It can be used by third party applications and systems.

And it can also be used by yourself, to debug, check and test the same application.

## The `password` flow { #the-password-flow }

Now let's go back a bit and understand what is all that.

The `password` "flow" is one of the ways ("flows") defined in OAuth2, to handle security and authentication.

    protected final InetSocketAddress remoteAddress;
    /** Local endpoint address */
    protected final InetSocketAddress localAddress;
    /** Available send credits for flow control */
    protected final AtomicInteger sendCredits;
    /** Available receive credits for flow control */
    protected final AtomicInteger receiveCredits;
    /** Queue of pending RDMA work requests */
    protected final BlockingQueue<RdmaWorkRequest> pendingRequests;

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs.internal.smb2.rdma;

/**
 * RDMA credit management for flow control.
 *
 * Credits are used to control the flow of messages between
 * RDMA peers to prevent buffer overflow.
 */
public class RdmaCredits {

    private int initialCredits;
    private int creditsGranted;

    /**

The most common is the implicit flow.

The most secure is the code flow, but it's more complex to implement as it requires more steps. As it is more complex, many providers end up suggesting the implicit flow.

/// note

It's common that each authentication provider names their flows in a different way, to make it part of their brand.

- Is small, focused, and easy to review—ideally one commit, unless multiple commits better narrate complex work.
- Adheres to MinIO’s coding standards (e.g., Go style, error handling, testing).

PRs must flow smoothly through review to reach production. Large PRs should be split into smaller, manageable ones.

## Submitting PRs

1. **Title and Summary**:

      if (outFinished) {
        this.sink.finished = true
        notifyAll() // Because doReadTimeout() may have changed.
      }
    }

    // Only DATA frames are subject to flow-control. Transmit the HEADER frame if the connection
    // flow-control window is fully depleted.
    if (!flushHeaders) {
      withLock {
        flushHeaders = (connection.writeBytesTotal >= connection.writeBytesMaximum)
      }
    }

/**
 * Tests for SmbFilenameFilter interface behaviors via simple implementations.
 * Each test creates a concrete filter to validate expected contract semantics
 * including normal operation, null handling, edge cases, and exception flow.
 */
@ExtendWith(MockitoExtension.class)
class SmbFilenameFilterTest {

    @Mock
    SmbFile mockDir;

    /**
     * Happy-path: a filter that accepts any name.
     */
    @ParameterizedTest

Am häufigsten ist der „Implicit“-Flow.

Am sichersten ist der „Code“-Flow, die Implementierung ist jedoch komplexer, da mehr Schritte erforderlich sind. Da er komplexer ist, schlagen viele Anbieter letztendlich den „Implicit“-Flow vor.

/// note | Hinweis

  static final Iterable<Integer> ALL_INTEGER_CANDIDATES;

  static {
    ImmutableSet.Builder<Integer> intValues = ImmutableSet.builder();
    // Add boundary values manually to avoid over/under flow (this covers 2^N for 0 and 31).
    intValues.add(Integer.MAX_VALUE - 1, Integer.MAX_VALUE);
    // Add values up to 40. This covers cases like "square of a prime" and such.
    for (int i = 1; i <= 40; i++) {

Now let's build from the previous chapter and add the missing parts to have a complete security flow.

## Get the `username` and `password` { #get-the-username-and-password }

We are going to use **FastAPI** security utilities to get the `username` and `password`.

OAuth2 specifies that when using the "password flow" (that we are using) the client/user must send a `username` and `password` fields as form data.