this(macSigningKey, bypass, 0);
    }

    /**
     * Constructs a signing digest with bypass option and initial sequence number
     *
     * @param macSigningKey
     *            The MAC signing key used for generating signatures
     * @param bypass
     *            Whether to bypass signature verification
     * @param initialSequence
     *            The initial sequence number for signing

    private MessageDigest digest;
    private byte[] macSigningKey;
    private boolean bypass = false;
    private int updates;
    private int signSequence;

    /**
     * Constructs a new signing digest with the specified MAC signing key.
     *
     * @param macSigningKey the MAC signing key for message authentication
     * @param bypass whether to bypass MAC signing
     * @throws SmbException if MD5 algorithm is not available
     */

     */
    @Override
    public String[] assistClientInvokeNames() {
        return DEFAULT_CLIENT_INVOKE_NAMES;
    }

    /**
     * Assists bypass invoke names for DBFlute behavior invocation.
     *
     * @return array of default bypass invoke names
     */
    @Override
    public String[] assistByPassInvokeNames() {
        return DEFAULT_BYPASS_INVOKE_NAMES;
    }

    @Override

 * tests focus on the contract that implementations should honour and the
 * interaction with {@link SmbFile} instances. The tests make heavy use of
 * Mockito to guarantee that implementation classes do not inadvertently
 * bypass the filter logic.
 */
public class SmbFileFilterTest {

    /**
     * A minimal implementation that accepts every {@link SmbFile}.
     */
    private final SmbFileFilter ALWAYSACTIVE = new SmbFileFilter() {

    void testHandleSetsNameAndPasswordHappyPath() throws Exception {
        JAASAuthenticator auth = new JAASAuthenticator("DOM", "user", "pass");
        NameCallback nc = new NameCallback("user:");
        PasswordCallback pc = new PasswordCallback("pass:", false);

        // Exercise callback handler with both callbacks supplied
        Callback[] cbs = new Callback[] { nc, pc };
        auth.handle(cbs);

    @Test
    @DisplayName("Test constructor with MAC signing key and bypass flag")
    void testConstructorWithBypass() {
        SMB1SigningDigest digest = new SMB1SigningDigest(testMacSigningKey, true);
        assertNotNull(digest);
        assertTrue(digest.toString().contains("MacSigningKey="));
    }

    @Test
    @DisplayName("Test constructor with MAC signing key, bypass flag and initial sequence")

   * dummy version.
   *
   * @throws UnsupportedOperationException always
   * @deprecated <b>Pass a parameter of type {@code Comparable} to use {@link
   *     ImmutableSortedSet#of(Comparable)}.</b>
   */
  @DoNotCall("Pass a parameter of type Comparable")
  @Deprecated
  public static <E> ImmutableSortedSet<E> of(E e1) {
    throw new UnsupportedOperationException();
  }

        KerberosKey kdcKey = new KerberosKey(null, keyBytes, PacSignature.HMAC_SHA1_96_AES256, 1);
        keys.put(PacSignature.ETYPE_AES256_CTS_HMAC_SHA1_96, kdcKey);

        // Mock Pac construction to bypass complex validation
        try (MockedConstruction<Pac> pacMock = Mockito.mockConstruction(Pac.class, (mock, context) -> {
            // Setup mock behavior
            PacLogonInfo mockLogonInfo = Mockito.mock(PacLogonInfo.class);

        ASN1ObjectIdentifier unsupported = new ASN1ObjectIdentifier("1.2.3.4.5");
        byte[] init = spnegoInitWithMechs(unsupported);

        // Host is a FQDN to pass the short-name check
        SmbUnsupportedOperationException ex =
                assertThrows(SmbUnsupportedOperationException.class, () -> auth.createContext(tc, null, "server.example.com", init, false));

 * authentication context without requiring users to explicitly enter credentials.
 *
 * The authenticator supports various configuration options including delegation,
 * basic authentication fallback, and localhost authentication bypass.
 */
public class SpnegoAuthenticator implements SsoAuthenticator {

    /** Logger for this class. */
    private static final Logger logger = LogManager.getLogger(SpnegoAuthenticator.class);