	if globalMinioEndpointURL != nil {
		host = globalMinioEndpointURL.Host
		secure = globalMinioEndpointURL.Scheme == "https"
	}

	duration := time.Until(cred.Expiration)
	if duration > time.Hour || duration < time.Hour {
		// Always limit to 1 hour.

	}

	// Check that the LDAP sts cred is actually working.
	minioClient, err := minio.New(s.endpoint, &minio.Options{
		Creds:     cr.NewStaticV4(value.AccessKeyID, value.SecretAccessKey, value.SessionToken),
		Secure:    s.secure,
		Transport: s.TestSuiteCommon.client.Transport,
	})
	if err != nil {
		c.Fatalf("Error initializing client: %v", err)
	}

	// Validate that the client from sts creds can access the bucket.

	config := tcfg.Credentials
	creds := credentials.NewStaticV4(config.AccessKey, config.SecretKey, "")

	api, err := minio.New(tcfg.Endpoint, &minio.Options{
		Creds:     creds,
		Secure:    tcfg.Secure,
		Region:    tcfg.Region,
		Transport: globalRemoteTargetTransport,
	})
	if err != nil {
		return nil, err
	}
	api.SetAppInfo("minio-replication-target", ReleaseTag+" "+tcfg.Arn)

     */
    public static final String ISO_DATETIME_FORMAT = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";

    /**
     * The feature for secure processing in XML.
     */
    public static final String FEATURE_SECURE_PROCESSING = "http://javax.xml.XMLConstants/feature/secure-processing";

    /**
     * The feature for external general entities in XML.
     */

    }

    /**
     * Test secure negotiation requirement for SMB3
     */
    @Test
    public void testSecureNegotiateRequired() throws CIFSException {
        BaseConfiguration config = new BaseConfiguration(true);

        // Verify secure negotiate is required for SMB3
        assertTrue("Secure negotiate should be required for SMB3", config.isRequireSecureNegotiate());
    }

# OAuth2 with Password (and hashing), Bearer with JWT tokens { #oauth2-with-password-and-hashing-bearer-with-jwt-tokens }

Now that we have all the security flow, let's make the application actually secure, using <abbr title="JSON Web Tokens">JWT</abbr> tokens and secure password hashing.

This code is something you can actually use in your application, save the password hashes in your database, etc.

	"time"

	"github.com/minio/madmin-go/v3"
)

func main() {
	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
	// dummy values, please replace them with original values.

	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
	// New returns an MinIO Admin client object.
	madmClnt, err := madmin.New(os.Args[1], os.Args[2], os.Args[3], false)
	if err != nil {
		log.Fatalln(err)
	}

func buildS3Client(endpoint, accessKey, secretKey string, insecure bool) (*minio.Client, error) {
	u, err := url.Parse(endpoint)
	if err != nil {
		return nil, err
	}

	secure := strings.EqualFold(u.Scheme, "https")
	transport, err := minio.DefaultTransport(secure)
	if err != nil {
		return nil, err
	}
	if insecure {
		// skip TLS verification
		transport.TLSClientConfig.InsecureSkipVerify = true
	}

github.com/philhofer/fwd v1.1.3-0.20240916144458-20a13a1f6b7c/go.mod h1:RqIHx9QI14HlwKwm98g9Re5prTQ6LdeRQn+gXJFxsJM=
github.com/secure-io/sio-go v0.3.1 h1:dNvY9awjabXTYGsTF1PiCySl9Ltofk9GA3VdWlo7rRc=
github.com/secure-io/sio-go v0.3.1/go.mod h1:+xbkjDzPjwh4Axd07pRKSNriS9SCiYksWnZqdnfpQxs=
github.com/tinylib/msgp v1.2.5 h1:WeQg1whrXRFiZusidTQqzETkRpGjFjcIhW6uqWH09po=