Closure configCache = {
    return {
      name "artifactory-gradle-release"
      url "https://artifactory.elstc.co/artifactory/gradle-release"
      credentials {
        username artifactoryCredentials.get("username")
        password artifactoryCredentials.get("token")
      }
    }
  }
  settingsEvaluated { settings ->
    settings.pluginManagement {
      repositories {
        maven configCache()

    private static final long serialVersionUID = 1L;

    /**
     * Constructs a new FessUserNotFoundException with the specified username.
     *
     * @param username the username that was not found
     */
    public FessUserNotFoundException(final String username) {
        super("User is not found: " + username);
    }

    /**
     * Create username/password credentials with specified domain
     *
     * @param domain the authentication domain
     * @param username the username
     * @param passwordHash
     *            NT password hash
     */
    public NtlmNtHashAuthenticator(final String domain, final String username, final byte[] passwordHash) {
        super(domain, username, (String) null, AuthenticationType.USER);

app = FastAPI()

oid = OpenIdConnect(openIdConnectUrl="/openid", auto_error=False)


class User(BaseModel):
    username: str


def get_current_user(oauth_header: str | None = Security(oid)):
    if oauth_header is None:
        return None
    user = User(username=oauth_header)
    return user


@app.get("/users/me")
def read_current_user(current_user: User | None = Depends(get_current_user)):

    }

    /**
     * Validates username
     *
     * @param username the username to validate
     * @throws IllegalArgumentException if username is invalid
     */
    public static void validateUsername(String username) {
        if (username == null) {
            return; // Null username allowed for anonymous
        }
        if (username.length() > MAX_USERNAME_LENGTH) {

from inline_snapshot import snapshot
from pydantic import BaseModel

app = FastAPI()

api_key = APIKeyHeader(name="key")


class User(BaseModel):
    username: str


def get_current_user(oauth_header: str = Security(api_key)):
    user = User(username=oauth_header)
    return user


@app.get("/users/me")
def read_current_user(current_user: User = Depends(get_current_user)):
    return current_user

	conn, err := l.LDAP.Connect()
	if err != nil {
		return nil, err
	}
	defer conn.Close()

	// Bind to the lookup user account
	if err = l.LDAP.LookupBind(conn); err != nil {
		return nil, err
	}

	// Check if the passed in username is a valid DN.
	if !l.ParsesAsDN(username) {
		// We consider it as a login username and attempt to check it exists in
		// the directory.

本章添加上一章示例中欠缺的部分，实现完整的安全流。

## 获取 `username` 和 `password` { #get-the-username-and-password }

首先，使用 **FastAPI** 安全工具获取 `username` 和 `password`。

OAuth2 规范要求使用“密码流”时，客户端或用户必须以表单数据形式发送 `username` 和 `password` 字段。

并且，这两个字段必须命名为 `username` 和 `password`，不能使用 `user-name` 或 `email` 等其它名称。

不过也不用担心，前端仍可以显示终端用户所需的名称。

数据库模型也可以使用所需的名称。

但对于登录*路径操作*，则要使用兼容规范的 `username` 和 `password`，（例如，实现与 API 文档集成）。

from pydantic import BaseModel

app = FastAPI()

api_key = APIKeyHeader(name="key", description="An API Key Header")


class User(BaseModel):
    username: str


def get_current_user(oauth_header: str = Security(api_key)):
    user = User(username=oauth_header)
    return user


@app.get("/users/me")
def read_current_user(current_user: User = Depends(get_current_user)):
    return current_user

이를 처리하기 위해 먼저 `username`과 `password`를 UTF-8로 인코딩해서 `bytes`로 변환합니다.

그런 다음 `secrets.compare_digest()`를 사용해 `credentials.username`이 `"stanleyjobson"`이고 `credentials.password`가 `"swordfish"`인지 확실히 확인할 수 있습니다.

{* ../../docs_src/security/tutorial007_an_py310.py hl[1,12:24] *}

이는 다음과 비슷합니다:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):