}

    /**
     * Gets the authentication realm.
     *
     * @return the realm
     */
    public String getRealm() {
        return realm;
    }

    /**
     * Sets the authentication realm.
     *
     * @param realm the realm
     */
    public void setRealm(final String realm) {
        this.realm = realm;
    }

    /**
     * Gets the credentials configuration.

    assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'


def test_security_http_basic_invalid_credentials():
    response = client.get(
        "/users/me", headers={"Authorization": "Basic notabase64token"}
    )
    assert response.status_code == 401, response.text
    assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'
    assert response.json() == {"detail": "Not authenticated"}

                + extension.getVersion();
        final ClassRealm realm = classWorld.newRealm(realmId, null);
        Set<String> providedArtifacts = Collections.emptySet();
        String classLoadingStrategy = extension.getClassLoadingStrategy();
        if (STRATEGY_PARENT_FIRST.equals(classLoadingStrategy)) {
            realm.importFrom(parentRealm, "");
        } else if (STRATEGY_PLUGIN.equals(classLoadingStrategy)) {

                + extension.getVersion();
        final ClassRealm realm = classWorld.newRealm(realmId, null);
        Set<String> providedArtifacts = Collections.emptySet();
        String classLoadingStrategy = extension.getClassLoadingStrategy();
        if (STRATEGY_PARENT_FIRST.equals(classLoadingStrategy)) {
            realm.importFrom(parentRealm, "");
        } else if (STRATEGY_PLUGIN.equals(classLoadingStrategy)) {

    assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'


def test_security_http_basic_invalid_credentials():
    response = client.get(
        "/users/me", headers={"Authorization": "Basic notabase64token"}
    )
    assert response.status_code == 401, response.text
    assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'
    assert response.json() == {"detail": "Not authenticated"}

                logger.warn("Failed to parse port: {}", port, e);
            }
        }

        final String realm = paramMap.get(prefix + "realm");
        if (StringUtil.isNotBlank(realm)) {
            config.setRealm(realm);
        }

        // AuthSchemeType
        if (Constants.BASIC.equals(scheme)) {
            config.setAuthSchemeType(AuthSchemeType.BASIC);

        self.scheme_name = scheme_name or self.__class__.__name__
        self.realm = realm
        self.auto_error = auto_error

    def make_authenticate_headers(self) -> dict[str, str]:
        if self.realm:
            return {"WWW-Authenticate": f'Basic realm="{self.realm}"'}
        return {"WWW-Authenticate": "Basic"}

    async def __call__(  # type: ignore

If it doesn't receive it, it returns an HTTP 401 "Unauthorized" error.

And returns a header `WWW-Authenticate` with a value of `Basic`, and an optional `realm` parameter.

That tells the browser to show the integrated prompt for a username and password.

Then, when you type that username and password, the browser sends them in the header automatically.

# HTTP 基础授权 { #http-basic-auth }

最简单的用例是使用 HTTP 基础授权（HTTP Basic Auth）。

在 HTTP 基础授权中，应用需要请求头包含用户名与密码。

如果没有接收到 HTTP 基础授权，就返回 HTTP 401 `"Unauthorized"` 错误。

并返回响应头 `WWW-Authenticate`，其值为 `Basic`，以及可选的 `realm` 参数。

HTTP 基础授权让浏览器显示内置的用户名与密码提示。

输入用户名与密码后，浏览器会把它们自动发送至请求头。

## 简单的 HTTP 基础授权 { #simple-http-basic-auth }

* 导入 `HTTPBasic` 与 `HTTPBasicCredentials`
* 使用 `HTTPBasic` 创建**安全方案**
* 在*路径操作*的依赖项中使用 `security`

            "WWW-Authenticate",
            "Basic realm=\"protected area\", charset=\"UTF-8\"",
          ),
        body = "Please authenticate with UTF-8.",
      ),
    )
    server.enqueue(
      MockResponse(
        code = 401,
        headers =
          headersOf(
            "WWW-Authenticate",
            "Basic realm=\"protected area\"",
          ),