assertArrayEquals(NODE, uuid.node);
        }

        @Test
        @DisplayName("UUID string with extra characters after valid UUID should parse correctly")
        void testUuidWithExtraCharacters() {
            // Arrange
            String uuidWithExtra = VALID_UUID_STRING + "EXTRA";

            // Act
            UUID uuid = new UUID(uuidWithExtra);

Hay un capítulo entero en la documentación sobre ello, puedes leerlo en [Responses Adicionales en OpenAPI](additional-responses.md){.internal-link target=_blank}.

## OpenAPI Extra { #openapi-extra }

Cuando declaras una *path operation* en tu aplicación, **FastAPI** genera automáticamente los metadatos relevantes sobre esa *path operation* para incluirlos en el esquema de OpenAPI.

/// note | Detalles técnicos

     * @param offset
     *            The starting offset at which the SMB header begins.
     * @param length
     *            The length of the data to verify
     * @param extraPad
     *            extra padding to include in signature
     * @param msg
     *            The message to verify
     * @return whether verification was unsuccessful
     */

                }
            ]
        }
    )


def test_cookie_param_model_extra(client: TestClient):
    with client as c:
        c.cookies.set("session_id", "123")
        c.cookies.set("extra", "track-me-here-too")
        response = c.get("/items/")
    assert response.status_code == 200
    assert response.json() == snapshot(
        {"session_id": "123", "fatebook_tracker": None, "googall_tracker": None}
    )

///

## Добавление дополнительной информации { #add-extra-information }

Вы можете объявлять дополнительную информацию в `Field`, `Query`, `Body` и т.п. Она будет включена в сгенерированную JSON схему.

    assert response.json() == snapshot(
        {
            "detail": [
                {
                    "type": "extra_forbidden",
                    "loc": ["query", "tool"],
                    "msg": "Extra inputs are not permitted",
                    "input": "plumbus",
                }
            ]
        }
    )


def test_openapi_schema(client: TestClient):

        NullPointerException.class, () -> multimap().putAll(k3(), newArrayList(v3(), null)));

    Collection<V> values = multimap().get(k3());
    if (values.size() == 0) {
      expectUnchanged();
      // Be extra thorough in case internal state was corrupted by the expected null.
      assertEquals(new ArrayList<>(), new ArrayList<>(values));
      assertEquals(size, multimap().size());
    } else {

An example could be that you have an external authentication provider that you need to call.

You send it a token and it returns an authenticated user.

This provider might be charging you per request, and calling it might take some extra time than if you had a fixed mock user for tests.

You probably want to test the external provider once, but not necessarily call it for every test that runs.

## About security, APIs, and docs { #about-security-apis-and-docs }

Hiding your documentation user interfaces in production *shouldn't* be the way to protect your API.

That doesn't add any extra security to your API, the *path operations* will still be available where they are.

If there's a security flaw in your code, it will still exist.

    disabled = user_dict["disabled"],
    hashed_password = user_dict["hashed_password"],
)
```

/// info | Info

Eine ausführlichere Erklärung von `**user_dict` finden Sie in [der Dokumentation für **Extra Modelle**](../extra-models.md#about-user-in-dict){.internal-link target=_blank}.

///

## Den Token zurückgeben { #return-the-token }