assert response.headers["WWW-Authenticate"] == "Basic"


def test_security_http_basic_invalid_credentials():
    response = client.get(
        "/users/me", headers={"Authorization": "Basic notabase64token"}
    )
    assert response.status_code == 401, response.text
    assert response.headers["WWW-Authenticate"] == "Basic"
    assert response.json() == {"detail": "Invalid authentication credentials"}

                "beforeProjectExecution project-basic", //
                "beforeProjectLifecycleExecution project-basic", //
                "beforeMojoExecution project-basic:default-resources", //
                "afterMojoExecutionSuccess project-basic:default-resources", //
                "beforeMojoExecution project-basic:default-compile", //
                "afterMojoExecutionSuccess project-basic:default-compile", //

object Credentials {
  /** Returns an auth credential for the Basic scheme. */
  @JvmStatic @JvmOverloads
  fun basic(
    username: String,
    password: String,
    charset: Charset = ISO_8859_1,
  ): String {
    val usernameAndPassword = "$username:$password"
    val encoded = usernameAndPassword.encode(charset).base64()
    return "Basic $encoded"
  }

    protected static final String SPNEGO_PROMPT_NTLM = "spnego.prompt.ntlm";
    protected static final String SPNEGO_ALLOW_UNSECURE_BASIC = "spnego.allow.unsecure.basic";
    protected static final String SPNEGO_ALLOW_BASIC = "spnego.allow.basic";
    protected static final String SPNEGO_PREAUTH_PASSWORD = "spnego.preauth.password";
    protected static final String SPNEGO_PREAUTH_USERNAME = "spnego.preauth.username";

    url = server.url("/api/login?user=test_user&authentication=basic&password=confidential_password")
    val networkInterceptor =
      HttpLoggingInterceptor(networkLogs).setLevel(
        Level.BASIC,
      )
    networkInterceptor.redactQueryParams("user", "passWord")

    val applicationInterceptor =
      HttpLoggingInterceptor(applicationLogs).setLevel(
        Level.BASIC,
      )

    val request = response.request
    val url = request.url
    val proxyAuthorization = response.code == 407
    val proxy = route?.proxy ?: Proxy.NO_PROXY

    for (challenge in challenges) {
      if (!"Basic".equals(challenge.scheme, ignoreCase = true)) {
        continue
      }

      val dns = route?.address?.dns ?: defaultDns
      val auth =
        if (proxyAuthorization) {

      Response.Builder()
        .request(request)
        .code(401)
        .header("WWW-Authenticate", "Basic realm=\"User Visible Realm\"")
        .protocol(HTTP_2)
        .message("Unauthorized")
        .build()
    val authRequest = authenticator.authenticate(route, response)

    assertEquals(
      "Basic ${RecordingAuthenticator.BASE_64_CREDENTIALS}",
      authRequest!!.header("Authorization"),
    )
  }

    client_id: optional string. OAuth2 recommends sending the client_id and client_secret (if any)
        using HTTP Basic auth, as: client_id:client_secret
    client_secret: optional string. OAuth2 recommends sending the client_id and client_secret (if any)
        using HTTP Basic auth, as: client_id:client_secret
    """

    def __init__(
        self,
        grant_type: Annotated[
            str,

      MockResponse(
        code = 401,
        headers = headersOf("WWW-Authenticate", "Basic realm=\"protected area\""),
      ),
    )
    server.enqueue(
      MockResponse(body = "c"),
    )
    val authenticator =
      RecordingOkAuthenticator(
        basic("jesse", "peanutbutter"),
        "Basic",
      )
    client =
      client.newBuilder()
        .authenticator(authenticator)

      ImmutableMap.of(
          '\n', "<newline>",
          '\t', "<tab>",
          '&', "<and>");

  public void testSafeRange() throws IOException {
    // Basic escaping of unsafe chars (wrap them in {,}'s)
    CharEscaper wrappingEscaper =
        new ArrayBasedCharEscaper(NO_REPLACEMENTS, 'A', 'Z') {
          @Override
          protected char[] escapeUnsafe(char c) {