}
	return dur, nil
}

// Lookup returns a new Config by merging the given K/V config
// system with environment variables.
func Lookup(kvs config.KVS) (Config, error) {
	if err := config.CheckValidKeys(config.IdentityTLSSubSys, kvs, DefaultKVS); err != nil {
		return Config{}, err
	}
	cfg := Config{}
	var err error
	v := env.Get(EnvIdentityTLSEnabled, "")
	if v == "" {
		return cfg, nil
	}

				name)
			return s, err
		}
		s.name = name
	}
	return s, err
}

// CheckValidKeys - checks if inputs KVS has the necessary keys,
// returns error if it find extra or superfluous keys.
func CheckValidKeys(subSys string, kv KVS, validKVS KVS, deprecatedKeys ...string) error {
	nkv := KVS{}
	for _, kv := range kv {

		corsAllowOrigin = strings.Split(corsList, ",")
		if slices.Contains(corsAllowOrigin, "") {
			return cfg, errors.New("invalid cors value")
		}
	}
	cfg.CorsAllowOrigin = corsAllowOrigin

	if err = config.CheckValidKeys(config.APISubSys, kvs, DefaultKVS, deprecatedKeys...); err != nil {
		return cfg, err
	}

	// Check environment variables parameters

		}
	}
	return includes, nil
}

// LookupConfig - lookup compression config.
func LookupConfig(kvs config.KVS) (Config, error) {
	var err error
	cfg := Config{}
	if err = config.CheckValidKeys(config.CompressionSubSys, kvs, DefaultKVS); err != nil {
		return cfg, err
	}

	compress := env.Get(EnvCompressState, "")
	if compress == "" {
		compress = env.Get(EnvCompressEnableLegacy, "")

		subSysTarget := subSys
		if tname != config.Default {
			subSysTarget = subSys + config.SubSystemSeparator + tname
		}
		if v, ok := kv.Lookup(config.Enable); ok && v == config.EnableOn {
			if err := config.CheckValidKeys(subSysTarget, kv, validKVS); err != nil {
				return err
			}
		}
	}
	return nil
}

// GetLambdaWebhook - returns a map of registered notification 'webhook' targets

}

// LookupConfig - lookup config and override with valid environment settings if any.
func LookupConfig(kvs config.KVS) (cfg Config, err error) {
	if err = config.CheckValidKeys(config.HealSubSys, kvs, DefaultKVS); err != nil {
		return cfg, err
	}

	bitrot := env.Get(EnvBitrot, kvs.GetWithDefault(Bitrot, DefaultKVS))
	if _, err = parseBitrotConfig(bitrot); err != nil {

// LookupConfig lookup AuthZPlugin from config, override with any ENVs.
func LookupConfig(s config.Config, httpSettings xhttp.ConnSettings, closeRespFn func(io.ReadCloser)) (Args, error) {
	args := Args{}

	if err := s.CheckValidKeys(config.PolicyPluginSubSys, nil); err != nil {
		return args, err
	}

	getCfg := func(cfgParam string) string {
		// As parameters are already validated, we skip checking
		// if the config param was found.

	kvs := s[config.IdentityLDAPSubSys][config.Default]
	if len(kvs) > 0 {
		for _, k := range removedKeys {
			kvs.Delete(k)
		}
		s[config.IdentityLDAPSubSys][config.Default] = kvs
	}

	if err := s.CheckValidKeys(config.IdentityLDAPSubSys, removedKeys); err != nil {
		return l, err
	}

	getCfgVal := func(cfgParam string) string {
		// As parameters are already validated, we skip checking

		for _, dk := range deprecatedKeys {
			kvs := s[config.IdentityOpenIDSubSys][k]
			kvs.Delete(dk)
			s[config.IdentityOpenIDSubSys][k] = kvs
		}
	}

	if err := s.CheckValidKeys(config.IdentityOpenIDSubSys, deprecatedKeys); err != nil {
		return c, err
	}

	openIDTargets, err := s.GetAvailableTargets(config.IdentityOpenIDSubSys)
	if err != nil {
		return c, err
	}

func LookupConfig(kv config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser), serverRegion string) (Args, error) {
	args := Args{}

	if err := config.CheckValidKeys(config.IdentityPluginSubSys, kv, DefaultKVS); err != nil {
		return args, err
	}

	pluginURL := env.Get(EnvIdentityPluginURL, kv.Get(URL))
	if pluginURL == "" {
		return args, nil
	}