* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs.smb;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;

import org.slf4j.Logger;

 *
 * <p>This package contains interfaces and classes for the password encryption tool,
 * which helps secure sensitive information in Maven settings and configuration files.</p>
 *
 * <p>Key features include:</p>
 * <ul>
 *   <li>Password encryption and decryption</li>
 *   <li>Master password management</li>
 *   <li>Security settings configuration</li>
 * </ul>
 *
 * @see org.apache.maven.api.cli.Tools#MVNENC_CMD

    }

    /**
     * Determines whether the user identification cookie should be marked as secure.
     * Checks the configured secure setting or examines request headers to detect HTTPS.
     *
     * @return true if the cookie should be secure, false otherwise
     */
    protected boolean isSecureCookie() {
        if (cookieSecure != null) {
            return cookieSecure;

    /**
     * Checks if a property value should be masked for security reasons.
     *
     * @param key the property key to check
     * @return true if the value should be masked, false otherwise
     */
    protected static boolean isMaskedValue(final String key) {
        return "http.proxy.password".equals(key) //
                || "ldap.admin.security.credentials".equals(key) //

##### Figure 1 - Secure Channel construction

```

        // We can't directly test if password is wiped since auth is out of scope,
        // but the close() method should have been called
    }

    /**
     * Test secure memory clearing in close()
     */
    @Test
    @DisplayName("Test secure memory clearing on close")
    public void testCloseSecurelyClearsMemory() {
        char[] testPassword = "CloseTestPass123!".toCharArray();

You can use this template to get started, as it includes a lot of the initial set up, security, database and some API endpoints already done for you.

GitHub Repository: [Full Stack FastAPI Template](https://github.com/tiangolo/full-stack-fastapi-template)

        response.connection
          .socket()
          .javaClass.name,
      ).isEqualTo(
        "sun.security.ssl.SSLSocketImpl",
      )
    }
  }

  @Test
  fun testSupportedProtocols() {
    val factory = SSLSocketFactory.getDefault()
    assertThat(factory.javaClass.name).isEqualTo("sun.security.ssl.SSLSocketFactoryImpl")
    val s = factory.createSocket() as SSLSocket

    when {

import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;

import java.security.MessageDigest;
import java.security.SecureRandom;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import org.junit.jupiter.api.DisplayName;

{* ../../docs_src/security/tutorial005_an_py310.py hl[5,9,13,47,65,106,108:116,122:126,130:136,141,157] *}

Now let's review those changes step by step.

## OAuth2 Security scheme { #oauth2-security-scheme }

The first change is that now we are declaring the OAuth2 security scheme with two available scopes, `me` and `items`.