t.Fatalf("unable to write previously parsed content: %s", err)
			}
		}

		if err := w.Close(); err != nil {
			t.Fatalf("Unable to write archive: %s", err)
		}

		// TODO: We may want to check if the archive roundtrips.
	})

But there are specific cases where it's useful to get the `Request` object.

## Use the `Request` object directly { #use-the-request-object-directly }

Let's imagine you want to get the client's IP address/host inside of your *path operation function*.

For that you need to access the request directly.

{* ../../docs_src/using_request_directly/tutorial001_py39.py hl[1,7:8] *}

If you want to secure your API, there are several better things you can do, for example:

* Make sure you have well defined Pydantic models for your request bodies and responses.
* Configure any required permissions and roles using dependencies.

# We're about to delete all but the cross-compiled binaries.
cd ..
if [ "$goos" = "$gohostos" -a "$goarch" = "$gohostarch" ]; then
	# cross-compile for local system. nothing to copy.
	# useful if you've bootstrapped yourself but want to
	# prepare a clean toolchain for others.
	true
else
	rm -f bin/go_${goos}_${goarch}_exec
	mv bin/*_*/* bin
	rmdir bin/*_*
	rm -rf "pkg/${gohostos}_${gohostarch}" "pkg/tool/${gohostos}_${gohostarch}"
fi

    triggerBuild = always()
    withPendingChangesOnly = pendingChangesOnly
    enabled = true
    // https://www.jetbrains.com/help/teamcity/2022.04/configuring-schedule-triggers.html#general-syntax-1
    // We want it to be triggered only when there're pending changes in the specific vcs root, i.e. GradleMaster/GradleRelease
    triggerRules = "+:root=${branch.vcsRootId()}:."
    branchFilter = "+:<default>"
}

        token_url, data=data, verify=False,
        allow_redirects=False, auth=(client_id, client_secret))

    print('body: ' + id_token_response.text)

    # we can now use the id_token as much as we want to access protected resources.
    tokens = json.loads(id_token_response.text)
    id_token = tokens['id_token']

    response = sts_client.assume_role_with_web_identity(

   * necessary. No observable state associated with this cache is modified until loading completes.
   *
   * <p>If another call to {@link #get} or {@link #getUnchecked} is currently loading the value for
   * {@code key}, simply waits for that thread to finish and returns its loaded value. Note that
   * multiple threads can concurrently load values for distinct keys.
   *

   * {@code throws} clause: Some such methods can in fact throw a checked exception (e.g., by
   * calling code written in Kotlin).) Typically, we want to let a {@link Throwable} from such a
   * method propagate untouched, just as we'd typically let it do for a non-reflective call.
   * However, we can't usually write {@code throw t;} when {@code t} has a static type of {@link

/// warning

This is a more or less advanced section. If you are just starting, you can skip it.

You don't necessarily need OAuth2 scopes, and you can handle authentication and authorization however you want.

But OAuth2 with scopes can be nicely integrated into your API (with OpenAPI) and your API docs.

Nevertheless, you still enforce those scopes, or any other security/authorization requirement, however you need, in your code.

But it's possible to customize it, you can set a specific CDN, or serve the files yourself.

## Custom CDN for JavaScript and CSS { #custom-cdn-for-javascript-and-css }

Let's say that you want to use a different <abbr title="Content Delivery Network">CDN</abbr>, for example you want to use `https://unpkg.com/`.

This could be useful if for example you live in a country that restricts some URLs.

### Disable the automatic docs { #disable-the-automatic-docs }