synchronized (this) {
      listeners.put(state, listener);
    }

    return slackApi.authorizeUrl(scopes, redirectUrl(), state, team);
  }

  private ByteString randomToken() {
    byte[] bytes = new byte[16];
    secureRandom.nextBytes(bytes);
    return ByteString.of(bytes);
  }

  private HttpUrl redirectUrl() {
    return mockWebServer.url("/oauth/");
  }

	if err != nil {
		t.Error("Unexpected error: ", err)
	}

	v := redirectURL.Query()
	v.Add("bucket", info.Bucket)
	v.Add("key", info.Name)
	v.Add("etag", "\""+info.ETag+"\"")
	redirectURL.RawQuery = v.Encode()
	expectedLocation := redirectURL.String()

	// Check the new location url
	if rec.Header().Get("Location") != expectedLocation {

  passwordConnector: local

# Instead of reading from an external storage, use this list of clients.
#
# If this option isn't chosen clients may be added through the gRPC API.
staticClients:
  - id: example-app
    redirectURIs:
      - 'http://localhost:8080/oauth2/callback'
    name: 'Example App'
    secret: ZXhhbXBsZS1hcHAtc2VjcmV0

connectors:
  - type: mockCallback
    id: mock
    name: Example

	}

	appParams := cmd.OpenIDClientAppParams{
		ClientID:     "minio-client-app",
		ClientSecret: "minio-client-app-secret",
		ProviderURL:  "http://127.0.0.1:5556/dex",
		RedirectURL:  "http://127.0.0.1:10000/oauth_callback",
	}

	oidcToken, err := cmd.MockOpenIDTestUserInteraction(ctx, appParams, "******@****.***", "dillon")
	if err != nil {
		log.Fatalf("Failed to generate OIDC token: %v", err)

			Status:    http.StatusText(http.StatusOK),
		})
	}

	if redirectURL != nil { // success_action_redirect is valid and set.
		v := redirectURL.Query()
		v.Add("bucket", objInfo.Bucket)
		v.Add("key", objInfo.Name)
		v.Add("etag", "\""+objInfo.ETag+"\"")
		redirectURL.RawQuery = v.Encode()
		writeRedirectSeeOther(w, redirectURL.String())
		return
	}

	// Add checksum header.

	}

	// Configure an OpenID Connect aware OAuth2 client.
	oauth2Config := oauth2.Config{
		ClientID:     pro.ClientID,
		ClientSecret: pro.ClientSecret,
		RedirectURL:  pro.RedirectURL,

		// Discovery returns the OAuth2 endpoints.
		Endpoint: provider.Endpoint(),

		// "openid" is a required scope for OpenID Connect flows.
		Scopes: []string{oidc.ScopeOpenID, "groups"},
	}

  existingClientSecretName: ""
  existingClientIdKey: ""
  existingClientSecretKey: ""
  claimName: "policy"
  scopes: "openid,profile,email"
  redirectUri: "https://console-endpoint-url/oauth_callback"
  # Can leave empty
  claimPrefix: ""
  comment: ""
  displayName: ""

networkPolicy:
  enabled: false

  fun urlRedirectToHostWithNul() {
    val redirectUrl = "http://host\u0000/"
    server.enqueue(
      MockResponse.Builder()
        .code(302)
        .addHeaderLenient("Location", redirectUrl)
        .build(),
    )
    val response = getResponse(newRequest("/"))
    assertThat(response.code).isEqualTo(302)
    assertThat(response.header("Location")).isEqualTo(redirectUrl)
  }

  @Test

"minio" clientSecret: "" # Provide existing client secret from the Kubernetes Secret resource, existing secret will have priority over `clientSecret` existingClientSecret: "" existingClientSecret: "" claimName: "policy" scopes: "openid,profile,email" redirectUri: "https://console-endpoint-url/oauth_callback" # Can leave empty claimPrefix: "" comment: "" networkPolicy: enabled: false allowExternal: true ## PodDisruptionBudget settings ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/...