challenge.charset,
          )
        return request.newBuilder()
          .header(credentialHeader, credential)
          .build()
      }
    }

    return null // No challenges were satisfied!
  }

  @Throws(IOException::class)
  private fun Proxy.connectToInetAddress(
    url: HttpUrl,
    dns: Dns,
  ): InetAddress {
    return when (type()) {

 */
fun interface Authenticator {
  /**
   * Returns a request that includes a credential to satisfy an authentication challenge in
   * [response]. Returns null if the challenge cannot be satisfied.
   *
   * The route is best effort, it currently may not always be provided even when logically
   * available. It may also not be provided when an authenticator is re-used manually in an

			required:  []string{"A", "B", "C"},
			exception: []string{"B"},
			ok:        true,
			out:       "",
		},

		// Test that a feature required on a subset of ports is implicitly satisfied
		// by the same feature being implemented on all ports. That is, it shouldn't
		// say "pkg syscall (darwin-amd64), type RawSockaddrInet6 struct" is missing.
		// See https://go.dev/issue/4303.
		{

   *    has since been closed by the server.
   *  * A client timeout (HTTP 408).
   *  * A authorization challenge (HTTP 401 and 407) that is satisfied by the [Authenticator].
   *  * A retryable server failure (HTTP 503 with a `Retry-After: 0` response header).
   *  * A misdirected request (HTTP 421) on a coalesced connection.
   */