{cred, Credentials{AccessKey: "myuser", SecretKey: cred.SecretKey}, false},
		// Secret key is different in credentials to compare.
		{cred, Credentials{AccessKey: cred.AccessKey, SecretKey: "mypassword"}, false},
	}

	for i, testCase := range testCases {
		result := testCase.cred.Equal(testCase.ccred)
		if result != testCase.expectedResult {

        assertEquals("\\2a\\29\\28uid=\\2a\\29\\29\\28|\\28uid=\\2a", LdapUtil.escapeValue("*)(uid=*))(|(uid=*"));

        // Test complex injection: admin)(&(password=*))
        assertEquals("admin\\29\\28&\\28password=\\2a\\29\\29", LdapUtil.escapeValue("admin)(&(password=*))"));
    }

    @Test
    public void test_escapeValue_allSpecialCharsInSequence() {
        assertEquals("\\5c\\2a\\28\\29\\00", LdapUtil.escapeValue("\\*()\0"));

        assertTrue("Result should contain password={cipher}, but was: " + result, result.contains("password={cipher}"));

        // Test with empty encryption target
        value = "password=";
        result = ParameterUtil.encrypt(value);
        assertTrue(result.contains("password={cipher}"));

        // Test with only whitespace value
        value = "password=   ";
        result = ParameterUtil.encrypt(value);

        LdapManager ldapManager = new LdapManager();
        ldapManager.init();

        // Complex injection attempt should be fully escaped
        String injectionAttempt = "admin)(|(password=*";
        String expected = "admin\\29\\28|\\28password=\\2a";
        assertEquals(expected, ldapManager.escapeLDAPSearchFilter(injectionAttempt));
    }

    @Test
    public void test_escapeLDAPSearchFilter_withAllSpecialCharacters() {

                return "";
            }
        });

        assertEquals("errors.password_no_uppercase", systemHelper.validatePassword("password"));
        assertEquals("", systemHelper.validatePassword("Password"));
        assertEquals("", systemHelper.validatePassword("PASSWORD"));
    }

    @Test
    public void test_validatePassword_requireLowercase() {

        // Get the password field using reflection
        Field passwordField = NtlmPasswordAuthenticator.class.getDeclaredField("password");
        passwordField.setAccessible(true);

        // Verify password exists before wipe
        char[] passwordBefore = (char[]) passwordField.get(authenticator);
        assertNotNull(passwordBefore, "Password should exist before wipe");

    }

    /**
     * Test secure password wiping
     */
    @Test
    public void testSecureWipePassword() {
        String testPassword = "SecurePassword456!";
        NtlmPasswordAuthenticator auth = new NtlmPasswordAuthenticator("testuser", testPassword);

        // Verify password is set
        assertEquals(testPassword, auth.getPassword());

        // Wipe password
        auth.secureWipePassword();

        return hmac.digest();
    }

    /**
     * Generates the NT password hash for the given password.
     *
     * @param password the password to hash
     * @return nt password hash
     */
    public static byte[] getNTHash(final String password) {
        if (password == null) {
            throw new NullPointerException("Password parameter is required");
        }

        }
        return out;
    }

    @Test
    @DisplayName("getNTHash: known vector for 'password'")
    void testGetNTHash_knownVector() {
        // Arrange
        String password = "password";
        // Known NT hash for "password" (UTF-16LE MD4)
        // This is a well-known test vector: password -> 8846F7EAEE8FB117AD06BDD830B7586C
        byte[] expected = hex("8846F7EAEE8FB117AD06BDD830B7586C");

        // Act

                "msg": "String should match pattern '^password$'",
                "input": grant_type,
                "ctx": {"pattern": "^password$"},
            }
        ]
    }


def test_strict_login_correct_grant_type():
    response = client.post(
        "/login",
        data={"username": "johndoe", "password": "secret", "grant_type": "password"},
    )
    assert response.status_code == 200