- object-storage
    - s3
    - cluster
    maintainers:
    - email: ******@****.***
      name: MinIO, Inc
    name: minio
    sources:
    - https://github.com/minio/minio
    urls:
    - https://charts.min.io/helm-releases/minio-5.4.0.tgz
    version: 5.4.0
  - apiVersion: v1
    appVersion: RELEASE.2024-04-18T19-09-19Z
    created: "2025-01-02T21:34:25.231025201-08:00"
    description: High Performance Object Storage

    client =
      client
        .newBuilder()
        .addInterceptor(
          Interceptor { chain: Interceptor.Chain? ->
            chain!!
              .proceed(chain.request())
              .use { a -> assertThat(a.body.string()).isEqualTo("a") }
            chain.proceed(chain.request())
          },
        ).build()

  internal fun newCodec(
    client: OkHttpClient,
    chain: RealInterceptorChain,
  ): ExchangeCodec {
    val okHttpSocket = this.socket
    val http2Connection = this.http2Connection

    return if (http2Connection != null) {
      Http2ExchangeCodec(client, this, chain, http2Connection)
    } else {
      javaNetSocket.soTimeout = chain.readTimeoutMillis()

          break;
        }
      }
    }
  }

  /**
   * Represents a detected cycle in lock acquisition ordering. The exception includes a causal chain
   * of {@code ExampleStackTrace} instances to illustrate the cycle, e.g.
   *
   * <pre>
   * com....PotentialDeadlockException: Potential Deadlock from LockC -&gt; ReadWriteA
   *   at ...
   *   at ...

    var connection: RealConnection? = null
    client =
      client
        .newBuilder()
        .addNetworkInterceptor(
          Interceptor { chain ->
            connection = chain.connection() as RealConnection
            chain.proceed(chain.request())
          },
        ).build()

    server.enqueue(
      MockResponse
        .Builder()
        .body("a")
        .onResponseEnd(

    } catch (ignored: IllegalArgumentException) {
    }
  }

  @Test fun clonedInterceptorsListsAreIndependent() {
    val interceptor =
      Interceptor { chain: Interceptor.Chain ->
        chain.proceed(chain.request())
      }
    val original = clientTestRule.newClient()
    original
      .newBuilder()
      .addInterceptor(interceptor)
      .addNetworkInterceptor(interceptor)

      client
        .newBuilder()
        .addInterceptor(
          Interceptor { chain: Interceptor.Chain ->
            ready.countDown()
            try {
              proceed.await(5, TimeUnit.SECONDS)
            } catch (e: InterruptedException) {
              throw RuntimeException(e)
            }
            chain.proceed(chain.request())
          },
        ).build()

// ErrTokenExpired - error token expired
var (
	ErrTokenExpired = errors.New("token expired")
)

func updateClaimsExpiry(dsecs string, claims map[string]any) error {
	expStr := claims["exp"]
	if expStr == "" {
		return ErrTokenExpired
	}

	// No custom duration requested, the claims can be used as is.
	if dsecs == "" {
		return nil
	}

	if _, err := auth.ExpToInt64(expStr); err != nil {
		return err
	}

    client =
      client
        .newBuilder()
        .addInterceptor(
          Interceptor { chain: Interceptor.Chain ->
            try {
              chain.proceed(chain.request())
              throw AssertionError()
            } catch (expected: IOException) {
              chain.proceed(chain.request())
            }
          },
        ).build()
    val request = Request(server.url("/"))

		return token
	}
	return r.Form.Get(xhttp.AmzSecurityToken)
}

// Fetch claims in the security token returned by the client, doesn't return
// errors - upon errors the returned claims map will be empty.
func mustGetClaimsFromToken(r *http.Request) map[string]any {
	claims, _ := getClaimsFromToken(getSessionToken(r))
	return claims
}

func getClaimsFromTokenWithSecret(token, secret string) (*xjwt.MapClaims, error) {