@Mock
    private HttpServletRequest mockRequest;

    @Mock
    private HttpServletResponse mockResponse;

    private NtlmSsp ntlmSsp;

    // A sample challenge array
    private final byte[] challenge = new byte[] { 0x01, 0x23, 0x45, 0x67, (byte) 0x89, (byte) 0xab, (byte) 0xcd, (byte) 0xef };

    // Base64 encoded Type 1 message: NTLMSSP, Type 1, flags=0x00088207

// error if the server message is invalid.  Calling Step after a conversation
// completes is also an error.
func (x *XDGSCRAMClient) Step(challenge string) (response string, err error) {
	response, err = x.ClientConversation.Step(challenge)
	return response, err
}

// Done returns true if the conversation is completed or has errored.
func (x *XDGSCRAMClient) Done() bool {
	return x.ClientConversation.Done()

    private Type2Message createMockType2Message() {
        // Create a basic Type 2 message with challenge
        byte[] challenge = new byte[8];
        new SecureRandom().nextBytes(challenge);

        int flags = NtlmFlags.NTLMSSP_NEGOTIATE_UNICODE | NtlmFlags.NTLMSSP_NEGOTIATE_NTLM;

        return new Type2Message(createMockContext(), flags, challenge, "TARGET");
    }

    /**

     * @param workstation The workstation.
     * @param challenge The Type 2 challenge message.
     * @return The Type 3 message.
     * @throws NTLMEngineException if an NTLM engine error occurs.
     */
    @Override
    public String generateType3Msg(final String username, final String password, final String domain, final String workstation,
            final String challenge) throws NTLMEngineException {

  }

  @Test @Disabled
  fun challenge() {
    val challenge = Challenge("", mapOf("" to ""))
    val scheme: String = challenge.scheme()
    val authParams: Map<String?, String> = challenge.authParams()
    val realm: String? = challenge.realm()
    val charset: Charset = challenge.charset()
  }

  @Test @Disabled
  fun cipherSuite() {

        }

        @Test
        @DisplayName("Should handle exception when getting challenge")
        void testGetChallengeException() throws CIFSException {
            // Given
            when(transportPool.getChallenge(context, address)).thenThrow(new CIFSException("Failed to get challenge"));

            // When & Then

     * Authenticates using the provided context
     *
     * @param context the CIFS context
     * @param challenge the server challenge (may be null for some auth types)
     * @return authentication response data
     * @throws CIFSException if authentication fails
     */
    byte[] authenticate(CIFSContext context, byte[] challenge) throws CIFSException;

    /**
     * Gets the session key after successful authentication
     *

  }

  @Test
  fun challenge() {
    var challenge = Challenge("", mapOf("" to ""))
    challenge = Challenge("", "")
    val scheme: String = challenge.scheme
    val authParams: Map<String?, String> = challenge.authParams
    val realm: String? = challenge.realm
    val charset: Charset = challenge.charset
    val utf8: Challenge = challenge.withCharset(Charsets.UTF_8)
  }

  @Test

If the response issues an authorization challenge, OkHttp will ask the [`Authenticator`](https://square.github.io/okhttp/4.x/okhttp/okhttp3/-authenticator/) (if one is configured) to satisfy the challenge. If the authenticator supplies a credential, the request is retried with that credential included.

## Retrying Requests

   * auth param in the challenge at key null. Invalid headers and challenges are ignored.
   * No semantic validation is done, for example that `Basic` auth must have a `realm`
   * auth param, this is up to the caller that interprets these challenges.
   */
  fun challenges(): List<Challenge> {
    return headers.parseChallenges(
      when (code) {
        HTTP_UNAUTHORIZED -> "WWW-Authenticate"
        HTTP_PROXY_AUTH -> "Proxy-Authenticate"