void anonymousGuestCredentials() throws Exception {
        setupNegotiateStubs();

        NtlmPasswordAuthenticator auth = mock(NtlmPasswordAuthenticator.class);
        when(auth.isAnonymous()).thenReturn(true);
        when(auth.isGuest()).thenReturn(true);
        when(auth.getUsername()).thenReturn("guest");
        when(auth.getUserDomain()).thenReturn("dom");

        // Construct

 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.crawler.client.http.ntlm;

import org.apache.http.impl.auth.NTLMEngine;
import org.apache.http.impl.auth.NTLMEngineException;

/**
 * SmbjEngine is a NTLM Engine implementation based on smbj.
 *
 * @author shinsuke
 *
 */
public class SmbjEngine implements NTLMEngine {

    /**

                macSigningKey = new byte[40];
                auth.getUserSessionKey(transport.server.encryptionKey, macSigningKey, 0);
                System.arraycopy(auth.getUnicodeHash(transport.server.encryptionKey), 0, macSigningKey, 16, 24);
                break;
            case 3:
            case 4:
            case 5:
                macSigningKey = new byte[16];

        transport = new SmbTransportImpl(context, address, 445, null, 0, false);
    }

    /**
     * Test that pre-auth integrity hash is properly synchronized
     */
    @Test
    @DisplayName("Pre-auth integrity hash should be thread-safe")
    void testPreauthHashThreadSafety() throws Exception {
        // Setup SMB3.1.1 negotiation

    public synchronized static void setDefault(final NtlmAuthenticator a) {
        if (auth != null) {
            return;
        }
        auth = a;
    }

    /**
     * Gets the default NTLM authenticator.
     * @return the default authentication credentials provider
     */
    public static NtlmAuthenticator getDefault() {
        return auth;
    }

    /**
     * Gets the URL that is requesting authentication.

                this.creds = renewed;
                return true;
            }
        }
        final NtlmAuthenticator auth = NtlmAuthenticator.getDefault();
        if (auth != null) {
            final NtlmPasswordAuthenticator newAuth =
                    NtlmAuthenticator.requestNtlmPasswordAuthentication(auth, locationHint, error instanceof SmbAuthException s ? s : null);
            if (newAuth != null) {
                this.creds = newAuth;

        if (session.transport.server.security == SECURITY_SHARE && (session.auth.hashesExternal || session.auth.password.length() > 0)) {

            if (session.transport.server.encryptedPasswords) {
                // encrypted
                password = session.auth.getAnsiHash(session.transport.server.encryptionKey);
                passwordLength = password.length;

    void matchesBehavior() {
        // Two distinct auth instances
        NtlmPasswordAuthentication a1 = new NtlmPasswordAuthentication("DOM", "user", "pwd");
        NtlmPasswordAuthentication a2 = new NtlmPasswordAuthentication("DOM", "user", "pwd");
        SmbSession s1 = new SmbSession(addr, 445, inet, 0, a1);
        SmbSession s2 = new SmbSession(addr, 445, inet, 0, a2);
        // same auth instance => matches
        assertTrue(s1.matches(a1));

     * @param pipeType the type of the pipe
     * @param auth the authentication credentials to use
     * @throws MalformedURLException if the URL is not properly formatted
     * @throws UnknownHostException if the host cannot be resolved
     */
    public SmbNamedPipe(final String url, final int pipeType, final NtlmPasswordAuthentication auth)
            throws MalformedURLException, UnknownHostException {

type LDAPIdentityResult struct {
	Credentials auth.Credentials `xml:",omitempty"`
}

// AssumeRoleWithCertificateResponse contains the result of
// a successful AssumeRoleWithCertificate request.
type AssumeRoleWithCertificateResponse struct {
	XMLName xml.Name `xml:"https://sts.amazonaws.com/doc/2011-06-15/ AssumeRoleWithCertificateResponse" json:"-"`
	Result  struct {
		Credentials auth.Credentials `xml:"Credentials,omitempty"`