import mockwebserver3.junit5.StartStop
import org.apache.hc.client5.http.classic.methods.HttpGet
import org.apache.hc.client5.http.impl.classic.HttpClients
import org.apache.hc.core5.http.io.entity.EntityUtils
import org.junit.jupiter.api.AfterEach
import org.junit.jupiter.api.Test

/**
 * Apache HttpClient 5.x.
 *
 * https://hc.apache.org/httpcomponents-client-5.0.x/index.html
 *

    print("name")
    for (client in clients) {
      print("\t")
      print(client.nameAndVersion)
    }
    println()
    val sortedSuites =
      ianaSuites.suites.sortedBy { ianaSuite ->
        val index = orderBy.indexOfFirst { it.matches(ianaSuite) }
        if (index == -1) Integer.MAX_VALUE else index
      }
    for (suiteId in sortedSuites) {
      print(suiteId.name)
      for (client in clients) {
        print("\t")

    .build();
```

Client Authentication
---------------------

The above scenario is representative of most TLS set ups: the client uses certificates to validate
the identity of a server. The converse is also possible. Here we create a server that authenticates
a client and a client that authenticates a server.

```java
// Create the root for client and server to trust. We could also use different roots for each!

```
mc admin service restart myminio
```

### Using WebIdentiy API

Client ID can be found by clicking any of the clients listed [here](http://localhost:8080/auth/admin/master/console/#/realms/minio/clients). If you have followed the above steps docs, the default Client ID will be `account`.

```

    )

  val orderBy = okhttp.enabled + chrome80.enabled + safari12Osx.enabled + rest(clients)
  val survey = CipherSuiteSurvey(clients = clients, ianaSuites = ianaSuitesNew, orderBy = orderBy)

  survey.printGoogleSheet()
}

fun rest(clients: List<Client>): List<SuiteId> {
  // combine all ciphers to get these near the top
  return clients.flatMap { it.enabled }

      .addConverterFactory(moshiConverterFactory)
      .callFactory(callFactory)
      .build()

  private val sslLabsApi = retrofit.create(SslLabsApi::class.java)

  suspend fun clients(): List<Client> =
    sslLabsApi.clients().map { userAgent ->
      Client(
        userAgent = userAgent.name,
        version = userAgent.version,
        platform = userAgent.platform,
        enabled = userAgent.suiteNames.map { SuiteId(null, it) },

    if (true) {
      client.requestOauthSession(scopes, null);
    } else {
      OAuthSession session = new OAuthSession(true,
          "xoxp-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXXX-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
          scopes, "UXXXXXXXX", "My Slack Group", "TXXXXXXXX");
      client.initOauthSession(session);
    }

    client.awaitAccessToken(Timeout.NONE);
    client.startRtm();
  }

// existing ETag entry.
//
// Due to legacy S3 clients, that make incorrect assumptions
// about HTTP headers, Set should be used instead of
// http.Header.Set(...). Otherwise, some S3 clients will not
// able to extract the ETag.
func Set(etag ETag, h http.Header) {
	// Some (broken) S3 clients expect the ETag header to
	// literally "ETag" - not "Etag". Further, some clients
	// expect an ETag in double quotes. Therefore, we set the

import mockwebserver3.junit5.StartStop
import org.eclipse.jetty.client.HttpClient
import org.junit.jupiter.api.AfterEach
import org.junit.jupiter.api.BeforeEach
import org.junit.jupiter.api.Test

/**
 * Jetty HTTP client.
 *
 * https://www.eclipse.org/jetty/documentation/current/http-client.html
 *
 * Baseline test if we ned to validate OkHttp behaviour against other popular clients.
 */
class JettyHttpClientTest {

                This is particularly useful when automatically generating clients or
                SDKs for your API.

                Read more about it in the
                [FastAPI docs about how to Generate Clients](https://fastapi.tiangolo.com/advanced/generate-clients/#custom-generate-unique-id-function).
                """
            ),
        ] = Default(generate_unique_id),