client = TestClient(app)


def test_security_http_digest():
    response = client.get("/users/me", headers={"Authorization": "Digest foobar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"scheme": "Digest", "credentials": "foobar"}


def test_security_http_digest_no_credentials():
    response = client.get("/users/me")

client = TestClient(app)


def test_security_http_digest():
    response = client.get("/users/me", headers={"Authorization": "Digest foobar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"scheme": "Digest", "credentials": "foobar"}


def test_security_http_digest_no_credentials():
    response = client.get("/users/me")

    - name: Update the RBE Configs
      run: |
        function map() {
          # The "digest" that allows us to pull an image is not the digest as
          # returned by the API, but a sha256sum of the entire chunk of image
          # metadata. gcr.io helpfully includes it in the header of the response
          # as docker-content-digest: sha256:[digest]. Note we use egrep to
          # match exactly sha256:<hash> because curl may include a ^M symbol at

        return HTTPAuthorizationCredentials(scheme=scheme, credentials=credentials)


class HTTPDigest(HTTPBase):
    """
    HTTP Digest authentication.

    **Warning**: this is only a stub to connect the components with OpenAPI in FastAPI,
    but it doesn't implement the full Digest scheme, you would need to to subclass it
    and implement it in your code.

    Ref: https://datatracker.ietf.org/doc/html/rfc7616

        byte[] digest = md.digest();

        String md5path = repository.pathOf(artifact) + ".md5";
        File md5artifactFile = new File(repository.getBasedir(), md5path);
        try (Writer writer =
                new OutputStreamWriter(new FileOutputStream(md5artifactFile), StandardCharsets.ISO_8859_1)) {
            writer.append(printHexBinary(digest));
        }
    }

    for name, rev in peer.listkeys(b'bookmarks').items():
      h.update(name)
      h.update(b'=')
      h.update(rev)
      h.update(b'\n')
  print('r1:'+base64.standard_b64encode(h.digest()).decode('utf-8'))

@command(b'golookup', [], _('url rev'), norepo=True)
def golookup(ui, url, rev):
  """
  golookup looks up a single identifier in the repo,
  printing its hash.
  """

#### Исправление с помощью `secrets.compare_digest()` { #fix-it-with-secrets-compare-digest }

Но в нашем коде мы используем `secrets.compare_digest()`.

Вкратце: сравнение `stanleyjobsox` с `stanleyjobson` займёт столько же времени, сколько и сравнение `johndoe` с `stanleyjobson`. То же относится и к паролю.

    * `bearer`: заголовок `Authorization` со значением `Bearer {уникальный токен}`. Это унаследовано от OAuth2.
    * Базовая аутентификация по протоколу HTTP.
    * HTTP Digest и т.д.
* `oauth2`: все способы обеспечения безопасности OAuth2 называемые "потоки" (англ. "flows").

  * Una cookie.
* `http`: sistemas de autenticación HTTP estándar, incluyendo:
  * `bearer`: un header `Authorization` con un valor de `Bearer ` más un token. Esto se hereda de OAuth2.
  * Autenticación básica HTTP.
  * Digest HTTP, etc.
* `oauth2`: todas las formas de OAuth2 para manejar la seguridad (llamadas "flujos").

* `http`: padrão HTTP de sistemas autenticação, incluindo:
    * `bearer`: um header de `Authorization` com valor de `Bearer` adicionado de um token. Isso é herança do OAuth2.
    * HTTP Basic authentication.
    * HTTP Digest, etc.
* `oauth2`: todas as formas do OAuth2 para lidar com segurança (chamados "fluxos").
    * Vários desses fluxos são apropriados para construir um provedor de autenticação OAuth2 (como Google, Facebook, X (Twitter), GitHub, etc):