func registerSTSRouter(router *mux.Router) {
	// Initialize STS.
	sts := &stsAPIHandlers{}

	// STS Router
	stsRouter := router.NewRoute().PathPrefix(SlashSeparator).Subrouter()

	// Assume roles with no JWT, handles AssumeRole.
	stsRouter.Methods(http.MethodPost).MatcherFunc(func(r *http.Request, rm *mux.RouteMatch) bool {
		ctypeOk := wildcard.MatchSimple("application/x-www-form-urlencoded*", r.Header.Get(xhttp.ContentType))

		h.Write([]byte(provCfg.ClientSecret))
		hashedSecret = base64.RawURLEncoding.EncodeToString(h.Sum(nil))
		h.Reset()
		if arn != DummyRoleARN {
			if res.Roles == nil {
				res.Roles = make(map[string]madmin.OpenIDProviderSettings)
			}
			res.Roles[arn.String()] = madmin.OpenIDProviderSettings{
				ClaimUserinfoEnabled: provCfg.ClaimUserinfo,
				RolePolicy:           provCfg.RolePolicy,

Si quieres asegurar tu API, hay varias cosas mejores que puedes hacer, por ejemplo:

* Asegúrate de tener modelos Pydantic bien definidos para tus request bodies y responses.
* Configura los permisos y roles necesarios usando dependencias.
* Nunca guardes contraseñas en texto plano, solo hashes de contraseñas.
* Implementa y utiliza herramientas criptográficas bien conocidas, como pwdlib y JWT tokens, etc.

      },
      "gidNumber" : {
        "type" : "long"
      },
      "homeDirectory" : {
        "type" : "keyword"
      },
      "groups": {
        "type": "keyword"
      },
      "roles": {
        "type": "keyword"
      }
    }

/**
 * Helper class for converting URLs based on a set of predefined rules.
 *
 * <p>This class provides functionality to convert URLs by replacing parts of the URL
 * based on a map of target strings and their corresponding replacements. It allows
 * adding new conversion rules, setting the entire conversion map, and converting
 * URLs using these rules.</p>
 *

    /**
     * Checks if access to a given path is allowed for a specific user agent according to robots.txt rules.
     *
     * @param path The path to check for access permission
     * @param userAgent The user agent string to check against robots.txt directives
     * @return true if access is allowed, false if access is disallowed by robots.txt rules.
     *         Returns true if no matching directive is found for the user agent.
     */

        assertEquals(
                "3.0.0-M7",
                pluginAfterChange.getVersion(),
                "Plugin modifications should persist - this proves the fix is working");
    }

     *
     * @param version the version string to parse, must not be {@code null}
     * @return the parsed version, never {@code null}
     * @throws VersionParserException if the string violates the syntax rules of this scheme
     * @see org.apache.maven.api.Session#parseVersion(String)
     */
    @Nonnull
    Version parseVersion(@Nonnull String version);

    /**

        }
        return map;
    }

    /**
     * Generates a unique document ID from the provided data map.
     * Constructs an ID string from URL, roles, and virtual hosts, then generates a hash.
     *
     * @param dataMap the document data map containing URL, roles, and virtual host information
     * @return a unique hashed ID string for the document
     */
    public String generateId(final Map<String, Object> dataMap) {

 * hostnames or URLs to be treated as equivalent for crawling and indexing purposes.
 * It maintains a list of DuplicateHost rules and applies them to URLs.
 *
 */
public class DuplicateHostHelper {
    private static final Logger logger = LogManager.getLogger(DuplicateHostHelper.class);

    /** List of duplicate host rules for URL conversion */