Створюйте параметри форми так само як Ви б створювали `Body` або `Query`:

{* ../../docs_src/request_forms/tutorial001_an_py39.py hl[9] *}

Наприклад, один зі способів використання специфікації OAuth2 (так званий "password flow") вимагає надсилати `username` та `password` як поля форми.

<abbr title="Специфікація">spec</abbr> вимагає, щоб ці поля мали точні назви `username` і `password` та надсилалися у вигляді полів форми, а не JSON.

    "name": "core-api",
    "path": "subprojects/core-api",
    "unitTests": true,
    "functionalTests": true,
    "crossVersionTests": false
  },
  {
    "name": "core-flow-services-api",
    "path": "platforms/core-configuration/core-flow-services-api",
    "unitTests": false,
    "functionalTests": true,
    "crossVersionTests": false
  },
  {
    "name": "core-kotlin-extensions",

  # Options for controlling the logger.
  logger:
    level: "debug"
    format: "text" # can also be "json"

# Default values shown below
oauth2:
  # use ["code", "token", "id_token"] to enable implicit flow for web-only clients
  responseTypes: [ "code", "token", "id_token" ] # also allowed are "token" and "id_token"
  # By default, Dex will ask for approval to share data with application

package jcifs.spnego;

import jcifs.CIFSException;

/**
 * Exception thrown during SPNEGO authentication processing.
 *
 * This exception indicates an error in SPNEGO token processing,
 * negotiation, or authentication flow.
 *
 * @author mbechler
 */
public class SpnegoException extends CIFSException {

    /**
     *
     */
    private static final long serialVersionUID = -4591854684249021395L;

    /**

## `username` und `password` entgegennehmen { #get-the-username-and-password }

Wir werden **FastAPIs** Sicherheits-Werkzeuge verwenden, um den `username` und das `password` entgegenzunehmen.

OAuth2 spezifiziert, dass der Client/Benutzer bei Verwendung des „Password Flow“ (den wir verwenden) die Felder `username` und `password` als Formulardaten senden muss.

Now let's build from the previous chapter and add the missing parts to have a complete security flow.

## Get the `username` and `password` { #get-the-username-and-password }

We are going to use **FastAPI** security utilities to get the `username` and `password`.

OAuth2 specifies that when using the "password flow" (that we are using) the client/user must send a `username` and `password` fields as form data.

{* ../../docs_src/request_forms/tutorial001_an_py39.py hl[9] *}

Zum Beispiel stellt eine der Möglichkeiten, die OAuth2-Spezifikation zu verwenden (genannt „password flow“), die Bedingung, einen `username` und ein `password` als Formularfelder zu senden.

    void noInteraction_whenExceptionOccursBeforeCall() {
        // Arrange
        Runnable r = mock(Runnable.class);

        // Act: simulate control flow where the exception happens before any collaborator is used
        try {
            throw new SmbUnsupportedOperationException();
        } catch (SmbUnsupportedOperationException ignored) {
            // ignore

    * HTTP Digest, usw.
* `oauth2`: Alle OAuth2-Methoden zum Umgang mit Sicherheit (genannt „Flows“).
    * Mehrere dieser Flows eignen sich zum Aufbau eines OAuth 2.0-Authentifizierungsanbieters (wie Google, Facebook, X (Twitter), GitHub usw.):
        * `implicit`
        * `clientCredentials`
        * `authorizationCode`

    * HTTP Digest, etc.
* `oauth2`: all the OAuth2 ways to handle security (called "flows").
    * Several of these flows are appropriate for building an OAuth 2.0 authentication provider (like Google, Facebook, X (Twitter), GitHub, etc):
        * `implicit`
        * `clientCredentials`
        * `authorizationCode`
    * But there is one specific "flow" that can be perfectly used for handling authentication in the same application directly: