Если клиент попробует отправить дополнительные данные, то в ответ он получит **ошибку**.

Например, если клиент попытается отправить поля формы:

* `username`: `Rick`
* `password`: `Portal Gun`
* `extra`: `Mr. Poopybutthole`

То в ответ он получит **ошибку**, сообщающую ему, что поле `extra` не разрешено:

```json
{
    "detail": [
        {
            "type": "extra_forbidden",

  }

  @Test
  fun decodePassword() {
    assertThat(parse("http://user:password@host/").password).isEqualTo("password")
    assertThat(parse("http://user:@host/").password).isEqualTo("")
    assertThat(parse("http://user:%F0%9F%8D%A9@host/").password)
      .isEqualTo("\uD83C\uDF69")
  }

  @Test
  fun decodeSlashCharacterInDecodedPathSegment() {

                                    <label for="password" class="col-sm-3 text-sm-right col-form-label"><la:message
                                            key="labels.user_password"/></label>
                                    <div class="col-sm-9">
                                        <la:errors property="password"/>
                                        <la:password styleId="password" property="password" styleClass="form-control"/>

But first, let's check some small concepts.

## In a hurry? { #in-a-hurry }

If you don't care about any of these terms and you just need to add security with authentication based on username and password *right now*, skip to the next chapters.

## OAuth2 { #oauth2 }

OAuth2 is a specification that defines several ways to handle authentication and authorization.

        });
    }

    /**
     * Changes the password for a user in the LDAP directory.
     *
     * @param username the username of the user
     * @param password the new password
     * @return true if the password was changed successfully, false otherwise
     */
    public boolean changePassword(final String username, final String password) {
        if (!fessConfig.isLdapAdminEnabled(username)) {

        val credentialHeader = if (proxyAuthorization) "Proxy-Authorization" else "Authorization"
        val credential =
          Credentials.basic(
            auth.userName,
            String(auth.password),
            challenge.charset,
          )
        return request
          .newBuilder()
          .header(credentialHeader, credential)
          .build()
      }
    }

            adduser --quiet \
                    --system \
                    --no-create-home \
                    --ingroup "$FESS_GROUP" \
                    --disabled-password \
                    --shell /bin/false \
                    --home "$FESS_USER_HOME"  \
                    "$FESS_USER"
            echo " OK"
        fi
    ;;
    abort-deconfigure|abort-upgrade|abort-remove)

## Über Integrationen von Drittanbietern

In diesem Beispiel verwenden wir den OAuth2-Flow „Password“.

Das ist angemessen, wenn wir uns bei unserer eigenen Anwendung anmelden, wahrscheinlich mit unserem eigenen Frontend.

Weil wir darauf vertrauen können, dass es den `username` und das `password` erhält, welche wir kontrollieren.

    },

    PASSWORD {
      override fun urlString(value: String): String = "http://:$******@****.***/"

      override fun encodedValue(url: HttpUrl): String = url.encodedPassword

      override operator fun set(
        builder: HttpUrl.Builder,
        value: String,
      ) {
        builder.password(value)
      }

    val encodedUsername: String = httpUrl.encodedUsername()
    val username: String = httpUrl.username()
    val encodedPassword: String = httpUrl.encodedPassword()
    val password: String = httpUrl.password()
    val host: String = httpUrl.host()
    val port: Int = httpUrl.port()
    val pathSize: Int = httpUrl.pathSize()
    val encodedPath: String = httpUrl.encodedPath()