response = client.get("/items/", headers={"X-Token": "invalid"})
    assert response.status_code == 400, response.text
    assert response.json() == {"detail": "X-Token header invalid"}


def test_get_invalid_second_header(client: TestClient):
    response = client.get(
        "/items/", headers={"X-Token": "fake-super-secret-token", "X-Key": "invalid"}
    )
    assert response.status_code == 400, response.text

func getListObjectsV2Args(values url.Values) (prefix, token, startAfter, delimiter string, fetchOwner bool, maxkeys int, encodingType string, errCode APIErrorCode) {
	errCode = ErrNone

	// The continuation-token cannot be empty.
	if val, ok := values["continuation-token"]; ok {
		if len(val[0]) == 0 {
			errCode = ErrIncorrectContinuationToken
			return prefix, token, startAfter, delimiter, fetchOwner, maxkeys, encodingType, errCode
		}

Наприклад, щоб оголосити заголовок `X-Token`, який може з’являтися більше ніж один раз:

{* ../../docs_src/header_params/tutorial003_an_py310.py hl[9] *}

Якщо Ви взаємодієте з цією операцією шляху, надсилаючи два HTTP-заголовки, наприклад:

```
X-Token: foo
X-Token: bar
```

Відповідь буде така:

```JSON
{
    "X-Token values": [
        "bar",
        "foo"
    ]
}
```

package provider

import (
	"encoding/json"
	"errors"
	"fmt"
	"net/http"
	"net/url"
	"path"
	"strings"
	"sync"
)

// Token - parses the output from IDP id_token.
type Token struct {
	AccessToken string `json:"access_token"`
	Expiry      int    `json:"expires_in"`
}

// KeycloakProvider implements Provider interface for KeyCloak Identity Provider.

For example, to declare a header of `X-Token` that can appear more than once, you can write:

{* ../../docs_src/header_params/tutorial003_an_py310.py hl[9] *}

If you communicate with that *path operation* sending two HTTP headers like:

```
X-Token: foo
X-Token: bar
```

The response would be like:

```JSON
{
    "X-Token values": [
        "bar",
        "foo"
    ]
}
```

    with pytest.raises(WebSocketDisconnect):
        with client.websocket_connect("/items/bar/ws?token=some-token") as websocket:
            message = "Message one"
            websocket.send_text(message)
            data = websocket.receive_text()
            assert data == "Session cookie or query token value is: some-token"
            data = websocket.receive_text()

    the add-opens. Right now that doesn't seem worth the effort, though.
    -->
    <test.add.opens>
      --add-opens java.base/java.lang=ALL-UNNAMED
      --add-opens java.base/java.util=ALL-UNNAMED
      --add-opens java.base/sun.security.jca=ALL-UNNAMED
    </test.add.opens>
    <module.status>integration</module.status>

    the add-opens. Right now that doesn't seem worth the effort, though.
    -->
    <test.add.opens>
      --add-opens java.base/java.lang=ALL-UNNAMED
      --add-opens java.base/java.util=ALL-UNNAMED
      --add-opens java.base/sun.security.jca=ALL-UNNAMED
    </test.add.opens>
    <module.status>integration</module.status>

		case "Endpoint":
			z.Endpoint, err = dc.ReadString()
			if err != nil {
				err = msgp.WrapError(err, "Endpoint")
				return
			}
		case "Token":
			z.Token, err = dc.ReadString()
			if err != nil {
				err = msgp.WrapError(err, "Token")
				return
			}
		default:
			err = dc.Skip()
			if err != nil {
				err = msgp.WrapError(err)
				return
			}
		}
	}
	return
}

permissions:
  issues: write

concurrency:
  group: lock

jobs:
  action:
    runs-on: ubuntu-latest
    steps:
      - uses: dessant/lock-threads@v3
        with:
          github-token: ${{ github.token }}
          issue-inactive-days: '365'
          exclude-any-issue-labels: 'do-not-close'
          issue-lock-reason: 'resolved'