client = TestClient(app)


def test_security_oauth2():
    response = client.get("/users/me", headers={"Authorization": "Bearer footokenbar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"username": "Bearer footokenbar"}


def test_security_oauth2_password_other_header():
    response = client.get("/users/me", headers={"Authorization": "Other footokenbar"})
    assert response.status_code == 200, response.text

			ReqInfo: madmin.TraceRequestInfo{
				Time:    start,
				Proto:   "grid",
				Method:  "REQ",
				Client:  local,
				Headers: nil,
				Path:    t.Subroute,
				Body:    []byte(body),
			},
			RespInfo: madmin.TraceResponseInfo{
				Time:       end,
				Headers:    nil,
				StatusCode: status,
				Body:       []byte(bytesOrLength(resp)),
			},
			CallStats: madmin.TraceCallStats{

mvn test                       # Run tests
mvn formatter:format           # Format code
mvn license:format             # Update license headers
```

### Code Style

- 4 spaces (no tabs)
- Opening brace on same line
- Max line length: 120
- JavaDoc required for public APIs
- License headers required

### Testing

**Structure**: `src/test/java/org/codelibs/fess/crawler/`

to the client after a failed authentication, they used the HTTP status code `403 Forbidden`.

Starting with FastAPI version `0.122.0`, they use the more appropriate HTTP status code `401 Unauthorized`, and return a sensible `WWW-Authenticate` header in the response, following the HTTP specifications, <a href="https://datatracker.ietf.org/doc/html/rfc7235#section-3.1" class="external-link" target="_blank">RFC 7235</a>, <a href="https://datatracker.ietf.org/doc/html/rfc9110#name-401-unauthorized"...

```python
from fastapi import UploadFile
```

::: fastapi.UploadFile
    options:
        members:
            - file
            - filename
            - size
            - headers
            - content_type
            - read
            - write
            - seek

    user = fake_decode_token(token)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Not authenticated",
            headers={"WWW-Authenticate": "Bearer"},
        )
    return user


async def get_current_active_user(current_user: User = Depends(get_current_user)):
    if current_user.disabled:

  }

  @Test
  fun worksIfTrailersSet() {
    val response =
      newResponse("".toResponseBody()) {
        trailers(
          object : TrailersSource {
            override fun get() = Headers.headersOf("a", "b")
          },
        )
      }

    assertThat(response.trailers()["a"]).isEqualTo("b")
  }

  @Test fun peekAfterReadingResponse() {
    val response = newResponse(responseBody("abc"))

    assertThat(cacheControl.onlyIfCached).isTrue()
    assertThat(cacheControl.noTransform).isTrue()
    assertThat(cacheControl.immutable).isTrue()

    // These members are accessible to response headers only.
    assertThat(cacheControl.sMaxAgeSeconds).isEqualTo(-1)
    assertThat(cacheControl.isPrivate).isFalse()
    assertThat(cacheControl.isPublic).isFalse()
    assertThat(cacheControl.mustRevalidate).isFalse()
  }

func (z *MRFReplicateEntries) MarshalMsg(b []byte) (o []byte, err error) {
	o = msgp.Require(b, z.Msgsize())
	// map header, size 2
	// string "e"
	o = append(o, 0x82, 0xa1, 0x65)
	o = msgp.AppendMapHeader(o, uint32(len(z.Entries)))
	for za0001, za0002 := range z.Entries {
		o = msgp.AppendString(o, za0001)
		// map header, size 3
		// string "b"
		o = append(o, 0x83, 0xa1, 0x62)
		o = msgp.AppendString(o, za0002.Bucket)

///

First, we create a `GzipRequest` class, which will overwrite the `Request.body()` method to decompress the body in the presence of an appropriate header.

If there's no `gzip` in the header, it will not try to decompress the body.

That way, the same route class can handle gzip compressed or uncompressed requests.

{* ../../docs_src/custom_request_and_route/tutorial001_an_py310.py hl[9:16] *}