listener.assertFailure("canceled")
  }

  @Test
  fun failureWith401IsReadable() {
    server.enqueue(
      MockResponse(
        code = 401,
        body = "{\"error\":{\"message\":\"No auth credentials found\",\"code\":401}}",
        headers = Headers.headersOf("content-type", "application/json"),
      ),
    )
    server.enqueue(
      MockResponse(
        body =
          """
          |data: hey

     * @param userAgent The user agent string.
     */
    public void setUserAgent(final String userAgent) {
        this.userAgent = userAgent;
    }

    /**
     * Sets the credentials provider.
     * @param credentialsProvider The credentials provider.
     */
    public void setCredentialsProvider(final CredentialsProvider credentialsProvider) {
        this.credentialsProvider = credentialsProvider;
    }

    /**

import jcifs.smb1.util.DES;
import jcifs.smb1.util.Encdec;
import jcifs.smb1.util.HMACT64;
import jcifs.smb1.util.LogStream;
import jcifs.smb1.util.MD4;

/**
 * This class stores and encrypts NTLM user credentials. The default
 * credentials are retrieved from the {@code jcifs.smb1.smb1.client.domain},
 * {@code jcifs.smb1.smb1.client.username}, and {@code jcifs.smb1.smb1.client.password}
 * properties.
 * <p>

2018/12/26 17:49:36 listening on http://localhost:8888/
```

This will open the login page of keycloak, upon successful login, STS credentials along with any buckets discovered using the credentials will be printed on the screen, for example:

```
{
  "buckets": [
    "bucket-x"
  ],
  "credentials": {
    "AccessKeyID": "6N2BALX7ELO827DXS3GK",
    "SecretAccessKey": "23JKqAD+um8ObHqzfIh+bfqwG9V8qs9tFY6MqeFR+xxx",

        when(config.getMaxRequestRetries()).thenReturn(2);
        when(config.isTraceResourceUsage()).thenReturn(false);
        // Mock credentials to avoid NullPointerException
        when(ctx.getCredentials()).thenReturn(credentials);
        when(credentials.getUserDomain()).thenReturn("DOMAIN");
        // Mock DFS resolver
        when(ctx.getDfs()).thenReturn(dfsResolver);
    }

     *
     * @param req
     *            The request being serviced.
     * @param resp
     *            The response.
     * @param challenge
     *            The domain controller challenge.
     * @return credentials passed in the servlet request
     * @throws IOException
     *             If an IO error occurs.
     */

// descriptions for all the error responses.
var stsErrCodes = stsErrorCodeMap{
	ErrSTSAccessDenied: {
		Code:           "AccessDenied",
		Description:    "Generating temporary credentials not allowed for this request.",
		HTTPStatusCode: http.StatusForbidden,
	},
	ErrSTSMissingParameter: {
		Code:           "MissingParameter",

     * server, its credentials will be updated to match the values from the server specification. Repositories without a
     * matching server will have their credentials cleared. Note: This method must be called after
     * {@link #injectMirror(List, List)} or the repositories will end up with the wrong credentials.
     *

    }

    /**
     * Authenticate arbitrary credentials represented by the
     * <code>NtlmPasswordAuthentication</code> object against the domain controller
     * specified by the <code>UniAddress</code> parameter. If the credentials are
     * not accepted, an <code>SmbAuthException</code> will be thrown. If an error
     * occurs an <code>SmbException</code> will be thrown. If the credentials are

	// Validation of credentials
	if conf.AccessKey == "" || conf.SecretKey == "" {
		return nil, errors.New("both access and secret keys are required")
	}

	if conf.Bucket == "" {
		return nil, errors.New("no bucket name was provided")
	}

	u, err := url.Parse(conf.Endpoint)
	if err != nil {
		return nil, err
	}

	creds := credentials.NewStaticV4(conf.AccessKey, conf.SecretKey, "")