app = FastAPI()


@app.post("/files/")
async def create_file(
    file: Annotated[bytes, File()],
    fileb: Annotated[UploadFile, File()],
    token: Annotated[str, Form()],
):
    return {
        "file_size": len(file),
        "token": token,
        "fileb_content_type": fileb.content_type,

///

## 返回 Token

`token` 端点的响应必须是 JSON 对象。

响应返回的内容应该包含 `token_type`。本例中用的是**Bearer**Token，因此， Token 类型应为**`bearer`**。

返回内容还应包含 `access_token` 字段，它是包含权限 Token 的字符串。

本例只是简单的演示，返回的 Token 就是 `username`，但这种方式极不安全。

/// tip | "提示"

下一章介绍使用哈希密码和 <abbr title="JSON Web Tokens">JWT</abbr> Token 的真正安全机制。

但现在，仅关注所需的特定细节。

///

@needs_py39
def test_token(client: TestClient):
    response = client.get("/items", headers={"Authorization": "Bearer testtoken"})
    assert response.status_code == 200, response.text
    assert response.json() == {"token": "testtoken"}


@needs_py39
def test_incorrect_token(client: TestClient):
    response = client.get("/items", headers={"Authorization": "Notexistent testtoken"})
    assert response.status_code == 401, response.text

)

func init() {
	flag.StringVar(&stsEndpoint, "sts-ep", "http://localhost:9000", "STS endpoint")
	flag.StringVar(&idpEndpoint, "idp-ep", "http://localhost:8080/auth/realms/minio/protocol/openid-connect/token", "IDP token endpoint")
	flag.StringVar(&clientID, "cid", "", "Client ID")
	flag.StringVar(&clientSecret, "csec", "", "Client secret")
}

func getTokenExpiry() (*credentials.ClientGrantsToken, error) {
	data := url.Values{}

  --advertise-client-urls http://0.0.0.0:2379 \
  --listen-peer-urls http://0.0.0.0:2380 \
  --initial-advertise-peer-urls http://0.0.0.0:2380 \
  --initial-cluster s1=http://0.0.0.0:2380 \
  --initial-cluster-token tkn \
  --initial-cluster-state new
```

You may also setup etcd with TLS following this documentation [here](https://coreos.com/etcd/docs/latest/op-guide/security.html)

### 3. Setup MinIO with etcd

@SuppressWarnings ( "javadoc" )
public class KerberosPacAuthData extends KerberosAuthData {

    private Pac pac;


    public KerberosPacAuthData ( byte[] token, Map<Integer, KerberosKey> keys ) throws PACDecodingException {
        this.pac = new Pac(token, keys);
    }


    public Pac getPac () {
        return this.pac;
    }

    private byte apOptions;
    private KerberosTicket ticket;


    public KerberosApRequest ( byte[] token, KerberosKey[] keys ) throws PACDecodingException {
        this(parseSequence(token), keys);
    }

    private static ASN1Sequence parseSequence(byte[] token) throws PACDecodingException {
        if ( token.length <= 0 )
            throw new PACDecodingException("Empty kerberos ApReq");

        ASN1Sequence sequence;

                            state = 0;
                            break;
                        }
    
                        try {
                            token = nctx.initSecContext(token, 0, token.length);
                        } catch (SmbException se) {
                            /* We must close the transport or the server will be expecting a

重複したヘッダーのすべての値をPythonの`list`として受け取ることができます。

例えば、複数回出現する可能性のある`X-Token`のヘッダを定義するには、以下のように書くことができます:

```Python hl_lines="9"
{!../../docs_src/header_params/tutorial003.py!}
```

もし、その*path operation*で通信する場合は、次のように２つのHTTPヘッダーを送信します:

```
X-Token: foo
X-Token: bar
```

このレスポンスは以下のようになります:

```JSON
{
    "X-Token values": [
        "bar",
        "foo"
    ]
}
```

## まとめ

bearer_scheme = HTTPBearer()


class Subscription(BaseModel):
    username: str
    monthly_fee: float
    start_date: datetime


@app.webhooks.post("new-subscription")
def new_subscription(
    body: Subscription, token: Annotated[str, Security(bearer_scheme)]
):
    """
    When a new user subscribes to your service we'll send you a POST request with this
    data to the URL that you register for the event `new-subscription` in the dashboard.