*/
    public enum Color {
        BLACK(0, "BLACK"),
        RED(1, "RED"),
        GREEN(2, "GREEN"),
        YELLOW(3, "YELLOW"),
        BLUE(4, "BLUE"),
        MAGENTA(5, "MAGENTA"),
        CYAN(6, "CYAN"),
        WHITE(7, "WHITE"),
        DEFAULT(9, "DEFAULT");

        private final int value;

# by whitespace. The flag "-F<x>" changes the behavior such that fields are now strings
# separated by the character <x>. Therefore, -F\' (escaped single quote) means that field
# $2 in <Tensor'flow'> is <flow>. This is useful for reading string literals like below.
export TF_VER_SUFFIX=$(awk -F\" '/#define TF_VERSION_SUFFIX/ {print $2}' tensorflow/core/public/version.h)
export TF_VER_PYTHON=$(awk -F\' '/_VERSION =/ {print $2}' tensorflow/tools/pip_package/setup.py)

expiry:
  signingKeys: "3h"
  idTokens: "3h"

  # Options for controlling the logger.
  logger:
    level: "debug"
    format: "text" # can also be "json"

# Default values shown below
oauth2:
  # use ["code", "token", "id_token"] to enable implicit flow for web-only clients
  responseTypes: [ "code", "token", "id_token" ] # also allowed are "token" and "id_token"
  # By default, Dex will ask for approval to share data with application

## REST API call to plugin

To verify the custom token presented in the `AssumeRoleWithCustomToken` API, MinIO makes a POST request to the configured identity management plugin endpoint and expects a response with some details as shown below:

### Request `POST` to plugin endpoint

Query parameters:

| Parameter Name | Value Type | Purpose                                                                 |

    BLUE,
    RED,
    YELLOW,
    GREEN,
    WHITE
  }

  private enum Gender {
    MALE,
    FEMALE
  }

  public void testClassCreate() {
    Multiset<Color> ms = EnumMultiset.create(Color.class);
    ms.add(Color.RED);
    ms.add(Color.YELLOW);
    ms.add(Color.RED);
    assertEquals(0, ms.count(Color.BLUE));
    assertEquals(1, ms.count(Color.YELLOW));
    assertEquals(2, ms.count(Color.RED));

		errStr = Magenta + "%s\n" + Reset + Red + "[error] " + Reset
		traceStr = Green + "%s\n" + Reset + Yellow + "[%.3fms] " + BlueBold + "[rows:%v]" + Reset + " %s"
		traceWarnStr = Green + "%s " + Yellow + "%s\n" + Reset + RedBold + "[%.3fms] " + Yellow + "[rows:%v]" + Magenta + " %s" + Reset
		traceErrStr = RedBold + "%s " + MagentaBold + "%s\n" + Reset + Yellow + "[%.3fms] " + BlueBold + "[rows:%v]" + Reset + " %s"
	}

	return &logger{

#### PushContext

`PushContext` is an immutable snapshot of the current state of the world. It is regenerated (usually partially) on each configuration push (more on this below). Due to being a snapshot, most lookups are lock-free.

The most common is the implicit flow.

The most secure is the code flow, but it's more complex to implement as it requires more steps. As it is more complex, many providers end up suggesting the implicit flow.

/// note

It's common that each authentication provider names their flows in a different way, to make it part of their brand.

ine) > .card-header a.active {\n  color: #1f2d3d;\n}\n\n.card-yellow.card-outline {\n  border-top: 3px solid #ffc107;\n}\n\n.card-yellow.card-outline-tabs > .card-header a:hover {\n  border-top: 3px solid #dee2e6;\n}\n\n.card-yellow.card-outline-tabs > .card-header a.active,\n.card-yellow.card-outline-tabs > .card-header a.active:hover {\n  border-top: 3px solid #ffc107;\n}\n\n.bg-yellow > .card-header .btn-tool,\n.bg-gradient-yellow > .card-header .btn-tool,\n.card-yellow:not(.card-outline) > .card-header...

            // yes, there really is non ASN.1/DER data inside the tagged object
            int read = 0;
            int readLow = stream.read() & 0xff;
            int readHigh = stream.read() & 0xff;
            read = ( readHigh << 8 ) + readLow;
            if ( read != 0x01 )
                throw new PACDecodingException("Malformed kerberos token");