* either express or implied. See the License for the specific language
 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.app.web.admin.user;

import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Consumer;

import org.apache.commons.lang3.ArrayUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

  fun validateCloseCode(code: Int) {
    val message = closeCodeExceptionMessage(code)
    require(message == null) { message!! }
  }

  fun acceptHeader(key: String): String = (key + ACCEPT_MAGIC).encodeUtf8().sha1().base64()

    }
  }

  private static String encode(String str) {
    return BaseEncoding.base64().encode(str.getBytes(UTF_8));
  }

  private static final Function<String, String> DECODE_FUNCTION =
      new Function<String, String>() {
        @Override
        public String apply(String input) {
          return new String(BaseEncoding.base64().decode(input), UTF_8);
        }
      };

        if (StringUtil.isNotBlank(username) && StringUtil.isNotBlank(password)) {
            final String value = username + ":" + password;
            final String basicAuth = "Basic " + java.util.Base64.getEncoder().encodeToString(value.getBytes(StandardCharsets.UTF_8));
            request.header("Authorization", basicAuth);
        }
        if (sslSocketFactory != null) {

- `X-Amz-Server-Side-Encryption-Customer-Key`: Base64 encoded new key.
- `X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key`: Base64 encoded current key.

Such a special COPY request is also known as S3 SSE-C key rotation.

### Server-Side Encryption with a KMS

//
// You should have received a copy of the GNU Affero General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package cmd

import (
	"bytes"
	"context"
	"encoding/base64"
	"encoding/binary"
	"errors"
	"fmt"
	"maps"
	"math/rand"
	"net/http"
	"path"
	"strings"
	"sync"
	"time"

	"github.com/minio/madmin-go/v3"
	"github.com/minio/minio/internal/crypto"

//
// You should have received a copy of the GNU Affero General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package target

import (
	"bytes"
	"context"
	"encoding/base64"
	"encoding/json"
	"fmt"
	"net/http"
	"net/url"
	"os"
	"path/filepath"
	"strconv"
	"strings"
	"time"

	elasticsearch7 "github.com/elastic/go-elasticsearch/v7"
	"github.com/minio/highwayhash"

	// provider URL), we hash and encode it to base64 here. This is needed
	// because there will be a policy mapping stored on drives whose
	// filename is this parentUser: therefore, it needs to have only valid
	// filename characters and needs to have bounded length.
	{
		h := sha256.New()
		h.Write([]byte("openid:" + subFromToken + ":" + issFromToken))
		bs := h.Sum(nil)
		cred.ParentUser = base64.RawURLEncoding.EncodeToString(bs)
	}

	// MD5 checksum.
	ErrMissingCustomerKeyMD5 = Errorf("The SSE-C request is missing the customer key MD5")

	// ErrInvalidCustomerKey indicates that the SSE-C client key is not valid - e.g. not a
	// base64-encoded string or not 256 bits long.
	ErrInvalidCustomerKey = Errorf("The SSE-C client key is invalid")

	// ErrSecretKeyMismatch indicates that the provided secret key (SSE-C client key / SSE-S3 KMS key)

pkg debug/elf, type R_PPC64 int
pkg encoding/base64, const NoPadding = -1
pkg encoding/base64, const NoPadding int32
pkg encoding/base64, const StdPadding = 61
pkg encoding/base64, const StdPadding int32
pkg encoding/base64, method (Encoding) WithPadding(int32) *Encoding
pkg encoding/base64, var RawStdEncoding *Encoding
pkg encoding/base64, var RawURLEncoding *Encoding
pkg encoding/json, method (*Decoder) More() bool