}

  interface HashFn {
    byte[] hash(byte[] input, int seed);
  }

  static void verifyHashFunction(HashFn hashFunction, int hashbits, int expected) {
    int hashBytes = hashbits / 8;

    byte[] key = new byte[256];
    byte[] hashes = new byte[hashBytes * 256];

    // Hash keys of the form {}, {0}, {0,1}, {0,1,2}... up to N=255,using 256-N as the seed
    for (int i = 0; i < 256; i++) {
      key[i] = (byte) i;

Toda conversão de dados, validação, documentação, etc. ainda funcionará normalmente.

Dessa forma, podemos declarar apenas as diferenças entre os modelos (com `password` em texto claro, com `hashed_password` e sem senha):

{* ../../docs_src/extra_models/tutorial002.py hl[9,15:16,19:20,23:24] *}

## `Union` ou `anyOf`

                }

                if (t.isSMB2()) {
                    final Smb2CloseRequest req = new Smb2CloseRequest(this.cfg, this.fileId);
                    t.send(req, RequestParam.NO_RETRY);
                } else {
                    t.send(new SmbComClose(this.cfg, this.fid, lastWriteTime), new SmbComBlankResponse(this.cfg), RequestParam.NO_RETRY);
                }
            }
        } finally {

     * @return the negotiated capabilities
     */
    public int getNegotiatedCapabilities() {
        return this.capabilities;
    }

    /**
     * Gets the negotiated send buffer size.
     *
     * @return negotiated send buffer size
     */
    public int getNegotiatedSendBufferSize() {
        return this.snd_buf_size;
    }

    /**
     * Gets the negotiated multiplex count.
     *

```
curl -X PUT --data-binary @example.rego \
  localhost:8181/v1/policies/putobject
```

### 4. Setup MinIO with OPA

Set the `MINIO_POLICY_PLUGIN_URL` as the endpoint that MinIO should send authorization requests to. Then start the server.

```sh
export MINIO_POLICY_PLUGIN_URL=http://localhost:8181/v1/data/httpapi/authz/allow
export MINIO_CI_CD=1
export MINIO_ROOT_USER=minio

			os.Exit(0)
		}

		os.Exit(1)
	}

	stopProcess := func() bool {
		shutdownHealMRFWithTimeout() // this can take time sometimes, it needs to be executed
		// before stopping s3 operations

		// send signal to various go-routines that they need to quit.
		cancelGlobalContext()

		if httpServer := newHTTPServerFn(); httpServer != nil {
			if err := httpServer.Shutdown(); err != nil && !errors.Is(err, http.ErrServerClosed) {

### Timing Attacks { #timing-attacks }

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

And they send a request with a username `johndoe` and a password `love123`.

Then the Python code in your application would be equivalent to something like:

```Python
if "johndoe" == "stanleyjobson" and "love123" == "swordfish":

But if we use the same model for another *path operation*, we could be sending our user's passwords to every client.

/// danger

Never store the plain password of a user or send it in a response like this, unless you know all the caveats and you know what you are doing.

///

## Add an output model { #add-an-output-model }

                state = 0;
                throw ioe;
            }
        }
    }

    /**
     * Sends a DCERPC message and receives the response
     * @param msg the message to send
     * @throws DcerpcException if the RPC operation fails
     * @throws IOException if an I/O error occurs
     */
    public void sendrecv(final DcerpcMessage msg) throws DcerpcException, IOException {

    assertThat(request.headers["If-Modified-Since"]).isNull()
  }

  private fun assertClientSuppliedCondition(
    seed: MockResponse,
    conditionName: String,
    conditionValue: String,
  ): RecordedRequest {
    server.enqueue(
      seed
        .newBuilder()
        .body("A")
        .build(),
    )
    server.enqueue(
      MockResponse
        .Builder()