#
# If this option isn't chosen clients may be added through the gRPC API.
staticClients:
  - id: example-app
    redirectURIs:
      - 'http://localhost:8080/oauth2/callback'
    name: 'Example App'
    secret: ZXhhbXBsZS1hcHAtc2VjcmV0

connectors:
  - type: mockCallback
    id: mock
    name: Example

# Let dex keep a list of passwords which can be used to login to dex.
enablePasswordDB: true

 * and 5.x clients.</p>
 *
 * <p>Example usage:</p>
 * <pre>{@code
 * CredentialsConfig config = new CredentialsConfig();
 * config.setUsername("user");
 * config.setPassword("secret");
 *
 * // For NTLM authentication
 * config.setType(CredentialsType.NTLM);
 * config.setDomain("MYDOMAIN");
 * config.setWorkstation("MYWORKSTATION");
 * }</pre>
 */
public class CredentialsConfig {

          export VAULT_TOKEN
          export eql_test_credentials_file="$(pwd)/x-pack/plugin/eql/qa/correctness/credentials.gcs.json"
          vault read -field=credentials.gcs.json secret/elasticsearch-ci/eql_test_credentials > ${eql_test_credentials_file}
          unset VAULT_TOKEN
          set -x

```
kubectl --namespace=federation get secret federation-apiserver-secret -o json | sed 's/federation-apiserver-secret/federation-apiserver-kubeconfig/g' | kubectl create -f -
# optionally, remove the old secret
kubectl delete secret --namespace=federation federation-apiserver-secret
```

	if !compareSignatureV2(v2Auth, expectedAuth) {
		return ErrSignatureDoesNotMatch
	}
	return ErrNone
}

func calculateSignatureV2(stringToSign string, secret string) string {
	hm := hmac.New(sha1.New, []byte(secret))
	hm.Write([]byte(stringToSign))
	return base64.StdEncoding.EncodeToString(hm.Sum(nil))
}

// Return signature-v2 for the presigned request.

Melden Sie sich bei der Anwendung auf die gleiche Weise wie zuvor an.

Verwenden Sie die Anmeldeinformationen:

Benutzername: `johndoe`
Passwort: `secret`

/// check | Testen

Beachten Sie, dass im Code nirgendwo das Klartext-Passwort „`secret`“ steht, wir haben nur die gehashte Version.

///

<img src="/img/tutorial/security/image08.png">

Autoriza la aplicación de la misma manera que antes.

Usando las credenciales:

Usuario: `johndoe`
Contraseña: `secret`

/// check | Revisa

Observa que en ninguna parte del código está la contraseña en texto claro "`secret`", solo tenemos la versión con hash.

///

<img src="/img/tutorial/security/image08.png">

Llama al endpoint `/users/me/`, obtendrás el response como:

`user_in`은 Pydantic 모델 클래스인 `UserIn`입니다.

Pydantic 모델은 모델 데이터를 포함한 `dict`를 반환하는 `.model_dump()` 메서드를 제공합니다.

따라서, 다음과 같이 Pydantic 객체 `user_in`을 생성할 수 있습니다:

```Python
user_in = UserIn(username="john", password="secret", email="******@****.***")
```

그 다음, 다음과 같이 호출합니다:

```Python
user_dict = user_in.model_dump()
```

이제 변수 `user_dict`에 데이터가 포함된 `dict`를 가지게 됩니다(이는 Pydantic 모델 객체가 아닌 `dict`입니다).

그리고 다음과 같이 호출하면:

Em muitos casos, sua aplicação FastAPI será maior, e você provavelmente usará tags para separar diferentes grupos de *operações de rota*.

Por exemplo, você poderia ter uma seção para **items** e outra seção para **users**, e elas poderiam ser separadas por tags:

{* ../../docs_src/generate_clients/tutorial002_py310.py hl[21,26,34] *}

export MINIO_IDENTITY_OPENID_CONFIG_URL="http://localhost:5556/dex/.well-known/openid-configuration"
export MINIO_IDENTITY_OPENID_CLIENT_ID="minio-client-app"
export MINIO_IDENTITY_OPENID_CLIENT_SECRET="minio-client-app-secret"
export MINIO_IDENTITY_OPENID_CLAIM_NAME="groups"
export MINIO_IDENTITY_OPENID_SCOPES="openid,groups"

export MINIO_IDENTITY_OPENID_REDIRECT_URI="http://127.0.0.1:10000/oauth_callback"