*/
package org.codelibs.fess.exception;

/**
 * Exception thrown during SSO (Single Sign-On) processing operations.
 *
 * This exception is used to indicate errors that occur during the execution
 * of SSO authentication and authorization processes. It extends FessSystemException
 * to provide consistent error handling within the Fess system for SSO-related
 * processing failures such as token validation errors, communication failures

    user = fake_decode_token(token)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Not authenticated",
            headers={"WWW-Authenticate": "Bearer"},
        )
    return user


async def get_current_active_user(
    current_user: Annotated[User, Depends(get_current_user)],
):
    if current_user.disabled:

## Healthcheck Probe

MinIO server has two healthcheck related un-authenticated endpoints, a liveness probe to indicate if server is responding, cluster probe to check if server can be taken down for maintenance.

- Liveness probe available at `/minio/health/live`

  - Navigate to service provider section, expand Inbound Authentication Configurations and expand OAuth/OpenID Connect Configuration.
    - Copy the OAuth Client Key as the value for `<CLIENT_ID>`.
    - Copy the OAuth Client Secret as the value for `<CLIENT_SECRET>`.

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs.ntlmssp.av;

import jcifs.internal.util.SMBUtil;

/**
 * NTLMSSP AV pair representing timestamp information in NTLM authentication.
 * Contains time-based data used to prevent replay attacks and ensure message freshness.
 *
 * @author mbechler
 */
public class AvTimestamp extends AvPair {

    /**

Si vous ouvrez la documentation de l’API, vous pouvez vous authentifier et spécifier quels scopes vous voulez autoriser.

<img src="/img/tutorial/security/image11.png">

Si vous ne sélectionnez aucun scope, vous serez « authenticated », mais lorsque vous essayerez d’accéder à `/users/me/` ou `/users/me/items/`, vous obtiendrez une erreur indiquant que vous n’avez pas suffisamment de permissions. Vous pourrez toujours accéder à `/status/`.

  @Suppress("UNCHECKED_CAST")
  @Throws(SSLPeerUnverifiedException::class)
  override fun getPeerCertificates(): Array<Certificate> =
    if (certificates.isEmpty()) {
      throw SSLPeerUnverifiedException("peer not authenticated")
    } else {
      certificates as Array<Certificate>
    }

  @Suppress("removal", "OVERRIDE_DEPRECATION")
  @Throws(
    SSLPeerUnverifiedException::class,
  )

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs.smb;

/**
 * This class represents the Secrity_Blob in SMB Block and is set to support
 * kerberos authentication.
 *
 * @author Shun
 *
 */
class SecurityBlob {

    private byte[] b = {};

    SecurityBlob() {
    }

    SecurityBlob(final byte[] b) {
        set(b);
    }

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import jcifs.CIFSException;
import jcifs.internal.smb2.nego.PreauthIntegrityNegotiateContext;

/**
 * Enhanced Pre-Authentication Integrity Service for SMB 3.1.1.
 *
 * Provides comprehensive pre-authentication integrity protection against
 * downgrade attacks by maintaining cryptographic hash chains of all
 * negotiation and session setup messages.
 */

    /**
     * Constructs an SmbNamedPipe for a specified pipe on an SMB server.
     *
     * @param url the SMB URL of the named pipe
     * @param pipeType the type of the pipe
     * @param auth the authentication credentials to use
     * @throws MalformedURLException if the URL is not properly formatted
     * @throws UnknownHostException if the host cannot be resolved
     */