* governing permissions and limitations under the License.
 */
package org.codelibs.fess.app.web.base.login;

import org.lastaflute.web.login.credential.LoginCredential;

/**
 * SPNEGO authentication credential implementation.
 *
 * This class represents login credentials obtained through SPNEGO (Security Provider
 * Negotiation Protocol) authentication. It contains the username extracted from the

		formData       map[string]string
	}{
		{http.StatusForbidden, credentials.SecretKey, map[string]string{"AWSAccessKeyId": "invalidaccesskey"}},
		{http.StatusForbidden, "invalidsecretkey", map[string]string{"AWSAccessKeyId": credentials.AccessKey}},
		{http.StatusNoContent, credentials.SecretKey, map[string]string{"AWSAccessKeyId": credentials.AccessKey}},
		{http.StatusForbidden, credentials.SecretKey, map[string]string{"Awsaccesskeyid": "invalidaccesskey"}},

			success: false,
		},
		// invalid json.
		{

 */
package jcifs;

/**
 * Interface for opaque credential data
 *
 * @author mbechler
 *
 */
public interface Credentials {

    /**
     * Unwrap credentials to a specific type.
     *
     * @param <T> the credential type to unwrap to
     * @param type the class of the credential type to unwrap to
     * @return instance for type, null if the type cannot be unwrapped
     */

         * @param oneArgLambda the function to apply for credential resolution
         */
        public <CREDENTIAL extends LoginCredential> void resolve(final Class<CREDENTIAL> credentialType,
                final Function<CREDENTIAL, OptionalEntity<FessUser>> oneArgLambda) {
            resolver.resolve(credentialType, credential -> oneArgLambda.apply(credential));
        }
    }

    /**

import org.codelibs.fess.util.DocumentUtil;
import org.lastaflute.web.login.credential.LoginCredential;

/**
 * OpenID Connect credential implementation.
 */
public class OpenIdConnectCredential implements LoginCredential, FessCredential {

    private final Map<String, Object> attributes;

    /**
     * Creates a new OpenID Connect credential.
     *
     * @param attributes the attributes from OpenID Connect provider

        Set<Object> serverPrivateCredentials = this.subject.getPrivateCredentials();
        for (Object credential : serverPrivateCredentials) {
            if (credential instanceof KerberosKey) {
                if (((KerberosKey) credential).getKeyType() == keyType) {
                    serverKey = (KerberosKey) credential;
                }
            }
        }

        return serverKey;
    }

    /**

 * for obtaining login credentials, resolving user information, and managing SSO
 * lifecycle operations like logout and metadata exchange.
 */
public interface SsoAuthenticator {

    /**
     * Gets the login credential for SSO authentication.
     * @return The login credential.
     */
    LoginCredential getLoginCredential();

    /**
     * Resolves credential using the provided resolver.

    private static final int MINIMAL_BUFFER_SIZE = 32;

    private final byte[] credentialType;

    /**
     * Constructs a PAC credential type from raw data.
     * @param data the raw credential type data
     * @throws PACDecodingException if the credential type data is invalid
     */
    public PacCredentialType(final byte[] data) throws PACDecodingException {
        this.credentialType = data;

        public TestLoginCredentialResolver() {
            super(null); // Pass null since we're mocking
        }

        @Override
        public <CREDENTIAL extends LoginCredential> void resolve(final Class<CREDENTIAL> credentialType,
                final Function<CREDENTIAL, OptionalEntity<FessUser>> oneArgLambda) {
            this.resolveCalled = true;
            this.lastCredentialType = credentialType;