// Execute
        NtlmPasswordAuthentication result = ntlmSsp.doAuthentication(mockCifsContext, mockRequest, mockResponse, challenge);

        // Verify that the behavior is the same as calling the static method directly
        assertNull(result, "Authentication result should be null");
        verify(mockResponse).setHeader("WWW-Authenticate", "NTLM");

        transformHeader.setSessionId(testSessionId);

        // When
        byte[] aad = transformHeader.getAssociatedData();

        // Then
        assertEquals(52, aad.length); // AAD should be same size as transform header

        // Verify protocol ID (first 4 bytes) - 0xFD534D42 in little-endian
        assertEquals((byte) 0x42, aad[0]);
        assertEquals((byte) 0x4D, aad[1]);

META-INF/MANIFEST.MF Manifest-Version: 1.0 Archiver-Version: Plexus Archiver Created-By: Apache Maven Built-By: Brett Build-Jdk: 1.5.0_04 Extension-Name: maven-plugin-api Specification-Title: Maven is a project development management and com prehension tool. Based on the concept of a project object model: buil ds, dependency management, documentation creation, site publication, and distribution publication are all controlled from the declarative file. Maven can be extended by plugins to utilise...

      return 1;
    }
    if (that == aboveAll()) {
      return -1;
    }
    int result = Range.compareOrThrow(endpoint, that.endpoint);
    if (result != 0) {
      return result;
    }
    // same value. below comes before above
    return Boolean.compare(this instanceof AboveValue, that instanceof AboveValue);
  }

  C endpoint() {
    return endpoint;
  }

  @SuppressWarnings("unchecked") // catching CCE

			t.Fatalf("Unable to create temporary file. %s", err)
		}
		if err = tmpfile.Close(); err != nil {
			t.Fatalf("Unable to create temporary file. %s", err)
		}
		return tmpfile.Name()
	}

	filename := createTempFile(
		`app="virtuous-rat-minio"
chart="minio-0.1.3"
heritage="Tiller"
pod-template-hash="818089471"`)

	defer os.Remove(filename)

	testCases := []struct {

      represent, as a whole, an original work of authorship. For the purposes
      of this License, Derivative Works shall not include works that remain
      separable from, or merely link (or bind by name) to the interfaces of,
      the Work and Derivative Works thereof.

      "Contribution" shall mean any work of authorship, including
      the original version of the Work and any modifications or additions

    Android 10. Android uses reflection to look up a magic `checkServerTrusted()` method and we
    didn't have it.
 *  Fix: Explicitly specify the remote server name when making HTTPS connections on Android 5. In
    4.3.0 we introduced a regression where server name indication (SNI) was broken on Android 5.


## Version 4.3.0

_2019-12-31_

        assertEquals(32, testConfig.getMachineId().length);

        // Check native OS
        assertNotNull(testConfig.getNativeOs());
        assertEquals(System.getProperty("os.name"), testConfig.getNativeOs());

        // Check flags2
        assertTrue(testConfig.getFlags2() > 0);
        assertTrue((testConfig.getFlags2() & SmbConstants.FLAGS2_LONG_FILENAMES) != 0);

 *
 */
public class AdminWebauthAction extends FessAdminAction {

    /**
     * Default constructor.
     */
    public AdminWebauthAction() {
        super();
    }

    /** Role name for admin web auth operations */
    public static final String ROLE = "admin-webauth";

    private static final Logger logger = LogManager.getLogger(AdminWebauthAction.class);

本章添加上一章示例中欠缺的部分，实现完整的安全流。

## 获取 `username` 和 `password`

首先，使用 **FastAPI** 安全工具获取 `username` 和 `password`。

OAuth2 规范要求使用**密码流**时，客户端或用户必须以表单数据形式发送 `username` 和 `password` 字段。

并且，这两个字段必须命名为 `username` 和 `password` ，不能使用 `user-name` 或 `email` 等其它名称。

不过也不用担心，前端仍可以显示终端用户所需的名称。

数据库模型也可以使用所需的名称。

但对于登录*路径操作*，则要使用兼容规范的 `username` 和 `password`，（例如，实现与 API 文档集成）。

该规范要求必须以表单数据形式发送 `username` 和 `password`，因此，不能使用 JSON 对象。

### `Scope`（作用域）