import org.lastaflute.web.response.ActionResponse;

/**
 * Interface for SSO (Single Sign-On) authenticator implementations.
 *
 * This interface defines the contract for SSO authentication providers that can be
 * integrated with Fess. Implementations handle specific SSO protocols like SAML,
 * OAuth, SPNEGO, or other authentication mechanisms. Each authenticator is responsible
 * for obtaining login credentials, resolving user information, and managing SSO

import com.google.common.io.BaseEncoding.DecodingException;

import jakarta.annotation.PostConstruct;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;

/**
 * OpenID Connect authenticator for SSO integration.
 */
public class OpenIdConnectAuthenticator implements SsoAuthenticator {

    /**
     * Default constructor.
     */
    public OpenIdConnectAuthenticator() {

* Kubelet now proxies container streaming between apiserver and container runtime. The connection between kubelet and apiserver is authenticated. Container runtime should change streaming server to serve on localhost, to make the connection between kubelet and container runtime local. ([#64006](https://github.com/kubernetes/kubernetes/pull/64006), [@Random-Liu](https://github.com/Random-Liu))...

                ntlm = (NtlmPasswordAuthentication) ssn.getAttribute("npa-" + server);
            }
            if (ntlm == null) {
                resp.setHeader("WWW-Authenticate", "NTLM");
                if (offerBasic) {
                    resp.addHeader("WWW-Authenticate", "Basic realm=\"" + realm + "\"");
                }
                resp.setHeader("Connection", "close");

        // Full NTLM handshake testing would require more complex mocking

        // Arrange - Mock a server that supports NTLM
        mockResponse(HTTP_UNAUTHORIZED, "Unauthorized", Collections.singletonMap("WWW-Authenticate", Collections.singletonList("NTLM")),
                new ByteArrayInputStream(new byte[0]));

        // Act - Trigger handshake
        int responseCode = ntlmConnection.getResponseCode();

/// tip

The *path operation* for `swagger_ui_redirect` is a helper for when you use OAuth2.

If you integrate your API with an OAuth2 provider, you will be able to authenticate and come back to the API docs with the acquired credentials. And interact with it using the real OAuth2 authentication.

Swagger UI will handle it behind the scenes for you, but it needs this "redirect" helper.

///

else
  # The volume mapping flag below shares the user's gcloud credentials, if any,
  # with the container, in case the user has credentials stored there.
  # This would allow Bazel to authenticate for RBE.
  # Note: TF's CI does not have any credentials stored there.
  TFCI_DOCKER_ARGS="$TFCI_DOCKER_ARGS -v $HOME/.config/gcloud:/root/.config/gcloud"

     *
     * @param dc the domain controller to authenticate against
     * @param auth the authentication credentials
     * @throws SmbException if authentication fails or an SMB error occurs
     */
    public static void logon(final UniAddress dc, final NtlmPasswordAuthentication auth) throws SmbException {
        logon(dc, 0, auth);
    }

    /**

OkHttp URLConnection
====================

This module integrates OkHttp with `Authenticator` and `CookieHandler` from `java.net`.

This module is obsolete; prefer `okhttp-java-net-cookiejar`.

### Download

```kotlin
testImplementation("com.squareup.okhttp3:okhttp-urlconnection:5.1.0")

          <description>
            The username used to authenticate.
          </description>
          <type>String</type>
        </field>
        <field>
          <name>password</name>
          <version>1.0.0+</version>
          <description>
            The password used in conjunction with the username to authenticate.
          </description>
          <type>String</type>
        </field>