client = TestClient(app)


def test_security_http_digest():
    response = client.get("/users/me", headers={"Authorization": "Digest foobar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"scheme": "Digest", "credentials": "foobar"}


def test_security_http_digest_no_credentials():
    response = client.get("/users/me")

client = TestClient(app)


def test_security_http_digest():
    response = client.get("/users/me", headers={"Authorization": "Digest foobar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"scheme": "Digest", "credentials": "foobar"}


def test_security_http_digest_no_credentials():
    response = client.get("/users/me")

    - name: Update the RBE Configs
      run: |
        function map() {
          # The "digest" that allows us to pull an image is not the digest as
          # returned by the API, but a sha256sum of the entire chunk of image
          # metadata. gcr.io helpfully includes it in the header of the response
          # as docker-content-digest: sha256:[digest]. Note we use egrep to
          # match exactly sha256:<hash> because curl may include a ^M symbol at

        return HTTPAuthorizationCredentials(scheme=scheme, credentials=credentials)


class HTTPDigest(HTTPBase):
    """
    HTTP Digest authentication.

    **Warning**: this is only a stub to connect the components with OpenAPI in FastAPI,
    but it doesn't implement the full Digest scheme, you would need to to subclass it
    and implement it in your code.

    Ref: https://datatracker.ietf.org/doc/html/rfc7616

        byte[] digest = md.digest();

        String md5path = repository.pathOf(artifact) + ".md5";
        File md5artifactFile = new File(repository.getBasedir(), md5path);
        try (Writer writer =
                new OutputStreamWriter(new FileOutputStream(md5artifactFile), StandardCharsets.ISO_8859_1)) {
            writer.append(printHexBinary(digest));
        }
    }

    for name, rev in peer.listkeys(b'bookmarks').items():
      h.update(name)
      h.update(b'=')
      h.update(rev)
      h.update(b'\n')
  print('r1:'+base64.standard_b64encode(h.digest()).decode('utf-8'))

@command(b'golookup', [], _('url rev'), norepo=True)
def golookup(ui, url, rev):
  """
  golookup looks up a single identifier in the repo,
  printing its hash.
  """

#### Исправление с помощью `secrets.compare_digest()` { #fix-it-with-secrets-compare-digest }

Но в нашем коде мы используем `secrets.compare_digest()`.

Вкратце: сравнение `stanleyjobsox` с `stanleyjobson` займёт столько же времени, сколько и сравнение `johndoe` с `stanleyjobson`. То же относится и к паролю.

    * A cookie.
* `http`: standard HTTP authentication systems, including:
    * `bearer`: a header `Authorization` with a value of `Bearer ` plus a token. This is inherited from OAuth2.
    * HTTP Basic authentication.
    * HTTP Digest, etc.
* `oauth2`: all the OAuth2 ways to handle security (called "flows").
    * Several of these flows are appropriate for building an OAuth 2.0 authentication provider (like Google, Facebook, X (Twitter), GitHub, etc):

    * Cookie.
* `http`: стандартні методи HTTP-автентифікації, включаючи:
    * `bearer`: заголовок `Authorization` зі значенням `Bearer` та токеном. Це успадковано з OAuth2.
    * HTTP Basic автентифікація
    * HTTP Digest, тощо.
* `oauth2`: усі способи обробки безпеки за допомогою OAuth2 (так звані «потоки»).

    * Einem Header.
    * Einem Cookie.
* `http`: Standard-HTTP-Authentifizierungssysteme, einschließlich:
    * `bearer`: ein Header `Authorization` mit dem Wert `Bearer ` plus einem Token. Dies wird von OAuth2 geerbt.
    * HTTP Basic Authentication.
    * HTTP Digest, usw.
* `oauth2`: Alle OAuth2-Methoden zum Umgang mit Sicherheit (genannt „Flows“).