# Options for controlling the logger.
  logger:
    level: "debug"
    format: "text" # can also be "json"

# Default values shown below
oauth2:
  # use ["code", "token", "id_token"] to enable implicit flow for web-only clients
  responseTypes: [ "code", "token", "id_token" ] # also allowed are "token" and "id_token"
  # By default, Dex will ask for approval to share data with application

The sequence of execution before FastAPI 0.106.0 was like this diagram:

Time flows from top to bottom. And each column is one of the parts interacting or executing code.

```mermaid
sequenceDiagram

participant client as Client
participant handler as Exception handler

{* ../../docs_src/request_forms/tutorial001_an_py39.py hl[9] *}

Zum Beispiel stellt eine der Möglichkeiten, die OAuth2 Spezifikation zu verwenden (genannt <abbr title='„Passwort-Fluss“'>„password flow“</abbr>), die Bedingung, einen `username` und ein `password` als Formularfelder zu senden.

 */
@ExtendWith(MockitoExtension.class)
class SmbWatchHandleImplTest {

    @Mock
    SmbFileHandleImpl handle;

    @Mock
    SmbTreeHandleImpl tree;

    // Prepare SMB2 flow with a given response
    private void setupSmb2(NotifyResponse resp, byte[] fileId) throws Exception {
        when(handle.isValid()).thenReturn(true);
        when(handle.getTree()).thenReturn(tree);

{* ../../docs_src/request_forms/tutorial001_an_py39.py hl[9] *}

Por ejemplo, en una de las formas en las que se puede usar la especificación OAuth2 (llamada "password flow") se requiere enviar un `username` y `password` como campos de formulario.

Create form parameters the same way you would for `Body` or `Query`:

{* ../../docs_src/request_forms/tutorial001_an_py39.py hl[9] *}

For example, in one of the ways the OAuth2 specification can be used (called "password flow") it is required to send a `username` and `password` as form fields.

The <abbr title="specification">spec</abbr> requires the fields to be exactly named `username` and `password`, and to be sent as form fields, not JSON.

  /** Settings we communicate to the peer. */
  val okHttpSettings =
    Settings().apply {
      // Flow control was designed more for servers, or proxies than edge clients. If we are a client,
      // set the flow control window to 16MiB.  This avoids thrashing window updates every 64KiB, yet
      // small enough to avoid blowing up the heap.
      if (builder.client) {

API, and MinIO verifies this token by sending it to the Identity Management Plugin webhook. This plugin responds with some information and MinIO is able to generate temporary STS credentials to interact with object storage.

The authentication flow is similar to that of OpenID, however the token is "opaque" to MinIO - it is simply sent to the plugin for verification. CAVEAT: There is no console UI integration for this method of authentication and it is intended primarily for machine authentication....

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;

/**
 * Azure Active Directory (Azure AD) SSO authenticator implementation.
 * Handles OAuth2/OpenID Connect authentication flow with Azure AD.
 */
public class AzureAdAuthenticator implements SsoAuthenticator {

    private static final Logger logger = LogManager.getLogger(AzureAdAuthenticator.class);

    /**

This release also contains a number of bug fixes to the feature set. Aspiring plugin authors can look at [sample-exec-plugin](https://github.com/ankeesler/sample-exec-plugin) as a way to get started.