* `externalDocs`: 外部ドキュメントを説明する `dict`。以下を含みます:
    * `description`: 外部ドキュメントの短い説明の `str`。
    * `url` (**必須**): 外部ドキュメントのURLの `str`。

### タグのメタデータの作成 { #create-metadata-for-tags }

`users` と `items` のタグを使った例で試してみましょう。

タグのメタデータを作成し、それを `openapi_tags` パラメータに渡します:

{* ../../docs_src/metadata/tutorial004_py310.py hl[3:16,18] *}

    Property<String> getSomeProperty()
}
class Example {
    Property<NestedType> getNestedProperty()
}
```

This is unnecessary because users will have trouble creating instances of `NestedType` and merging different instances of `NestedType`. It's also more awkward for users to access the properties in the nested property.

If the nested type is a managed type (Gradle can generate its implementation), you can define a nested property with:

1. APIs marked with the `@Beta` annotation at the class or method level
are subject to change. They can be modified in any way, or even
removed, at any time. If your code is a library itself (i.e. it is
used on the CLASSPATH of users outside your own control), you should
not use beta APIs, unless you [repackage] them. **If your
code is a library, we strongly recommend using the [Guava Beta Checker] to
ensure that you do not use any `@Beta` APIs!**

     * changes: https://mail.openjdk.org/pipermail/core-libs-dev/2013-May/thread.html#17367
     *
     * TODO(cpovirk): decide what the best long-term action here is: force users
     * to suppress (as we do now), stop testing entrySet().add() at all, make
     * entrySet().add() tests tolerant of either behavior, introduce a map
     * feature for entrySet() that supports add(), or something else
     */

После аутентификации вы увидите следующее:

<img src="/img/tutorial/security/image05.png">

### Получение собственных пользовательских данных { #get-your-own-user-data }

Теперь используйте операцию `GET` с путём `/users/me`.

Вы получите свои пользовательские данные, например:

```JSON
{
  "username": "johndoe",
  "email": "******@****.***",
  "full_name": "John Doe",
  "disabled": false,

   *
   * @param values a series of values
   * @since 33.4.0 (but since 28.2 in the JRE flavor)
   */
  @IgnoreJRERequirement // Users will use this only if they're already using streams.
  public void addAll(DoubleStream values) {
    addAll(values.collect(StatsAccumulator::new, StatsAccumulator::add, StatsAccumulator::addAll));
  }

  /**

	q := r.Form
	opts.Buckets = q.Get("buckets") == "true"
	opts.Policies = q.Get("policies") == "true"
	opts.Groups = q.Get("groups") == "true"
	opts.Users = q.Get("users") == "true"
	opts.ILMExpiryRules = q.Get("ilm-expiry-rules") == "true"
	opts.PeerState = q.Get("peer-state") == "true"
	opts.Entity = madmin.GetSREntityType(q.Get("entity"))
	opts.EntityValue = q.Get("entityvalue")

AssumeRoleWithWebIdentity implementation supports specifying IAM policies in two ways:

1. Role Policy (Recommended): When specified as part of the OpenID provider configuration, all users authenticating via this provider are authorized to (only) use the specified role policy. The policy to associate with such users is specified via the `role_policy` configuration parameter or the `MINIO_IDENTITY_OPENID_ROLE_POLICY` environment variable. The value is a comma-separated list of IAM access policy names...

     */
    @Resource
    protected RoleBhv roleBhv;

    /**
     * The Fess configuration.
     */
    @Resource
    protected FessConfig fessConfig;

    /**
     * The behavior for users.
     */
    @Resource
    protected UserBhv userBhv;

    /**
     * Constructor.
     */
    public RoleService() {
        super();
    }

    /**

        SpnegoAuthenticator authenticator = new SpnegoAuthenticator();
        assertNotNull(authenticator);

        // The security warning comments should guide users to disable this in production
        // This is a compile-time check that the code structure is correct
        assertTrue(true);
    }

    @Test
    public void test_constantsExist() {