*/
    fun fastFallback(fastFallback: Boolean) =
      apply {
        this.fastFallback = fastFallback
      }

    /**
     * Sets the authenticator used to respond to challenges from origin servers. Use
     * [proxyAuthenticator] to set the authenticator for proxy servers.
     *
     * If unset, the [no authentication will be attempted][Authenticator.NONE].
     */

          assertThat(response.code).isEqualTo(HttpURLConnection.HTTP_PROXY_AUTH)
          assertThat(response.request.url.host).isEqualTo("android.com")
          val challenges = response.challenges()
          assertThat(challenges[0].scheme).isEqualTo("OkHttp-Preemptive")
          response.request
            .newBuilder()
            .header("Proxy-Authorization", credential)
            .build()

      .newBuilder()
      .addHeader(header, credential)
      .build()
  }

  private fun schemeMatches(response: Response): Boolean {
    if (scheme == null) return true
    return response.challenges().any { it.scheme.equals(scheme, ignoreCase = true) }
  }

 * challenge. The proxy authenticator may return either an authenticated request, or null to
 * connect without authentication.
 *
 * ```java
 * for (Challenge challenge : response.challenges()) {
 *   // If this is preemptive auth, use a preemptive credential.
 *   if (challenge.scheme().equalsIgnoreCase("OkHttp-Preemptive")) {

  //    - redo the API to be as close to identical to ReentrantLock as possible,
  //      since, after all, this class is also a reentrant mutual exclusion lock!?

  /*
   * One of the key challenges of this class is to prevent lost signals, while trying hard to
   * minimize unnecessary signals. One simple and correct algorithm is to signal some other waiter

 *  New: `EventListener.followUpDecision()` is called each time a response is received. It notifies
    your listener if OkHttp has decided to make a follow-up request. Some common follow-ups are
    authentication challenges and redirects.

 *  New: Handy constants for `Headers.EMPTY`, `RequestBody.EMPTY`, and `ResponseBody.EMPTY`.

 *  New: OkHttp now calls `StrictMode.noteSlowCall()` when initializing TLS on Android. Use

	public final fun body ()Lokhttp3/ResponseBody;
	public final fun cacheControl ()Lokhttp3/CacheControl;
	public final fun cacheResponse ()Lokhttp3/Response;
	public final fun challenges ()Ljava/util/List;
	public fun close ()V
	public final fun code ()I
	public final fun handshake ()Lokhttp3/Handshake;
	public final fun header (Ljava/lang/String;)Ljava/lang/String;

	public final fun body ()Lokhttp3/ResponseBody;
	public final fun cacheControl ()Lokhttp3/CacheControl;
	public final fun cacheResponse ()Lokhttp3/Response;
	public final fun challenges ()Ljava/util/List;
	public fun close ()V
	public final fun code ()I
	public final fun handshake ()Lokhttp3/Handshake;
	public final fun header (Ljava/lang/String;)Ljava/lang/String;

    val response = authenticator.onlyResponse()
    assertThat(
      response.request.url
        .toUrl()
        .path,
    ).isEqualTo("/private")
    assertThat(response.challenges()).isEqualTo(listOf(Challenge("Basic", "protected area")))
  }

  @Test
  fun customTokenAuthenticator() {
    server.enqueue(
      MockResponse(
        code = 401,

import java.util.Collections.singletonMap
import java.util.Locale.US
import kotlin.text.Charsets.ISO_8859_1
import okhttp3.internal.unmodifiable

/**
 * An [RFC 7235][rfc_7235] challenge.
 *
 * [rfc_7235]: https://tools.ietf.org/html/rfc7235
 */
class Challenge(
  /** Returns the authentication scheme, like `Basic`. */
  @get:JvmName("scheme") val scheme: String,
  authParams: Map<String?, String>,
) {
  /**