RawKey:  keyPEM,

		Certificate: certs[0],
		PrivateKey:  priv,
	}
	p.caValue.Store(ca)

	return nil
}

// currentCA provides the current value of the CA.
// It always check for a stale value.  This is cheap because it's all an in memory cache of small slices.
func (p *caProvider) currentCA() (*authority.CertificateAuthority, error) {
	certPEM, keyPEM := p.caLoader.CurrentCertKeyContent()

		PrivateKey:  priv,
		Backdate:    5 * time.Minute,
	}
	p.caValue.Store(ca)

	return nil
}

// currentCA provides the current value of the CA.
// It always check for a stale value.  This is cheap because it's all an in memory cache of small slices.
func (p *caProvider) currentCA() (*authority.CertificateAuthority, error) {
	certPEM, cerr := p.currentCertContent()
	if cerr != nil {
		return nil, cerr
	}

	}
	return ret, nil
}

func (s *Signer) Sign(x509cr *x509.CertificateRequest, usages []capi.KeyUsage, requestedLifetime time.Duration, appendRootCert bool) ([]byte, error) {
	currCA, err := s.caProvider.currentCA()
	if err != nil {
		return nil, err
	}
	der, err := currCA.Sign(x509cr.Raw, authority.PermissiveSigningPolicy{
		TTL:    requestedLifetime,
		Usages: usages,
	})
	if err != nil {
		return nil, err
	}

Vincent <******@****.***> 1603165005 -0400

jaystone776 <******@****.***> 1711838806 +0800

Lubomir I. Ivanov <******@****.***> 1617148903 +0300

Sho Nakamura <******@****.***> 1706466995 +0900

LeeeeT <******@****.***> 1680341164 +0300

Nils Lindemann <******@****.***> 1713469999 +0200

# Get Current User

In the previous chapter the security system (which is based on the dependency injection system) was giving the *path operation function* a `token` as a `str`:

=== "Python 3.9+"

    ```Python hl_lines="12"
    {!> ../../../docs_src/security/tutorial001_an_py39.py!}
    ```

=== "Python 3.8+"

    ```Python hl_lines="11"
    {!> ../../../docs_src/security/tutorial001_an.py!}
    ```

=== "Python 3.8+ non-Annotated"