## Introduction

MinIO provides a custom STS API that allows authentication with client X.509 / TLS certificates.

A major advantage of certificate-based authentication compared to other STS authentication methods, like OpenID Connect or LDAP/AD, is that client authentication works without any additional/external component that must be constantly available. Therefore, certificate-based authentication may provide better availability / lower operational complexity.

        verify(mockResponse, times(1)).getErrorCode();
    }

    @Test
    void testSetMid() {
        long mid = 12345L;
        mockResponse.setMid(mid);

        // Verify that the method was called with the correct argument
        verify(mockResponse, times(1)).setMid(mid);
    }

    @Test
    void testGetMid() {
        long mid = 54321L;
        when(mockResponse.getMid()).thenReturn(mid);

        @Test
        @DisplayName("Should return correct transport context")
        void testGetTransportContext() throws Exception {
            DcerpcPipeHandle handle = createMockedDcerpcPipeHandle();
            assertEquals(mockContext, handle.getTransportContext());
        }

        @Test
        @DisplayName("Should return correct server name")
        void testGetServer() throws Exception {

        assertEquals(2, entries.length, "The number of entries should be correct.");

        // The getEntries method returns FileEntry objects. We can check their names.
        assertEquals("\\domain\share1", entries[0].getName(), "The name of the first share should be correct.");
        assertEquals("\\domain\share2", entries[1].getName(), "The name of the second share should be correct.");
    }

    /**

public class FessActionValidatorTest extends UnitFessTestCase {

    public void test_constructor() {
        // Test basic class structure without complex mocking
        assertEquals("FessActionValidator should be in correct package", "org.codelibs.fess.validation.FessActionValidator",
                FessActionValidator.class.getName());
    }

    public void test_inheritance() {

from flask import Flask, request

boto3.set_stream_logger('boto3.resources', logging.DEBUG)

authorize_url = "http://localhost:8080/auth/realms/minio/protocol/openid-connect/auth"
token_url = "http://localhost:8080/auth/realms/minio/protocol/openid-connect/token"

# callback url specified when the application was defined
callback_uri = "http://localhost:8000/oauth2/callback"

# keycloak id and secret
client_id = 'account'

    /**
     * SMB command to logoff from a session with extended attributes.
     */
    public static final byte SMB_COM_LOGOFF_ANDX = (byte) 0x74;

    /**
     * SMB command to connect to a tree share with extended attributes.
     */
    public static final byte SMB_COM_TREE_CONNECT_ANDX = (byte) 0x75;

    /**
     * SMB command for NT transaction operations.
     */

///

## OpenID Connect

OpenID Connect es otra especificación, basada en **OAuth2**.

Solo extiende OAuth2 especificando algunas cosas que son relativamente ambiguas en OAuth2, para intentar hacerla más interoperable.

Por ejemplo, el login de Google usa OpenID Connect (que internamente usa OAuth2).

Pero el login de Facebook no soporta OpenID Connect. Tiene su propia versión de OAuth2.

///

## OpenID Connect

OpenID Connect - это еще один протокол, основанный на **OAuth2**.

Он просто расширяет OAuth2, уточняя некоторые вещи, не имеющие однозначного определения в OAuth2, в попытке сделать его более совместимым.

Например, для входа в Google используется OpenID Connect (который под собой использует OAuth2).

Но вход в Facebook не поддерживает OpenID Connect. У него есть собственная вариация OAuth2.

    void testTreeConnectAndDisconnect() throws Exception {
        SmbTree tree = new SmbTree(session, "testShare", "testService");

        // Mock transport.connect() to succeed
        doNothing().when(transport).connect();

        // Setup response for tree connect
        doAnswer(invocation -> {
            ServerMessageBlock request = invocation.getArgument(0);
            ServerMessageBlock response = invocation.getArgument(1);