app = FastAPI()

oauth2_scheme = OAuth2AuthorizationCodeBearer(
    authorizationUrl="authorize",
    tokenUrl="token",
    description="OAuth2 Code Bearer",
    auto_error=True,
)


@app.get("/items/")
async def read_items(token: str | None = Security(oauth2_scheme)):
    return {"token": token}


client = TestClient(app)


def test_no_token():
    response = client.get("/items")

	token := getSessionToken(r)
	if token != "" && cred.AccessKey == "" {
		// x-amz-security-token is not allowed for anonymous access.
		return nil, ErrNoAccessKey
	}

	if token == "" && cred.IsTemp() && !cred.IsServiceAccount() {
		// Temporary credentials should always have x-amz-security-token
		return nil, ErrInvalidToken
	}

	if token != "" && !cred.IsTemp() {

        return UserInDB(**user_dict)


def fake_decode_token(token):
    # This doesn't provide any security at all
    # Check the next version
    user = get_user(fake_users_db, token)
    return user


async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)]):
    user = fake_decode_token(token)
    if not user:
        raise HTTPException(

Par exemple, pour déclarer un en-tête `X-Token` qui peut apparaître plusieurs fois, vous pouvez écrire :

{* ../../docs_src/header_params/tutorial003_an_py310.py hl[9] *}

Si vous communiquez avec ce *chemin d'accès* en envoyant deux en-têtes HTTP comme :

```
X-Token: foo
X-Token: bar
```

La réponse ressemblerait à ceci :

```JSON
{
    "X-Token values": [
        "bar",
        "foo"
    ]
}

    }

    /**
     * Test parsing of {@link KerberosConstants#AUTH_DATA_PAC} with an invalid token.
     * Expects a {@link PACDecodingException} to be thrown.
     */
    @Test
    void testParseAuthDataPacWithInvalidToken() {
        // GIVEN an invalid token for AUTH_DATA_PAC
        byte[] invalidToken = "invalid-pac-token".getBytes();

        // WHEN parsing the auth data
        // THEN a PACDecodingException should be thrown

     */
    @Resource
    protected MessageManager messageManager;

    /**
     * Service for managing API access tokens including validation and authentication.
     * Used to verify token-based authentication for API requests.
     */
    @Resource
    protected AccessTokenService accessTokenService;

    /**

from fastapi import Depends, FastAPI
from fastapi.security import OAuth2PasswordBearer

app = FastAPI()

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")


@app.get("/items/")
async def read_items(token: str = Depends(oauth2_scheme)):

	defer r.closeRespFn(resp.Body)
	if resp.StatusCode != http.StatusOK {
		return errors.New(resp.Status)
	}

	return r.pubKeys.parseAndAdd(resp.Body)
}

// ErrTokenExpired - error token expired
var (
	ErrTokenExpired = errors.New("token expired")
)

func updateClaimsExpiry(dsecs string, claims map[string]any) error {
	expStr := claims["exp"]
	if expStr == "" {
		return ErrTokenExpired
	}

    return encoded_jwt


async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)]):
    credentials_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials",
        headers={"WWW-Authenticate": "Bearer"},
    )
    try:
        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
        username = payload.get("sub")

import org.codelibs.fess.app.web.api.admin.BaseSearchBody;

/**
 * Search request body for access token administration.
 * Extends BaseSearchBody with access token-specific search parameters.
 */
public class SearchBody extends BaseSearchBody {

    /** The access token ID to search for. */
    public String id;

    /**
     * Default constructor for SearchBody.
     */
    public SearchBody() {