* Search criteria: authentication ID.
     */
    public String id;

    /**
     * Search criteria: port number.
     */
    public String port;

    /**
     * Search criteria: username.
     */
    public String username;

    /**
     * Search criteria: web configuration ID.
     */
    public String webConfigId;

    /**
     * Search criteria: creator user.
     */

from fastapi import FastAPI
from pydantic import BaseModel, EmailStr

app = FastAPI()


class BaseUser(BaseModel):
    username: str
    email: EmailStr
    full_name: str | None = None


class UserIn(BaseUser):
    password: str


@app.post("/user/")
async def create_user(user: UserIn) -> BaseUser:

from fastapi import FastAPI
from pydantic import BaseModel, EmailStr

app = FastAPI()


class UserIn(BaseModel):
    username: str
    password: str
    email: EmailStr
    full_name: str | None = None


# Don't do this in production!
@app.post("/user/")
async def create_user(user: UserIn) -> UserIn:

## 校验 `username` 与数据形状 { #verify-the-username-and-data-shape }

我们校验是否获取到了 `username`，并提取作用域。

然后使用 Pydantic 模型验证这些数据（捕获 `ValidationError` 异常），如果读取 JWT 令牌或用 Pydantic 验证数据时出错，就抛出我们之前创建的 `HTTPException`。

为此，我们给 Pydantic 模型 `TokenData` 添加了一个新属性 `scopes`。

通过用 Pydantic 验证数据，我们可以确保确实得到了例如一个由作用域组成的 `list[str]`，以及一个 `str` 类型的 `username`。

而不是，例如得到一个 `dict` 或其它什么，这可能会在后续某个时刻破坏应用，形成安全风险。

{
    "properties": {
      "hostname": {
        "type": "keyword"
      },
      "port": {
        "type": "integer"
      },
      "protocolScheme": {
        "type": "keyword"
      },
      "username": {
        "type": "keyword"
      },
      "password": {
        "type": "keyword"
      },
      "parameters": {
        "type": "keyword"
      },
      "fileConfigId": {
        "type": "keyword"
      },

      },
      "port": {
        "type": "integer"
      },
      "authRealm": {
        "type": "keyword"
      },
      "protocolScheme": {
        "type": "keyword"
      },
      "username": {
        "type": "keyword"
      },
      "password": {
        "type": "keyword"
      },
      "parameters": {
        "type": "keyword"
      },
      "webConfigId": {
        "type": "keyword"

	oeConfig DiscoveryDoc
	client   http.Client
	adminURL string
	realm    string

	// internal value refreshed
	accessToken Token
}

// LoginWithUser authenticates username/password, not needed for Keycloak
func (k *KeycloakProvider) LoginWithUser(username, password string) error {
	return ErrNotImplemented
}

// LoginWithClientID is implemented by Keycloak service account support

    private static final String LOGIN_PARAMETERS = "login_parameters";

    private static final String PASSWORD = "${password}";

    private static final String USERNAME = "${username}";

    private final Map<String, String> parameterMap;

    /**
     * Constructs a FormScheme with the given parameter map.
     * @param parameterMap The map of parameters.
     */

	opts.Port = 14223
	opts.Username = "testminio"
	opts.Password = "miniotest"
	s := natsserver.RunServer(&opts)
	defer s.Shutdown()

	clientConfig := &NATSArgs{
		Enable: true,
		Address: xnet.Host{
			Name:      "localhost",
			Port:      (xnet.Port(opts.Port)),
			IsPortSet: true,
		},
		Subject:  "test",
		Username: opts.Username,
		Password: opts.Password,
	}

from pydantic import BaseModel

app = FastAPI()


class Item(BaseModel):
    name: str
    description: str | None = None
    price: float
    tax: float | None = None


class User(BaseModel):
    username: str
    full_name: str | None = None


@app.put("/items/{item_id}")
async def update_item(
    *,
    item_id: int,
    item: Item,
    user: User,
    importance: Annotated[int, Body(gt=0)],