authFields := strings.Split(strings.TrimSpace(v4Auth), ",")
		if len(authFields) != 3 {
			return auth.Credentials{}, false, ErrMissingFields
		}
		ch, s3Err = parseCredentialHeader(authFields[0], region, stype)
		if s3Err != ErrNone {
			return auth.Credentials{}, false, s3Err
		}
	}
	return checkKeyValid(r, ch.accessKey)
}

// parse credentialHeader string into its structured form.

    void anonymousGuestCredentials() throws Exception {
        setupNegotiateStubs();

        NtlmPasswordAuthenticator auth = mock(NtlmPasswordAuthenticator.class);
        when(auth.isAnonymous()).thenReturn(true);
        when(auth.isGuest()).thenReturn(true);
        when(auth.getUsername()).thenReturn("guest");
        when(auth.getUserDomain()).thenReturn("dom");

        // Construct

                    return;
                }
            } else {
                final String auth = new String(Base64.decode(msg.substring(6)), "US-ASCII");
                int index = auth.indexOf(':');
                String user = index != -1 ? auth.substring(0, index) : auth;
                final String password = index != -1 ? auth.substring(index + 1) : "";
                index = user.indexOf('\\');
                if (index == -1) {

    }

    synchronized SmbSession getSmbSession(final NtlmPasswordAuthentication auth) {
        SmbSession ssn;
        long now;

        ListIterator iter = sessions.listIterator();
        while (iter.hasNext()) {
            ssn = (SmbSession) iter.next();
            if (ssn.matches(auth)) {
                ssn.auth = auth;
                return ssn;
            }
        }

                macSigningKey = new byte[40];
                auth.getUserSessionKey(transport.server.encryptionKey, macSigningKey, 0);
                System.arraycopy(auth.getUnicodeHash(transport.server.encryptionKey), 0, macSigningKey, 16, 24);
                break;
            case 3:
            case 4:
            case 5:
                macSigningKey = new byte[16];

}

type metricsV3Server struct {
	registry *prometheus.Registry
	opts     promhttp.HandlerOpts
	auth     func(http.Handler) http.Handler

	metricsData *metricsV3Collection
}

var (
	globalMetricsV3CollectorPaths []collectorPath
	globalMetricsV3Once           sync.Once
)

func newMetricsV3Server(auth func(h http.Handler) http.Handler) *metricsV3Server {
	registry := prometheus.NewRegistry()

import java.security.GeneralSecurityException;
import java.util.HashMap;
import java.util.Map;

import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;

import org.junit.jupiter.api.Test;

/**
 * Tests for the PacMac class.
 */
class PacMacTest {

        transport = new SmbTransportImpl(context, address, 445, null, 0, false);
    }

    /**
     * Test that pre-auth integrity hash is properly synchronized
     */
    @Test
    @DisplayName("Pre-auth integrity hash should be thread-safe")
    void testPreauthHashThreadSafety() throws Exception {
        // Setup SMB3.1.1 negotiation

//     - http://docs.aws.amazon.com/AmazonS3/latest/dev/auth-request-sig-v2.html
// returns true if matches, false otherwise. if error is not nil then it is always false

func validateV2AuthHeader(r *http.Request) (auth.Credentials, APIErrorCode) {
	var cred auth.Credentials
	v2Auth := r.Header.Get(xhttp.Authorization)
	if v2Auth == "" {
		return cred, ErrAuthHeaderEmpty
	}

    public synchronized static void setDefault(final NtlmAuthenticator a) {
        if (auth != null) {
            return;
        }
        auth = a;
    }

    /**
     * Gets the default NTLM authenticator.
     * @return the default authentication credentials provider
     */
    public static NtlmAuthenticator getDefault() {
        return auth;
    }

    /**
     * Gets the URL that is requesting authentication.