response = client.get("/users/me", headers={"Authorization": "Bearer nonexistent"})
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Could not validate credentials"}
    assert response.headers["WWW-Authenticate"] == 'Bearer scope="me"'


@needs_py39
def test_incorrect_token_type(client: TestClient):
    response = client.get(

func (tag Tag) String() string {
	return tag.Key + "=" + tag.Value
}

// IsEmpty returns whether this tag is empty or not.
func (tag Tag) IsEmpty() bool {
	return tag.Key == ""
}

// Validate checks this tag.
func (tag Tag) Validate() error {
	if len(tag.Key) == 0 || utf8.RuneCountInString(tag.Key) > 128 {
		return errInvalidTagKey
	}

	if utf8.RuneCountInString(tag.Value) > 256 {
		return errInvalidTagValue
	}

///

### Read Heroes with `HeroPublic`

We can do the same as before to **read** `Hero`s, again, we use `response_model=list[HeroPublic]` to ensure that the data is validated and serialized correctly.

{* ../../docs_src/sql_databases/tutorial002_an_py310.py ln[65:72] hl[65] *}

### Read One Hero with `HeroPublic`

We can **read** a single hero:

			wantError: true,
		},
		{
			name:      "validate all yaml files in a directory",
			args:      []string{"--filename", tempDirYAML},
			wantError: true, // Since the directory has invalid files
		},
		{
			name:      "validate valid yaml files in a directory",
			args:      []string{"--filename", validTempDirYAML},
			wantError: false,
		},
		{

  optional ParamRef paramRef = 2;

  // MatchResources declares what resources match this binding and will be validated by it.
  // Note that this is intersected with the policy's matchConstraints, so only requests that are matched by the policy can be selected by this.
  // If this is unset, all resources matched by the policy are validated by this binding

    }

    /**
     * Validate the specified settings.
     *
     * @param settings The settings to validate, must not be {@code null}.
     * @return The list of problems that were encountered, must not be {@code null}.
     */
    @Nonnull
    default List<BuilderProblem> validate(@Nonnull Settings settings) {
        return validate(settings, false);
    }

    /**

	}

	// Validate that the client from sts creds can access the bucket.
	c.mustListObjects(ctx, minioClient, bucket)

	// Validate that a bucket can be created
	bucket2 := getRandomBucketName()
	err = minioClient.MakeBucket(ctx, bucket2, minio.MakeBucketOptions{})
	if err != nil {
		c.Fatalf("bucket creat error: %v", err)
	}

                form.crudMode = CrudMode.CREATE;
            });
        });
    }

    @Execute
    @Secured({ ROLE })
    public HtmlResponse edit(final EditForm form) {
        validate(form, messages -> {}, this::asListHtml);
        final String id = form.id;
        groupService.getGroup(id).ifPresent(entity -> {
            copyBeanToBean(entity, form, op -> {});
        }).orElse(() -> {

                form.crudMode = CrudMode.CREATE;
            });
        });
    }

    @Execute
    @Secured({ ROLE })
    public HtmlResponse edit(final EditForm form) {
        validate(form, messages -> {}, this::asListHtml);
        final String id = form.id;
        pathMappingService.getPathMapping(id).ifPresent(entity -> {
            copyBeanToBean(entity, form, op -> {});
        }).orElse(() -> {

def test_incorrect_token():
    response = client.get("/users/me", headers={"Authorization": "Bearer nonexistent"})
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Could not validate credentials"}
    assert response.headers["WWW-Authenticate"] == 'Bearer scope="me"'


def test_incorrect_token_type():
    response = client.get(
        "/users/me", headers={"Authorization": "Notexistent testtoken"}