return nil, false, nil
			}
		}),
		http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			r = r.WithContext(genericapirequest.WithRequestInfo(r.Context(), &genericapirequest.RequestInfo{}))
			Unauthorized(scheme.Codecs).ServeHTTP(w, r)
		}),
		nil,
		nil,
	))

	http2Options := &http2.Server{}

	if err := http2.ConfigureServer(s.Config, http2Options); err != nil {
		t.Fatal(err)
	}

use of the trademark "Creative Commons" or any other trademark or logo
of Creative Commons without its prior written consent including,
without limitation, in connection with any unauthorized modifications
to any of its public licenses or any other arrangements,
understandings, or agreements concerning use of licensed material. For
the avoidance of doubt, this paragraph does not form part of the

## どのように動作するか

リクエストの中に`Authorization`ヘッダーを探しに行き、その値が`Bearer`と何らかのトークンを含んでいるかどうかをチェックし、そのトークンを`str`として返します。

もし`Authorization`ヘッダーが見つからなかったり、値が`Bearer`トークンを持っていなかったりすると、401 ステータスコードエラー (`UNAUTHORIZED`) で直接応答します。

トークンが存在するかどうかをチェックしてエラーを返す必要はありません。関数が実行された場合、そのトークンに`str`が含まれているか確認できます。

インタラクティブなドキュメントですでに試すことができます:

<img src="/img/tutorial/security/image03.png">

		"The duration to cache 'authorized' responses from the webhook authorizer.")
	fs.DurationVar(&c.Authorization.Webhook.CacheUnauthorizedTTL.Duration, "authorization-webhook-cache-unauthorized-ttl", c.Authorization.Webhook.CacheUnauthorizedTTL.Duration, ""+
		"The duration to cache 'unauthorized' responses from the webhook authorizer.")

			qualifiedResource.String(), name),
	}}
}

// NewUnauthorized returns an error indicating the client is not authorized to perform the requested
// action.
func NewUnauthorized(reason string) *StatusError {
	message := reason
	if len(message) == 0 {
		message = "not authorized"
	}
	return &StatusError{metav1.Status{
		Status:  metav1.StatusFailure,
		Code:    http.StatusUnauthorized,

                final RestStatus status = ((OpenSearchStatusException) cause).status();
                switch (status) {
                case UNAUTHORIZED:
                    logger.warn("[{}] Unauthorized access: {}", i, SystemUtil.getSearchEngineHttpAddress(), cause);
                    break;
                default:

  // If this is the first validation in the list to fail, this reason, as well as the
  // corresponding HTTP response code, are used in the
  // HTTP response to the client.
  // The currently supported reasons are: "Unauthorized", "Forbidden", "Invalid", "RequestEntityTooLarge".
  // If not set, StatusReasonInvalid is used in the response to the client.
  // +optional
  optional string reason = 3;

	"messageExpression": "messageExpression declares a CEL expression that evaluates to the validation failure...

	// If this is the first validation in the list to fail, this reason, as well as the
	// corresponding HTTP response code, are used in the
	// HTTP response to the client.
	// The currently supported reasons are: "Unauthorized", "Forbidden", "Invalid", "RequestEntityTooLarge".
	// If not set, StatusReasonInvalid is used in the response to the client.
	// +optional

  // If this is the first validation in the list to fail, this reason, as well as the
  // corresponding HTTP response code, are used in the
  // HTTP response to the client.
  // The currently supported reasons are: "Unauthorized", "Forbidden", "Invalid", "RequestEntityTooLarge".
  // If not set, StatusReasonInvalid is used in the response to the client.
  // +optional
  optional string reason = 3;