## Explore Further

- [Casdoor MinIO Integration](https://casdoor.org/docs/integration/minio)
- [MinIO STS Quickstart Guide](https://docs.min.io/community/minio-object-store/developers/security-token-service.html)

    * A query parameter.
    * A header.
    * A cookie.
* `http`: standard HTTP authentication systems, including:
    * `bearer`: a header `Authorization` with a value of `Bearer ` plus a token. This is inherited from OAuth2.
    * HTTP Basic authentication.
    * HTTP Digest, etc.
* `oauth2`: all the OAuth2 ways to handle security (called "flows").

        final PagingList<KuromojiItem> itemList = kuromojiFile.selectList(0, 5);
        for (int i = 0; i < itemList.size(); i++) {
            final KuromojiItem kuromojiItem = itemList.get(i);
            assertEquals("token" + (i + 1), kuromojiItem.getToken());
            assertEquals("seg" + (i + 1), kuromojiItem.getSegmentation());
            assertEquals("reading" + (i + 1), kuromojiItem.getReading());

If code depends on buggy (including insecure) behavior,
then fixing the bug will break that code.
New features can also have similar impacts:
enabling the HTTP/2 use by the HTTP client broke programs
connecting to servers with buggy HTTP/2 implementations.
These kinds of changes are unavoidable and
[permitted by the Go 1 compatibility rules](/doc/go1compat).
Even so, Go provides a mechanism called GODEBUG to

# Length of API access token.
api.access.token.length=60
# Whether API access token is required.
api.access.token.required=false
# API access token request parameter.
api.access.token.request.parameter=
# Permissions for API admin access.
api.admin.access.permissions=Radmin-api
# Accepted referers for API search.

        with:
          distribution: 'zulu'
          java-version: 17

      - uses: graalvm/setup-graalvm@v1
        with:
          distribution: 'graalvm'
          java-version: 21
          github-token: ${{ secrets.GITHUB_TOKEN }}
          cache: 'gradle'
          native-image-job-reports: true

      - name: Setup Gradle
        uses: gradle/actions/setup-gradle@v4

      - name: Run Checks

pkg debug/pe, const IMAGE_FILE_MACHINE_ARMNT ideal-int
pkg expvar, method (*Map) Delete(string)
pkg go/doc, const PreserveAST = 4
pkg go/doc, const PreserveAST Mode
pkg go/importer, func ForCompiler(*token.FileSet, string, Lookup) types.Importer
pkg go/token, method (*File) LineStart(int) Pos
pkg io, type StringWriter interface { WriteString }
pkg io, type StringWriter interface, WriteString(string) (int, error)
pkg log, method (*Logger) Writer() io.Writer

│   ├── main.py
│   └── test_main.py
```

➡️ 💬 👈 🔜 📁 `main.py` ⏮️ 👆 **FastAPI** 📱 ✔️ 🎏 **➡ 🛠️**.

⚫️ ✔️ `GET` 🛠️ 👈 💪 📨 ❌.

⚫️ ✔️ `POST` 🛠️ 👈 💪 📨 📚 ❌.

👯‍♂️ *➡ 🛠️* 🚚 `X-Token` 🎚.

{* ../../docs_src/app_testing/app_b/main.py *}

### ↔ 🔬 📁

👆 💪 ⤴️ ℹ `test_main.py` ⏮️ ↔ 💯:

{* ../../docs_src/app_testing/app_b/test_main.py *}

</AssumeRoleWithCertificateResponse>
```

## Authentication Flow

A client can request temp. S3 credentials via the STS API. It can authenticate via a client certificate and obtain a access/secret key pair as well as a session token. These credentials are associated to an S3 policy at the MinIO server.

* **Sicheres Passwort**-Hashing standardmäßig.
* **JWT-Token**-Authentifizierung.
* **SQLAlchemy**-Modelle (unabhängig von Flask-Erweiterungen, sodass sie direkt mit Celery-Workern verwendet werden können).
* Grundlegende Startmodelle für Benutzer (ändern und entfernen Sie nach Bedarf).