def test_token(client: TestClient):
    response = client.get("/items", headers={"Authorization": "Bearer testtoken"})
    assert response.status_code == 200, response.text
    assert response.json() == {"token": "testtoken"}


def test_incorrect_token(client: TestClient):
    response = client.get("/items", headers={"Authorization": "Notexistent testtoken"})
    assert response.status_code == 401, response.text

	server.Start()
	return server
}

func dummyRequestValidate(r *http.Request) error {
	return nil
}

func dummyTokenValidate(token string) error {
	if token == "debug" {
		return nil
	}
	return fmt.Errorf("invalid token. want empty, got %s", token)
}

func dummyNewToken() string {
	return "debug"

  - Click on `account`
  - Settings, set `Valid Redirect URIs` to `*`, expand `Advanced Settings` and set `Access Token Lifespan` to `1 Hours`
  - Save

- Go to Clients
  - Click on `account`
  - Mappers
  - Create
    - `Name` with any text
    - `Mapper Type` is `User Attribute`
    - `User Attribute` is `policy`
    - `Token Claim Name` is `policy`
    - `Claim JSON Type` is `string`
  - Save

labels.boost_document_rule_boost_expr=Boost Expression
labels.boost_document_rule_sort_order=Sort Order
labels.access_token_configuration=Access Token
labels.access_token_title_details=Access Token
labels.access_token_list_name=Name
labels.access_token_name=Name
labels.access_token_token=Token
labels.access_token_expires=Expires
labels.access_token_parameter_name=Parameter Name
labels.access_token_updated_time=Created Date

				return
			}
		case "Time":
			z.Time, err = dc.ReadTime()
			if err != nil {
				err = msgp.WrapError(err, "Time")
				return
			}
		case "Token":
			z.Token, err = dc.ReadString()
			if err != nil {
				err = msgp.WrapError(err, "Token")
				return
			}
		default:
			err = dc.Skip()
			if err != nil {
				err = msgp.WrapError(err)
				return
			}
		}
	}
	return
}

type sender interface {
	msgp.MarshalSizer
	Op() Op
}

type connectReq struct {
	ID    [16]byte
	Host  string
	Time  time.Time
	Token string
}

// addToken will add the token to the connect request.
func (c *connectReq) addToken(fn AuthFn) {
	c.Token = fn()
}

func (connectReq) Op() Op {
	return OpConnect
}

type connectResp struct {
	ID             [16]byte
	Accepted       bool

# Получить текущего пользователя { #get-current-user }

В предыдущей главе система безопасности (основанная на системе внедрения зависимостей) передавала *функции-обработчику пути* `token` типа `str`:

{* ../../docs_src/security/tutorial001_an_py39.py hl[12] *}

Но это всё ещё не слишком полезно.

Сделаем так, чтобы она возвращала текущего пользователя.

## Создать модель пользователя { #create-a-user-model }

    if item_id not in fake_db:
        raise HTTPException(status_code=404, detail="Item not found")
    return fake_db[item_id]


@app.post("/items/", response_model=Item)
async def create_item(item: Item, x_token: str = Header()):
    if x_token != fake_secret_token:
        raise HTTPException(status_code=400, detail="Invalid X-Token header")
    if item.id in fake_db:

    if item_id not in fake_db:
        raise HTTPException(status_code=404, detail="Item not found")
    return fake_db[item_id]


@app.post("/items/", response_model=Item)
async def create_item(item: Item, x_token: str = Header()):
    if x_token != fake_secret_token:
        raise HTTPException(status_code=400, detail="Invalid X-Token header")
    if item.id in fake_db:

}

// BatchKeyRotateNotification success or failure notification endpoint for each job attempts
type BatchKeyRotateNotification struct {
	Endpoint string `yaml:"endpoint" json:"endpoint"`
	Token    string `yaml:"token" json:"token"`
}

// BatchJobKeyRotateFlags various configurations for replication job definition currently includes
// - filter
// - notify
// - retry
type BatchJobKeyRotateFlags struct {