@Override
    public MockResponse dispatch (RecordedRequest request) throws InterruptedException {

        switch (request.getUrl().encodedPath()) {
          case "/v1/login/auth/":
              return new MockResponse.Builder()
                  .code(200)
                  .build();
          case "/v1/check/version/":
              return new MockResponse.Builder()

                    }
                    final PasswordAuthentication auth = Authenticator.requestPasswordAuthentication(null, port, protocol, "", authMethod);
                    if (auth == null) {
                        return null;
                    }
                    user = auth.getUserName();
                    password = new String(auth.getPassword());
                } catch (final Exception ex) {}
            }

		return ErrSTSAccessDenied
	}
}

func checkAssumeRoleAuth(ctx context.Context, r *http.Request) (auth.Credentials, APIErrorCode) {
	if !isRequestSignatureV4(r) {
		return auth.Credentials{}, ErrAccessDenied
	}

	s3Err := isReqAuthenticated(ctx, r, globalSite.Region(), serviceSTS)
	if s3Err != ErrNone {
		return auth.Credentials{}, s3Err
	}

	user, _, s3Err := getReqAccessKeyV4(r, globalSite.Region(), serviceSTS)

package cmd

import (
	"errors"
	"maps"
	"net/http"
	"time"

	jwtgo "github.com/golang-jwt/jwt/v4"
	jwtreq "github.com/golang-jwt/jwt/v4/request"
	"github.com/minio/minio/internal/auth"
	xjwt "github.com/minio/minio/internal/jwt"
	"github.com/minio/pkg/v3/policy"
)

const (
	jwtAlgorithm = "Bearer"

	// Default JWT token for web handlers is one day.
	defaultJWTExpiry = 24 * time.Hour

    public void test_addRoleFromCookieMapping() {
        final RoleQueryHelper roleQueryHelper = new RoleQueryHelper();
        roleQueryHelper.addCookieNameMapping("auth", "authenticated");

        Set<String> roleSet = new HashSet<>();
        Cookie authCookie = new Cookie("auth", "true");
        roleQueryHelper.addRoleFromCookieMapping(roleSet, authCookie);

        assertEquals(1, roleSet.size());

     */
    @Test
    @DisplayName("String+Throwable ctor: sets message, cause and unsuccessful status")
    void messageAndCauseConstructor_setsFields(@Mock Throwable mockCause) {
        // Arrange
        String msg = "auth failed";

        // Act
        SmbAuthException ex = new SmbAuthException(msg, mockCause);

        // Assert
        assertEquals(msg, ex.getMessage());
        assertSame(mockCause, ex.getCause());

// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package cmd

import (
	"context"
	"strings"

	"github.com/minio/madmin-go/v3"
	"github.com/minio/minio/internal/auth"
)

// getUserWithProvider - returns the appropriate internal username based on the user provider.
// if validate is true, an error is returned if the user does not exist.

	"crypto/sha256"
	"encoding/hex"
	"io"
	"net/http"
	"net/http/httptest"
	"net/url"
	"strconv"
	"testing"
	"time"

	"github.com/minio/minio-go/v7/pkg/signer"
	"github.com/minio/minio/internal/auth"
	"github.com/minio/minio/internal/config"
	"github.com/minio/minio/internal/config/lambda"
	levent "github.com/minio/minio/internal/config/lambda/event"
	xhttp "github.com/minio/minio/internal/http"
)

	// Get current object layer instance.
	objectAPI := newObjectLayerFn()
	if objectAPI == nil || globalNotificationSys == nil {
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrServerNotInitialized), r.URL)
		return nil, auth.Credentials{}
	}

	for _, action := range actions {
		// Validate request signature.

     */
    AuthType getAuthType();

    /**
     * Authenticates using the provided context
     *
     * @param context the CIFS context
     * @param challenge the server challenge (may be null for some auth types)
     * @return authentication response data
     * @throws CIFSException if authentication fails
     */
    byte[] authenticate(CIFSContext context, byte[] challenge) throws CIFSException;

    /**