}

    @Nonnull
    static SettingsBuilderRequest build(
            @Nonnull ProtoSession session,
            @Nullable Source installationSettingsSource,
            @Nullable Source projectSettingsSource,
            @Nullable Source userSettingsSource) {
        return builder()

    }

    @NotThreadSafe
    class ToolchainsBuilderRequestBuilder {
        ProtoSession session;
        RequestTrace trace;
        Source installationToolchainsSource;
        Source userToolchainsSource;

        public ToolchainsBuilderRequestBuilder session(ProtoSession session) {
            this.session = session;
            return this;
        }

    @Nonnull
    static ModelBuilderRequest build(@Nonnull Session session, @Nonnull ModelSource source) {
        return builder()
                .session(requireNonNull(session, "session cannot be null"))
                .source(requireNonNull(source, "source cannot be null"))
                .build();
    }

    @Nonnull
    static ModelBuilderRequest build(@Nonnull Session session, @Nonnull Path path) {
        return builder()

    // Force reuse. This appears flaky (30% of the time) even though sessions are reused.
    // javax.net.ssl.SSLHandshakeException: No new session is allowed and no existing
    // session can be resumed
    //
    // Report https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8264944
    // Sessions improvement https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8245576

     */
    void saveSession(String sessionId);

    /**
     * Checks if a URL has been visited.
     *
     * @param urlQueue The URL queue.
     * @return true if the URL has been visited, otherwise false.
     */
    boolean visited(QUEUE urlQueue);

    /**
     * Generates URL queues.
     *
     * @param previousSessionId The previous session ID.
     * @param sessionId The session ID.

     *
     * @param sessionId The session ID.
     */
    @Override
    public void delete(final String sessionId) {
        deleteBySessionId(sessionId);
    }

    /**
     * Offers multiple URL queue entries for the specified session.
     * Only URLs that don't already exist will be added.
     *
     * @param sessionId The session ID.

        // Session starts with usage count > 0, so acquire/release cycles maintain usage
        assertTrue(session.isInUse(), "Session should be in use initially");

        // Test acquire/release cycles (session remains in use due to initial transport acquire)
        for (int i = 0; i < 3; i++) {
            session.acquire();
            assertTrue(session.isInUse(), "Session should be in use after acquire " + i);

            session.release();

        .build()
    val session = session(heldCertificate.certificatePem())
    assertThat(verifier.verify("foo.com", session)).isFalse()
    assertThat(verifier.verify("bar.com", session)).isFalse()
    assertThat(verifier.verify("k.com", session)).isTrue()
    assertThat(verifier.verify("K.com", session)).isTrue()
    assertThat(verifier.verify("\u2121.com", session)).isFalse()

            return null;
        });
    }

    private OptionalThing<HttpSession> getSession() {
        final HttpSession session = request.getSession(false);
        if (session != null) {
            return OptionalEntity.of(session);
        }
        return OptionalEntity.empty();
    }

    @Test
    @DisplayName("Test session finalization")
    public void testSessionFinalization() throws CIFSException {
        String sessionId = "test-session-4";
        byte[] salt = preauthService.generatePreauthSalt();

        preauthService.initializeSession(sessionId, salt, PreauthIntegrityService.HASH_ALGO_SHA512);
        assertNotNull(preauthService.getCurrentPreauthHash(sessionId));