* A query parameter.
    * A header.
    * A cookie.
* `http`: standard HTTP authentication systems, including:
    * `bearer`: a header `Authorization` with a value of `Bearer ` plus a token. This is inherited from OAuth2.
    * HTTP Basic authentication.
    * HTTP Digest, etc.
* `oauth2`: all the OAuth2 ways to handle security (called "flows").

OAuth2의 경우 문자열일 뿐입니다.

///

## `username`과 `password`를 가져오는 코드

이제 **FastAPI**에서 제공하는 유틸리티를 사용하여 이를 처리해 보겠습니다.

### `OAuth2PasswordRequestForm`

먼저 `OAuth2PasswordRequestForm`을 가져와 `/token`에 대한 *경로 작동*에서 `Depends`의 의존성으로 사용합니다.

{* ../../docs_src/security/tutorial003.py hl[4,76] *}

`OAuth2PasswordRequestForm`은 다음을 사용하여 폼 본문을 선언하는 클래스 의존성입니다:

* `username`.
* `password`.

    }
  }

  /** See https://api.slack.com/methods/rtm.start. */
  public RtmStartResponse rtmStart(String accessToken) throws IOException {
    HttpUrl url = baseUrl.newBuilder("rtm.start")
        .addQueryParameter("token", accessToken)
        .build();
    Request request = new Request.Builder()
        .url(url)
        .build();
    Call call = httpClient.newCall(request);
    try (Response response = call.execute()) {

# Length of API access token.
api.access.token.length=60
# Whether API access token is required.
api.access.token.required=false
# API access token request parameter.
api.access.token.request.parameter=
# Permissions for API admin access.
api.admin.access.permissions=Radmin-api
# Accepted referers for API search.

            result.setParameterName(DfTypeUtil.toString(source.get("parameter_name")));
            result.setPermissions(toStringArray(source.get("permissions")));
            result.setToken(DfTypeUtil.toString(source.get("token")));
            result.setUpdatedBy(DfTypeUtil.toString(source.get("updatedBy")));
            result.setUpdatedTime(DfTypeUtil.toLong(source.get("updatedTime")));
            return updateEntity(source, result);

By default this plugin uses HTTP 1.x. To enable HTTP2 use the `MINIO_POLICY_PLUGIN_ENABLE_HTTP2` environment variable.

## Request and Response

MinIO will make a `POST` request with a JSON body to the given plugin URL. If the auth token parameter is set, it will be sent as an authorization header.

The JSON body structure can be seen from this sample:

<details><summary>Request Body Sample</summary>

```json
{
  "input": {

│   ├── main.py
│   └── test_main.py
```

➡️ 💬 👈 🔜 📁 `main.py` ⏮️ 👆 **FastAPI** 📱 ✔️ 🎏 **➡ 🛠️**.

⚫️ ✔️ `GET` 🛠️ 👈 💪 📨 ❌.

⚫️ ✔️ `POST` 🛠️ 👈 💪 📨 📚 ❌.

👯‍♂️ *➡ 🛠️* 🚚 `X-Token` 🎚.

{* ../../docs_src/app_testing/app_b/main.py *}

### ↔ 🔬 📁

👆 💪 ⤴️ ℹ `test_main.py` ⏮️ ↔ 💯:

{* ../../docs_src/app_testing/app_b/test_main.py *}

String unescaped = JsonUtil.unescape(escaped);

// Text tokenization
Tokenizer tokenizer = new Tokenizer("field1,field2,field3", ",");
while (tokenizer.hasMoreTokens()) {
    String token = tokenizer.nextToken();
    // Process each token
}

// Decimal formatting
DecimalFormat format = DecimalFormatUtil.getDecimalFormat("###,###.00");
```

### Exception Handling
```java
import org.codelibs.core.exception.*;

        byte[] type1Token = context.initSecContext(new byte[0], 0, 0);

        assertNotNull(type1Token);
        assertTrue(type1Token.length > 0);

        // Decode the token to verify its properties
        Type1Message type1Message = new Type1Message(type1Token);
        // Type1Message ORs default flags with provided flags; ensure expected bits are present

## ℹ 🔗

ℹ `get_current_user` 📨 🎏 🤝 ⏭, ✋️ 👉 🕰, ⚙️ 🥙 🤝.

🔣 📨 🤝, ✔ ⚫️, & 📨 ⏮️ 👩‍💻.

🚥 🤝 ❌, 📨 🇺🇸🔍 ❌ ▶️️ ↖️.

{* ../../docs_src/security/tutorial004.py hl[89:106] *}

## ℹ `/token` *➡ 🛠️*

✍ `timedelta` ⏮️ 👔 🕰 🤝.

✍ 🎰 🥙 🔐 🤝 & 📨 ⚫️.

{* ../../docs_src/security/tutorial004.py hl[115:130] *}

### 📡 ℹ 🔃 🥙 "📄" `sub`

🥙 🔧 💬 👈 📤 🔑 `sub`, ⏮️ 📄 🤝.