def rootDir

    def setup() {
        rootDir = tmpDir.createDir('root')
        rootDir.createFile('unauthorized/file')
        rootDir.createDir('authorized')
        rootDir.file('unauthorized').mode = 0000
    }

    def cleanup() {
        rootDir.file('unauthorized').mode = 0777
    }

    def "excluded files' permissions should be ignored"() {
        when:

        "responses": {
          "401": {
            "description": "Unauthorized"
          }
        },
        "tags": [
          "logs"
        ]
      }
    },
    "/logs/{logpath}": {
      "get": {
        "operationId": "logFileHandler",
        "responses": {
          "401": {
            "description": "Unauthorized"
          }
        },
        "tags": [
          "logs"
        ]

import static com.github.tomakehurst.wiremock.client.WireMock.ok;
import static com.github.tomakehurst.wiremock.client.WireMock.put;
import static com.github.tomakehurst.wiremock.client.WireMock.unauthorized;
import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig;

public class MavenRepositoryStub {

    // tag::credentials[]
    private static final String USERNAME = "secret-user";

    val response =
      Response.Builder()
        .request(request)
        .code(401)
        .header("WWW-Authenticate", "Basic realm=\"User Visible Realm\"")
        .protocol(HTTP_2)
        .message("Unauthorized")
        .build()
    val authRequest = authenticator.authenticate(route, response)

    assertEquals(
      "Basic ${RecordingAuthenticator.BASE_64_CREDENTIALS}",
      authRequest!!.header("Authorization"),

                "schema": {
                  "type": "string"
                }
              }
            },
            "description": "OK"
          },
          "401": {
            "description": "Unauthorized"
          }
        },
        "tags": [
          "openid"
        ]
      }
    }
  }

		t.Fatalf("Unexpected number of audit events generated, expected 1, got: %d", len(sink.events))
	}
	ev := sink.events[0]
	if ev.ResponseStatus.Code != http.StatusUnauthorized {
		t.Errorf("Unexpected response code, expected unauthorized, got %d", ev.ResponseStatus.Code)
	}
	if !strings.Contains(ev.ResponseStatus.Message, "basic") {
		t.Errorf("Expected response status message to contain basic auth method, got %s", ev.ResponseStatus.Message)
	}

                "schema": {
                  "type": "string"
                }
              }
            },
            "description": "OK"
          },
          "401": {
            "description": "Unauthorized"
          }
        },
        "tags": [
          "WellKnown"
        ]
      }
    }
  }

                }
              }
            },
            "description": "OK"
          },
          "401": {
            "description": "Unauthorized"
          }
        },
        "tags": [
          "version"
        ]
      }
    }
  }

    public ApiResponse handleApplicationException(final ApiFailureResource resource, final RuntimeException cause) {
        if (cause instanceof LoginUnauthorizedException) {
            return asJson(createFailureBean(Status.UNAUTHORIZED, "Unauthorized request.")).httpStatus(HTTP_UNAUTHORIZED);
        }
        return asJson(createFailureBean(Status.BAD_REQUEST, createMessage(resource, cause))).httpStatus(HTTP_BAD_REQUEST);
    }

			w.Header().Set("Connection", "close")
		}

		req = req.WithContext(genericapirequest.WithUser(req.Context(), resp.User))
		handler.ServeHTTP(w, req)
	})
}

func Unauthorized(s runtime.NegotiatedSerializer) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
		// http2 is an expensive protocol that is prone to abuse,