/**
     * Create username/password credentials
     *
     * @param username the username for authentication
     * @param password the password for authentication
     */
    public NtlmPasswordAuthenticator(String username, String password) {
        this(null, username, password != null ? password.toCharArray() : null);
    }

    /**
     * Create username/password credentials
     *

			if u.Credentials.IsTemp() {
				// We should delete such that the client can re-request
				// for the expiring credentials.
				deleteKeyEtcd(ctx, ies.client, getUserIdentityPath(user, userType))
				deleteKeyEtcd(ctx, ies.client, getMappedPolicyPath(user, userType, false))
			}
			return nil
		}
		u.Credentials.Claims = jwtClaims.Map()
	}
	if u.Credentials.Description == "" {

                if (!this.getConfig().isAllowGuestFallback() && response.isLoggedInAsGuest()
                        && (!this.credentials.isGuest() && !this.credentials.isAnonymous())) {
                    throw new SmbAuthException(NtStatus.NT_STATUS_LOGON_FAILURE);
                }
                if (!this.credentials.isAnonymous() && response.isLoggedInAsGuest()) {
                    anonymous = true;
                }

# createUser ($policy)
createUser() {
  POLICY=$1
  #check accessKey_and_secretKey_tmp file
  if [[ ! -f $MINIO_ACCESSKEY_SECRETKEY_TMP ]];then
    echo "credentials file does not exist"
    return 1
  fi
  if [[ $(cat $MINIO_ACCESSKEY_SECRETKEY_TMP|wc -l) -ne 2 ]];then
    echo "credentials file is invalid"
    rm -f $MINIO_ACCESSKEY_SECRETKEY_TMP
    return 1
  fi
  USER=$(head -1 $MINIO_ACCESSKEY_SECRETKEY_TMP)

为了解决这个问题，我们首先将 `username` 和 `password` 转换为使用 UTF-8 编码的 `bytes` 。

然后我们可以使用 `secrets.compare_digest()` 来确保 `credentials.username` 是 `"stanleyjobson"`，且 `credentials.password` 是`"swordfish"`。

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

这类似于：

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Return some error
    ...
```

createSvcacct () {
  USER=$1
  FILENAME=$2
  #check accessKey_and_secretKey_tmp file
  if [[ ! -f $MINIO_ACCESSKEY_SECRETKEY_TMP ]];then
    echo "credentials file does not exist"
    return 1
  fi
  if [[ $(cat $MINIO_ACCESSKEY_SECRETKEY_TMP|wc -l) -ne 2 ]];then
    echo "credentials file is invalid"
    rm -f $MINIO_ACCESSKEY_SECRETKEY_TMP
    return 1
  fi
  SVCACCT=$(head -1 $MINIO_ACCESSKEY_SECRETKEY_TMP)

          System.out.println("Authenticating for response: " + response);
          System.out.println("Challenges: " + response.challenges());
          String credential = Credentials.basic("jesse", "password1");
          return response.request().newBuilder()
              .header("Authorization", credential)
              .build();
        })
        .build();
  }

  public void run() throws Exception {

Затем можно использовать `secrets.compare_digest()`, чтобы убедиться, что `credentials.username` равен `"stanleyjobson"`, а `credentials.password` — `"swordfish"`.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Это было бы похоже на:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Вернуть ошибку
    ...
```

  # ci/official/utilities/setup_docker.sh.
else
  # The volume mapping flag below shares the user's gcloud credentials, if any,
  # with the container, in case the user has credentials stored there.
  # This would allow Bazel to authenticate for RBE.
  # Note: TF's CI does not have any credentials stored there.
  TFCI_DOCKER_ARGS="$TFCI_DOCKER_ARGS -v $HOME/.config/gcloud:/root/.config/gcloud"

	ExecObjectLayerAPITest(ExecObjectLayerAPITestArgs{
		t: t,
		objAPITest: func(obj ObjectLayer, instanceType, bucketName string, apiRouter http.Handler, credentials auth.Credentials, t *testing.T) {
			objectName := "dummy-object"
			functionID := "lambda1"
			functionToken := "token123"

			// Lambda mock server