*
   *  * For redirects (301: Moved Permanently, 302: Temporary Redirect, etc.)
   *  * For auth challenges (401: Unauthorized, 407: Proxy Authentication Required.)
   *  * For client timeouts (408: Request Time-Out.)
   *  * For server failures (503: Service Unavailable.)
   *
   * Response header values like `Location` and `Retry-After` are also considered.
   *

        authenticator.setResponseForType(SsoResponseType.METADATA, metadataResponse);

        String logoutUrl = "https://sso.example.com/logout";
        authenticator.setLogoutUrl(logoutUrl);

        // Execute authentication flow
        LoginCredential loginResult = authenticator.getLoginCredential();
        assertNotNull(loginResult);

     *            the client capabilities
     * @param previousSessionid
     *            the previous session ID for reconnection (or 0 for new session)
     * @param token
     *            the security token for authentication
     */
    public Smb2SessionSetupRequest(final CIFSContext context, final int securityMode, final int capabilities, final long previousSessionid,
            final byte[] token) {

     *
     * @param sessionKey
     *            the session key for signing
     * @param dialect
     *            the SMB2 dialect version
     * @param preauthIntegrityHash
     *            the pre-authentication integrity hash (for SMB 3.1.1)
     * @throws GeneralSecurityException
     *             if the signing algorithm cannot be initialized
     *
     */

import jcifs.Address;
import jcifs.CIFSContext;
import jcifs.Configuration;
import jcifs.DialectVersion;
import jcifs.internal.smb2.nego.Smb2NegotiateResponse;

/**
 * Test Pre-Authentication Integrity improvements
 */
@ExtendWith(MockitoExtension.class)
@MockitoSettings(strictness = Strictness.LENIENT)
public class PreauthIntegrityTest {

    @Mock
    private CIFSContext context;

    @Mock

import org.apache.maven.settings.crypto.SettingsDecryptionResult;
import org.apache.maven.wagon.ResourceDoesNotExistException;
import org.apache.maven.wagon.TransferFailedException;
import org.apache.maven.wagon.authentication.AuthenticationInfo;
import org.apache.maven.wagon.proxy.ProxyInfo;
import org.codehaus.plexus.logging.Logger;

/**
 * Manages <a href="https://maven.apache.org/wagon">Wagon</a> related operations in Maven.
 */

   *
   * * It may be transformed by the user's interceptors. For example, an application interceptor
   *   may add headers like `User-Agent`.
   * * It may be the request generated in response to an HTTP redirect or authentication
   *   challenge. In this case the request URL may be different than the initial request URL.
   *
   * Use the `request` of the [networkResponse] field to get the wire-level request that was

    public CurlRequest request(final Method method, final String path) {
        return request(new FesenRequest(new CurlRequest(method, null), nodeManager, path));
    }

    /**
     * Configures the request with authentication and SSL settings.
     * @param request the request to configure
     * @return the configured request
     */
    protected CurlRequest request(final CurlRequest request) {

        resp.received = true;

        session.transport(); // initialise transport

        // Mock the sessionSetup behavior to avoid actual network calls
        // The sessionSetup method would normally send authentication messages
        // Only mark the sessionSetup response as received, not the actual request/response
        doAnswer(invocation -> {
            ServerMessageBlock request = invocation.getArgument(0);

  - Promoted the `ServiceAccountTokenPodNodeInfo` feature to GA, which adds the node name and uid as claims into service account tokens mounted into running pods, and embeds that information as `authentication.kubernetes.io/node-name` and `authentication.kubernetes.io/node-uid` user extra info when the token is used