MockResponse(
        code = 302,
        headers = headersOf("Location", "/b"),
      ),
    )
    server.enqueue(MockResponse())

    val request = Request(server.url("/"))
    val call = client.newCall(request)
    val response = call.execute()

    assertThat(response.request.url.encodedPath).isEqualTo("/b")
    assertThat(response.request.headers).isEqualTo(headersOf())
  }

async def get_current_user(token: str = Depends(oauth2_scheme)):
    credentials_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials",
        headers={"WWW-Authenticate": "Bearer"},
    )
    try:
        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
        username = payload.get("sub")
        if username is None:

  return millis.toInt()
}

internal fun List<Header>.toHeaders(): Headers {
  val builder = Headers.Builder()
  for ((name, value) in this) {
    builder.addLenient(name.utf8(), value.utf8())
  }
  return builder.build()
}

internal fun Headers.toHeaderList(): List<Header> =
  (0 until size).map {
    Header(name(it), value(it))
  }

## Version 4.9.2

_2021-09-30_

 *  Fix: Don't include potentially-sensitive header values in `Headers.toString()` or exceptions.
    This applies to `Authorization`, `Cookie`, `Proxy-Authorization`, and `Set-Cookie` headers.
 *  Fix: Don't crash with an `InaccessibleObjectException` when running on JDK17+ with strong
    encapsulation enabled.

     */
    @JvmField
    val FORCE_CACHE = commonForceCache()

    /**
     * Returns the cache directives of [headers]. This honors both Cache-Control and Pragma headers
     * if they are present.
     */
    @JvmStatic
    fun parse(headers: Headers): CacheControl = commonParse(headers)
  }

    )

    val call = client.newCall(Request(server.url("/")))
    call.execute().use { response ->
      assertThat(response.headers["Content-Length"]).isNull()
      assertThat(response.body.source().readUtf8()).isEqualTo("Hello")
      assertThat(response.trailers()).isEqualTo(Headers.EMPTY)
    }
  }

  @Test
  fun cancelWhileReadingTrailersHttp1() {
    cancelWhileReadingTrailers(Protocol.HTTP_1_1)
  }

* [X-Forwarded-Proto](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Proto)
* [X-Forwarded-Host](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Host)

///

### Activer les en-têtes transférés par le proxy { #enable-proxy-forwarded-headers }

async def read_items():
    return {"id": "foo"}


client = TestClient(app)


def test_swagger_ui():
    response = client.get("/docs")
    assert response.status_code == 200, response.text
    assert response.headers["content-type"] == "text/html; charset=utf-8"
    assert "swagger-ui-dist" in response.text
    print(client.base_url)
    assert (
        f"oauth2RedirectUrl: window.location.origin + '{swagger_ui_oauth2_redirect_url}'"

    }

    // Test that all expected headers are set
    @Test
    public void test_allCorsHeadersAreSet() {
        String testOrigin = "https://example.com";
        HttpServletRequest request = createMockRequest();
        HttpServletResponse response = createMockResponse();

        corsHandler.process(testOrigin, request, response);

        // Check all CORS headers are present

            200,
            {"hidden_header": "somevalue"},
        ),
    ],
)
def test_hidden_header(path, headers, expected_status, expected_response):
    client = TestClient(app)
    response = client.get(path, headers=headers)
    assert response.status_code == expected_status
    assert response.json() == expected_response


def test_hidden_path():
    client = TestClient(app)