if err != nil {
		return err
	}

	// If true, the pod will run in 'ingress mode'. This is intended to be used for "ingress" type workloads which handle
	// non-mesh traffic on inbound, and send to the mesh on outbound.
	// Basically, this just disables inbound redirection.
	// We use the SidecarTrafficExcludeInboundPorts annotation for compatibility (its somewhat widely used) but don't support all values.

===========

This document describes the concurrency considerations for http/2 connections and the connection pool within OkHttp.

## HTTP/2 Connections

The HttpURLConnection API is a blocking API. You make a blocking write to send a request, and a blocking read to receive the response.

#### Blocking APIs

begins. Communication blocks until the send can proceed.
A send on an unbuffered channel can proceed if a receiver is ready.
A send on a buffered channel can proceed if there is room in the buffer.
A send on a closed channel proceeds by causing a <a href="#Run_time_panics">run-time panic</a>.
A send on a <code>nil</code> channel blocks forever.
</p>

<pre>
ch &lt;- 3  // send value 3 to channel ch
</pre>

				"application/vnd.ezpix-album",
				"application/vnd.ezpix-package",
				"application/vnd.f-secure.mobile",
				"application/vnd.fdf",
				"application/vnd.fdsn.mseed",
				"application/vnd.fdsn.seed",
				"application/vnd.ffsns",
				"application/vnd.fints",
				"application/vnd.flographit",
				"application/vnd.fluxtime.clip",
				"application/vnd.font-fontforge-sfd",
				"application/vnd.framemaker",

	defer cancel()

	restClnts, _ := ds.GetLockers()

	args := LockArgs{
		UID: id,
	}

	var wg sync.WaitGroup
	for index, c := range restClnts {
		wg.Add(1)
		// Send refresh request to all nodes
		go func(index int, c NetLocker) {
			defer wg.Done()
			c.ForceUnlock(ctx, args)
		}(index, c)
	}
	wg.Wait()
}

type refreshResult struct {
	offline   bool

```

But OkHttp 4.x needs a `Companion`:

```kotlin
import okhttp3.CipherSuite.Companion.forJavaName
```

In the unlikely event that you have a lot of these, run this:

```bash
sed -i "" \
  's/^\(import okhttp3\.[^.]*\)\.\([a-z][a-zA-Z]*\)$/\1.Companion.\2/g' \
  `find . -name "*.kt"`
```


Advanced Profiling
------------------

Now we create a `HeroCreate` model, this is the one that will **validate** the data from the clients.

It has the same fields as `HeroBase`, and it also has `secret_name`.

Now, when the clients **create a new hero**, they will send the `secret_name`, it will be stored in the database, but those secret names won't be returned in the API to the clients.

/// tip

This is how you would handle **passwords**. Receive them, but don't return them in the API.

        injector.discover(ProtoSession.class.getClassLoader());
        Session session = injector.getInstance(Session.class);
        SessionScope scope = new SessionScope();
        scope.enter();
        scope.seed(Session.class, session);
        injector.bindScope(SessionScoped.class, scope);
        return session;
    }

    record Context(Map<String, String> userProperties, Map<String, String> systemProperties) {}

```

////

## Recap

You can now get the current user directly in your *path operation function*.

We are already halfway there.

We just need to add a *path operation* for the user/client to actually send the `username` and `password`.

                }
                this.completed = true;
            }
            else if ( this.mechContext.isMICAvailable() && ( !this.disableMic || this.requireMic ) ) {
                // we need to send our final data
                mechMIC = calculateMechListMIC();
            }
            else if ( targ.getResult() == NegTokenTarg.REJECTED ) {
                throw new SmbException("SPNEGO mechanism was rejected");