* should be encrypted (message confidentiality).
    */
    int NTLMSSP_NEGOTIATE_SEAL = 0x00000020;

    /**
    * Indicates datagram authentication.
    */
    int NTLMSSP_NEGOTIATE_DATAGRAM_STYLE = 0x00000040;

    /**
    * Indicates that the LAN Manager session key should be used for
    * signing and sealing authenticated communication.
    */

     * target authentication realm is a share (presumably for share-level
     * authentication).
     */
    int NTLMSSP_TARGET_TYPE_SHARE = 0x00040000;

    /**
     * Indicates that the NTLM2 signing and sealing scheme should be used
     * for protecting authenticated communications. This refers to a
     * particular session security scheme, and is not related to the use
     * of NTLMv2 authentication.
     */

	Reason string `json:"reason"`
}

// AuthNResponse - represents a result of the authentication operation.
type AuthNResponse struct {
	Success *AuthNSuccessResponse
	Failure *AuthNErrorResponse
}

const (
	minValidityDurationSeconds int = 900
	maxValidityDurationSeconds int = 365 * 24 * 3600
)

// Authenticate authenticates the token with the external hook endpoint and

Bu bölümde, **FastAPI** uygulamanızda aynı scope'lu OAuth2 ile authentication ve authorization'ı nasıl yöneteceğinizi göreceksiniz.

/// warning | Uyarı

Bu bölüm az çok ileri seviye sayılır. Yeni başlıyorsanız atlayabilirsiniz.

OAuth2 scope'larına mutlaka ihtiyacınız yok; authentication ve authorization'ı istediğiniz şekilde ele alabilirsiniz.

        ntlmServlet.service(request, response);

        // Verify that no authentication challenge is sent
        verify(response, never()).setHeader(eq("WWW-Authenticate"), anyString());
        verify(response, never()).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
    }

    /**
     * Helper method to set up common mocks required for authentication tests.
     * @throws CIFSException
     */

     * @throws CIFSException if an error occurs during authentication
     * @deprecated functionality is broken and will be removed at some point,
     *             use actual Active Directory authentication instead
     */
    @Deprecated
    void logon(CIFSContext tc, Address dc) throws CIFSException;

    /**
     * Authenticate arbitrary credentials represented by the

def test_security_http_basic_no_credentials():
    response = client.get("/users/me")
    assert response.json() == {"detail": "Not authenticated"}
    assert response.status_code == 401, response.text
    assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'


def test_security_http_basic_invalid_credentials():
    response = client.get(

        verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(response).setHeader("WWW-Authenticate", "NTLM");
        verify(response).flushBuffer();
    }

    /**
     * Test doGet with NTLM authentication for directory listing
     * This test verifies the authentication flow without actual network operations
     */
    @Test
    void testDoGet_DirectoryListing() throws Exception {

        // Execute
        NtlmPasswordAuthentication result = NtlmSsp.authenticate(mockCifsContext, mockRequest, mockResponse, challenge);

        // Verify
        assertNull(result, "Authentication result should be null");
        verify(mockResponse).setHeader("WWW-Authenticate", "NTLM");
        verify(mockResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);

import javax.security.auth.login.LoginException;

/**
 * Kerberos credentials management class that handles authentication through JAAS.
 */
public class KerberosCredentials {

    private Subject subject;

    /**
     * Creates KerberosCredentials using the default JAAS configuration.
     *
     * @throws LoginException if authentication fails
     */
    public KerberosCredentials() throws LoginException {