int NT_STATUS_INVALID_LOGON_HOURS = 0xC000006f;
    /** Logon failure: user not allowed to log on to this computer */
    int NT_STATUS_INVALID_WORKSTATION = 0xC0000070;
    /** The user's password has expired */
    int NT_STATUS_PASSWORD_EXPIRED = 0xC0000071;
    /** The referenced account is currently disabled */
    int NT_STATUS_ACCOUNT_DISABLED = 0xC0000072;

	days := int(math.Ceil(math.Abs(objRetention.RetainUntilDate.Sub(t).Hours()) / 24))

	ret := objectlock.GetObjectRetentionMeta(oi.UserDefined)
	if ret.Mode.Valid() {
		// Retention has expired you may change whatever you like.
		if ret.RetainUntilDate.Before(t) {
			apiErr := isPutRetentionAllowed(oi.Bucket, oi.Name,
				days, objRetention.RetainUntilDate.Time,
				objRetention.Mode, byPassSet, r, cred,

- In `Compliance` mode, objects cannot be deleted by anyone until retention period has expired for the given version id. If user has governance bypass permissions, an object's retention date can be extended in `Compliance` mode.
- Once object lock configuration is set to a bucket

time="2020-07-12T20:45:50Z" level=info msg="config response types accepted: [code token id_token]"
time="2020-07-12T20:45:50Z" level=info msg="config using password grant connector: local"
time="2020-07-12T20:45:50Z" level=info msg="config signing keys expire after: 3h0m0s"
time="2020-07-12T20:45:50Z" level=info msg="config id tokens valid for: 3h0m0s"
time="2020-07-12T20:45:50Z" level=info msg="listening (http) on 0.0.0.0:5556"
```

### Configure MinIO server with Dex

    int NT_STATUS_INVALID_LOGON_HOURS = 0xC000006f;
    /** Logon failure: user not allowed to log on to this computer */
    int NT_STATUS_INVALID_WORKSTATION = 0xC0000070;
    /** The user's password has expired */
    int NT_STATUS_PASSWORD_EXPIRED = 0xC0000071;
    /** The referenced account is currently disabled */
    int NT_STATUS_ACCOUNT_DISABLED = 0xC0000072;
    /** No mapping between account names and security IDs was done */

     */
    @Size(max = 20)
    public String name;

    /**
     * The expiration time for the crawling session.
     * This field indicates when the crawling session should expire or be cleaned up.
     */
    public String expiredTime;

    /**
     * The timestamp when this crawling session was created.
     * Stored as a long value representing milliseconds since epoch.
     */

			objInfo := fi.ToObjectInfo(bucket, object, versioned)

			evt := evalActionFromLifecycle(ctx, *lc, lr, rcfg, objInfo)
			switch {
			case evt.Action.DeleteRestored(): // if restored copy has expired,delete it synchronously
				applyExpiryOnTransitionedObject(ctx, newObjectLayerFn(), objInfo, evt, lcEventSrc_Heal)
				return false
			case evt.Action.Delete():

        assertNotNull(WitnessRegistration.WitnessRegistrationState.UNREGISTERING);
        assertNotNull(WitnessRegistration.WitnessRegistrationState.FAILED);
        assertNotNull(WitnessRegistration.WitnessRegistrationState.EXPIRED);
    }

    @Test
    void testEnumToStringConversions() {
        // Test that enum toString methods work properly
        assertEquals("CLUSTER_WITNESS", WitnessServiceType.CLUSTER_WITNESS.toString());

            if (tokenExpiryTime < currentTime) {
                if (logger.isDebugEnabled()) {
                    logger.debug("Token expired: expiryTime={}, currentTime={}", tokenExpiryTime, currentTime);
                }
                return false;
            }
            // Attempt to refresh token using MSAL4J silent authentication
            try {

	// even if updating the value errors out.
	// Returns the last good value AND the error.
	ReturnLastGood bool

	// If NoWait is set, Get() will return the last good value,
	// if TTL has expired but 2x TTL has not yet passed,
	// but will fetch a new value in the background.
	NoWait bool
}

// Cache contains a synchronized value that is considered valid
// for a specific amount of time.