req.addHeader("Authorization", "Bearer " + token);
        assertEquals(token, accessTokenHelper.getAccessTokenFromRequest(req));
    }

    public void test_getAccessTokenFromRequest_ok1() {
        final String token = accessTokenHelper.generateAccessToken();
        MockletHttpServletRequest req = getMockRequest();
        req.addHeader("Authorization", token);

        }).orElse(null);
    }

    /**
     * Gets the authorization URL for OpenID Connect.
     *
     * @param request the HTTP servlet request
     * @return the authorization URL
     */
    protected String getAuthUrl(final HttpServletRequest request) {
        final String state = UuidUtil.create();

  }

  @Test
  fun requestToStringRedactsSensitiveHeaders() {
    val headers =
      Headers
        .Builder()
        .add("content-length", "99")
        .add("authorization", "peanutbutter")
        .add("proxy-authorization", "chocolate")
        .add("cookie", "drink=coffee")
        .add("set-cookie", "accessory=sugar")
        .add("user-agent", "OkHttp")
        .build()
    val request =

 */
package org.codelibs.fess.exception;

/**
 * Exception thrown when an invalid access token is encountered.
 * This exception is typically used in authentication and authorization contexts
 * where a provided access token is invalid, expired, or malformed.
 */
public class InvalidAccessTokenException extends FessSystemException {

    /** Serial version UID for serialization */

the potential to leak sensitive information such as "Authorization" or "Cookie" headers and the
contents of request and response bodies. This data should only be logged in a controlled way or in
a non-production environment.

You can redact headers that may contain sensitive information by calling `redactHeader()`.
```java
logging.redactHeader("Authorization");
logging.redactHeader("Cookie");
```

Download
--------

                File("docs/images/logo-square.png").asRequestBody(MEDIA_TYPE_PNG))
            .build()

        val request = Request.Builder()
            .header("Authorization", "Client-ID $IMGUR_CLIENT_ID")
            .url("https://api.imgur.com/3/image")
            .post(requestBody)
            .build()

        client.newCall(request).execute().use { response ->

      "Successful auth!",
    )

    // No authorization header for the first request...
    var request = server.takeRequest()
    assertThat(request.headers["Authorization"]).isNull()

    // ...but the three requests that follow include an authorization header.
    for (i in 0..2) {
      request = server.takeRequest()

        }).orElse(null);
    }

    /**
     * Generates the Azure AD authorization URL for the authentication request.
     * @param request The HTTP servlet request.
     * @return The authorization URL to redirect the user to.
     */
    protected String getAuthUrl(final HttpServletRequest request) {
        final String state = UuidUtil.create();

 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.entity;

import java.io.Serializable;

/**
 * Interface representing a Fess user with authentication and authorization information.
 * Provides access to user name, roles, groups, and permissions.
 */
public interface FessUser extends Serializable {

    /**
     * Gets the user's display name.
     * @return The user's name.

/**
 * Exception thrown during SSO (Single Sign-On) processing with message code support.
 *
 * This exception is used to indicate errors that occur during SSO authentication
 * and authorization processes. It carries both a message code for internationalization
 * and localization purposes, as well as detailed error information. The message code
 * can be used by the UI layer to display appropriate error messages to users.