requiresNotEc2Agent()
        }

        paramsForBuildToolBuild(BuildToolBuildJvm, Os.LINUX)

        params {
            password("env.DEVELOCITY_ACCESS_KEY", "%ge.gradle.org.access.key%;%develocity.grdev.net.access.key%")
            password("env.ORG_GRADLE_PROJECT_botGradleGitHubToken", "%github.bot-gradle.token%")
        }

        features {

Now, whenever a browser is creating a user with a password, the API will return the same password in the response.

In this case, it might not be a problem, because it's the same user sending the password.

But if we use the same model for another *path operation*, we could be sending our user's passwords to every client.

/// danger

	contentType := r.Header.Get("Content-Type")
	if contentType != "application/octet-stream" {
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrBadRequest), r.URL)
		return
	}

	password := cred.SecretKey
	reqBytes, err := madmin.DecryptData(password, io.LimitReader(r.Body, r.ContentLength))
	if err != nil {
		adminLogIf(ctx, err)
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminConfigBadJSON), r.URL)
		return
	}

)

var DB *gorm.DB
var (
	mysqlDSN     = "gorm:gorm@tcp(localhost:9910)/gorm?charset=utf8&parseTime=True&loc=Local"
	postgresDSN  = "user=gorm password=gorm dbname=gorm host=localhost port=9920 sslmode=disable TimeZone=Asia/Shanghai"
	gaussdbDSN   = "user=gaussdb password=Gaussdb@123 dbname=gorm host=localhost port=9950 sslmode=disable TimeZone=Asia/Shanghai"
	sqlserverDSN = "sqlserver://sa:LoremIpsum86@localhost:9930?database=master"

        if (in == null) {
            throw new CrawlerSystemException("The inputstream is null.");
        }

        final String password = getPassword(params);
        try (PDDocument document = Loader.loadPDF(new RandomAccessReadBuffer(in), password)) {
            final StringWriter writer = new StringWriter();
            final PDFTextStripper stripper = new PDFTextStripper();

	ctx := r.Context()

	objAPI, cred := validateAdminReq(ctx, w, r, policy.SetTierAction)
	if objAPI == nil {
		return
	}

	password := cred.SecretKey
	reqBytes, err := madmin.DecryptData(password, io.LimitReader(r.Body, r.ContentLength))
	if err != nil {
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErrWithErr(ErrAdminConfigBadJSON, err), r.URL)
		return
	}

✍ 📨 🔢 🎏 🌌 👆 🔜 `Body` ⚖️ `Query`:

{* ../../docs_src/request_forms/tutorial001.py hl[7] *}

🖼, 1️⃣ 🌌 Oauth2️⃣ 🔧 💪 ⚙️ (🤙 "🔐 💧") ⚫️ ✔ 📨 `username` & `password` 📨 🏑.

<abbr title="specification">🔌</abbr> 🚚 🏑 ⚫️❔ 📛 `username` &amp; `password`, &amp; 📨 📨 🏑, 🚫 🎻.

⏮️ `Form` 👆 💪 📣 🎏 📳 ⏮️ `Body` (&amp; `Query`, `Path`, `Cookie`), 🔌 🔬, 🖼, 📛 (✅ `user-name` ↩️ `username`), ♒️.

/// info

  # from application to upstream provider such as the Google login page
  alwaysShowLoginScreen: false
  # Uncommend the passwordConnector to use a specific connector for password grants
  passwordConnector: local

# Instead of reading from an external storage, use this list of clients.
#
# If this option isn't chosen clients may be added through the gRPC API.
staticClients:

## About third party integrations { #about-third-party-integrations }

In this example we are using the OAuth2 "password" flow.

This is appropriate when we are logging in to our own application, probably with our own frontend.

Because we can trust it to receive the `username` and `password`, as we control it.

Por exemplo, em uma das maneiras que a especificação OAuth2 pode ser usada (chamada "fluxo de senha"), é necessário enviar um `username` e uma `password` como campos do formulário.

A <abbr title="especificação">spec</abbr> exige que os campos sejam exatamente nomeados como `username` e `password` e sejam enviados como campos de formulário, não JSON.