# ==============================================================================
# Sourcing this enables Bazel remote cache (read and write)
# Note that "_push" cache configs write to GCS buckets and require
# authentication. If you are not a Googler, source "public_cache" to enable the
# public read-only cache.
# The cache configs are different for MacOS and Linux
if [[ $(uname -s) == "Darwin" ]]; then

 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.exception;

import org.codelibs.fess.app.web.RootAction;

/**
 * Exception thrown when user role authentication fails during login attempts.
 * This exception is used to indicate that a user does not have the required role
 * to access a specific action or resource.
 *
 */

 */
// NOTE: If you update this, please also change .idea/scopes/Gradle_public_API.xml
object PublicApi {
    val includes = listOf(
        "org/gradle/*",
        "org/gradle/api/**",
        "org/gradle/authentication/**",
        "org/gradle/build/**",
        "org/gradle/buildconfiguration/**",
        "org/gradle/buildinit/**",
        "org/gradle/caching/**",
        "org/gradle/concurrent/**",

            context.put("userId", userId);
        }
    }

    /**
     * Log an authentication event with optimized performance
     *
     * @param success whether authentication succeeded
     * @param username the username (will be masked if configured)
     * @param authMethod authentication method used (domain or method)
     * @param remoteAddress remote address
     */

import org.codelibs.fess.mylasta.direction.FessConfig;
import org.codelibs.fess.util.ComponentUtil;
import org.codelibs.saml2.Auth;
import org.lastaflute.web.login.credential.LoginCredential;

/**
 * Credential for SAML authentication.
 */
public class SamlCredential implements LoginCredential, FessCredential {

    private final Map<String, List<String>> attributes;

    private final String nameId;

    private final String nameIdFormat;

 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.exception;

/**
 * Exception thrown when an invalid access token is encountered.
 * This exception is typically used in authentication and authorization contexts
 * where a provided access token is invalid, expired, or malformed.
 */
public class InvalidAccessTokenException extends FessSystemException {

    /** Serial version UID for serialization */

import jakarta.annotation.Resource;

/**
 * The base action class for Fess web application.
 * This abstract class provides common functionality for all Fess web actions,
 * including user authentication, validation, message handling, and access context management.
 * It extends LastaFlute's TypicalAction and implements validation and HTML path interfaces.
 *
 * @since 1.0
 */

import jcifs.ntlmssp.Type3Message;
import jcifs.smb.NtlmPasswordAuthentication;

/**
 * Wraps an <code>HttpURLConnection</code> to provide NTLM authentication
 * services.
 *
 * Please read <a href="../../../httpclient.html">Using jCIFS NTLM Authentication for HTTP Connections</a>.
 *
 * Warning: Do not use this if there is a chance that you might have multiple connections (even plain

     * @param andx the next command in the AndX chain, or null
     * @param cred the authentication credentials to use for the session
     * @throws SmbException if an SMB protocol error occurs
     * @throws GeneralSecurityException if a security error occurs during authentication
     */
    public SmbComSessionSetupAndX(final CIFSContext tc, final SmbComNegotiateResponse negotiated, final ServerMessageBlock andx,

		return errors.New("multiple authentication mechanisms are provided")
	case conf.AccountKey == "" && (conf.SPAuth.TenantID == "" || conf.SPAuth.ClientID == "" || conf.SPAuth.ClientSecret == ""):
		return errors.New("no authentication mechanism was provided")
	}

	if conf.Bucket == "" {
		return errors.New("no bucket name was provided")
	}