transport:          r.transport,
		closeRespFn:        r.closeRespFn,
	}
	maps.Copy(cfg.arnProviderCfgsMap, r.arnProviderCfgsMap)
	maps.Copy(cfg.ProviderCfgs, r.ProviderCfgs)
	maps.Copy(cfg.roleArnPolicyMap, r.roleArnPolicyMap)
	return cfg
}

// LookupConfig lookup jwks from config, override with any ENVs.

const (
	defaultTarget = "1"
)

// NewConfig - initialize lambda config.
func NewConfig() Config {
	// Make sure to initialize lambda targets
	cfg := Config{
		Webhook: make(map[string]target.WebhookArgs),
	}
	cfg.Webhook[defaultTarget] = target.WebhookArgs{}
	return cfg

package kafka

import (
	"crypto/sha512"
	"strings"

	"github.com/IBM/sarama"
	"github.com/xdg/scram"

	"github.com/minio/minio/internal/hash/sha256"
)

func initScramClient(cfg Config, config *sarama.Config) {
	switch strings.ToLower(cfg.SASL.Mechanism) {
	case "sha512":
		config.Net.SASL.SCRAMClientGeneratorFunc = func() sarama.SCRAMClient { return &XDGSCRAMClient{HashGeneratorFcn: KafkaSHA512} }

	}
	provider.JWKS.URL = u1
	cfg := Config{
		Enabled: true,
		pubKeys: pubKeys,
		arnProviderCfgsMap: map[arn.ARN]*providerCfg{
			DummyRoleARN: &provider,
		},
		ProviderCfgs: map[string]*providerCfg{
			"1": &provider,
		},
		closeRespFn: func(rc io.ReadCloser) {
			rc.Close()
		},
	}

	var claims jwtgo.MapClaims

	for name, cfg := range pcfgs {
		callback := getConsoleEndpoints()[0] + "/oauth_callback"
		if cfg.RedirectURI != "" {
			callback = cfg.RedirectURI
		}
		m[name] = consoleoauth2.ProviderConfig{
			URL:                     cfg.URL.String(),
			DisplayName:             cfg.DisplayName,
			ClientID:                cfg.ClientID,
			ClientSecret:            cfg.ClientSecret,

			}))
			defer lambdaServer.Close()

			lambdaARN := "arn:minio:s3-object-lambda::lambda1:webhook"

			cfg := config.New()
			cfg[config.LambdaWebhookSubSys] = map[string]config.KVS{
				functionID: {
					{Key: "endpoint", Value: lambdaServer.URL},
					{Key: "enable", Value: config.EnableOn},
				},
			}
			cfg[config.APISubSys] = map[string]config.KVS{
				"api": {
					{Key: "gzip", Value: config.EnableOff},
				},

	globalCompressConfigMu.Lock()
	cfg := globalCompressConfig
	globalCompressConfigMu.Unlock()

	return !excludeForCompression(header, object, cfg)
}

// Eliminate the non-compressible objects.
func excludeForCompression(header http.Header, object string, cfg compress.Config) bool {
	objStr := object
	contentType := header.Get(xhttp.ContentType)
	if !cfg.Enabled {
		return true
	}

			expectedResult: true,
		},
	}

	for i, tc := range testCases {
		t.Run(fmt.Sprintf("Test_%d", i+1), func(t *testing.T) {
			cfg, err := ParseConfig(bytes.NewReader([]byte(tc.inputConfig)))
			if err != nil {
				t.Fatalf("Got unexpected error: %v", err)
			}
			if got := cfg.Rules[0].MetadataReplicate(tc.opts); got != tc.expectedResult {

			cfg, err := ParseConfig(bytes.NewReader([]byte(tc.inputConfig)))
			if err != nil {
				t.Fatalf("Got unexpected error: %v", err)
			}
			if got := cfg.HasActiveRules(tc.prefix, false); got != tc.expectedNonRec {
				t.Fatalf("Expected result with recursive set to false: `%v`, got: `%v`", tc.expectedNonRec, got)
			}
			if got := cfg.HasActiveRules(tc.prefix, true); got != tc.expectedRec {

	roleArn := claims[roleArnClaim]

	s := globalServerConfig.Clone()
	configs, err := globalIAMSys.OpenIDConfig.GetConfigList(s)
	if err != nil {
		return "", false
	}
	for _, cfg := range configs {
		if cfg.RoleARN == roleArn {
			return cfg.Name, true
		}
	}
	return "", false
}

func getOpenIDInfoFromClaims(claims map[string]any) madmin.OpenIDSpecificAccessKeyInfo {
	info := madmin.OpenIDSpecificAccessKeyInfo{}