fun executeAndCheckUpgrade(request: Request) {
    val socketHandler =
      MockSocketHandler()
        .apply {
          receiveRequest("client says hello\n")
          sendResponse("server says hello\n")
          receiveRequest("client says goodbye\n")
          sendResponse("server says goodbye\n")
          exhaustResponse()
          exhaustRequest()
        }
    server.enqueue(socketHandler.upgradeResponse())

    client

    try:
        while True:
            data = await websocket.receive_text()
            await manager.send_personal_message(f"You wrote: {data}", websocket)
            await manager.broadcast(f"Client #{client_id} says: {data}")
    except WebSocketDisconnect:
        manager.disconnect(websocket)

     * been intended for something else, so don't clear it.
     */
    boolean restoreInterruptedBit = false;
    int spinCount = 0;
    // Interrupting Cow Says:
    //  ______
    // < Spin >
    //  ------
    //        \   ^__^
    //         \  (oo)\_______
    //            (__)\       )\/\
    //                ||----w |
    //                ||     ||

    def __init__(
        self,
        *,
        grant_type: Annotated[
            str | None,
            Form(pattern="^password$"),
            Doc(
                """
                The OAuth2 spec says it is required and MUST be the fixed string
                "password". Nevertheless, this dependency class is permissive and
                allows not passing it. If you want to enforce it, use instead the

OAuth2 specifies that when using the "password flow" (that we are using) the client/user must send a `username` and `password` fields as form data.

And the spec says that the fields have to be named like that. So `user-name` or `email` wouldn't work.

But don't worry, you can show it as you wish to your final users in the frontend.

And your database models can use any other names you want.

    tester.testAllPublicStaticMethods(Predicates.class);
  }

  @J2ktIncompatible
  @GwtIncompatible // SerializableTester
  public void testCascadingSerialization() throws Exception {
    // Eclipse says Predicate<Integer>; javac says Predicate<Object>.
    Predicate<? super Integer> nasty =
        Predicates.not(
            Predicates.and(
                Predicates.or(
                    Predicates.equalTo((Object) 1),

  private val algorithmParameters: DerAdapter<Any?> =
    Adapters.usingTypeHint { typeHint ->
      when (typeHint) {
        // This type is pretty strange. The spec says that for certain algorithms we must encode null
        // when it is present, and for others we must omit it!
        // https://tools.ietf.org/html/rfc4055#section-2.1

        return buildRedirectRequest(userResponse, method, chain)
      }

      HTTP_CLIENT_TIMEOUT -> {
        // 408's are rare in practice, but some servers like HAProxy use this response code. The
        // spec says that we may repeat the request without modifications. Modern browsers also
        // repeat the request (even non-idempotent ones.)
        if (!chain.retryOnConnectionFailure) {

So you wait for your crush to finish the story (finish the current work ⏯ / task being processed 🤓), smile gently and say that you are going for the burgers ⏸.

{* ../../docs_src/security/tutorial004_an_py310.py hl[121:136] *}

### Technical details about the JWT "subject" `sub` { #technical-details-about-the-jwt-subject-sub }

The JWT specification says that there's a key `sub`, with the subject of the token.

It's optional to use it, but that's where you would put the user's identification, so we are using it here.