t.Errorf("found invalid user, got %v, expect %v", u, user)
	}

	if u, err := gorm.G[User](DB).Where("name = ?", user.Name).Take(ctx); err != nil {
		t.Fatalf("failed to find user, got error: %v", err)
	} else if u.Name != user.Name || u.ID != user.ID {
		t.Errorf("found invalid user, got %v, expect %v", u, user)
	}

    @DisplayName("Test valid usernames")
    @ValueSource(strings = { "user", "user123", "user.name", "user-name", "user_name", "******@****.***" })
    void testValidUsernames(String username) {
        assertDoesNotThrow(() -> InputValidator.validateUsername(username));
    }

    @ParameterizedTest
    @DisplayName("Test invalid usernames")
    @ValueSource(strings = { "user name", // space

    }

    /**
     * Set the user name which is used to setup <code>GSSContext</code>. If null
     * is set, the default user will be used which is retrieved from the first
     * TGT found in <code>Subject</code> .
     *
     * @param name
     *            the user name used to setup <code>GSSContext</code>
     */
    public void setUser(String name) {
        this.user = name;
    }

    /**

    void testGetRemoteUser() {
        // Arrange: Define the expected user name from the principal
        String expectedUserName = "testUser";
        when(mockPrincipal.getName()).thenReturn(expectedUserName);

        // Act: Call the method under test
        String actualUserName = ntlmRequest.getRemoteUser();

        // Assert: Verify that the returned user name is the expected one

//
//	// assign an email if the record is not found
//	db.Where(User{Name: "non_existing"}).Attrs(User{Email: "******@****.***"}).FirstOrInit(&user)
//	// user -> User{Name: "non_existing", Email: "******@****.***"}
//
//	// assign email regardless of if record is found
//	db.Where(User{Name: "jinzhu"}).Assign(User{Email: "******@****.***"}).FirstOrInit(&user)
//	// user -> User{Name: "jinzhu", Age: 20, Email: "******@****.***"}

The <abbr title="specification">spec</abbr> requires the fields to be exactly named `username` and `password`, and to be sent as form fields, not JSON.

With `Form` you can declare the same configurations as with `Body` (and `Query`, `Path`, `Cookie`), including validation, examples, an alias (e.g. `user-name` instead of `username`), etc.

/// info

    /** The specified user does not exist */
    int NT_STATUS_NO_SUCH_USER = 0xC0000064;
    /** The specified network password is not correct */
    int NT_STATUS_WRONG_PASSWORD = 0xC000006a;
    /** Logon failure: unknown user name or bad password */
    int NT_STATUS_LOGON_FAILURE = 0xC000006d;
    /** Logon failure: user account restriction */
    int NT_STATUS_ACCOUNT_RESTRICTION = 0xC000006e;

        assertEquals("Hello Bob and ${other}", result);
    }

    // Test evaluate method with complex object as parameter
    public void test_evaluate_withComplexObject() {
        String template = "User: ${user.name}, Age: ${user.age}";
        Map<String, Object> paramMap = new HashMap<>();
        TestUser user = new TestUser("John", 30);
        paramMap.put("user", user);

## Get the `username` and `password` { #get-the-username-and-password }

We are going to use **FastAPI** security utilities to get the `username` and `password`.

OAuth2 specifies that when using the "password flow" (that we are using) the client/user must send a `username` and `password` fields as form data.

And the spec says that the fields have to be named like that. So `user-name` or `email` wouldn't work.

    /** The specified user does not exist */
    int NT_STATUS_NO_SUCH_USER = 0xC0000064;
    /** The specified network password is not correct */
    int NT_STATUS_WRONG_PASSWORD = 0xC000006a;
    /** Logon failure: unknown user name or bad password */
    int NT_STATUS_LOGON_FAILURE = 0xC000006d;
    /** Logon failure: user account restriction */
    int NT_STATUS_ACCOUNT_RESTRICTION = 0xC000006e;