*/
    public NtlmContext(final NtlmPasswordAuthentication auth, final boolean doSigning) {
        this.auth = auth;
        this.ntlmsspFlags =
                ntlmsspFlags | NtlmFlags.NTLMSSP_REQUEST_TARGET | NtlmFlags.NTLMSSP_NEGOTIATE_NTLM2 | NtlmFlags.NTLMSSP_NEGOTIATE_128;
        if (doSigning) {
            this.ntlmsspFlags |=

        @Override
        public HashMap getTrustedDomains(NtlmPasswordAuthentication auth) throws SmbAuthException {
            if (disabled || auth.domain == "?")
                return null;
            return super.getTrustedDomains(auth);
        }

        @Override
        public SmbTransport getDc(String domain, NtlmPasswordAuthentication auth) throws SmbAuthException {
            if (disabled)
                return null;

    expectedAuthParams["qop"] = "auth"
    expectedAuthParams["stale"] = "FALSE"
    assertThat(challenges[0].authParams).isEqualTo(expectedAuthParams)
  }

  @Test fun testDigestChallengeWithDifferentlyOrderedAuthParams() {
    val headers =
      Headers
        .Builder()
        .add(
          "WWW-Authenticate",
          "Digest qop=\"auth\", realm=\"myrealm\", nonce=\"fjalskdflwejrlask" +

            }
        }
        t = new SmbTree(this, share, service);
        trees.addElement(t);
        return t;
    }

    boolean matches(final NtlmPasswordAuthentication auth) {
        return this.auth == auth || this.auth.equals(auth);
    }

    synchronized SmbTransport transport() {
        if (transport == null) {
            transport = SmbTransport.getSmbTransport(address, port, localAddr, localPort, null);

    /**
     * Constructor.
     * @param auth The SAML authentication.
     */
    public SamlCredential(final Auth auth) {
        attributes = auth.getAttributes();
        nameId = auth.getNameId();
        nameIdFormat = auth.getNameIdFormat();
        sessionIndex = auth.getSessionIndex();
        nameidNameQualifier = auth.getNameIdNameQualifier();
        nameidSPNameQualifier = auth.getNameIdSPNameQualifier();
    }

	auth := AuthMiddleware
	if authType == prometheusPublic {
		auth = NoAuthMiddleware
	}

	metricsRouter.Handle(prometheusMetricsPathLegacy, auth(metricsHandler()))
	metricsRouter.Handle(prometheusMetricsV2ClusterPath, auth(metricsServerHandler()))
	metricsRouter.Handle(prometheusMetricsV2BucketPath, auth(metricsBucketHandler()))

            url.toUrl(),
            Authenticator.RequestorType.SERVER,
          )
        }

      if (auth != null) {
        val credentialHeader = if (proxyAuthorization) "Proxy-Authorization" else "Authorization"
        val credential =
          Credentials.basic(
            auth.userName,
            String(auth.password),
            challenge.charset,
          )
        return request
          .newBuilder()

    /**
     * Test parsing with an unknown auth type.
     * Expects an empty list of authorizations.
     * @throws PACDecodingException should not be thrown
     */
    @Test
    void testParseUnknownAuthType() throws PACDecodingException {
        // GIVEN an unknown auth type
        int unknownAuthType = -1;
        byte[] emptyToken = new byte[0];

        // WHEN parsing the auth data

            if (cred instanceof final NtlmPasswordAuthentication auth) {
                if (auth == NtlmPasswordAuthentication.ANONYMOUS) {
                    lmHash = new byte[0];
                    ntHash = new byte[0];
                    capabilities &= ~SmbConstants.CAP_EXTENDED_SECURITY;
                } else if (session.transport.server.encryptedPasswords) {
                    lmHash = auth.getAnsiHash(session.transport.server.encryptionKey);

import javax.net.ssl.KeyStoreBuilderParameters
import javax.net.ssl.SSLContext
import javax.net.ssl.X509ExtendedKeyManager
import javax.security.auth.callback.Callback
import javax.security.auth.callback.CallbackHandler
import javax.security.auth.callback.PasswordCallback
import javax.security.auth.callback.UnsupportedCallbackException
import okhttp3.OkHttpClient
import okhttp3.Request
import okhttp3.internal.SuppressSignatureCheck