active return 0 } # checkUserExists ($username) # Check if the user exists, by using the exit code of `mc admin user info` checkUserExists() { USER=$1 CMD=$(${MC} admin user info myminio $USER > /dev/null 2>&1) return $? } # createUser ($username, $password, $policy) createUser() { USER=$1 PASS=$2 POLICY=$3 # Create the user if it does not exist if ! checkUserExists $USER ; then echo "Creating user '$USER'" ${MC} admin user add myminio $USER $PASS else echo "User '$USER' already exists." fi # set policy...

active return 0 } # checkUserExists ($username) # Check if the user exists, by using the exit code of `mc admin user info` checkUserExists() { USER=$1 CMD=$(${MC} admin user info myminio $USER > /dev/null 2>&1) return $? } # createUser ($username, $password, $policy) createUser() { USER=$1 PASS=$2 POLICY=$3 # Create the user if it does not exist if ! checkUserExists $USER ; then echo "Creating user '$USER'" ${MC} admin user add myminio $USER $PASS else echo "User '$USER' already exists." fi # set policy...

active return 0 } # checkUserExists ($username) # Check if the user exists, by using the exit code of `mc admin user info` checkUserExists() { USER=$1 CMD=$(${MC} admin user info myminio $USER > /dev/null 2>&1) return $? } # createUser ($username, $password, $policy) createUser() { USER=$1 PASS=$2 POLICY=$3 # Create the user if it does not exist if ! checkUserExists $USER ; then echo "Creating user '$USER'" ${MC} admin user add myminio $USER $PASS else echo "User '$USER' already exists." fi # set policy...

active return 0 } # checkUserExists ($username) # Check if the user exists, by using the exit code of `mc admin user info` checkUserExists() { USER=$1 CMD=$(${MC} admin user info myminio $USER > /dev/null 2>&1) return $? } # createUser ($username, $password, $policy) createUser() { USER=$1 PASS=$2 POLICY=$3 # Create the user if it does not exist if ! checkUserExists $USER ; then echo "Creating user '$USER'" ${MC} admin user add myminio $USER $PASS else echo "User '$USER' already exists." fi # set policy...

```JSON
{
  "detail": "Not authenticated"
}
```

### 未激活用户

测试未激活用户，输入以下信息，进行身份验证：

用户名：`alice`

密码：`secret2`

然后，执行 `/users/me` 路径的 `GET` 操作。

显示下列**未激活用户**错误信息：

```JSON
{
  "detail": "Inactive user"
}
```

## 小结

使用本章的工具实现基于 `username` 和 `password` 的完整 API 安全系统。

这些工具让安全系统兼容任何数据库、用户及数据模型。

唯一欠缺的是，它仍然不是真的**安全**。

    /**
     * Creates the LMv2 response for the supplied information.
     *
     * @param domain
     *            The domain in which the username exists.
     * @param user
     *            The username.
     * @param password
     *            The user's password.
     * @param challenge
     *            The server challenge.
     * @param clientChallenge
     *            The client challenge (nonce).

import org.lastaflute.web.response.StreamResponse;

import jakarta.annotation.Resource;

/**
 * Action class for handling document redirection requests.
 * This action processes "go" requests that redirect users to specific documents
 * while tracking click events and handling various URL types including file system paths.
 */
public class GoAction extends FessSearchAction {

    /**
     * Default constructor for GoAction.

  </ResponseMetadata>
</AssumeRoleResponse>
```

## Using AssumeRole API

```
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio123
minio server ~/test
```

Create new users following the multi-user guide [here](https://docs.min.io/community/minio-object-store/administration/identity-access-management.html)

### Testing an example with awscli tool

	err := d.DecodeElement(&dateStr, &startElement)
	if err != nil {
		return err
	}
	// While AWS documentation mentions that the date specified
	// must be present in ISO 8601 format, in reality they allow
	// users to provide RFC 3339 compliant dates.
	trnDate, err := time.Parse(time.RFC3339, dateStr)
	if err != nil {
		return errTransitionInvalidDate
	}
	// Allow only date timestamp specifying midnight GMT

   * other {@code ClassValue} entries for the exception type to be tested. This lets us evaluate
   * whether our solution scales to use with multiple exception types and to whether it is affected
   * by other {@code ClassValue} users. Some of the benchmarked implementations don't use one or
   * both of these mechanisms, so they will be unaffected.
   */
  @Param({"0", "1", "12"})
  int otherEntriesInDataStructure;