clients, so that each Node can only get / list / watch its own Node API object, and can also only get / list / watch Pod API objects bound to that node. Clients using kubelet credentials to read other nodes or unrelated pods must change their authentication credentials (recommended), adjust their usage, or obtain broader read access independent of the node authorizer. ([#125571](https://github.com/kubernetes/kubernetes/pull/125571), [@liggitt](https://github.com/liggitt)) [SIG API Machinery, Auth,...

### CronJob controller v2 is available through feature gate

 */
package okhttp3.recipes.kt

import java.io.IOException
import okhttp3.Authenticator
import okhttp3.Credentials
import okhttp3.OkHttpClient
import okhttp3.Request
import okhttp3.Response
import okhttp3.Route

class Authenticate {
  private val client =
    OkHttpClient
      .Builder()
      .authenticator(
        object : Authenticator {
          @Throws(IOException::class)
          override fun authenticate(

- fluentd-gcp is unchanged at v3.2.0 as of Kubernetes 1.13. ([#70954](https://github.com/kubernetes/kubernetes/pull/70954))
- OIDC authentication is unchanged at coreos/go-oidc v2 as of Kubernetes 1.10. ([#58544](https://github.com/kubernetes/kubernetes/pull/58544))

  public Authenticate() {
    client = new OkHttpClient.Builder()
        .authenticator((route, response) -> {
          if (response.request().header("Authorization") != null) {
            return null; // Give up, we've already attempted to authenticate.
          }

          System.out.println("Authenticating for response: " + response);
          System.out.println("Challenges: " + response.challenges());

        super.tearDown(testInfo);
    }

    @Test
    public void test_authenticatorInstantiation() {
        // Verify authenticator can be instantiated without errors
        SpnegoAuthenticator authenticator = new SpnegoAuthenticator();
        assertNotNull(authenticator);
    }

    @Test
    public void test_spnegoConfigClass() {
        // Verify the inner class is named correctly: SpnegoConfig (not SpengoConfig)

 */
package okhttp3.internal.authenticator

import java.io.IOException
import java.net.Authenticator
import java.net.InetAddress
import java.net.InetSocketAddress
import java.net.Proxy
import okhttp3.Credentials
import okhttp3.Dns
import okhttp3.HttpUrl
import okhttp3.Request
import okhttp3.Response
import okhttp3.Route

/**

 */
package okhttp3

import java.io.IOException
import okhttp3.Authenticator.Companion.JAVA_NET_AUTHENTICATOR

/**
 * Do not use this.
 *
 * Instead, configure your OkHttpClient.Builder to use `Authenticator.JAVA_NET_AUTHENTICATOR`:
 *
 * ```
 *   val okHttpClient = OkHttpClient.Builder()
 *     .authenticator(okhttp3.Authenticator.Companion.JAVA_NET_AUTHENTICATOR)
 *     .build()
 * ```
 */

    /**
     * Returns the [Authenticator] for the OkHttpClient, or an override from the Call.Chain.
     */
    val authenticator: Authenticator

    /**
     * Override the [Authenticator] for the Call.Chain.
     *
     * @throws IllegalStateException if this is a Network Interceptor, since the override is too late.
     */
    fun withAuthenticator(authenticator: Authenticator): Chain

    /**

        authenticator.setMaxGroupDepth(5);
        authenticator.setMaxGroupDepth(20);
        authenticator.setMaxGroupDepth(1);

        // Verify method accepts valid values without exception
        assertTrue(true);
    }

    @Test
    public void test_setGroupCacheExpiry() {
        EntraIdAuthenticator authenticator = new EntraIdAuthenticator();

        // Test setting different cache expiry values