### Detalhes Técnicos: `root_path`

Quando você monta uma sub-aplicação como descrito acima, o FastAPI se encarrega de comunicar o caminho de montagem para a sub-aplicação usando um mecanismo da especificação ASGI chamado `root_path`.

Dessa forma, a sub-aplicação saberá usar esse prefixo de caminho para a interface de documentação.

        // Assert
        assertEquals("Status of test-cluster is changed to RED.", result);
        // Note: Notification sending is tested but we don't verify the mock since it uses complex callback mechanism
    }

    // Test state change with empty notification addresses
    public void test_execute_stateChangeEmptyNotificationAddresses() {
        // Setup mock components

import org.junit.jupiter.params.provider.ValueSource;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;

/**
 * Tests for {@link RequestParam} covering enum mechanics and edge cases.
 */
@ExtendWith(MockitoExtension.class)
public class RequestParamTest {

    // Happy path: values() returns all constants in declaration order
    @Test

        buf[i++] = (byte) (nameLen & 0xFF);
        // NAME
        System.arraycopy(nameBytes, 0, buf, i, nameLen);
        return buf;
    }

    // Provide a common OID for tests (Kerberos V5 mechanism OID encoded in DER)
    private static ASN1ObjectIdentifier testOid() {
        return new ASN1ObjectIdentifier("1.2.840.113554.1.2.2");
    }

    private static byte[] oidDer() {
        // Full DER encoding of the OID

No estamos restringidos a tener solo una dependencia que pueda devolver ese tipo de datos.

///

## Otros modelos

Ahora puedes obtener el usuario actual directamente en las *path operation functions* y manejar los mecanismos de seguridad a nivel de **Dependency Injection**, usando `Depends`.

Y puedes usar cualquier modelo o datos para los requisitos de seguridad (en este caso, un modelo de Pydantic `User`).

///

## Utilidades de **FastAPI**

FastAPI proporciona varias herramientas para cada uno de estos esquemas de seguridad en el módulo `fastapi.security` que simplifican el uso de estos mecanismos de seguridad.

En los siguientes capítulos verás cómo agregar seguridad a tu API usando esas herramientas proporcionadas por **FastAPI**.

By default server certificates need to identify which hostnames they're trusted for. You may add as
many as necessary with `addSubjectAlternativeName()`. This mechanism also supports a very limited
form of wildcards `*.example.com` where the `*` must be first and doesn't match nested subdomains.

By default certificates use fast and secure 256-bit ECDSA keys. For interoperability with very old

     * it also has a regular-looking handshake.
     *
     * **This feature is not supported on Android API levels less than 24.** Prior releases lacked
     * a mechanism to trust some hosts and not others.
     *
     * @param hostname the exact hostname from the URL for insecure connections.
     */
    fun addInsecureHost(hostname: String) =
      apply {

Interceptors
============

Interceptors are a powerful mechanism that can monitor, rewrite, and retry calls. Here's a simple interceptor that logs the outgoing request and the incoming response.

```java
class LoggingInterceptor implements Interceptor {
  @Override public Response intercept(Interceptor.Chain chain) throws IOException {
    Request request = chain.request();

    long t1 = System.nanoTime();

 *    Note that the private key is not a part of the certificate!
 *
 *  * **A signature issued by another certificate's private key.** This mechanism allows a trusted
 *    third-party to endorse a certificate. Third parties should only endorse certificates once
 *    they've confirmed that the owner of the private key is also the owner of the certificate's