if len(authFields) != 2 {
		return auth.Credentials{}, false, ErrMissingFields
	}

	// Then will be splitting on ":", this will separate `AWSAccessKeyId` and `Signature` string.
	keySignFields := strings.Split(strings.TrimSpace(authFields[1]), ":")
	if len(keySignFields) != 2 {
		return auth.Credentials{}, false, ErrMissingFields
	}

	return checkKeyValid(r, keySignFields[0])
}

package main

import (
	"context"
	"io"
	"log"
	"os"

	"github.com/minio/minio-go/v7"
	"github.com/minio/minio-go/v7/pkg/credentials"
)

func main() {
	s3Client, err := minio.New("minio-server-address:9000", &minio.Options{
		Creds: credentials.NewStaticV4("access-key", "secret-key", ""),
	})
	if err != nil {
		log.Fatalln(err)
	}

	var opts minio.GetObjectOptions

	// Add extract header to request:

		u, ok, err := globalIAMSys.CheckKey(r.Context(), accessKey)
		if err != nil {
			return auth.Credentials{}, false, ErrIAMNotInitialized
		}
		if !ok {
			// Credentials could be valid but disabled - return a different
			// error in such a scenario.
			if u.Credentials.Status == auth.AccountOff {
				return cred, false, ErrAccessKeyDisabled
			}
			return cred, false, ErrInvalidAccessKeyID

Luego podemos usar `secrets.compare_digest()` para asegurar que `credentials.username` es `"stanleyjobson"`, y que `credentials.password` es `"swordfish"`.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Esto sería similar a:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Return some error
    ...
```

Dann können wir `secrets.compare_digest()` verwenden, um sicherzustellen, dass `credentials.username` `"stanleyjobson"` und `credentials.password` `"swordfish"` ist.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Dies wäre das gleiche wie:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Einen Error zurückgeben
    ...
```

import jcifs.CIFSContext;
import jcifs.Configuration;
import jcifs.Credentials;

/**
 * Simple memory management tests to validate basic resource cleanup functionality
 */
public class SimpleMemoryManagementTest {

    private CIFSContext mockContext;
    private SmbTransportImpl mockTransport;
    private Configuration mockConfig;
    private Credentials mockCredentials;
    private CredentialsInternal mockCredentialsInternal;

            if (failOnRefresh) {
                throw new CIFSException("refresh failed");
            }
        }

        // ----- Credentials (super-interface) -----

        @Override
        public <T extends Credentials> T unwrap(Class<T> type) {
            if (type == null) {
                throw new NullPointerException("type");
            }
            if (type.isInstance(this)) {

 */

/**
 * An abstract class for NTLM authentication in SMB1 protocol.
 * Provides a callback mechanism for retrieving user credentials when authentication is required.
 */
public abstract class NtlmAuthenticator {

    /**

    /**
     * Cache of DFS referrals
     */
    protected CacheEntry referrals = null;

    /**
     * Gets the map of trusted domains for DFS resolution
     * @param auth the authentication credentials
     * @return a map of trusted domain names to domain controllers
     * @throws SmbAuthException if authentication fails
     */

    void setup() {
        // Base context configuration - always needed
        when(cifsContext.getConfig()).thenReturn(configuration);

        // Context and credentials wiring - used by most tests
        when(cifsContext.getCredentials()).thenReturn(credentials);
        when(credentials.unwrap(CredentialsInternal.class)).thenReturn(credentialsInternal);
        when(credentialsInternal.clone()).thenReturn(credentialsInternal);