* of EventBus may be better written using <a
 * href="https://kotlinlang.org/docs/coroutines-guide.html">Kotlin coroutines</a>, including <a
 * href="https://kotlinlang.org/docs/flow.html">Flow</a> and <a
 * href="https://kotlinlang.org/docs/channels.html">Channels</a>. Yet other usages are better served
 * by individual libraries that provide specialized support for particular use cases.
 *

        verify(response).flushBuffer();
    }

    /**
     * Test doGet with NTLM authentication for directory listing
     * This test verifies the authentication flow without actual network operations
     */
    @Test
    void testDoGet_DirectoryListing() throws Exception {
        // Create a test-specific NetworkExplorer that mocks file operations

        String logoutUrl = "https://sso.example.com/logout";
        authenticator.setLogoutUrl(logoutUrl);

        // Execute authentication flow
        LoginCredential loginResult = authenticator.getLoginCredential();
        assertNotNull(loginResult);

        TestLoginCredentialResolver resolver = new TestLoginCredentialResolver();

      </Credentials>
   </AssumeRoleWithCertificateResult>
   <ResponseMetadata>
      <RequestId>169339CD8B3A6948</RequestId>
   </ResponseMetadata>
</AssumeRoleWithCertificateResponse>
```

## Authentication Flow

A client can request temp. S3 credentials via the STS API. It can authenticate via a client certificate and obtain a access/secret key pair as well as a session token. These credentials are associated to an S3 policy at the MinIO server.

 *  Fix: Don't lose HTTP/2 flow control bytes when incoming data races with a stream close. If this
    happened enough then eventually the connection would stall.

 *  Fix: Acknowledge and apply inbound HTTP/2 settings atomically. Previously we had a race where we
    could use new flow control capacity before acknowledging it, causing strict HTTP/2 servers to
    fail the call.

            ctx.verifyMIC(new byte[] { 5 }, mic);
            ctx.isMICAvailable();
            ctx.dispose();
        }

        @Test
        @DisplayName("Verifies calls and argument flow across methods")
        void testInteractions() throws Exception {
            // Arrange
            when(mockCtx.getSigningKey()).thenReturn(new byte[] { 7 });
            when(mockCtx.isEstablished()).thenReturn(true);

## Obtener el `username` y `password`

Vamos a usar las utilidades de seguridad de **FastAPI** para obtener el `username` y `password`.

OAuth2 especifica que cuando se utiliza el "password flow" (que estamos usando), el cliente/usuario debe enviar campos `username` y `password` como form data.

Y la especificación dice que los campos deben llamarse así. Por lo que `user-name` o `email` no funcionarían.

Subclass [EventListener](https://square.github.io/okhttp/3.x/okhttp/okhttp3/EventListener.html) and override methods for the events you are interested in. In a successful HTTP call with no redirects or retries the sequence of events is described by this flow.

![Events Diagram](../assets/images/******@****.***)

    full_name = user_dict["full_name"],
    hashed_password = hashed_password,
)
```

/// warning

The supporting additional functions `fake_password_hasher` and `fake_save_user` are just to demo a possible flow of the data, but they of course are not providing any real security.

///

## Reduce duplication { #reduce-duplication }

Reducing code duplication is one of the core ideas in **FastAPI**.

## Version 3.14.3

_2019-09-10_

 *  Fix: Don't lose HTTP/2 flow control bytes when incoming data races with a stream close. If this
    happened enough then eventually the connection would stall.

 *  Fix: Acknowledge and apply inbound HTTP/2 settings atomically. Previously we had a race where we
    could use new flow control capacity before acknowledging it, causing strict HTTP/2 servers to
    fail the call.