# contents: read
      # actions: read

    steps:
      - name: "Checkout code"
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

      - name: "Run analysis"
        uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
        with:
          results_file: results.sarif
          results_format: sarif

     *
     * @param domain the domain for the DFS referral
     * @param root the DFS root share
     * @param path the DFS path to resolve
     * @param tf the CIFS context containing configuration and credentials
     * @return the final referral for the given DFS path
     * @throws CIFSException if an error occurs during resolution
     * @throws jcifs.smb.SmbAuthException if authentication fails
     */

      id-token: write

    steps:
      - name: "Checkout code"
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

      - name: "Run analysis"
        uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
        with:
          results_file: results.sarif
          results_format: sarif

OPA is a lightweight general-purpose policy engine that can be co-located with MinIO server, in this document we talk about how to use OPA HTTP API to authorize requests. It can be used with any type of credentials (STS based like OpenID or LDAP, regular IAM users or service accounts).

OPA is enabled through MinIO's Access Management Plugin feature.

## Get started

### 1. Start OPA in a container

```sh
podman run -it \

    }

    /**
     * Processes the CORS request by adding standard CORS headers to the response.
     * Headers include allowed origin, methods, headers, max age, and credentials setting.
     *
     * @param origin the origin of the request
     * @param request the servlet request
     * @param response the servlet response to add CORS headers to
     */
    @Override

/// tip

The *path operation* for `swagger_ui_redirect` is a helper for when you use OAuth2.

If you integrate your API with an OAuth2 provider, you will be able to authenticate and come back to the API docs with the acquired credentials. And interact with it using the real OAuth2 authentication.

Swagger UI will handle it behind the scenes for you, but it needs this "redirect" helper.

///

class DfsResolverTest {

    private DfsResolver dfsResolver;

    @Mock
    private CIFSContext mockContext;

    @Mock
    private Configuration mockConfig;

    @Mock
    private Credentials mockCredentials;

    @Mock
    private SmbTransportPool mockTransportPool;

    @Mock
    private SmbTransportInternal mockTransport;

    @BeforeEach
    void setUp() {

    //

    // GET /api/admin/general
    /**
     * Returns the current general system settings.
     * Excludes sensitive information like LDAP security credentials from the response.
     *
     * @return JSON response containing the general settings configuration
     */
    @Execute
    public JsonResponse<ApiResult> get$index() {
        final EditBody form = new EditBody();

 */
package org.codelibs.fess.crawler.client.smb1;

import org.codelibs.jcifs.smb1.NtlmPasswordAuthentication;

/**
 * Represents SMB1 authentication information, including server details,
 * credentials, and domain. This class is used to encapsulate the necessary
 * information for authenticating with an SMB1 server.
 *
 * <p>
 * It provides methods to set and retrieve the server address, port, username,

 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.crawler.client.smb;

/**
 * Represents SMB authentication information, including server details,
 * credentials, and domain. This class is used to encapsulate the necessary
 * information for authenticating with an SMB server.
 *
 * <p>
 * It provides methods to set and retrieve the server address, port, username,