### OAuth 1

Es gab ein OAuth 1, das sich stark von OAuth2 unterscheidet und komplexer ist, da es direkte Spezifikationen enthält, wie die Kommunikation verschlüsselt wird.

Heutzutage ist es nicht sehr populär und wird kaum verwendet.

OAuth2 spezifiziert nicht, wie die Kommunikation verschlüsselt werden soll, sondern erwartet, dass Ihre Anwendung mit HTTPS bereitgestellt wird.

/// tip | Tipp

     * the server.
     */
    int NTLMSSP_REQUEST_TARGET = 0x00000004;

    /**
     * Specifies that communication across the authenticated channel
     * should carry a digital signature (message integrity).
     */
    int NTLMSSP_NEGOTIATE_SIGN = 0x00000010;

    /**
     * Specifies that communication across the authenticated channel
     * should be encrypted (message confidentiality).
     */

    * the server.
    */
    int NTLMSSP_REQUEST_TARGET = 0x00000004;

    /**
    * Specifies that communication across the authenticated channel
    * should carry a digital signature (message integrity).
    */
    int NTLMSSP_NEGOTIATE_SIGN = 0x00000010;

    /**
    * Specifies that communication across the authenticated channel
    * should be encrypted (message confidentiality).
    */

        data[15] = 0x00; // type = 0
        data[16] = 40;
        data[17] = 0;
        data[18] = 0;
        data[19] = 0; // remark offset

        // Entry 2: IPC$, type 3 (IPC), remark "Inter-Process Communication"
        System.arraycopy("IPC$".getBytes(StandardCharsets.US_ASCII), 0, data, 20, 4);
        data[34] = 0x03;
        data[35] = 0x00; // type = 3
        data[36] = 60;
        data[37] = 0;
        data[38] = 0;

Then, the browser will send an HTTP `OPTIONS` request to the `:80`-backend, and if the backend sends the appropriate headers authorizing the communication from this different origin (`http://localhost:8080`) then the `:8080`-browser will let the JavaScript in the frontend send its request to the `:80`-backend.

To achieve this, the `:80`-backend must have a list of "allowed origins".

 * Exception thrown when SSO (Single Sign-On) login operations fail.
 *
 * This exception is used to indicate various SSO authentication failures
 * including configuration errors, authentication token validation failures,
 * communication issues with SSO providers, and other SSO-related problems.
 */
public class SsoLoginException extends FessSystemException {

    /** Serial version UID for serialization compatibility. */

 * of SSO authentication and authorization processes. It extends FessSystemException
 * to provide consistent error handling within the Fess system for SSO-related
 * processing failures such as token validation errors, communication failures
 * with SSO providers, or configuration issues.
 */
public class SsoProcessException extends FessSystemException {

    private static final long serialVersionUID = 1L;

    /**

    private final DcerpcHandle handle;
    private boolean opened;

    /**
     * Creates a new SAM alias handle.
     *
     * @param handle the DCE/RPC handle for communication
     * @param domainHandle the domain handle containing this alias
     * @param access the desired access rights
     * @param rid the relative identifier of the alias

### OAuth 1 { #oauth-1 }

There was an OAuth 1, which is very different from OAuth2, and more complex, as it included direct specifications on how to encrypt the communication.

It is not very popular or used nowadays.

OAuth2 doesn't specify how to encrypt the communication, it expects you to have your application served with HTTPS.

/// tip

 */
package jcifs.ntlmssp.av;

/**
 * NTLMSSP AV pair representing channel binding information for enhanced security.
 * Used to bind NTLM authentication to specific communication channels.
 *
 * @author mbechler
 */
public class AvChannelBindings extends AvPair {

    /**
     * Constructs an AV channel bindings pair
     * @param channelBindingHash the channel binding hash value