from dirty_equals import IsDict
from fastapi.testclient import TestClient

from docs_src.security.tutorial003 import app

client = TestClient(app)


def test_login():
    response = client.post("/token", data={"username": "johndoe", "password": "secret"})
    assert response.status_code == 200, response.text
    assert response.json() == {"access_token": "johndoe", "token_type": "bearer"}


def test_login_incorrect_password():

from base64 import b64encode

from fastapi.testclient import TestClient

from docs_src.security.tutorial006_an import app

client = TestClient(app)


def test_security_http_basic():
    response = client.get("/users/me", auth=("john", "secret"))
    assert response.status_code == 200, response.text
    assert response.json() == {"username": "john", "password": "secret"}


def test_security_http_basic_no_credentials():

### 身份验证

点击**Authorize**按钮。

使用以下凭证：

用户名：`johndoe`

密码：`secret`

<img src="https://fastapi.tiangolo.com/img/tutorial/security/image04.png">

通过身份验证后，显示下图所示的内容：

<img src="https://fastapi.tiangolo.com/img/tutorial/security/image05.png">

### 获取当前用户数据

使用 `/users/me` 路径的 `GET` 操作。

可以提取如下当前用户数据：

```JSON
{
  "username": "johndoe",

from dirty_equals import IsDict, IsOneOf
from fastapi.testclient import TestClient

from docs_src.security.tutorial005 import (
    app,
    create_access_token,
    fake_users_db,
    get_password_hash,
    verify_password,
)

client = TestClient(app)


def get_access_token(username="johndoe", password="secret", scope=None):
    data = {"username": username, "password": password}
    if scope:
        data["scope"] = scope

   - Venkat6871
# A list of assignees for compiler folder
compiler_assignees:
   - joker-eph
   - sanjoy
# filesystem path
filesystem_path:
   - tensorflow/c/experimental/filesystem
# security path
security_path:
   - tensorflow/security
# words checklist
segfault_memory:
   - segfault
   - memory leaks
# assignees
filesystem_security_assignee:
   - mihaimaruseac
   
# Cuda Comment
cuda_comment: >

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3.dnsoverhttps

import java.io.File
import java.net.UnknownHostException
import java.security.Security
import okhttp3.Cache
import okhttp3.HttpUrl.Companion.toHttpUrl
import okhttp3.OkHttpClient
import okhttp3.dnsoverhttps.DohProviders.providers
import org.conscrypt.OpenSSLProvider

private fun runBatch(

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3.internal.platform

import java.security.KeyStore
import java.security.Provider
import javax.net.ssl.SSLContext
import javax.net.ssl.SSLSocket
import javax.net.ssl.SSLSocketFactory
import javax.net.ssl.TrustManagerFactory
import javax.net.ssl.X509TrustManager

package okhttp3.sample;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import okhttp3.mockwebserver.Dispatcher;

### Security and authentication

Security and authentication integrated. Without any compromise with databases or data models.

All the security schemes defined in OpenAPI, including:

* HTTP Basic.
* **OAuth2** (also with **JWT tokens**). Check the tutorial on [OAuth2 with JWT](tutorial/security/oauth2-jwt.md){.internal-link target=_blank}.
* API keys in:

import com.google.common.testing.NullPointerTester;
import java.security.Key;
import java.util.Arrays;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import junit.framework.TestCase;
import org.checkerframework.checker.nullness.qual.Nullable;
import sun.security.jca.ProviderList;
import sun.security.jca.Providers;

/**
 * Tests for the MacHashFunction.
 *