import android.os.Build;
import androidx.test.ext.junit.runners.AndroidJUnit4;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

import okhttp3.OkHttpClient;
import okhttp3.Protocol;
import okhttp3.Request;
import okhttp3.Response;

### 身份验证 { #authenticate }

点击“Authorize”按钮。

使用以下凭证：

用户名：`johndoe`

密码：`secret`

<img src="/img/tutorial/security/image04.png">

通过身份验证后，显示下图所示的内容：

<img src="/img/tutorial/security/image05.png">

### 获取当前用户数据 { #get-your-own-user-data }

使用 `/users/me` 路径的 `GET` 操作。

可以提取如下当前用户数据：

```JSON
{
  "username": "johndoe",

import static org.mockito.Mockito.when;

import java.util.Collections;
import java.util.HashSet;
import java.util.Set;

import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.Mock;

///

/// info | Bilgi

Bu örnekte uydurma özel header'lar olan `X-Key` ve `X-Token` kullanıyoruz.

Ancak gerçek senaryolarda, security uygularken, entegre [Security yardımcı araçlarını (bir sonraki bölüm)](../security/index.md) kullanmak size daha fazla fayda sağlar.

///

## Dependency Hataları ve Return Değerleri { #dependencies-errors-and-return-values }

            final String type = entry.getType();

            if (type.equals("known-issue") == false && type.equals("security") == false) {
                if (entry.getPr() == null) {
                    throw new GradleException(
                        "[" + path + "] must provide a [pr] number (only 'known-issue' and " + "'security' entries can omit this"
                    );
                }

                if (entry.getArea() == null) {

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3.internal.platform

import java.security.KeyStore
import java.security.Provider
import javax.net.ssl.SSLContext
import javax.net.ssl.SSLSocket
import javax.net.ssl.SSLSocketFactory
import javax.net.ssl.TrustManagerFactory
import javax.net.ssl.X509TrustManager

import static java.nio.charset.StandardCharsets.UTF_8;
import static org.junit.Assert.assertThrows;

import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import junit.framework.TestCase;
import org.jspecify.annotations.NullUnmarked;

/**
 * Tests for the MessageDigestHashFunction.
 *

Se o token for inválido, retorne um erro HTTP imediatamente.

{* ../../docs_src/security/tutorial004_an_py310.py hl[93:110] *}

## Atualize a *operação de rota* `/token` { #update-the-token-path-operation }

Crie um `timedelta` com o tempo de expiração do token.

Crie um token de acesso JWT real e o retorne.

{* ../../docs_src/security/tutorial004_an_py310.py hl[121:136] *}

from typing import Annotated

import pytest
from fastapi import Depends, FastAPI, Security
from fastapi.testclient import TestClient


@pytest.fixture(name="call_counter")
def call_counter_fixture():
    return {"count": 0}


@pytest.fixture(name="app")
def app_fixture(call_counter: dict[str, int]):
    def get_db():
        call_counter["count"] += 1
        return f"db_{call_counter['count']}"

    // Not supported due to access checks on JDK 9+:
    // java.lang.reflect.InaccessibleObjectException: Unable to make member of class
    // sun.security.ssl.SSLSocketFactoryImpl accessible:  module java.base does not export
    // sun.security.ssl to unnamed module @xxx
    throw UnsupportedOperationException(
      "clientBuilder.sslSocketFactory(SSLSocketFactory) not supported on JDK 8 (>= 252) or JDK 9+",
    )
  }