/// info | Технічні деталі

**FastAPI** знатиме, що може використати клас `OAuth2PasswordBearer` (оголошений у залежності), щоб визначити схему безпеки в OpenAPI, тому що він наслідує `fastapi.security.oauth2.OAuth2`, який своєю чергою наслідує `fastapi.security.base.SecurityBase`.

Усі утиліти безпеки, які інтегруються з OpenAPI (і автоматичною документацією API), наслідують `SecurityBase`. Так **FastAPI** розуміє, як інтегрувати їх в OpenAPI.

///

{* ../../docs_src/security/tutorial002_an_py310.py hl[25] *}

## 取得使用者 { #get-the-user }

`get_current_user` 會使用我們建立的（假的）工具函式，它接收一個作為 `str` 的 token，並回傳我們的 Pydantic `User` 模型：

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## 注入目前使用者 { #inject-the-current-user }

現在我們可以在*路徑操作*中用相同的 `Depends` 來使用 `get_current_user`：

{* ../../docs_src/security/tutorial002_an_py310.py hl[31] *}

* 导入 `HTTPBasic` 与 `HTTPBasicCredentials`
* 使用 `HTTPBasic` 创建**安全方案**
* 在*路径操作*的依赖项中使用 `security`
* 返回类型为 `HTTPBasicCredentials` 的对象：
    * 包含发送的 `username` 与 `password`

{* ../../docs_src/security/tutorial006_an_py310.py hl[4,8,12] *}

第一次打开 URL（或在 API 文档中点击 **Execute** 按钮）时，浏览器要求输入用户名与密码：

<img src="/img/tutorial/security/image12.png">

## 检查用户名 { #check-the-username }

以下是更完整的示例。

使用依赖项检查用户名与密码是否正确。

Since, the client would have the session it can do it by itself.

The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to MinIO API operations. The policy applied to these temporary credentials is inherited from the MinIO user credentials. By default, the temporary security credentials created by AssumeRole last for one hour. However, use the optional DurationSeconds...

the identity of the caller is validated by using a JWT access token from the identity provider. The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to MinIO API operations.

By default, the temporary security credentials created by AssumeRoleWithClientGrants last for one hour. However, use the optional DurationSeconds parameter to specify the duration of the...

        final int negotiateContextOffset = SMBUtil.readInt4(buffer, bufferIndex);
        bufferIndex += 4;

        // Validate security buffer parameters
        if (securityBufferLength < 0 || securityBufferLength > 65536) { // 64KB max for security buffer
            throw new SMBProtocolDecodingException("Invalid security buffer length: " + securityBufferLength + " (must be 0-65536)");
        }
        if (securityBufferOffset < 0) {

        assertNull(response.getSecurityDescriptor());
    }

    @Test
    @DisplayName("Test readDataWireFormat with valid security descriptor")
    void testReadDataWireFormatWithValidSecurityDescriptor() throws Exception {
        // Create a minimal valid security descriptor buffer
        byte[] buffer = createValidSecurityDescriptorBuffer();

        // Set error code to 0
        setErrorCode(response, 0);

from fastapi import Depends, FastAPI, Security
from fastapi.security import SecurityScopes
from fastapi.testclient import TestClient

app = FastAPI()


def get_user(required_scopes: SecurityScopes):
    return "john", required_scopes.scopes


def get_user_override(required_scopes: SecurityScopes):
    return "alice", required_scopes.scopes


def get_data():
    return [1, 2, 3]


def get_data_override():

            str | None,
            Doc(
                """
                Security scheme name.

                It will be included in the generated OpenAPI (e.g. visible at `/docs`).
                """
            ),
        ] = None,
        description: Annotated[
            str | None,
            Doc(
                """
                Security scheme description.

 */

package jcifs.smb1.dcerpc;

import jcifs.smb1.dcerpc.ndr.NdrBuffer;

/**
 * Interface for DCERPC security providers that handle message protection
 */
public interface DcerpcSecurityProvider {
    /**
     * Wraps outgoing DCERPC message data for security protection
     * @param outgoing the buffer containing data to be wrapped
     * @throws DcerpcException if the wrapping operation fails
     */