* of SSO authentication and authorization processes. It extends FessSystemException
 * to provide consistent error handling within the Fess system for SSO-related
 * processing failures such as token validation errors, communication failures
 * with SSO providers, or configuration issues.
 */
public class SsoProcessException extends FessSystemException {

    private static final long serialVersionUID = 1L;

          rm -rf ./site
          mkdir ./site
      - uses: actions/download-artifact@v5
        with:
          path: ./site/
          pattern: docs-site-*
          merge-multiple: true
          github-token: ${{ secrets.GITHUB_TOKEN }}
          run-id: ${{ github.event.workflow_run.id }}
      - name: Deploy to Cloudflare Pages
        # hashFiles returns an empty string if there are no files
        if: hashFiles('./site/*')

</div>

📂 👆 🖥 <a href="http://127.0.0.1:8000" class="external-link" target="_blank">http://127.0.0.1:8000</a>.

📤 👆 💪 ⚒:

*  "🏬 🆔", ⚙️ ➡.
*  "🤝" ⚙️ 🔢 🔢.

/// tip

👀 👈 🔢 `token` 🔜 🍵 🔗.

///

⏮️ 👈 👆 💪 🔗 *️⃣ &amp; ⤴️ 📨 &amp; 📨 📧:

<img src="/img/tutorial/websockets/image05.png">

## 🚚 🔀 &amp; 💗 👩‍💻

    * Um parâmetro query.
    * Um header.
    * Um cookie.
* `http`: padrão HTTP de sistemas autenticação, incluindo:
    * `bearer`: um header de `Authorization` com valor de `Bearer` adicionado de um token. Isso é herança do OAuth2.
    * HTTP Basic authentication.
    * HTTP Digest, etc.
* `oauth2`: todas as formas do OAuth2 para lidar com segurança (chamados "fluxos").

   * Sec-Token-Binding}</a> header field name.
   *
   * @since 25.1
   */
  public static final String SEC_TOKEN_BINDING = "Sec-Token-Binding";

  /**
   * The HTTP <a href="https://datatracker.ietf.org/doc/html/draft-ietf-tokbind-ttrp">{@code
   * Sec-Provided-Token-Binding-ID}</a> header field name.
   *
   * @since 25.1
   */

It might also help avoid confusion for new developers that see an unused parameter in your code and could think it's unnecessary.

///

/// info

In this example we use invented custom headers `X-Key` and `X-Token`.

But in real cases, when implementing security, you would get more benefits from using the integrated [Security utilities (the next chapter)](../security/index.md){.internal-link target=_blank}.

///

        }
        try {
            NegTokenInit tok = new NegTokenInit(initialToken);
            if (log.isDebugEnabled()) {
                log.debug("Have initial token " + tok);
            }
            if (tok.getMechanisms() != null) {
                Set<ASN1ObjectIdentifier> mechs = new HashSet<>(Arrays.asList(tok.getMechanisms()));
                boolean foundKerberos = false;

# 現在のユーザーの取得

一つ前の章では、（依存性注入システムに基づいた）セキュリティシステムは、 *path operation関数* に `str` として `token` を与えていました:

{* ../../docs_src/security/tutorial001.py hl[10] *}

しかし、それはまだそんなに有用ではありません。

現在のユーザーを取得するようにしてみましょう。

## ユーザーモデルの作成

まずは、Pydanticのユーザーモデルを作成しましょう。

ボディを宣言するのにPydanticを使用するのと同じやり方で、Pydanticを別のどんなところでも使うことができます:

{* ../../docs_src/security/tutorial002.py hl[5,12:16] *}

## 依存関係 `get_current_user` を作成

                                                key="labels.access_token_token"/></label>
                                        <div class="col-sm-9">
                                                ${f:h(token)}
                                        </div>
                                    </div>
                                </c:if>
                                <div class="form-group row">

            doColumn("parameter_name");
        }

        public void columnPermissions() {
            doColumn("permissions");
        }

        public void columnToken() {
            doColumn("token");
        }

        public void columnUpdatedBy() {
            doColumn("updatedBy");
        }

        public void columnUpdatedTime() {
            doColumn("updatedTime");
        }
    }