*/
@GwtCompatible(serializable = true, emulated = true)
@ElementTypesAreNonnullByDefault
final class RegularImmutableMap<K, V> extends ImmutableMap<K, V> {
  private static final byte ABSENT = -1;

  // Max size is halved due to indexing into double-sized alternatingKeysAndValues
  private static final int BYTE_MAX_SIZE = 1 << (Byte.SIZE - 1); // 2^7 = 128
  private static final int SHORT_MAX_SIZE = 1 << (Short.SIZE - 1); // 2^15 = 32_768

			return errNoAuthToken
		}
		return errMalformedAuth
	}

	if err = validateStorageRequestToken(token); err != nil {
		return err
	}

	nanoTime, err := strconv.ParseInt(r.Header.Get("X-Minio-Time"), 10, 64)
	if err != nil {
		return errMalformedAuth
	}

	localTime := UTCNow()
	remoteTime := time.Unix(0, nanoTime)

	delta := remoteTime.Sub(localTime)
	if delta < 0 {

		return
	}

	// Ensure body content type is opaque to ensure that request body has not
	// been interpreted as form data.
	contentType := r.Header.Get("Content-Type")
	if contentType != "application/octet-stream" {
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrBadRequest), r.URL)
		return
	}

	// Validate operation

* Reduce time needed to attach Azure disks ([#40066](https://github.com/kubernetes/kubernetes/pull/40066), [@codablock](https://github.com/codablock))
* Fixes request header authenticator by presenting the request header client CA so that the front proxy will authenticate using its client certificate. ([#40301](https://github.com/kubernetes/kubernetes/pull/40301), [@deads2k](https://github.com/deads2k))

    public static final String ERRORS_front_suffix = "{errors.front_suffix}";

    /** The key of the message: <ul class="has-error"> */
    public static final String ERRORS_HEADER = "{errors.header}";

    /** The key of the message: </ul> */
    public static final String ERRORS_FOOTER = "{errors.footer}";

    /** The key of the message: <li><i class="fa fa-exclamation-circle"></i> */

  // For example:
  //   - "/healthz" is legal
  //   - "/hea*" is illegal
  //   - "/hea" is legal but matches nothing
  //   - "/hea/*" also matches nothing
  //   - "/healthz/*" matches all per-component health checks.
  // "*" matches all non-resource urls. if it is present, it must be the only entry.
  // +listType=set
  // Required.
  repeated string nonResourceURLs = 6;
}

  // For example:
  //   - "/healthz" is legal
  //   - "/hea*" is illegal
  //   - "/hea" is legal but matches nothing
  //   - "/hea/*" also matches nothing
  //   - "/healthz/*" matches all per-component health checks.
  // "*" matches all non-resource urls. if it is present, it must be the only entry.
  // +listType=set
  // Required.
  repeated string nonResourceURLs = 6;
}

### Other (Cleanup or Flake)

- Client-go header logging (at verbosity levels >= 9) now masks `Authorization` header contents ([#95316](https://github.com/kubernetes/kubernetes/pull/95316), [@sfowl](https://github.com/sfowl)) [SIG API Machinery]

## Dependencies

### Added
_Nothing has changed._

3-Kms-Key-Id":"my-minio-key","X-Minio-Internal-Server-Side-Encryption-S3-Kms-Sealed-Key":"eyJhZWFkIjoiQUVTLTI1Ni1HQ00tSE1BQy1TSEEtMjU2IiwiaWQiOiJjMzEwNDVjODFmMTA2MWU5NTI4ODcxZmNhMmRkYzA3YyIsIml2IjoiOWQ5cUxGMFhSaFBXbEVqT2JDMmo0QT09Iiwibm9uY2UiOiJYaERsemlCU1cwSENuK2RDIiwiYnl0ZXMiOiJUM0lmY1haQ1dtMWpLeWxBWmFUUnczbDVoYldLWW95dm5iNTZVaWJEbE5LOFZVU2tuQmx3NytIMG8yZnRzZ1UrIn0=","X-Minio-Internal-Server-Side-Encryption-S3-Sealed-Key":"IAAfANqt801MT+wwzQRkfFhTrndmhfNiN0alKwDS4AQ1dznNADRQgoq6I4pPVfRsbDp5rQa...

In diese Exception fügen wir (falls vorhanden) die erforderlichen Scopes als durch Leerzeichen getrennten String ein (unter Verwendung von `scope_str`). Wir fügen diesen String mit den Scopes in den Header `WWW-Authenticate` ein (das ist Teil der Spezifikation).

//// tab | Python 3.10+

```Python hl_lines="105  107-115"
{!> ../../docs_src/security/tutorial005_an_py310.py!}
```

////