return request.getRequestURL().toString();
    }

    @Override
    public void resolveCredential(final LoginCredentialResolver resolver) {
        resolver.resolve(AzureAdCredential.class, credential -> OptionalEntity.of(credential.getUser()));
    }

    /**
     * Sets the token acquisition timeout.
     * @param acquisitionTimeout The timeout in milliseconds.
     */

    server.enqueue(
      MockResponse(code = 401),
    )
    server.enqueue(MockResponse())
    val credential = basic("jesse", "secret")
    client =
      client
        .newBuilder()
        .authenticator(RecordingOkAuthenticator(credential, null))
        .build()
    val response =
      getResponse(
        Request(
          url = server.url("/"),

    private String user = null;
    /** The Kerberos realm */
    private String realm = null;
    /** The service principal name */
    private String service = DEFAULT_SERVICE;
    /** The user credential lifetime */
    private int userLifetime = GSSCredential.DEFAULT_LIFETIME;
    /** The security context lifetime */
    private int contextLifetime = GSSContext.DEFAULT_LIFETIME;

	"$expires":                 true,
	"$key":                     true,
	"$success_action_redirect": true,
	"$redirect":                true,
	"$success_action_status":   true,
	"$x-amz-algorithm":         false,
	"$x-amz-credential":        false,
	"$x-amz-date":              false,
}

// Add policy conditionals.
const (
	policyCondEqual         = "eq"
	policyCondStartsWith    = "starts-with"

}

func validateAdminSignature(ctx context.Context, r *http.Request, region string) (auth.Credentials, bool, APIErrorCode) {
	var cred auth.Credentials
	var owner bool
	s3Err := ErrAccessDenied
	if _, ok := r.Header[xhttp.AmzContentSha256]; ok &&
		getRequestAuthType(r) == authTypeSigned {
		// Get credential information from the request.
		cred, owner, s3Err = getReqAccessKeyV4(r, region, serviceS3)

        }

        return new String(out, 0, j);
    }

    /**
     * Check if the given mechanism is preferred for this credential
     *
     * @param mechanism the mechanism to check
     * @return whether the given mechanism is the preferred one for this credential
     */
    public boolean isPreferredMech(ASN1ObjectIdentifier mechanism) {
        return NtlmContext.NTLMSSP_OID.equals(mechanism);
    }

   */
  @Test
  fun duplexWithAuthChallenge() {
    enableProtocol(Protocol.HTTP_2)
    val credential = basic("jesse", "secret")
    client =
      client
        .newBuilder()
        .authenticator(RecordingOkAuthenticator(credential, null))
        .build()
    val body1 =
      MockSocketHandler()
        .sendResponse("please authenticate!\n")

		isDerived := false
		if v.Credentials.IsServiceAccount() || v.Credentials.IsTemp() {
			isDerived = true
		}

		if !isDerived && v.Credentials.AccessKey == accessKey {
			userExists = true
		} else if isDerived && v.Credentials.ParentUser == accessKey {
			userExists = true
			if v.Credentials.IsTemp() {
				// Hide secret key & session key here
				v.Credentials.SecretKey = ""

              .endpoint("https://play.min.io")
              .credentials("Q3AM3UQ867SPQQA43P2F", "zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG")
              .build();

      /* Amazon S3: */
      // MinioClient minioClient =
      //     MinioClient.builder()
      //         .endpoint("https://s3.amazonaws.com")
      //         .credentials("YOUR-ACCESSKEY", "YOUR-SECRETACCESSKEY")
      //         .build();

pkg syscall (freebsd-386-cgo), type Cmsghdr struct, Type int32
pkg syscall (freebsd-386-cgo), type Credential struct
pkg syscall (freebsd-386-cgo), type Credential struct, Gid uint32
pkg syscall (freebsd-386-cgo), type Credential struct, Groups []uint32
pkg syscall (freebsd-386-cgo), type Credential struct, Uid uint32
pkg syscall (freebsd-386-cgo), type Dirent struct