pyenv local "3.11"
    export CLOUDSDK_PYTHON=$(pyenv which python3.11)
  else
    echo "Python 3.11 not found, falling back to system python"
    export CLOUDSDK_PYTHON=$(which python3)
  fi
  gcloud auth activate-service-account --key-file="${GOOGLE_APPLICATION_CREDENTIALS}"
fi
set -x

# "TFCI_MACOS_PYENV_INSTALL_ENABLE" controls whether to use Pyenv to install

    // Patterns for sensitive data - compiled once and cached
    private static final Pattern PASSWORD_PATTERN = Pattern.compile(
            "(?i)(password|passwd|pwd|secret|token|key|credential|auth)([\"']?\\s*[:=]\\s*[\"']?)([^\"',\\s]+)", Pattern.CASE_INSENSITIVE);

    private static final Pattern IP_PATTERN = Pattern.compile("\\b(?:[0-9]{1,3}\\.){3}[0-9]{1,3}\\b");

    // Object pools for performance optimization

	case errAuthentication:
		apiErr = ErrAccessDenied
	case auth.ErrContainsReservedChars:
		apiErr = ErrAdminInvalidAccessKey
	case auth.ErrInvalidAccessKeyLength:
		apiErr = ErrAdminInvalidAccessKey
	case auth.ErrInvalidSecretKeyLength:
		apiErr = ErrAdminInvalidSecretKey
	case auth.ErrNoAccessKeyWithSecretKey:
		apiErr = ErrAdminNoAccessKey
	case auth.ErrNoSecretKeyWithAccessKey:
		apiErr = ErrAdminNoSecretKey

      RequestFailed::class,
    )
    assertThat(eventRecorder.findEvent<FollowUpDecision>()).all {
      prop(FollowUpDecision::nextRequest).isNotNull()
    }
  }

  /**
   * Auth requires follow-ups. Unlike redirects, the auth follow-up also has a request body. This
   * test makes a single call with two duplex requests!
   */
  @Test
  fun duplexWithAuthChallenge() {
    enableProtocol(Protocol.HTTP_2)

import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;

import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.DestroyFailedException;
import javax.security.auth.Destroyable;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Secure key management for SMB encryption.

labels.spnego_login_client_module=Login Client Module
labels.spnego_login_server_module=Login Server Module
labels.spnego_preauth_username=Pre-Auth Username
labels.spnego_preauth_password=Pre-Auth Password
labels.spnego_allow_basic=Allow Basic Auth
labels.spnego_allow_unsecure_basic=Allow Unsecure Basic Auth
labels.spnego_prompt_ntlm=Prompt NTLM
labels.spnego_allow_localhost=Allow Localhost
labels.spnego_allow_delegation=Allow Delegation

import org.codelibs.core.lang.StringUtil;
import org.codelibs.fess.crawler.Constants;
import org.codelibs.fess.exception.StorageException;

import com.google.api.gax.paging.Page;
import com.google.auth.oauth2.GoogleCredentials;
import com.google.cloud.NoCredentials;
import com.google.cloud.storage.Blob;
import com.google.cloud.storage.BlobId;
import com.google.cloud.storage.BlobInfo;
import com.google.cloud.storage.Bucket;

auth.ca-central-1.amazoncognito.com
auth.ca-west-1.amazoncognito.com
auth.eu-central-1.amazoncognito.com
auth.eu-central-2.amazoncognito.com
auth.eu-north-1.amazoncognito.com
auth.eu-south-1.amazoncognito.com
auth.eu-south-2.amazoncognito.com
auth.eu-west-1.amazoncognito.com
auth.eu-west-2.amazoncognito.com
auth.eu-west-3.amazoncognito.com
auth.il-central-1.amazoncognito.com

                // Use AES-GCM - nonce is 16 bytes
                final Cipher cipher = createGCMCipher(false, nonce);
                cipher.updateAAD(associatedData);

                // Combine ciphertext and auth tag for decryption
                final byte[] input = new byte[ciphertext.length + authTag.length];
                System.arraycopy(ciphertext, 0, input, 0, ciphertext.length);

import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;

import java.io.IOException;

import javax.security.auth.kerberos.KerberosKey;

import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Primitive;