SMBUtil.writeInt2(this.token != null ? this.token.length : 0, dst, dstIndex);
        dstIndex += 2;
        SMBUtil.writeInt8(this.previousSessionId, dst, dstIndex);
        dstIndex += 8;
        SMBUtil.writeInt2(dstIndex - getHeaderStart(), dst, offsetOffset);

        dstIndex += pad8(dstIndex);

        if (this.token != null) {
            System.arraycopy(this.token, 0, dst, dstIndex, this.token.length);

Этот код можно реально использовать в своем приложении, сохранять хэши паролей в базе данных и т.д.

Мы продолжим разбираться, начиная с того места, на котором остановились в предыдущей главе.

## Про JWT

JWT означает "JSON Web Tokens".

        SpnegoContext ctx = newContext();

        // The initial token path should ask the mechanism for a zero-length optimistic token
        when(this.mechContext.getFlags()).thenReturn(0x1234);
        when(this.mechContext.initSecContext(any(byte[].class), eq(0), eq(0))).thenReturn(new byte[] { 0x01, 0x02 });

        // Act: len==0 triggers initial token construction
        byte[] out = ctx.initSecContext(null, 0, 0);

            }
            return permissions;
        }

        @Override
        public boolean refresh() {
            // MSAL4J handles token refresh internally through silent authentication
            // Check if token is still valid by comparing absolute timestamps
            final long tokenExpiryTime = authResult.expiresOnDate().getTime(); // milliseconds since epoch

For example, to declare a header of `X-Token` that can appear more than once, you can write:

{* ../../docs_src/header_params/tutorial003_an_py310.py hl[9] *}

If you communicate with that *path operation* sending two HTTP headers like:

```
X-Token: foo
X-Token: bar
```

The response would be like:

```JSON
{
    "X-Token values": [
        "bar",
        "foo"
    ]
}
```

    /**
     * Generate the access token.
     * @return The access token.
     */
    public String generateAccessToken() {
        return RandomStringUtils.random(ComponentUtil.getFessConfig().getApiAccessTokenLengthAsInteger(), 0, 0, true, true, null, random);
    }

    /**
     * Get the access token from the request.
     * @param request The request.
     * @return The access token.
     */

        Exception cause = new RuntimeException("Token validation failed");
        SsoLoginException exception = new SsoLoginException(message, cause);

        assertEquals(message, exception.getMessage());
        assertNotNull(exception.getCause());
        assertEquals(cause, exception.getCause());
        assertEquals("Token validation failed", exception.getCause().getMessage());
    }

    /**
     * Constructs a KerberosTicket from token bytes.
     *
     * @param token the ticket token bytes
     * @param apOptions AP options flags
     * @param keys array of Kerberos keys for decryption
     * @throws PACDecodingException if ticket decoding fails
     */
    public KerberosTicket(byte[] token, byte apOptions, KerberosKey[] keys) throws PACDecodingException {
        if (token.length <= 0) {

        // Test constructor with whitespace in type
        String type = "  Bearer Token  ";
        String message = "Whitespace in token type";
        InvalidAccessTokenException exception = new InvalidAccessTokenException(type, message);

        assertEquals("  Bearer Token  ", exception.getType());
        assertEquals(message, exception.getMessage());
        assertNull(exception.getCause());

    }

    /**
     * Gets the OpenID Connect token server URL.
     *
     * @return the token server URL
     */
    protected String getOicTokenServerUrl() {
        return ComponentUtil.getSystemProperties().getProperty(OIC_TOKEN_SERVER_URL, "https://accounts.google.com/o/oauth2/token");
    }

    /**
     * Gets the OpenID Connect redirect URL.
     *