.add("WWW-Authenticate", "Basic realm=myotherrealm")
        .build()
    assertThat(headers.parseChallenges("WWW-Authenticate")).containsExactly(
      Challenge("Basic", mapOf("realm" to "myrealm")),
      Challenge("Basic", mapOf("realm" to "myotherrealm")),
    )
  }

      MockResponse(
        code = 401,
        headers = headersOf("WWW-Authenticate", "Basic realm=\"protected area\""),
      ),
    )
    server.enqueue(
      MockResponse(body = "c"),
    )
    val authenticator =
      RecordingOkAuthenticator(
        basic("jesse", "peanutbutter"),
        "Basic",
      )
    client =
      client.newBuilder()
        .authenticator(authenticator)

    }

    result.write(PREFIX)

    val input = string.codePoints(pos, limit)

    // Copy all the basic code points to the output.
    var b = 0
    for (codePoint in input) {
      if (codePoint < INITIAL_N) {
        result.writeByte(codePoint)
        b++
      }
    }

    // Copy a delimiter if any basic code points were emitted.
    if (b > 0) result.writeByte('-'.code)

    var n = INITIAL_N

 *
 * ```java
 * if (response.request().header("Authorization") != null) {
 *   return null; // Give up, we've already failed to authenticate.
 * }
 *
 * String credential = Credentials.basic(...)
 * return response.request().newBuilder()
 *     .header("Authorization", credential)
 *     .build();
 * ```
 *
 * When reactive authentication is requested by a proxy server, the response code is 407 and the

  const val RSA_ENCRYPTION = "1.2.840.113549.1.1.1"
  const val SHA256_WITH_RSA_ENCRYPTION = "1.2.840.113549.1.1.11"
  const val SUBJECT_ALTERNATIVE_NAME = "2.5.29.17"
  const val BASIC_CONSTRAINTS = "2.5.29.19"
  const val COMMON_NAME = "2.5.4.3"
  const val ORGANIZATIONAL_UNIT_NAME = "2.5.4.11"

            }

            println("Authenticating for response: $response")
            println("Challenges: ${response.challenges()}")
            val credential = Credentials.basic("jesse", "password1")
            return response.request.newBuilder()
              .header("Authorization", credential)
              .build()
          }
        },
      )
      .build()

  fun run() {

        it.id == ObjectIdentifiers.SUBJECT_ALTERNATIVE_NAME
      }
    }

  val basicConstraints: Extension
    get() {
      return tbsCertificate.extensions.first {
        it.id == ObjectIdentifiers.BASIC_CONSTRAINTS
      }
    }

  /** Returns true if the certificate was signed by [issuer]. */
  @Throws(SignatureException::class)
  fun checkSignature(issuer: PublicKey): Boolean {

    assertThat(CertificateAdapters.generalName.toDer(generalNameDnsName to "example.com"))
      .isEqualTo(bytes)
  }

  @Test fun `extension with type hint for basic constraints`() {
    val extension =
      Extension(
        BASIC_CONSTRAINTS,
        false,
        BasicConstraints(true, 4),
      )
    val bytes = "300f0603551d13040830060101ff020104".decodeHex()

       * Logs request and response lines.
       *
       * Example:
       * ```
       * --> POST /greeting http/1.1 (3-byte body)
       *
       * <-- 200 OK (22ms, 6-byte body)
       * ```
       */
      BASIC,

      /**
       * Logs request and response lines and their respective headers.
       *
       * Example:
       * ```
       * --> POST /greeting http/1.1
       * Host: example.com

      Response.Builder()
        .request(request)
        .code(401)
        .header("WWW-Authenticate", "Basic realm=\"User Visible Realm\"")
        .protocol(HTTP_2)
        .message("Unauthorized")
        .build()
    val authRequest = authenticator.authenticate(route, response)

    assertEquals(
      "Basic ${RecordingAuthenticator.BASE_64_CREDENTIALS}",
      authRequest!!.header("Authorization"),
    )
  }