"github.com/minio/minio/internal/logger"
	"github.com/minio/pkg/v3/env"
	xnet "github.com/minio/pkg/v3/net"
)

func authNLogIf(ctx context.Context, err error) {
	logger.LogIf(ctx, "authN", err)
}

// Authentication Plugin config and env variables
const (
	URL        = "url"
	AuthToken  = "auth_token"
	RolePolicy = "role_policy"
	RoleID     = "role_id"

        Kerb5Authenticator auth = new Kerb5Authenticator(subj, "DOM", "user", "pass");
        auth.setUser("alice");
        auth.setRealm("EXAMPLE.COM");
        auth.setService("cifs");
        auth.setUserLifeTime(123);
        auth.setLifeTime(456);
        auth.setForceFallback(true);

        Kerb5Authenticator cloned = auth.clone();

        assertNotSame(auth, cloned);

        JAASAuthenticator auth = spy(new JAASAuthenticator());
        // Avoid real JAAS by stubbing getSubject
        doReturn(new Subject()).when(auth).getSubject();

        // Act
        CredentialsInternal result = auth.renew();

        // Assert interaction and return value
        assertSame(auth, result);
        verify(auth, times(1)).getSubject();
    }

        @Override
        public HashMap getTrustedDomains(NtlmPasswordAuthentication auth) throws SmbAuthException {
            if (disabled || auth.domain == "?")
                return null;
            return super.getTrustedDomains(auth);
        }

        @Override
        public SmbTransport getDc(String domain, NtlmPasswordAuthentication auth) throws SmbAuthException {
            if (disabled)
                return null;

            }
        }
        t = new SmbTree(this, share, service);
        trees.addElement(t);
        return t;
    }

    boolean matches(final NtlmPasswordAuthentication auth) {
        return this.auth == auth || this.auth.equals(auth);
    }

    synchronized SmbTransport transport() {
        if (transport == null) {
            transport = SmbTransport.getSmbTransport(address, port, localAddr, localPort, null);

                this.auth.isGuest() ? null : this.auth.getUserDomain(),
                this.auth.isGuest() ? this.transportContext.getConfig().getGuestUsername() : this.auth.getUsername(), this.workstation,
                this.ntlmsspFlags, this.auth.isGuest() || !this.auth.isAnonymous());
    }

    /**

    /**
     * Test parsing with an unknown auth type.
     * Expects an empty list of authorizations.
     * @throws PACDecodingException should not be thrown
     */
    @Test
    void testParseUnknownAuthType() throws PACDecodingException {
        // GIVEN an unknown auth type
        int unknownAuthType = -1;
        byte[] emptyToken = new byte[0];

        // WHEN parsing the auth data

    /**
     * Gets the map of trusted domains for DFS resolution
     * @param auth the authentication credentials
     * @return a map of trusted domain names to domain controllers
     * @throws SmbAuthException if authentication fails
     */
    public HashMap getTrustedDomains(final NtlmPasswordAuthentication auth) throws SmbAuthException {
        if (DISABLED || auth.domain == "?") {
            return null;
        }

            if (cred instanceof final NtlmPasswordAuthentication auth) {
                if (auth == NtlmPasswordAuthentication.ANONYMOUS) {
                    lmHash = new byte[0];
                    ntHash = new byte[0];
                    capabilities &= ~SmbConstants.CAP_EXTENDED_SECURITY;
                } else if (session.transport.server.encryptedPasswords) {
                    lmHash = auth.getAnsiHash(session.transport.server.encryptionKey);

     */
    public NtlmContext(final NtlmPasswordAuthentication auth, final boolean doSigning) {
        this.auth = auth;
        this.ntlmsspFlags =
                ntlmsspFlags | NtlmFlags.NTLMSSP_REQUEST_TARGET | NtlmFlags.NTLMSSP_NEGOTIATE_NTLM2 | NtlmFlags.NTLMSSP_NEGOTIATE_128;
        if (doSigning) {
            this.ntlmsspFlags |=