}
            },
            "components": {
                "securitySchemes": {
                    "OAuth2PasswordBearer": {
                        "type": "oauth2",
                        "flows": {"password": {"scopes": {}, "tokenUrl": "/token"}},
                    }
                }
            },
        }

            },
            "components": {
                "securitySchemes": {
                    "OAuth2AuthorizationCodeBearer": {
                        "type": "oauth2",
                        "flows": {
                            "authorizationCode": {
                                "scopes": {
                                    "read": "Read access",
                                    "write": "Write access",

 * application-specific data to provide context when invoking session methods.</p>
 *
 * <p>This trace information is particularly useful for:</p>
 * <ul>
 *   <li>Debugging and troubleshooting request flows</li>
 *   <li>Audit logging of session operations</li>
 *   <li>Performance monitoring of nested operations</li>
 * </ul>
 *

 *   <li>Project directory structures</li>
 * </ul>
 *
 * <p>Requests can optionally carry trace information through {@link RequestTrace} to support:
 * <ul>
 *   <li>Debugging and troubleshooting of request flows</li>
 *   <li>Audit logging of operations</li>
 *   <li>Performance monitoring of nested operations</li>
 * </ul>
 *
 * <p>This interface is designed to be extended by specific request types that handle

import org.lastaflute.web.response.ActionResponse;
import org.lastaflute.web.response.HtmlResponse;

/**
 * SSO (Single Sign-On) action controller.
 *
 * This action handles SSO authentication flows including login, logout, and metadata
 * operations. It coordinates with the SsoManager to perform authentication using
 * configured SSO providers and handles various authentication scenarios including

    * HTTP Basic 驗證。
    * HTTP Digest 等。
* `oauth2`：所有 OAuth2 的安全性處理方式（稱為「flows」）。
    * 其中數個 flow 適合用來建立 OAuth 2.0 身分驗證提供者（如 Google、Facebook、X（Twitter）、GitHub 等）：
        * `implicit`
        * `clientCredentials`
        * `authorizationCode`
    * 但有一個特定的 flow 可直接在同一個應用中處理身分驗證：
        * `password`：後續幾個章節會示範這個。
* `openIdConnect`：提供一種方式來定義如何自動發現 OAuth2 的身分驗證資訊。

It can be used by third party applications and systems.

And it can also be used by yourself, to debug, check and test the same application.

## The `password` flow { #the-password-flow }

Now let's go back a bit and understand what is all that.

The `password` "flow" is one of the ways ("flows") defined in OAuth2, to handle security and authentication.

frontend 팀(그게 본인일 수도 있습니다)이 사용할 수 있습니다.

서드파티 애플리케이션과 시스템에서도 사용할 수 있습니다.

그리고 동일한 애플리케이션을 디버그하고, 확인하고, 테스트하기 위해 본인이 사용할 수도 있습니다.

## `password` 플로우 { #the-password-flow }

이제 조금 돌아가서 이것들이 무엇인지 이해해 봅시다.

`password` "flow"는 보안과 인증을 처리하기 위해 OAuth2에서 정의한 여러 방식("flows") 중 하나입니다.

OAuth2는 backend 또는 API가 사용자를 인증하는 서버와 독립적일 수 있도록 설계되었습니다.

하지만 이 경우에는 같은 **FastAPI** 애플리케이션이 API와 인증을 모두 처리합니다.

따라서, 단순화된 관점에서 다시 정리해보면:

## Execution of dependencies with `yield` { #execution-of-dependencies-with-yield }

The sequence of execution is more or less like this diagram. Time flows from top to bottom. And each column is one of the parts interacting or executing code.

```mermaid
sequenceDiagram

participant client as Client
participant handler as Exception handler

    authorizationCode: OAuthFlowAuthorizationCode | None = None


class OAuth2(SecurityBase):
    type_: SecuritySchemeType = Field(default=SecuritySchemeType.oauth2, alias="type")
    flows: OAuthFlows


class OpenIdConnect(SecurityBase):
    type_: SecuritySchemeType = Field(
        default=SecuritySchemeType.openIdConnect, alias="type"
    )
    openIdConnectUrl: str