meet the following conditions:

      (a) You must give any other recipients of the Work or
          Derivative Works a copy of this License; and

      (b) You must cause any modified files to carry prominent notices
          stating that You changed the files; and

      (c) You must retain, in the Source form of any Derivative Works

        "Futures.getChecked exception type (%s) must not be a RuntimeException",
        exceptionClass);
    checkArgument(
        hasConstructorUsableByGetChecked(exceptionClass),
        "Futures.getChecked exception type (%s) must be an accessible class with an accessible "
            + "constructor whose parameters (if any) must be of type String and/or Throwable",
        exceptionClass);
  }

    /**
     * Returns a new array with the specified object appended to the end.
     *
     * @param <T>
     *            the type of the array elements
     * @param array
     *            the array. Must not be {@literal null}
     * @param obj
     *            the object to add
     * @return a new array with the object appended
     */
    public static <T> T[] add(final T[] array, final T obj) {

     * signing and sealing authenticated communication.
     */
    int NTLMSSP_NEGOTIATE_LM_KEY = 0x00000080;

    /**
     * ??? According to spec this is a reserved bit and must be set to zero
     */
    int NTLMSSP_NEGOTIATE_NETWARE = 0x00000100;

    /**
     * Indicates support for NTLM authentication.
     */
    int NTLMSSP_NEGOTIATE_NTLM = 0x00000200;

    /**

 * (first-in-first-out). This data structure is logically equivalent to a circular buffer (i.e.,
 * cyclic buffer or ring buffer).
 *
 * <p>An evicting queue must be configured with a maximum size. Each time an element is added to a
 * full queue, the queue automatically removes its head element. This is different from conventional

      meet the following conditions:

      (a) You must give any other recipients of the Work or
          Derivative Works a copy of this License; and

      (b) You must cause any modified files to carry prominent notices
          stating that You changed the files; and

      (c) You must retain, in the Source form of any Derivative Works

      meet the following conditions:

      (a) You must give any other recipients of the Work or
          Derivative Works a copy of this License; and

      (b) You must cause any modified files to carry prominent notices
          stating that You changed the files; and

      (c) You must retain, in the Source form of any Derivative Works

  /**
   * Creates a new, empty multiset, sorted according to the elements' natural order. All elements
   * inserted into the multiset must implement the {@code Comparable} interface. Furthermore, all
   * such elements must be <i>mutually comparable</i>: {@code e1.compareTo(e2)} must not throw a
   * {@code ClassCastException} for any elements {@code e1} and {@code e2} in the multiset. If the

We are going to use **FastAPI** security utilities to get the `username` and `password`.

OAuth2 specifies that when using the "password flow" (that we are using) the client/user must send a `username` and `password` fields as form data.

And the spec says that the fields have to be named like that. So `user-name` or `email` wouldn't work.

	if len(ldapPolicies) == 0 {
		return nil, errSFTPUserHasNoPolicies
	}

	claims := make(map[string]any)
	for attribKey, attribValue := range lookupResult.Attributes {
		// we skip multi-value attributes here, as they cannot
		// be stored in the critical options.
		if len(attribValue) != 1 {
			continue
		}

		if attribKey == "sshPublicKey" && key != nil {