public Authenticate() {
        client = new OkHttpClient.Builder()
            .authenticator(new Authenticator() {
              @Override public Request authenticate(Route route, Response response) throws IOException {
                if (response.request().header("Authorization") != null) {
                  return null; // Give up, we've already attempted to authenticate.
                }

        .code(HttpURLConnection.HTTP_PROXY_AUTH)
        .message("Preemptive Authenticate")
        .sentRequestAtMillis(-1L)
        .receivedResponseAtMillis(-1L)
        .header("Proxy-Authenticate", "OkHttp-Preemptive")
        .build()

    val authenticatedRequest =
      route.address.proxyAuthenticator
        .authenticate(route, fakeAuthChallengeResponse)

    return authenticatedRequest ?: proxyConnectRequest

        headers =
          headersOf(
            "WWW-Authenticate",
            "Basic realm=\"protected area\", charset=\"UTF-8\"",
          ),
        body = "Please authenticate with UTF-8.",
      ),
    )
    server.enqueue(
      MockResponse(
        code = 401,
        headers =
          headersOf(
            "WWW-Authenticate",
            "Basic realm=\"protected area\"",
          ),

  val responses = mutableListOf<Response>()
  val routes = mutableListOf<Route>()

  fun onlyResponse() = responses.single()

  fun onlyRoute() = routes.single()

  @Throws(IOException::class)
  override fun authenticate(
    route: Route?,
    response: Response,
  ): Request? {
    if (route == null) throw NullPointerException("route == null")
    responses += response
    routes += route

     * @return whether any transport was still in use
     *
     * @throws CIFSException if an error occurs during authentication
     *
     */
    boolean close() throws CIFSException;

    /**
     * Authenticate arbitrary credentials represented by the
     * <code>NtlmPasswordAuthentication</code> object against the domain controller
     * specified by the <code>UniAddress</code> parameter. If the credentials are

/// info | Дополнительная информация
Дополнительный заголовок `WWW-Authenticate` со значением `Bearer`, который мы здесь возвращаем, также является частью спецификации.

Ответ сервера с  HTTP-кодом 401 "UNAUTHORIZED" должен также возвращать заголовок `WWW-Authenticate`.

В случае с bearer-токенами (наш случай) значение этого заголовка должно быть `Bearer`.

In HTTP Basic Auth, the application expects a header that contains a username and a password.

If it doesn't receive it, it returns an HTTP 401 "Unauthorized" error.

And returns a header `WWW-Authenticate` with a value of `Basic`, and an optional `realm` parameter.

That tells the browser to show the integrated prompt for a username and password.

a client certificate.

The following curl example shows how to authenticate to a MinIO server with client certificate and obtain STS access credentials.

```curl
curl -X POST --key private.key --cert public.crt "https://minio:9000?Action=AssumeRoleWithCertificate&Version=2011-06-15&DurationSeconds=3600"

     */
    @Size(max = 10)
    public String appendQueryParameter;

    /**
     * Enable or disable login requirement for search access.
     * When enabled, users must authenticate before performing searches.
     */
    @Size(max = 10)
    public String loginRequired;

    /**
     * Enable or disable result collapsing for similar documents.

, 👆 🔗, 👥 🔜 🕴 🤚 👩‍💻 🚥 👩‍💻 🔀, ☑ 🔓, & 🦁:

{* ../../docs_src/security/tutorial003.py hl[58:66,69:72,90] *}

/// info

🌖 🎚 `WWW-Authenticate` ⏮️ 💲 `Bearer` 👥 🛬 📥 🍕 🔌.

🙆 🇺🇸🔍 (❌) 👔 📟 4️⃣0️⃣1️⃣ "⛔" 🤔 📨 `WWW-Authenticate` 🎚.

💼 📨 🤝 (👆 💼), 💲 👈 🎚 🔜 `Bearer`.

👆 💪 🤙 🚶 👈 ➕ 🎚 & ⚫️ 🔜 👷.

✋️ ⚫️ 🚚 📥 🛠️ ⏮️ 🔧.