But if for some reason your clients depend on the old behavior, you can revert to it by overriding the method `make_not_authenticated_error` in your security classes.

For example, you can create a subclass of `HTTPBearer` that returns a `403 Forbidden` error instead of the default `401 Unauthorized` error:

Example:

    Source (English):

        «««
        ```mermaid
        flowchart LR
            subgraph global[global env]
                harry-1[harry v1]

- Added a feature to report an event about a Pod if kubelet observes a failed attach operation, even if the kubelet is running with `--enable-controller-attach-detach=false`. ([#124884](https://github.com/kubernetes/kubernetes/pull/124884), [@carlory](https://github.com/carlory))

     * network interceptor to short-circuit or repeat a network request.
     */
    fun networkInterceptors(): MutableList<Interceptor> = networkInterceptors

    fun addNetworkInterceptor(interceptor: Interceptor) =
      apply {
        networkInterceptors += interceptor
      }

    @JvmName("-addNetworkInterceptor") // Prefix with '-' to prevent ambiguous overloads from Java.

- Revert Go version used to build Kubernetes to 1.23.0 ([#127861](https://github.com/kubernetes/kubernetes/pull/127861), [@xmudrii](https://github.com/xmudrii)) [SIG Release and Testing]

  fun closeReasonMaximumLength() {
    webServer.enqueue(
      MockResponse
        .Builder()
        .webSocketUpgrade(serverListener)
        .build(),
    )
    val clientReason = repeat('C', 123)
    val serverReason = repeat('S', 123)
    val webSocket: WebSocket = newWebSocket()
    val server = serverListener.assertOpen()
    clientListener.assertOpen()
    webSocket.close(1000, clientReason)

     */
    protected SerializeUtil() {
    }

    private static final int BYTE_ARRAY_SIZE = 8 * 1024;

    /**
     * Default set of allowed class name patterns for deserialization.
     * This helps prevent deserialization attacks by restricting which classes can be instantiated.
     */
    private static final Set<String> DEFAULT_ALLOWED_PATTERNS = Set.of(
        "java.lang.*",
        "java.util.*",
        "java.time.*",

    peekTrailers(Protocol.HTTP_1_1)
  }

  @Test
  fun peekTrailersHttp2() {
    peekTrailers(Protocol.HTTP_2)
  }

  private fun peekTrailers(protocol: Protocol) {
    val responseBody = "a".repeat(OKHTTP_CLIENT_WINDOW_SIZE)
    enableProtocol(protocol)

    server.enqueue(
      MockResponse
        .Builder()
        .addHeader("h1", "v1")
        .trailers(headersOf("t1", "v2"))

  }

  /**
   * Specifies that each entry should be automatically removed from the cache once a fixed duration
   * has elapsed after the entry's creation, the most recent replacement of its value, or its last
   * access. Access time is reset by all cache read and write operations (including {@code
   * Cache.asMap().get(Object)} and {@code Cache.asMap().put(K, V)}), but not by {@code

O OAuth2 foi projetado para que o backend ou a API pudesse ser independente do servidor que autentica o usuário.

Mas, neste caso, a mesma aplicação **FastAPI** irá lidar com a API e com a autenticação.

Então, vamos rever de um ponto de vista simplificado:

* O usuário digita o `username` e o `password` no frontend e pressiona `Enter`.