permissions: {}

jobs:
  CodeQL-Build:
    permissions:
      actions: read  # for github/codeql-action/init to get workflow details
      contents: read  # for actions/checkout to fetch code
      security-events: write  # for github/codeql-action/analyze to upload SARIF results
    runs-on: ubuntu-latest

    strategy:
      fail-fast: false
      matrix:

import com.google.errorprone.annotations.Immutable;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.io.Serializable;
import java.nio.ByteBuffer;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;

/**
 * {@link HashFunction} adapter for {@link MessageDigest} instances.
 *
 * @author Kevin Bourrillion
 * @author Dimitris Andreou
 */

        pytest.param("tutorial004_an_py39"),
        pytest.param("tutorial004_an_py310", marks=needs_py310),
    ],
)
def get_mod(request: pytest.FixtureRequest):
    mod = importlib.import_module(f"docs_src.security.{request.param}")

    return mod


def get_access_token(*, username="johndoe", password="secret", client: TestClient):
    data = {"username": username, "password": password}

        }
    }

    /**
     * Returns whether SIDs (Security Identifiers) should be resolved.
     * @return true if SIDs should be resolved, false otherwise
     */
    public boolean isResolveSids() {
        return resolveSids;
    }

    /**
     * Sets whether SIDs (Security Identifiers) should be resolved.
     * @param resolveSids true to resolve SIDs, false otherwise
     */

    /** The referenced account is currently disabled */
    int NT_STATUS_ACCOUNT_DISABLED = 0xC0000072;
    /** No mapping between account names and security IDs was done */
    int NT_STATUS_NONE_MAPPED = 0xC0000073;
    /** The security ID structure is invalid */
    int NT_STATUS_INVALID_SID = 0xC0000078;
    /** The requested pipe instance is not available */
    int NT_STATUS_INSTANCE_NOT_AVAILABLE = 0xC00000ab;

import static org.mockito.Mockito.mockStatic;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;

import java.security.DigestException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;

-dontwarn javax.annotation.**

# Animal Sniffer compileOnly dependency to ensure APIs are compatible with older versions of Java.
-dontwarn org.codehaus.mojo.animal_sniffer.*

# OkHttp platform used only on JVM and when Conscrypt and other security providers are available.
# May be used with robolectric or deliberate use of Bouncy Castle on Android
-dontwarn okhttp3.internal.platform.**
-dontwarn org.conscrypt.**

    @Test
    @DisplayName("Test encode with maximum security mode")
    void testEncodeWithMaxSecurityMode() {
        ValidateNegotiateInfoRequest request =
                new ValidateNegotiateInfoRequest(DEFAULT_CAPABILITIES, defaultClientGuid, 0xFFFF, defaultDialects);

        byte[] buffer = new byte[request.size()];
        request.encode(buffer, 0);

        // Verify max security mode value (2 bytes)

# Sicherheit { #security }

Es gibt viele Wege, Sicherheit, Authentifizierung und Autorisierung zu handhaben.

Und normalerweise ist es ein komplexes und „schwieriges“ Thema.

In vielen Frameworks und Systemen erfordert allein die Handhabung von Sicherheit und Authentifizierung viel Aufwand und Code (in vielen Fällen kann er 50 % oder mehr des gesamten geschriebenen Codes ausmachen).

 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs.internal.smb2;

import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.util.concurrent.locks.ReentrantLock;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;