the behavior you are seeing is confirmed as a bug or issue, it can easily be re-raised in the issue tracker.

## Filing issues

Sensitive security-related issues should be reported to [security@golang.org](mailto:******@****.***).
See the [security policy](https://golang.org/security) for details.

The recommended way to file an issue is by running `go bug`.
Otherwise, when filing an issue, make sure to answer these five questions:

import com.google.android.gms.security.ProviderInstaller
import com.squareup.moshi.Moshi
import com.squareup.moshi.kotlin.reflect.KotlinJsonAdapterFactory
import java.io.IOException
import java.net.InetAddress
import java.net.UnknownHostException
import java.security.KeyStore
import java.security.SecureRandom
import java.security.Security
import java.security.cert.Certificate

# Fortgeschrittene Sicherheit { #advanced-security }

## Zusatzfunktionen { #additional-features }

Neben den in [Tutorial – Benutzerhandbuch: Sicherheit](../../tutorial/security/index.md){.internal-link target=_blank} behandelten Funktionen gibt es noch einige zusätzliche Funktionen zur Handhabung der Sicherheit.

/// tip | Tipp

Die nächsten Abschnitte sind **nicht unbedingt „fortgeschritten“**.

# Seguridad Avanzada { #advanced-security }

## Funcionalidades Adicionales { #additional-features }

Hay algunas funcionalidades extra para manejar la seguridad aparte de las cubiertas en el [Tutorial - Guía del Usuario: Seguridad](../../tutorial/security/index.md){.internal-link target=_blank}.

/// tip | Consejo

Las siguientes secciones **no son necesariamente "avanzadas"**.

Y es posible que para tu caso de uso, la solución esté en una de ellas.

{* ../../docs_src/security/tutorial005_an_py310.py hl[5,9,13,47,65,106,108:116,122:126,130:136,141,157] *}

Now let's review those changes step by step.

## OAuth2 Security scheme { #oauth2-security-scheme }

The first change is that now we are declaring the OAuth2 security scheme with two available scopes, `me` and `items`.

///

{* ../../docs_src/security/tutorial005_an_py310.py hl[5,141,172] *}

/// info | Технические детали

`Security` на самом деле является подклассом `Depends` и имеет всего один дополнительный параметр, который мы рассмотрим позже.

Но используя `Security` вместо `Depends`, **FastAPI** будет знать, что можно объявлять security scopes, использовать их внутри и документировать API в OpenAPI.

If the token is invalid, return an HTTP error right away.

{* ../../docs_src/security/tutorial004_an_py310.py hl[90:107] *}

## Update the `/token` *path operation* { #update-the-token-path-operation }

Create a `timedelta` with the expiration time of the token.

Create a real JWT access token and return it.

{* ../../docs_src/security/tutorial004_an_py310.py hl[118:133] *}

from typing import Optional

from fastapi import FastAPI, Security
from fastapi.security import HTTPAuthorizationCredentials, HTTPDigest
from fastapi.testclient import TestClient

app = FastAPI()

security = HTTPDigest(auto_error=False)


@app.get("/users/me")
def read_current_user(
    credentials: Optional[HTTPAuthorizationCredentials] = Security(security),
):
    if credentials is None:

import secrets

from fastapi import Depends, FastAPI, HTTPException, status
from fastapi.security import HTTPBasic, HTTPBasicCredentials

app = FastAPI()

security = HTTPBasic()


def get_current_username(credentials: HTTPBasicCredentials = Depends(security)):
    current_username_bytes = credentials.username.encode("utf8")
    correct_username_bytes = b"stanleyjobson"
    is_correct_username = secrets.compare_digest(

the identity of the caller is validated by using a JWT access token from the identity provider. The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to MinIO API operations.

By default, the temporary security credentials created by AssumeRoleWithClientGrants last for one hour. However, use the optional DurationSeconds parameter to specify the duration of the...