} catch (final Exception e) {
            throw new SsoLoginException("Failed to parse an authentication response.", e);
        }
    }

    /**
     * Validates the nonce in the authentication result.
     * @param stateData The stored state data containing the expected nonce.
     * @param authData The authentication result containing the actual nonce.
     */

      }
    }
    ```

 *  New: `MediaType.parameter()` gets a parameter like `boundary` from a media type like
    `multipart/mixed; boundary="abc"`.

 *  New: `Authenticator.JAVA_NET_AUTHENTICATOR` forwards authentication requests to
    `java.net.Authenticator`. This obsoletes `JavaNetAuthenticator` in the `okhttp-urlconnection`
    module.

 *  New: `CertificatePinner` now offers an API for inspecting the configured pins.

HSPLokhttp3/Address;->equalsNonHost$okhttp(Lokhttp3/Address;)Z
HSPLokhttp3/Address;->hashCode()I
HSPLokhttp3/Authenticator$Companion$AuthenticatorNone;-><init>()V
HSPLokhttp3/Authenticator;-><clinit>()V
HSPLokhttp3/Cache;-><init>(Ljava/io/File;J)V

    val credential = basic("jesse", "secret")
    client =
      client
        .newBuilder()
        .authenticator(RecordingOkAuthenticator(credential, null))
        .build()
    val body1 =
      MockSocketHandler()
        .sendResponse("please authenticate!\n")
        .requestIOException()
        .exhaustResponse()
    server.enqueue(
      MockResponse
        .Builder()

- Structured Authentication Configuration now supports configuring multiple JWT authenticators. The maximum allowed JWT authenticators in the authentication configuration is 64. ([#123431](https://github.com/kubernetes/kubernetes/pull/123431), [@aramase](https://github.com/aramase))

                proxy = new Proxy(Type.HTTP, addr);
                if (StringUtil.isNotBlank(getHttpProxyUsername())) {
                    Authenticator.setDefault(new Authenticator() {
                        @Override
                        protected PasswordAuthentication getPasswordAuthentication() {

import jcifs.smb1.ntlmssp.Type3Message;
import jcifs.smb1.util.Base64;

/**
 * Wraps an <code>HttpURLConnection</code> to provide NTLM authentication
 * services.
 *
 * Please read <a href="../../../httpclient.html">Using jCIFS NTLM Authentication for HTTP Connections</a>.
 */
public class NtlmHttpURLConnection extends HttpURLConnection {

* Security/Auth
  * L7 LB controller and disk attach controllers run on master, so nodes do not need those privileges.
  * Setting TLS1.2 minimum
  * `kubectl create secret tls` command
  * Webhook Token Authenticator
  * **beta** PodSecurityPolicy objects limits use of security-sensitive features by pods.
* Kubectl
  * Display line number on JSON errors
  * Add flag -t as shorthand for --tty
* Resources

 * Wraps an <code>HttpURLConnection</code> to provide NTLM authentication
 * services.
 *
 * Please read <a href="../../../httpclient.html">Using jCIFS NTLM Authentication for HTTP Connections</a>.
 *
 * Warning: Do not use this if there is a chance that you might have multiple connections (even plain
 * HttpURLConnections, for the complete JRE) to the same host with different or mixed anonymous/authenticated

package org.apache.maven.wrapper; synchronized class DefaultDownloader$1 extends java.net.Authenticator { void DefaultDownloader$1(DefaultDownloader); protected java.net.PasswordAuthenticati getPasswordAuthentic(); } org/apache/maven/wrapper/DefaultDownloader$SystemPropertiesProx.class package org.apache.maven.wrapper; synchronized class DefaultDownloader$SystemPropertiesProx extends java.net.Authenticator { private void DefaultDownloader$SystemPropertiesProx(); protected java.net.PasswordAuthenticati...