// Slice it starting at offset 10.
    ByteSource slice = source.slice(10, 5);

    // Open a stream to the slice.
    InputStream in = slice.openStream();

    // Append 10 more bytes to the source.
    source.append(newPreFilledByteArray(5, 10));

    // The stream reports no bytes... importantly, it doesn't read the byte at index 5 when it

///

## OpenID Connect

OpenID Connect is another specification, based on **OAuth2**.

It just extends OAuth2 specifying some things that are relatively ambiguous in OAuth2, to try to make it more interoperable.

For example, Google login uses OpenID Connect (which underneath uses OAuth2).

But Facebook login doesn't support OpenID Connect. It has its own flavor of OAuth2.

export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
minio server /mnt/data
```

#### Casdoor

```
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio123
export MINIO_IDENTITY_OPENID_CONFIG_URL=http://CASDOOR_ENDPOINT/.well-known/openid-configuration

     *            An <code>SmbFile</code> representing the file to write to
     * @param append
     *            Append to the end of file
     * @throws SmbException
     */

    public SmbFileOutputStream ( SmbFile file, boolean append ) throws SmbException {
        this(
            file,
            append,
            append ? SmbConstants.O_CREAT | SmbConstants.O_WRONLY | SmbConstants.O_APPEND

                ```python
                "items:read items:write users:read profile openid"
                ````

                would represent the scopes:

                * `items:read`
                * `items:write`
                * `users:read`
                * `profile`
                * `openid`
                """
            ),
        ] = "",
        client_id: Annotated[

### استاندارد OpenID (نه "OpenID Connect" )

همچنین مشخصه "OpenID" نیز وجود داشت که سعی در حل مسائل مشابه OpenID Connect داشت، اما بر پایه OAuth2 ساخته نشده بود.

بنابراین، یک سیستم جداگانه بود.

اکنون این مشخصه کمتر استفاده می‌شود و محبوبیت زیادی ندارد.

## استاندارد OpenAPI

	if sessionPolicyFile != "" {
		var policy string
		if f, err := os.Open(sessionPolicyFile); err != nil {
			log.Fatalf("Unable to open session policy file %s: %v", sessionPolicyFile, err)
		} else {
			bs, err := io.ReadAll(f)
			if err != nil {
				log.Fatalf("Error reading session policy file: %v", err)
			}
			policy = string(bs)
		}
		ldapOpts = append(ldapOpts, cr.LDAPIdentityPolicyOpt(policy))
	}
	if expiryDuration != 0 {

			configCmds = append(configCmds, "claim_name=groups")
		}
		_, err := s.adm.SetConfigKV(ctx, strings.Join(configCmds, " "))
		if err != nil {
			return fmt.Errorf("unable to setup OpenID for tests: %v", err)
		}
	}

	s.RestartIAMSuite(c)
	return nil
}

// SetUpOpenID - expects to setup an OpenID test server using the test OpenID
// container and canned data from https://github.com/minio/minio-ldap-testing

    """
    METHOD = 'assume-role-client-grants'
    CANONICAL_NAME = 'AssumeRoleClientGrants'

    def __init__(self, cid, csec,
                 idp_ep='http://localhost:8080/auth/realms/minio/protocol/openid-connect/token',
                 sts_ep='http://localhost:9000'):
        self.cid = cid
        self.csec = csec
        self.idp_ep = idp_ep
        self.sts_ep = sts_ep

		if err != nil {
			collectedErrors = append(collectedErrors, fmt.Errorf("could not validate `%s` exists in LDAP directory: %w", k, err))
			continue
		}
		if validatedDN == nil || !underBaseDN {
			skipped = append(skipped, k)
			continue
		}

		if validatedDN.NormDN != k {
			normalizedDNKeysMap[validatedDN.NormDN] = append(normalizedDNKeysMap[validatedDN.NormDN], k)
		}
	}