## What it does

It will go and look in the request for that `Authorization` header, check if the value is `Bearer ` plus some token, and will return the token as a `str`.

If it doesn't see an `Authorization` header, or the value doesn't have a `Bearer ` token, it will respond with a 401 status code error (`UNAUTHORIZED`) directly.

      yieldUntil { nanoTime >= sleepUntil }
    }
  }

  /**
   * Artificially stall until manually resumed by the test thread with [runTasks]. Use this to
   * simulate races in tasks that doesn't have a deterministic sequence.
   */
  fun yield() {
    taskRunner.assertThreadDoesntHoldLock()
    taskRunner.lock.withLock {
      yieldUntil()
    }
  }

 * Base Android reflection based SocketAdapter for the built in Android SSLSocket.
 *
 * It's assumed to always be present with known class names on Android devices, so we build
 * optimistically via [buildIfSupported].  But it also doesn't assume a compile time API.
 */
class StandardAndroidSocketAdapter(
  sslSocketClass: Class<in SSLSocket>,
  private val sslSocketFactoryClass: Class<in SSLSocketFactory>,
  private val paramClass: Class<*>,

                        extensions.findByType<DevelocityTestConfiguration>()?.apply {
                            // PTS doesn't work well with architecture tests which scan all classes
                            predictiveTestSelection.enabled = false
                        }
                    }
                }
            }
        }

        get() = withValidityAssertion { enumDescriptor.defaultType.toKtType(analysisContext) }

    override val name: Name
        get() = withValidityAssertion { descriptor.name }

    // There doesn't seem to be a way to determine if `descriptor` has a body or not, so we return an initializer even for enum entries
    // without a body.
    override val enumEntryInitializer: KtEnumEntryInitializerSymbol?
        get() = this

* `instagram_basic` is used by Facebook / Instagram.
* `https://www.googleapis.com/auth/drive` is used by Google.

!!! info
    In OAuth2 a "scope" is just a string that declares a specific permission required.

    It doesn't matter if it has other characters like `:` or if it is a URL.

    Those details are implementation specific.

    For OAuth2 they are just strings.

## Code to get the `username` and `password`

 * stale).
 */
class CacheStrategy internal constructor(
  /** The request to send on the network, or null if this call doesn't use the network. */
  val networkRequest: Request?,
  /** The cached response to return or validate; or null if this call doesn't use a cache. */
  val cacheResponse: Response?,
) {
  class Factory(
    private val nowMillis: Long,
    internal val request: Request,

          data.sections.escapeDataString(),
          data.ranges.escapeDataString(),
          data.mappings.escapeDataString(),
        )
        .build(),
    )
    .build()
}

/**
 * KotlinPoet doesn't really know what to do with a string containing NUL, BEL, DEL, etc. We also
 * don't want to perform `trimMargin()` at runtime.
 */
fun String.escapeDataString(): String {
  return buildString {

### OAuth 1

There was an OAuth 1, which is very different from OAuth2, and more complex, as it included direct specifications on how to encrypt the communication.

It is not very popular or used nowadays.

OAuth2 doesn't specify how to encrypt the communication, it expects you to have your application served with HTTPS.

!!! tip
    In the section about **deployment** you will see how to set up HTTPS for free, using Traefik and Let's Encrypt.

This client could be a browser with a frontend, a code from someone else, an IoT device, etc.

You could need to tell the client that:

* The client doesn't have enough privileges for that operation.
* The client doesn't have access to that resource.
* The item the client was trying to access doesn't exist.
* etc.

In these cases, you would normally return an **HTTP status code** in the range of **400** (from 400 to 499).