### Transition Status

    requestLine: String,
  ) {
    check(state == STATE_IDLE) { "state: $state" }
    sink.writeUtf8(requestLine).writeUtf8("\r\n")
    for (i in 0 until headers.size) {
      sink.writeUtf8(headers.name(i))
        .writeUtf8(": ")
        .writeUtf8(headers.value(i))
        .writeUtf8("\r\n")
    }
    sink.writeUtf8("\r\n")
    state = STATE_OPEN_REQUEST_BODY
  }

      networkHeaders: Headers,
    ): Headers {
      val result = Headers.Builder()

      for (index in 0 until cachedHeaders.size) {
        val fieldName = cachedHeaders.name(index)
        val value = cachedHeaders.value(index)
        if ("Warning".equals(fieldName, ignoreCase = true) && value.startsWith("1")) {
          // Drop 100-level freshness warnings.
          continue
        }

    /**
     * Returns the subset of the headers in this's request that impact the content of this's body.
     */
    fun Response.varyHeaders(): Headers {
      // Use the request headers sent over the network, since that's what the response varies on.
      // Otherwise OkHttp-supplied headers like "Accept-Encoding: gzip" may be lost.
      val requestHeaders = networkResponse!!.request.headers
      val responseHeaders = headers

    val partAbc = parts.nextPart()!!
    assertThat(partAbc.headers).isEqualTo(
      headersOf(
        "Content-Type",
        "text/plain; charset=utf-8",
        "Content-ID",
        "abc",
      ),
    )
    assertThat(partAbc.body.readUtf8()).isEqualTo("abcd\r\nefgh")

    val partIjk = parts.nextPart()!!
    assertThat(partIjk.headers).isEqualTo(
      headersOf(
        "Content-Type",

def test_incorrect_token():
    response = client.get("/users/me", headers={"Authorization": "Bearer nonexistent"})
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Invalid authentication credentials"}
    assert response.headers["WWW-Authenticate"] == "Bearer"


def test_incorrect_token_type():
    response = client.get(
        "/users/me", headers={"Authorization": "Notexistent testtoken"}
    )

    * Es benötigt jedoch eine Authentifizierung für diesen bestimmten Endpunkt.
    * Um sich also bei unserer API zu authentifizieren, sendet es einen Header `Authorization` mit dem Wert `Bearer` plus dem Token.
    * Wenn der Token `foobar` enthielte, wäre der Inhalt des `Authorization`-Headers: `Bearer foobar`.

## **FastAPI**s `OAuth2PasswordBearer`

    else -> null
  }
}

fun CookieJar.receiveHeaders(
  url: HttpUrl,
  headers: Headers,
) {
  if (this === CookieJar.NO_COOKIES) return

  val cookies = Cookie.parseAll(url, headers)
  if (cookies.isEmpty()) return

  saveFromResponse(url, cookies)
}

/**
 * Returns true if the response headers and status indicate that this response has a (possibly
 * 0-length) body. See RFC 7231.
 */

    response = client.get("/users/me", headers={"Authorization": "Bearer nonexistent"})
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Invalid authentication credentials"}
    assert response.headers["WWW-Authenticate"] == "Bearer"


@needs_py39
def test_incorrect_token_type(client: TestClient):
    response = client.get(
        "/users/me", headers={"Authorization": "Notexistent testtoken"}

    }

    /** Returns all of the cookies from a set of HTTP response headers. */
    @JvmStatic
    fun parseAll(
      url: HttpUrl,
      headers: Headers,
    ): List<Cookie> {
      val cookieStrings = headers.values("Set-Cookie")
      var cookies: MutableList<Cookie>? = null

      for (i in 0 until cookieStrings.size) {