# Simple OAuth2 with Password and Bearer { #simple-oauth2-with-password-and-bearer }

Now let's build from the previous chapter and add the missing parts to have a complete security flow.

## Get the `username` and `password` { #get-the-username-and-password }

We are going to use **FastAPI** security utilities to get the `username` and `password`.

        return body;
    }

    /**
     * Build a CREATE response body with a single, unrecognized create context.
     * The parser should iterate it but produce an empty contexts array.
     */
    private static byte[] buildCreateBodyWithContext(byte[] fileId, int contextStartOffsetFromHeader) {
        // Base body part size (up to and including CreateContextsLength)

            bb.putShort((short) 15); // tflags
            bb.putShort((short) 0); // tflags high bytes

            // Simple v1 referral
            bb.putShort((short) 1); // version
            bb.putShort((short) 16); // size
            bb.putShort((short) 1); // serverType
            bb.putShort((short) 2); // rflags
            bb.put("\\test\0".getBytes(StandardCharsets.UTF_16LE));

	if ok && len(b.buf) >= size {
		return b
	}
	r := new(Reader)
	r.reset(make([]byte, max(size, minReadBufferSize)), rd)
	return r
}

// NewReader returns a new [Reader] whose buffer has the default size.
func NewReader(rd io.Reader) *Reader {
	return NewReaderSize(rd, defaultBufSize)
}

// Size returns the size of the underlying buffer in bytes.
func (b *Reader) Size() int { return len(b.buf) }

            buffer = new DfsReferralRequestBuffer(path, 3);

            assertEquals(expectedSize, buffer.size());
        }

        @Test
        @DisplayName("Should calculate size for Unicode characters")
        void testSizeWithUnicodeCharacters() {
            // Unicode characters still count as single chars in Java
            String path = "\\\\server\\共享\\路径";
            buffer = new DfsReferralRequestBuffer(path, 3);

        String value;
        String[] result;

        // Single unquoted value
        value = "single";
        result = KuromojiCSVUtil.parse(value);
        assertEquals(1, result.length);
        assertEquals("single", result[0]);

        // Single quoted value - quotes preserved
        value = "\"single quoted\"";
        result = KuromojiCSVUtil.parse(value);

    void largeMessageIsReadCorrectly() throws IOException {
        // Create a message with 1000 bytes
        int size = 1000;
        byte[] data = new byte[size];
        for (int i = 0; i < size; i++) {
            data[i] = (byte) (i % 256);
        }

        byte[] fullData = concat(messageHeader(size), data);
        InputStream in = new ByteArrayInputStream(fullData);

        if (stopwordsItemList == null) {
            reload(null);
        }

        if (offset >= stopwordsItemList.size() || offset < 0) {
            return new PagingList<>(Collections.<StopwordsItem> emptyList(), offset, size, stopwordsItemList.size());
        }

        int toIndex = offset + size;
        if (toIndex > stopwordsItemList.size()) {

        int result = response.readParametersWireFormat(buffer, 0, 0);
        assertEquals(0, result);
        assertEquals(1, response.getNotifyInformation().size());

        // The single notification should have default values
        FileNotifyInformation info = response.getNotifyInformation().get(0);
        assertEquals(0, info.getAction());
        assertNull(info.getFileName());
    }

        assertEquals(2, pairs.size(), "Should have 2 pairs after replace");
        assertTrue(AvPairs.contains(pairs, AvPair.MsvAvFlags), "Should contain MsvAvFlags");
        assertTrue(AvPairs.contains(pairs, AvPair.MsvAvTimestamp), "Should contain MsvAvTimestamp");
    }

    /**
     * Test encode with single pair
     */
    @Test
    @DisplayName("Encode single AvPair with EOL")
    void testEncodeSinglePair() {