*/
// NOTE: If you update this, please also change .idea/scopes/Gradle_public_API.xml
object PublicApi {
    val includes = listOf(
        "org/gradle/*",
        "org/gradle/api/**",
        "org/gradle/authentication/**",
        "org/gradle/build/**",
        "org/gradle/buildconfiguration/**",
        "org/gradle/buildinit/**",
        "org/gradle/caching/**",
        "org/gradle/concurrent/**",

rbac:
  create: false
  pspEnabled: false

# Disable test pods
testFramework:
  enabled: false

podLabels:
  sidecar.istio.io/inject: "false"

# Demo only, so we will have no authentication
admin:
  existingSecret: ""
ldap:
  existingSecret: true
env:
  GF_SECURITY_ADMIN_USER: "admin"
  GF_SECURITY_ADMIN_PASSWORD: "admin"
  GF_AUTH_BASIC_ENABLED: "false"
  GF_AUTH_ANONYMOUS_ENABLED: "true"

    response = client.get("/users/me", headers={"Authorization": "Basic notreally"})
    assert response.status_code == 403, response.text
    assert response.json() == {"detail": "Invalid authentication credentials"}


def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == {
        "openapi": "3.1.0",

    response = client.get(
        "/users/me", headers={"Authorization": "Other invalidauthorization"}
    )
    assert response.status_code == 403, response.text
    assert response.json() == {"detail": "Invalid authentication credentials"}


def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == {
        "openapi": "3.1.0",

  # By default, Dex will ask for approval to share data with application
  # (approval for sharing data from connected IdP to Dex is separate process on IdP)
  skipApprovalScreen: false
  # If only one authentication method is enabled, the default behavior is to
  # go directly to it. For connected IdPs, this redirects the browser away
  # from application to upstream provider such as the Google login page
  alwaysShowLoginScreen: false

import org.apache.maven.wagon.TransferFailedException;
import org.apache.maven.wagon.UnsupportedProtocolException;
import org.apache.maven.wagon.Wagon;
import org.apache.maven.wagon.authentication.AuthenticationException;
import org.apache.maven.wagon.authentication.AuthenticationInfo;
import org.apache.maven.wagon.authorization.AuthorizationException;
import org.apache.maven.wagon.events.TransferListener;

    response = client.get("/users/me", headers={"Authorization": "Basic notreally"})
    assert response.status_code == 403, response.text
    assert response.json() == {"detail": "Invalid authentication credentials"}


def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == {
        "openapi": "3.1.0",

- For in-depth information about how to use Istio, visit [istio.io](https://istio.io)

def test_incorrect_token():
    response = client.get("/users/me", headers={"Authorization": "Bearer nonexistent"})
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Invalid authentication credentials"}
    assert response.headers["WWW-Authenticate"] == "Bearer"


def test_incorrect_token_type():
    response = client.get(
        "/users/me", headers={"Authorization": "Notexistent testtoken"}
    )

 *
 *  * A DNS lookup failed
 *  * The configuration is incapable of carrying the request, such as when the client is configured
 *    to use `H2_PRIOR_KNOWLEDGE` but the URL's scheme is `https:`.
 *  * Preemptive proxy authentication failed.
 *
 * Planning failures are not necessarily fatal. For example, even if we can't DNS lookup the first
 * proxy in a list, looking up a subsequent one may succeed.
 */