.Builder()
        .code(401)
        .addHeader("Connection", "close")
        .onResponseEnd(ShutdownConnection)
        .build(),
    )
    val authenticator = RecordingOkAuthenticator(null, null)
    client =
      client
        .newBuilder()
        .authenticator(authenticator)
        .build()
    executeSynchronously("/")
      .assertCode(401)

Shinsuke Sugaya <******@****.***> 1772848386 +0900

    level = DeprecationLevel.ERROR,
  )
  fun priorResponse(): Response? = priorResponse

  /**
   * Returns the RFC 7235 authorization challenges appropriate for this response's code. If the
   * response code is 401 unauthorized, this returns the "WWW-Authenticate" challenges. If the
   * response code is 407 proxy unauthorized, this returns the "Proxy-Authenticate" challenges.
   * Otherwise this returns an empty list of challenges.
   *

        try {
            WebApiUtil.setError(200, "OK");
            WebApiUtil.setError(201, "Created");
            WebApiUtil.setError(400, "Bad Request");
            WebApiUtil.setError(401, "Unauthorized");
            WebApiUtil.setError(403, "Forbidden");
            WebApiUtil.setError(404, "Not Found");
            WebApiUtil.setError(500, "Internal Server Error");

		cause:      err,
	}
}

func errUnauthorizedAccess(err error) *s3Error {
	return &s3Error{
		code:       "UnauthorizedAccess",
		message:    "You are not authorized to perform this operation",
		statusCode: 401,
		cause:      err,
	}
}

func errEmptyRequestBody(err error) *s3Error {
	return &s3Error{
		code:       "EmptyRequestBody",
		message:    "Request body cannot be empty.",
		statusCode: 400,

            }
            if (status) {
                return new ActionResponseCredential(() -> {
                    throw new RequestLoggingFilter.RequestClientErrorException("Your request is not authorized.", "401 Unauthorized",
                            HttpServletResponse.SC_UNAUTHORIZED);
                });
            }

            // assert
            if (null == principal) {

///

## 何をするか { #what-it-does }

リクエストの中に`Authorization`ヘッダーを探しに行き、その値が`Bearer `と何らかのトークンを含んでいるかどうかをチェックし、そのトークンを`str`として返します。

もし`Authorization`ヘッダーが見つからなかったり、値が`Bearer `トークンを持っていなかったりすると、401 ステータスコードエラー (`UNAUTHORIZED`) で直接応答します。

トークンが存在するかどうかをチェックしてエラーを返す必要はありません。関数が実行された場合、そのトークンに`str`が含まれていることを確信できます。

インタラクティブなドキュメントですでに試すことができます:

<img src="/img/tutorial/security/image03.png">

        )

        overrideBadImplementation(override = override.override, testItFails = testItFails)
      }

      OverrideParam.Authenticator -> {
        server.enqueue(
          MockResponse.Builder().code(401).build(),
        )

        overrideBadImplementation(override = override.override, testItFails = testItFails)
      }

      OverrideParam.RetryOnConnectionFailure -> {
        enableTls()

   *
   * The network response's status code is most influential when deciding how to follow up:
   *
   *  * For redirects (301: Moved Permanently, 302: Temporary Redirect, etc.)
   *  * For auth challenges (401: Unauthorized, 407: Proxy Authentication Required.)
   *  * For client timeouts (408: Request Time-Out.)
   *  * For server failures (503: Service Unavailable.)
   *

    for (i in 0..29) {
      webServer.enqueue(
        MockResponse
          .Builder()
          .bodyDelay(100, TimeUnit.MILLISECONDS)
          .body("Wrong endpoint")
          .code(401)
          .build(),
      )
    }
    val request =
      Request
        .Builder()
        .url(webServer.url("/"))
        .build()
    val attempts = CountDownLatch(20)