.isEqualTo(new FreshValueGenerator().generateFresh(String.class));
  }

  public void testFreshCurrency() {
    FreshValueGenerator generator = new FreshValueGenerator();
    // repeat a few times to make sure we don't stumble upon a bad Locale
    assertThat(generator.generateFresh(Currency.class)).isNotNull();
    assertThat(generator.generateFresh(Currency.class)).isNotNull();

        SMB1SigningDigest verifyDigest = new SMB1SigningDigest(testMacSigningKey);

        // Verify should return false when signature is correct (no error)
        // The code returns true on line 281 when signatures DON'T match
        boolean result = verifyDigest.verify(data, 0, data.length, 0, mockRequest);

        // The verification should succeed (return false) since we're using the same key
        assertFalse(result);
    }

<div class="termy">

```console
$ openssl rand -hex 32

09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7
```

</div>

And copy the output to the variable `SECRET_KEY` (don't use the one in the example).

Create a variable `ALGORITHM` with the algorithm used to sign the JWT token and set it to `"HS256"`.

Create a variable for the expiration of the token.

* list-resources: don't fail if the grep fails to match any resources ([#41933](https://github.com/kubernetes/kubernetes/pull/41933), [@ixdy](https://github.com/ixdy))

            if ((n != byteCount) && (LogStream.level >= 5)) {
                log.println("byteCount=" + byteCount + " but readBytesWireFormat returned " + n);
            }
            // Don't think we can rely on n being correct here. Must use byteCount.
            // Last paragraph of section 3.13.3 eludes to this.

            bufferIndex += byteCount;
        }

        length = bufferIndex - start;

// https://cs.opensource.google/go/x/crypto/+/refs/tags/v0.22.0:ssh/common.go;l=44
var supportedKexAlgos = []string{
	kexAlgoCurve25519SHA256, kexAlgoCurve25519SHA256LibSSH,
	// P384 and P521 are not constant-time yet, but since we don't
	// reuse ephemeral keys, using them for ECDH should be OK.
	kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
	kexAlgoDH14SHA256, kexAlgoDH16SHA512, kexAlgoDH14SHA1,
	kexAlgoDH1SHA1,
}

	case offline:
		// client offline, return last error captured.
		return nil, &NetworkError{Err: c.LastError()}
	}

	// client is still connected, attempt the request.

	// Shallow copy. We don't modify the *UserInfo, if set.
	// All other fields are copied.
	u := *c.url
	u.Path = path.Join(u.Path, rpcMethod)
	u.RawQuery = values.Encode()

	req, err := c.newRequest(ctx, httpMethod, u, body)

        // Cannot check password after closing as it now throws IllegalStateException
        // This is actually good security practice - closed authenticators cannot be accessed

        // Verify multiple closes don't cause issues
        auth.close(); // Should be safe to call again
        assertTrue(auth.isClosed());
    }

    /**
     * Test AutoCloseable implementation
     */
    @Test

In this case, it is an `async` function.

---

You could also define it as a normal function instead of `async def`:

{* ../../docs_src/first_steps/tutorial003_py310.py hl[7] *}

/// note

If you don't know the difference, check the [Async: *"In a hurry?"*](../async.md#in-a-hurry).

///

### Step 5: return the content { #step-5-return-the-content }

{* ../../docs_src/first_steps/tutorial001_py310.py hl[8] *}

		return
	}

	// We have to establish a TLS connection and the
	// client must provide exactly one client certificate.
	// Otherwise, we don't have a certificate to verify or
	// the policy lookup would ambiguous.
	if r.TLS == nil {
		writeSTSErrorResponse(ctx, w, ErrSTSInsecureConnection, errors.New("No TLS connection attempt"))
		return
	}