*
 * See [RFC 7692, 7.1][rfc_7692] for details on negotiation process.
 *
 * [rfc_7692]: https://tools.ietf.org/html/rfc7692#section-7.1
 */
@IgnoreJRERequirement // As of AGP 3.4.1, D8 desugars API 24 hashCode methods.
data class WebSocketExtensions(
  /** True if the agreed upon extensions includes the permessage-deflate extension. */
  @JvmField val perMessageDeflate: Boolean = false,

Então nós podemos utilizar o `secrets.compare_digest()` para garantir que o `credentials.username` é `"stanleyjobson"`, e que o `credentials.password` é `"swordfish"`.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Isso seria parecido com:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Return some error
    ...
```

                setNTResponse(getNTResponse(type2, password));
            } else {
                // NTLM2 Session Response

                final byte[] clientChallenge = new byte[24];
                RANDOM.nextBytes(clientChallenge);
                java.util.Arrays.fill(clientChallenge, 8, 24, (byte) 0x00);

            e.creationTime = readTime(buffer, bufferIndex + 8);
            //      e.lastAccessTime = readTime( buffer, bufferIndex + 16 );
            e.lastWriteTime = readTime(buffer, bufferIndex + 24);
            //      e.changeTime = readTime( buffer, bufferIndex + 32 );
            e.endOfFile = readInt8(buffer, bufferIndex + 40);
            //      e.allocationSize = readInt8( buffer, bufferIndex + 48 );

	op1 := int64(0)
	if op == arm.AMRC {
		op1 = 1
	}
	bits, ok := ParseARMCondition(cond)
	if !ok {
		return
	}
	offset = (0xe << 24) | // opcode
		(op1 << 20) | // MCR/MRC
		((int64(bits) ^ arm.C_SCOND_XOR) << 28) | // scond
		((x0 & 15) << 8) | //coprocessor number
		((x1 & 7) << 21) | // coprocessor operation
		((x2 & 15) << 12) | // ARM register

				Bucket: bucket,
				Err:    fmt.Errorf("invalid query parameter older-than %s for %s : %w", durationStr, bucket, err),
			}), r.URL)
			return
		}
	}
	resetBeforeDate := UTCNow().AddDate(0, 0, -1*int(days/24))

	objectAPI := api.ObjectAPI()
	if objectAPI == nil {
		writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrServerNotInitialized), r.URL)
		return
	}

        // Next command
        SMBUtil.writeInt4(0, buffer, bufferIndex + 20);
        // Message ID
        SMBUtil.writeInt8(1, buffer, bufferIndex + 24);
        // Reserved/Async ID
        SMBUtil.writeInt8(0, buffer, bufferIndex + 32);
        // Session ID
        SMBUtil.writeInt8(0, buffer, bufferIndex + 40);
        // Signature

Clients might rely on the platform certificates and servers might use a private
organization-specific certificate authority.

By default `HeldCertificate` instances expire after 24 hours. Use `duration()` to adjust.

By default server certificates need to identify which hostnames they're trusted for. You may add as

    // The values here look like 111...11101...010 in binary, where the initial 111...1110 takes
    // up exactly as many bits as can be represented in the significand (24 for float, 53 for
    // double). That final 0 should be rounded up to 1 because the remaining bits make that number
    // slightly nearer.
    long floatConversionTest = 0xfffffe8000000002L;

代わりに、平文のパスワードを持つ入力モデルと、パスワードを持たない出力モデルを作成することができます:

{* ../../docs_src/response_model/tutorial003.py hl[9,11,16] *}

ここでは、*path operation関数*がパスワードを含む同じ入力ユーザーを返しているにもかかわらず:

{* ../../docs_src/response_model/tutorial003.py hl[24] *}

...`response_model`を`UserOut`と宣言したことで、パスワードが含まれていません:

{* ../../docs_src/response_model/tutorial003.py hl[22] *}

そのため、**FastAPI** は出力モデルで宣言されていない全てのデータをフィルタリングしてくれます（Pydanticを使用）。

## ドキュメントを見る