167         auth_token: Option<HardwareAuthToken>,  in begin_operation()
214                     let auth_token = auth_token.ok_or_else(|| {  in begin_operation()  localVariable
218                         auth_token,  in begin_operation()
227                 } else if let Some(auth_token) = auth_token {  in begin_operation()
228                     self.check_auth_token(auth_token, auth_info, None, None, None)?;  in begin_operation()
434         auth_token: Option<HardwareAuthToken>,  in op_update_aad()
437         self.with_authed_operation(op_handle, auth_token, timestamp_token, |op| {  in op_update_aad()
452         auth_token: Option<HardwareAuthToken>,  in op_update()
462         self.with_authed_operation(op_handle, auth_token, timestamp_token, |op| {  in op_update()
517         auth_token: Option<HardwareAuthToken>,  in op_finish()
522         self.check_subsequent_auth(&op, auth_token, timestamp_token)?;  in op_finish()
667         auth_token: HardwareAuthToken,  in check_auth_token()
674         let mac_input = crate::hardware_auth_token_mac_input(&auth_token)?;  in check_auth_token()
675         if !self.verify_device_hmac(&mac_input, &auth_token.mac)? {  in check_auth_token()
679         if (auth_token.authenticator_type as u32 & auth_info.auth_type) == 0 {  in check_auth_token()
683                 auth_token.authenticator_type,  in check_auth_token()
690             auth_token.user_id == *sid as i64 || auth_token.authenticator_id == *sid as i64  in check_auth_token()
695                 auth_token.user_id,  in check_auth_token()
696                 auth_token.authenticator_id  in check_auth_token()
702             if now.milliseconds > auth_token.timestamp.milliseconds + 1000 * timeout_secs as i64 {  in check_auth_token()
707                     auth_token.timestamp,  in check_auth_token()
715             if auth_token.challenge != challenge {  in check_auth_token()
780         auth_token: Option<HardwareAuthToken>,  in with_authed_operation()
790             auth_token,  in with_authed_operation()
819         auth_token: Option<HardwareAuthToken>,  in check_subsequent_auth()
823             let auth_token = auth_token.ok_or_else(|| {  in check_subsequent_auth()  localVariable
852                     auth_token,  in check_subsequent_auth()
862                 self.check_auth_token(auth_token, auth_info, None, None, Some(op.handle.0))?;  in check_subsequent_auth()