These examples are intentionally simple, but show how it all works.

In the chapters about security, there are utility functions that are implemented in this same way.

If you understood all this, you already know how those utility tools for security work underneath.

 */

package jcifs.smb1.smb1;

import java.io.UnsupportedEncodingException;
import java.io.Serializable;
import java.security.Principal;
import java.security.MessageDigest;
import java.security.GeneralSecurityException;
import java.util.Random;

import jcifs.smb1.Config;
import jcifs.smb1.util.*;

import java.util.Arrays;

/**

an application (for example, on mobile devices) that requests temporary security credentials without including MinIO long lasting credentials in the application. Instead, the identity of the caller is validated by using a JWT id_token from the web identity provider. The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to MinIO API operations.

By default, the...

    }

    /**
     * Returns the local security context.
     *
     * @return A <code>byte[]</code> containing the local security
     * context.  This is used by the client to negotiate local
     * authentication.
     */
    public byte[] getContext() {
        return context;
    }

    /**
     * Sets the local security context.  This is used by the client

special permissions listed above. Follow [MinIO STS Quickstart Guide](https://min.io/docs/minio/linux/developers/security-token-service.html) to manage users with an IDP.

## Explore Further

- [MinIO Client Complete Guide](https://min.io/docs/minio/linux/reference/minio-mc.html)
- [MinIO STS Quickstart Guide](https://min.io/docs/minio/linux/developers/security-token-service.html)

import pytest
from dirty_equals import IsDict
from fastapi.testclient import TestClient

from ...utils import needs_py310


@pytest.fixture(name="client")
def get_client():
    from docs_src.security.tutorial003_an_py310 import app

    client = TestClient(app)
    return client


@needs_py310
def test_login(client: TestClient):
    response = client.post("/token", data={"username": "johndoe", "password": "secret"})

import pytest
from dirty_equals import IsDict
from fastapi.testclient import TestClient

from ...utils import needs_py310


@pytest.fixture(name="client")
def get_client():
    from docs_src.security.tutorial003_py310 import app

    client = TestClient(app)
    return client


@needs_py310
def test_login(client: TestClient):
    response = client.post("/token", data={"username": "johndoe", "password": "secret"})

import com.google.errorprone.annotations.Immutable;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.io.Serializable;
import java.nio.ByteBuffer;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;

/**
 * {@link HashFunction} adapter for {@link MessageDigest} instances.
 *
 * @author Kevin Bourrillion
 * @author Dimitris Andreou
 */

    }


    /**
     * Returns the local security context.
     *
     * @return A <code>byte[]</code> containing the local security
     *         context. This is used by the client to negotiate local
     *         authentication.
     */
    public byte[] getContext () {
        return this.context;
    }


    /**
     * Sets the local security context. This is used by the client

   reported vulnerability and how it might be exploited. Alternatively,
   a well-established vulnerability identifier, e.g. CVE number, can be
   used instead.

Based on the description mentioned above, a MinIO engineer or security team
member investigates:

- Whether the reported vulnerability exists.
- The conditions that are required such that the vulnerability can be exploited.
- The steps required to fix the vulnerability.