It can be used by third party applications and systems.

And it can also be used by yourself, to debug, check and test the same application.

## The `password` flow { #the-password-flow }

Now let's go back a bit and understand what is all that.

The `password` "flow" is one of the ways ("flows") defined in OAuth2, to handle security and authentication.

    protected final InetSocketAddress remoteAddress;
    /** Local endpoint address */
    protected final InetSocketAddress localAddress;
    /** Available send credits for flow control */
    protected final AtomicInteger sendCredits;
    /** Available receive credits for flow control */
    protected final AtomicInteger receiveCredits;
    /** Queue of pending RDMA work requests */
    protected final BlockingQueue<RdmaWorkRequest> pendingRequests;

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs.internal.smb2.rdma;

/**
 * RDMA credit management for flow control.
 *
 * Credits are used to control the flow of messages between
 * RDMA peers to prevent buffer overflow.
 */
public class RdmaCredits {

    private int initialCredits;
    private int creditsGranted;

    /**

The most common is the implicit flow.

The most secure is the code flow, but it's more complex to implement as it requires more steps. As it is more complex, many providers end up suggesting the implicit flow.

/// note

It's common that each authentication provider names their flows in a different way, to make it part of their brand.

interface FlowControlListener {
  /**
   * Notification that the receiving stream flow control window has changed.
   * [WindowCounter] generally carries the client view of total and acked bytes.
   */
  fun receivingStreamWindowChanged(
    streamId: Int,
    windowCounter: WindowCounter,
    bufferSize: Long,
  )

  /**
   * Notification that the receiving connection flow control window has changed.

- Is small, focused, and easy to review—ideally one commit, unless multiple commits better narrate complex work.
- Adheres to MinIO’s coding standards (e.g., Go style, error handling, testing).

PRs must flow smoothly through review to reach production. Large PRs should be split into smaller, manageable ones.

## Submitting PRs

1. **Title and Summary**:

      if (outFinished) {
        this.sink.finished = true
        notifyAll() // Because doReadTimeout() may have changed.
      }
    }

    // Only DATA frames are subject to flow-control. Transmit the HEADER frame if the connection
    // flow-control window is fully depleted.
    if (!flushHeaders) {
      withLock {
        flushHeaders = (connection.writeBytesTotal >= connection.writeBytesMaximum)
      }
    }

/**
 * Tests for SmbFilenameFilter interface behaviors via simple implementations.
 * Each test creates a concrete filter to validate expected contract semantics
 * including normal operation, null handling, edge cases, and exception flow.
 */
@ExtendWith(MockitoExtension.class)
class SmbFilenameFilterTest {

    @Mock
    SmbFile mockDir;

    /**
     * Happy-path: a filter that accepts any name.
     */
    @ParameterizedTest

Am häufigsten ist der „Implicit“-Flow.

Am sichersten ist der „Code“-Flow, die Implementierung ist jedoch komplexer, da mehr Schritte erforderlich sind. Da er komplexer ist, schlagen viele Anbieter letztendlich den „Implicit“-Flow vor.

/// note | Hinweis

Und es kann auch von Ihnen selbst verwendet werden, um dieselbe Anwendung zu debuggen, zu prüfen und zu testen.

## Der `password`-Flow

Lassen Sie uns nun etwas zurückgehen und verstehen, was das alles ist.

Der `password`-„Flow“ ist eine der in OAuth2 definierten Wege („Flows“) zur Handhabung von Sicherheit und Authentifizierung.