*/
    public String getPassword() {
        return password;
    }

    /**
     * Set the user's password which is used when connecting to the repository.
     *
     * @param password password of the user
     */
    public void setPassword(String password) {
        this.password = password;
    }

    /**
     * Get the username used to access the repository.
     *

                "msg": "String should match pattern '^password$'",
                "input": grant_type,
                "ctx": {"pattern": "^password$"},
            }
        ]
    }


def test_strict_login_correct_grant_type():
    response = client.post(
        "/login",
        data={"username": "johndoe", "password": "secret", "grant_type": "password"},
    )
    assert response.status_code == 200

                "msg": "String should match pattern '^password$'",
                "input": grant_type,
                "ctx": {"pattern": "^password$"},
            }
        ]
    }


def test_strict_login_correct_correct_grant_type():
    response = client.post(
        "/login",
        data={"username": "johndoe", "password": "secret", "grant_type": "password"},
    )

        return ntResponse;
    }

    /**
     * Generates the NTOWFv1 hash for the given password.
     *
     * @param password the password to hash
     * @return the NTOWFv1 hash bytes
     */
    public static byte[] nTOWFv1(final String password) {
        if (password == null) {
            throw new RuntimeException("Password parameter is required");
        }
        try {
            final MD4 md4 = new MD4();

If it doesn't receive it, it returns an HTTP 401 "Unauthorized" error.

And returns a header `WWW-Authenticate` with a value of `Basic`, and an optional `realm` parameter.

That tells the browser to show the integrated prompt for a username and password.

Then, when you type that username and password, the browser sends them in the header automatically.

            } else {
                // plain text
                password = new byte[(session.auth.password.length() + 1) * 2];
                passwordLength = writeString(session.auth.password, password, 0);
            }
        } else {
            // no password in tree connect
            passwordLength = 1;
        }

        dst[dstIndex] = disconnectTid ? (byte) 0x01 : (byte) 0x00;

        }
    }

    // Test constructor with domain, username, and password
    @Test
    void testConstructorWithDomainUsernamePassword() {
        NtlmPasswordAuthentication auth = new NtlmPasswordAuthentication("DOMAIN", "user", "password");
        assertEquals("DOMAIN", auth.getDomain());
        assertEquals("user", auth.getUsername());
        assertEquals("password", auth.getPassword());
    }

                "msg": "String should match pattern '^password$'",
                "input": grant_type,
                "ctx": {"pattern": "^password$"},
            }
        ]
    }


def test_strict_login_correct_data():
    response = client.post(
        "/login",
        data={"username": "johndoe", "password": "secret", "grant_type": "password"},
    )
    assert response.status_code == 200

# Password ve Bearer ile Basit OAuth2 { #simple-oauth2-with-password-and-bearer }

Şimdi önceki bölümün üzerine inşa edip, eksik parçaları ekleyerek tam bir güvenlik akışı oluşturalım.

## `username` ve `password`’ü Alma { #get-the-username-and-password }

`username` ve `password`’ü almak için **FastAPI** security yardımcı araçlarını kullanacağız.

     * the supplied password.
     *
     * @param type2 The Type-2 message.
     * @param password The password.
     * @return A <code>byte[]</code> containing the LanManager response.
     */
    public static byte[] getLMResponse(final Type2Message type2, final String password) {
        if (type2 == null || password == null) {
            return null;
        }