*/
  @Test
  fun duplexWithAuthChallenge() {
    enableProtocol(Protocol.HTTP_2)
    val credential = basic("jesse", "secret")
    client =
      client.newBuilder()
        .authenticator(RecordingOkAuthenticator(credential, null))
        .build()
    val body1 =
      MockStreamHandler()
        .sendResponse("please authenticate!\n")
        .requestIOException()
        .exhaustResponse()

 *  **HttpResponseCache has been renamed to Cache.** Install it with
    `OkHttpClient.setCache(...)` instead of `OkHttpClient.setResponseCache(...)`.

 *  **OkAuthenticator has been replaced with Authenticator.** This new
    authenticator has access to the full incoming response and can respond with
    whichever followup request is appropriate. The `Challenge` class is now a

   *    has since been closed by the server.
   *  * A client timeout (HTTP 408).
   *  * A authorization challenge (HTTP 401 and 407) that is satisfied by the [Authenticator].
   *  * A retryable server failure (HTTP 503 with a `Retry-After: 0` response header).
   *  * A misdirected request (HTTP 421) on a coalesced connection.
   */
  open fun isOneShot(): Boolean = commonIsOneShot()

    public LoginCredential getLoginCredential() {
        return LaRequestUtil.getOptionalRequest().map(request -> {
            if (logger.isDebugEnabled()) {
                logger.debug("Logging in with OpenID Connect Authenticator");
            }
            final HttpSession session = request.getSession(false);
            if (session != null) {
                final String sesState = (String) session.getAttribute(OIC_STATE);

  // +optional
  optional string user = 3;

  // Groups is the groups you're testing for.
  // +optional
  repeated string groups = 4;

  // Extra corresponds to the user.Info.GetExtra() method from the authenticator.  Since that is input to the authorizer
  // it needs a reflection here.
  // +optional
  map<string, ExtraValue> extra = 5;

  // UID information about the requesting user.
  // +optional

  // +optional
  optional string user = 3;

  // Groups is the groups you're testing for.
  // +optional
  repeated string group = 4;

  // Extra corresponds to the user.Info.GetExtra() method from the authenticator.  Since that is input to the authorizer
  // it needs a reflection here.
  // +optional
  map<string, ExtraValue> extra = 5;

  // UID information about the requesting user.
  // +optional

HSPLokhttp3/Address;->equalsNonHost$okhttp(Lokhttp3/Address;)Z
HSPLokhttp3/Address;->hashCode()I
HSPLokhttp3/Authenticator$Companion$AuthenticatorNone;-><init>()V
HSPLokhttp3/Authenticator;-><clinit>()V
HSPLokhttp3/Cache;-><init>(Ljava/io/File;J)V

    public LoginCredential getLoginCredential() {
        return LaRequestUtil.getOptionalRequest().map(request -> {
            if (logger.isDebugEnabled()) {
                logger.debug("Logging in with Azure AD Authenticator");
            }
            final HttpSession session = request.getSession(false);
            if (session != null && containsAuthenticationData(request)) {
                try {

Download$DefaultDownloadProgr(Logger); public final void downloadStatusChange(long, long); } org/gradle/wrapper/Download$ProxyAuthenticator.class package org.gradle.wrapper; public final synchronized class Download$ProxyAuthenticator extends java.net.Authenticator { public void Download$ProxyAuthenticator(Download); public final java.net.PasswordAuthenticati getPasswordAuthentic(); } org/gradle/wrapper/Download.class package org.gradle.wrapper; public final synchronized class Download { public final Logger...

- The API server now detects and fails on startup if there are conflicting issuers between JWT authenticators and service account configurations. Previously, such configurations would run but could be inconsistently effective depending on the credential. ([#123561](https://github.com/kubernetes/kubernetes/pull/123561), [@enj](https://github.com/enj))