lc.Add("key1", "val1")

	time.Sleep(100 * time.Millisecond) // not enough to expire
	if lc.Len() != 1 {
		t.Fatalf("length differs from expected")
	}

	v, ok = lc.Get("key1")
	if v != "val1" {
		t.Fatalf("value differs from expected")
	}
	if !ok {
		t.Fatalf("should be true")
	}

	time.Sleep(200 * time.Millisecond) // expire
	v, ok = lc.Get("key1")
	if ok {
		t.Fatalf("should be false")
	}

        assertTrue(entry.isExpired());
        assertTrue(entry.needsRefresh());

        // After expiration, cache should be treated as invalid by manager
        // (In real implementation, expired entries might be cleaned up automatically)
    }

    @Test
    public void testDirectoryLeaseContextIntegration() {
        Smb2LeaseKey key = new Smb2LeaseKey();
        DirectoryLeaseContext context =

En este caso, podrías querer documentar cómo esa API externa *debería* verse. Qué *path operation* debería tener, qué cuerpo debería esperar, qué response debería devolver, etc.

## Una aplicación con callbacks { #an-app-with-callbacks }

Veamos todo esto con un ejemplo.

Imagina que desarrollas una aplicación que permite crear facturas.

			writeErrorResponse(ctx, w, toAPIError(ctx, err), r.URL)
			return
		}
		for _, rl := range lcCfg.Rules {
			updRule, ok := updatedRules[rl.ID]
			// original rule had expiry that is no longer in the new config,
			// or rule is present but missing expiration flags
			if (!rl.Expiration.IsNull() || !rl.NoncurrentVersionExpiration.IsNull()) &&

    // then we know it must have given a pending toString value earlier. If not, then the future
    // completed after the timeout expired, and the message might be success.
    if (isDone()) {
      throw new TimeoutException(message + " but future completed as timeout expired");
    }
    throw new TimeoutException(message + " for " + futureToString);
  }

  @ParametricNullness

  /** The HTTP {@code ETag} header field name. */
  public static final String ETAG = "ETag";

  /** The HTTP {@code Expires} header field name. */
  public static final String EXPIRES = "Expires";

  /** The HTTP {@code Last-Modified} header field name. */
  public static final String LAST_MODIFIED = "Last-Modified";

  /** The HTTP {@code Link} header field name. */

                ErrorCategory.AUTHENTICATION, false), INVALID_CREDENTIALS("Invalid credentials", ErrorCategory.AUTHENTICATION,
                        false), SESSION_EXPIRED("Session expired", ErrorCategory.AUTHENTICATION, true),

        // File system errors
        FILE_NOT_FOUND("File not found", ErrorCategory.FILE_SYSTEM, false), PATH_NOT_FOUND("Path not found", ErrorCategory.FILE_SYSTEM,

- MinIO tries to find a policy that matches the `CN` of the client certificate.
- MinIO returns temp. S3 credentials associated to the found policy.

The returned credentials expiry after a certain period of time that can be configured via `&DurationSeconds=3600`. By default, the STS credentials are valid for 1 hour. The minimum expiration allowed is 15 minutes.

    // then we know it must have given a pending toString value earlier. If not, then the future
    // completed after the timeout expired, and the message might be success.
    if (isDone()) {
      throw new TimeoutException(message + " but future completed as timeout expired");
    }
    throw new TimeoutException(message + " for " + futureToString);
  }

  @ParametricNullness

    * A "token" is just a string with some content that we can use later to verify this user.
    * Normally, a token is set to expire after some time.
        * So, the user will have to log in again at some point later.
        * And if the token is stolen, the risk is less. It is not like a permanent key that will work forever (in most of the cases).