client = TestClient(app)


def test_security_http_bearer():
    response = client.get("/users/me", headers={"Authorization": "Bearer foobar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"scheme": "Bearer", "credentials": "foobar"}


def test_security_http_bearer_no_credentials():
    response = client.get("/users/me")

def test_incorrect_token():
    response = client.get("/items", headers={"Authorization": "Non-existent testtoken"})
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Not authenticated"}


def test_token():
    response = client.get("/items", headers={"Authorization": "Bearer testtoken"})
    assert response.status_code == 200, response.text

from fastapi import FastAPI, HTTPException

app = FastAPI()

items = {"foo": "The Foo Wrestlers"}


@app.get("/items-header/{item_id}")
async def read_item_header(item_id: str):
    if item_id not in items:
        raise HTTPException(
            status_code=404,
            detail="Item not found",
            headers={"X-Error": "There goes my error"},
        )

```
PutObjectFanOut(ctx context.Context, bucket string, fanOutContent io.Reader, fanOutReq minio.PutObjectFanOutRequest) ([]minio.PutObjectFanOutResponse, error)

Ab FastAPI-Version `0.122.0` verwenden sie den passenderen HTTP-Statuscode `401 Unauthorized` und geben in der Response einen sinnvollen `WWW-Authenticate`-Header zurück, gemäß den HTTP-Spezifikationen, [RFC 7235](https://datatracker.ietf.org/doc/html/rfc7235#section-3.1), [RFC 9110](https://datatracker.ietf.org/doc/html/rfc9110#name-401-unauthorized).

     * Some fields specify the offset from the beginning of the header. This
     * field should be used for calculating that. This would likely be zero
     * but an implemantation that encorporates the transport header(for
     * efficiency) might use a different initial bufferIndex. For example,
     * to eliminate copying data when writing NbtSession data one might
     * manage that 4 byte header specifically and therefore the initial

			Type:        "url",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         AuthToken,
			Description: "authorization header for plugin hook endpoint" + defaultHelpPostfix(AuthToken),
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
			Secret:      true,
		},
		config.HelpKV{
			Key:         EnableHTTP2,

						</ul>
					</div>
				</div>
			</nav>
		</header>

		<main id="content" class="container">
			<h2>
				<la:message key="labels.advance_search_title" />
			</h2>
			<div class="notification">${notification}</div>
			<div>
				<la:info id="msg" message="true">
					<div class="alert alert-info">${msg}</div>
				</la:info>

    private void resetMocks() {
        mockRequest = new TestHttpServletRequest();
        mockResponse = new TestHttpServletResponse();
        mockFilterChain = new TestFilterChain();
    }

    // Test with no Origin header
    @Test
    public void test_doFilter_noOriginHeader() throws IOException, ServletException {
        mockRequest.setHeader("Origin", null);

        corsFilter.doFilter(mockRequest, mockResponse, mockFilterChain);

		<postConstruct name="addDesignJspFileName">
			<arg>"index"</arg>
			<arg>"index.jsp"</arg>
		</postConstruct>
		<postConstruct name="addDesignJspFileName">
			<arg>"header"</arg>
			<arg>"header.jsp"</arg>
		</postConstruct>
		<postConstruct name="addDesignJspFileName">
			<arg>"footer"</arg>
			<arg>"footer.jsp"</arg>
		</postConstruct>
		<postConstruct name="addDesignJspFileName">