assertNotNull(clonedAfterWipe, "Cloned password should still exist");
        assertArrayEquals("originalPassword".toCharArray(), clonedAfterWipe, "Cloned password should still have original value");
    }

    @Test
    public void testEqualsWithPassword() {
        NtlmPasswordAuthenticator auth1 = new NtlmPasswordAuthenticator("DOMAIN", "user", "pass123");

   *
   * <p>{@code EqualsTester} will always check that every object it is given returns false from
   * {@code equals(null)}, so it is neither useful nor allowed to include a null value in any
   * equality group.
   */
  @CanIgnoreReturnValue
  public EqualsTester addEqualityGroup(@Nullable Object @Nullable ... equalityGroup) {
    checkNotNull(equalityGroup);

For example, if the client tries to send a `santa_tracker` cookie with a value of `good-list-please`, the client will receive an **error** response telling them that the `santa_tracker` <abbr title="Santa disapproves the lack of cookies. 🎅 Okay, no more cookie jokes.">cookie is not allowed</abbr>:

```json
{

 * the License.
 */

package com.google.common.base;

import com.google.common.annotations.GwtCompatible;
import org.jspecify.annotations.Nullable;

/**
 * Determines a true or false value for a given input; a pre-Java-8 version of {@link
 * java.util.function.Predicate java.util.function.Predicate}.
 *
 * <p>The {@link Predicates} class provides common predicates and related utilities.
 *

      if (!response.isSuccessful()) {
        Headers responseHeaders = response.headers();
        for (int i = 0; i < responseHeaders.size(); i++) {
          System.out.println(responseHeaders.name(i) + ": " + responseHeaders.value(i));
        }

        throw new IOException("Unexpected code " + response);
      }

      System.out.println(response.body().string());
    }
  }

		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrSTSInvalidParameterValue: {
		Code:           "InvalidParameterValue",
		Description:    "An invalid or out-of-range value was supplied for the input parameter.",
		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrSTSWebIdentityExpiredToken: {
		Code:           "ExpiredToken",

type KeycloakProvider struct {
	sync.Mutex

	oeConfig DiscoveryDoc
	client   http.Client
	adminURL string
	realm    string

	// internal value refreshed
	accessToken Token
}

// LoginWithUser authenticates username/password, not needed for Keycloak
func (k *KeycloakProvider) LoginWithUser(username, password string) error {
	return ErrNotImplemented
}

   * The HTTP <a
   * href="https://iabtechlab.com/wp-content/uploads/2019/06/VAST_4.2_final_june26.pdf">{@code
   * X-Device-Referer}</a> header field name. Header used for VAST requests to provide the {@link
   * #REFERER} header value that the on-behalf-of client would have used when making a request
   * itself.
   *
   * @since 31.0
   */
  public static final String X_DEVICE_REFERER = "X-Device-Referer";

  /**
   * The HTTP <a

   *
   * <p>Only runs of two or more hextets are considered. In case of a tie, the leftmost run wins. If
   * a qualifying run is found, its hextets are replaced by the sentinel value -1.
   *
   * @param hextets {@code int[]} mutable array of eight 16-bit hextets
   */
  private static void compressLongestRunOfZeroes(int[] hextets) {
    int bestRunStart = -1;
    int bestRunLength = -1;

	{Multipart: true, Metadata: map[string]string{"X-Minio-Internal-Encrypted-Multipart": ""}}, // 1
	{Multipart: true, Metadata: map[string]string{MetaMultipart: "some-value"}},                // 2
	{Multipart: false, Metadata: map[string]string{"": ""}},                                    // 3
	{Multipart: false, Metadata: map[string]string{"X-Minio-Internal-EncryptedMultipart": ""}}, // 4
}