current_password_bytes = credentials.password.encode("utf8")
    correct_password_bytes = b"swordfish"
    is_correct_password = secrets.compare_digest(
        current_password_bytes, correct_password_bytes
    )
    if not (is_correct_username and is_correct_password):
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Incorrect username or password",

// factory receiver.  This constructor will normalize the username, password
// and authzID via the SASLprep algorithm, as recommended by RFC-5802.  If
// SASLprep fails, the method returns an error.
func (x *XDGSCRAMClient) Begin(userName, password, authzID string) (err error) {
	x.Client, err = x.NewClient(userName, password, authzID)
	if err != nil {
		return err
	}
	x.ClientConversation = x.NewConversation()

Por ejemplo, en una de las formas en las que se puede usar la especificación OAuth2 (llamada "password flow") se requiere enviar un `username` y `password` como campos de formulario.

La <abbr title="specification – especificación">spec</abbr> requiere que los campos se llamen exactamente `username` y `password`, y que se envíen como campos de formulario, no JSON.

{* ../../docs_src/request_forms/tutorial001_an_py39.py hl[9] *}

For example, in one of the ways the OAuth2 specification can be used (called "password flow") it is required to send a `username` and `password` as form fields.

The <abbr title="specification">spec</abbr> requires the fields to be exactly named `username` and `password`, and to be sent as form fields, not JSON.

Para lidar com isso, primeiramente nós convertemos o `username` e o `password` para `bytes`, codificando-os com UTF-8.

Então nós podemos utilizar o `secrets.compare_digest()` para garantir que o `credentials.username` é `"stanleyjobson"`, e que o `credentials.password` é `"swordfish"`.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Isso seria parecido com:

```Python

			Value: config.FormatBool(cfg.SASL.Enable),
		},
		config.KV{
			Key:   target.KafkaSASLUsername,
			Value: cfg.SASL.User,
		},
		config.KV{
			Key:   target.KafkaSASLPassword,
			Value: cfg.SASL.Password,
		},
		config.KV{
			Key:   target.KafkaCompressionCodec,
			Value: cfg.Producer.Compression,
		},
		config.KV{
			Key:   target.KafkaCompressionLevel,
			Value: strconv.Itoa(cfg.Producer.CompressionLevel),

            if not name.endswith("A"):
                raise ValueError("name must end in A")
            return name

    async def get_model_c() -> ModelC:
        return ModelC(username="test-user", password="test-password")

    @app.get("/model/{name}", response_model=ModelA)
    async def get_model_a(name: str, model_c=Depends(get_model_c)):
        return {
            "name": name,
            "description": "model-a-desc",

errors.invalid_kuromoji_segmentation=The number of segmentation for {0} and {1} is different.
errors.invalid_str_is_included = {1} is invalid for {0}.
errors.blank_password = Password is required.
errors.invalid_confirm_password = Does not match a confirmation password.
errors.cannot_delete_doc_because_of_running = A crawler is running. You cannot delete documents.
errors.failed_to_delete_doc_in_admin = Failed to delete a document.

errors.invalid_kuromoji_segmentation=The number of segmentation for {0} and {1} is different.
errors.invalid_str_is_included = {1} is invalid for {0}.
errors.blank_password = Password is required.
errors.invalid_confirm_password = Does not match a confirmation password.
errors.cannot_delete_doc_because_of_running = A crawler is running. You cannot delete documents.
errors.failed_to_delete_doc_in_admin = Failed to delete a document.

import jcifs.smb.SmbAuthException;
import jcifs.smb.SmbException;
import jcifs.smb.SmbSessionInternal;
import jcifs.smb.SmbTransportInternal;

/**
 * This servlet Filter can be used to negotiate password hashes with
 * MSIE clients using NTLM SSP. This is similar to {@code Authentication:
 * BASIC} but weakly encrypted and without requiring the user to re-supply
 * authentication credentials.
 * <p>