#### Fix it with `secrets.compare_digest()` { #fix-it-with-secrets-compare-digest }

But in our code we are actually using `secrets.compare_digest()`.

     * The value is, e.g. 200 <br>
     * comment: Maximum length of file digest in documents.
     * @return The value of found property. (NotNull: if not found, exception but basically no way)
     */
    String getCrawlerDocumentFileMaxDigestLength();

    /**
     * Get the value for the key 'crawler.document.file.max.digest.length' as {@link Integer}. <br>

      },
      "timestamp": {
        "type": "date",
        "format": "date_optional_time"
      },
      "expires": {
        "type": "date",
        "format": "date_optional_time"
      },
      "digest": {
        "type": "text",
        "index": false
      },
      "doc_id": {
        "type": "keyword"
      },
      "favorite_count": {
        "type": "long"
      },
      "filename": {

#### Corrija com o `secrets.compare_digest()` { #fix-it-with-secrets-compare-digest }

Mas em nosso código já estamos utilizando o `secrets.compare_digest()`.

Resumindo, levará o mesmo tempo para comparar `stanleyjobsox` com `stanleyjobson` do que comparar `johndoe` com `stanleyjobson`. E o mesmo para a senha.

        dstIndex += writeHeaderWireFormat(dst, dstIndex);
        dstIndex += writeAndXWireFormat(dst, dstIndex);
        this.length = dstIndex - start;

        if (this.digest != null) {
            this.digest.sign(dst, this.headerStart, this.length, this, this.getResponse());
        }

        return this.length;
    }

    /*
     * We overload this because we want readAndXWireFormat to

            return entity;
        });
    }

    /**
     * Registers available protocol scheme items for web authentication forms.
     * Includes Basic, Digest, NTLM, and Form authentication schemes.
     *
     * @param data the render data to register the protocol scheme items with
     */
    protected void registerProtocolSchemeItems(final RenderData data) {

    * `bearer`: заголовок `Authorization` со значением `Bearer {уникальный токен}`. Это унаследовано от OAuth2.
    * Базовая аутентификация по протоколу HTTP.
    * HTTP Digest и т.д.
* `oauth2`: все способы обеспечения безопасности OAuth2 называемые "потоки" (англ. "flows").

    // ============================================================

    /** Basic authentication type identifier. */
    public static final String BASIC = "BASIC";

    /** Digest authentication type identifier. */
    public static final String DIGEST = "DIGEST";

    /** NTLM authentication type identifier. */
    public static final String NTLM = "NTLM";

    /** Form-based authentication type identifier. */

        this.fid = fid;
        this.offset = offset;
        this.remaining = remaining;
        this.b = b;
        this.off = off;
        this.dataLength = len;
        this.digest = null; /*
                             * otherwise recycled commands
                             * like writeandx will choke if session
                             * closes in between
                             */
    }

        // mimetype
        defaultDataMap.put(fessConfig.getIndexFieldMimetype(), mimeType);
        // title
        // content
        // cache
        // digest
        // host
        // site
        // url
        // anchor
        // content_length
        // last_modified
        // id
        // virtual_host