// Test the method directly
        char[] password1 = "testpassword".toCharArray();
        char[] password2 = "testpassword".toCharArray();
        char[] password3 = "testpassworX".toCharArray();

        Boolean result1 = (Boolean) constantTimeMethod.invoke(null, password1, password2);
        Boolean result2 = (Boolean) constantTimeMethod.invoke(null, password1, password3);

Si los passwords no coinciden, devolvemos el mismo error.

#### Hashing de passwords

"Hacer hash" significa: convertir algún contenido (un password en este caso) en una secuencia de bytes (solo un string) que parece un galimatías.

Siempre que pases exactamente el mismo contenido (exactamente el mismo password) obtienes exactamente el mismo galimatías.

# Let dex keep a list of passwords which can be used to login to dex.
enablePasswordDB: true

# A static list of passwords to login the end user. By identifying here, dex
# won't look in its underlying storage for passwords.
#
# If this option isn't chosen users may be added through the gRPC API.
staticPasswords:
  - email: "******@****.***"
    # bcrypt hash of the string "password"

If the passwords don't match, we return the same error.

#### Password hashing { #password-hashing }

"Hashing" means: converting some content (a password in this case) into a sequence of bytes (just a string) that looks like gibberish.

Whenever you pass exactly the same content (exactly the same password) you get exactly the same gibberish.

///

## Password hashing { #password-hashing }

"Hashing" means converting some content (a password in this case) into a sequence of bytes (just a string) that looks like gibberish.

Whenever you pass exactly the same content (exactly the same password) you get exactly the same gibberish.

But you cannot convert from the gibberish back to the password.

### Why use password hashing { #why-use-password-hashing }

 * It provides functionality to manage passwords for different file patterns using regular expressions.
 *
 * <p>The extractor supports two types of password management:
 * <ul>
 *   <li>Static passwords configured via {@link #addPassword(String, String)}</li>
 *   <li>Dynamic passwords provided through extraction parameters</li>
 * </ul>
 *

        byte[] actual = NtlmUtil.getNTHash(password);

        // Assert
        assertArrayEquals(expected, actual, "NT hash must match known test vector");
    }

    @Test
    @DisplayName("getNTHash: verify different passwords produce different hashes")
    void testGetNTHash_differentPasswords() {
        // Arrange
        String password1 = "password";
        String password2 = "Password";

        // Act

    public static final String RESOURCE_NAME_KEY = "resourceName";

    /** URL key for metadata */
    public static final String URL = "url";

    /** File passwords key for metadata */
    public static final String FILE_PASSWORDS = "file.passwords";

    /** Map containing metadata key-value pairs */
    protected Map<String, String[]> metadata = new HashMap<>();

    /** The extracted content text */

        "arn:aws:s3:::*"
      ]
    }
  ]
}
```

### Visit <http://localhost:8080>

You will be redirected to dex login screen - click "Login with email", enter username password
> username: ******@****.***
> password: password

and then click "Grant access"

On the browser now you shall see the list of buckets output, along with your temporary credentials obtained from MinIO.

```
{
 "buckets": [

    /**
     * Security mode flags.
     */
    public int securityMode;
    /**
     * Security settings for the session.
     */
    public int security;
    /**
     * Whether the server requires encrypted passwords.
     */
    public boolean encryptedPasswords;
    /**
     * Whether message signing is enabled.
     */
    public boolean signaturesEnabled;
    /**
     * Whether message signing is required.
     */