& ➕1️⃣ 1️⃣ 🔓 & 📨 👩‍💻.

//// tab | 🐍 3️⃣.6️⃣ & 🔛

```Python hl_lines="7  48  55-56  59-60  69-75"
{!> ../../docs_src/security/tutorial004.py!}
```

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

```Python hl_lines="6  47  54-55  58-59  68-74"
{!> ../../docs_src/security/tutorial004_py310.py!}
```

////

/// note

 */
package jcifs.smb;


import java.util.HashMap;
import java.util.Map;

import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import javax.security.auth.login.Configuration;


/**
 * @author mbechler
 *
 */
class StaticJAASConfiguration extends Configuration {

/pilot/pkg/security/                                             @istio/wg-security-maintainers
/pilot/pkg/config/                                               @istio/wg-networking-maintainers
/pilot/pkg/networking/plugin/authn/                              @istio/wg-security-maintainers
/pilot/pkg/networking/plugin/authz/                              @istio/wg-security-maintainers

from fastapi.openapi.models import OAuth2 as OAuth2Model
from fastapi.openapi.models import OAuthFlows as OAuthFlowsModel
from fastapi.param_functions import Form
from fastapi.security.base import SecurityBase
from fastapi.security.utils import get_authorization_scheme_param
from starlette.requests import Request
from starlette.status import HTTP_401_UNAUTHORIZED, HTTP_403_FORBIDDEN

import java.net.ProxySelector
import java.net.Socket
import java.net.URI
import java.net.URL
import java.nio.charset.Charset
import java.security.KeyPair
import java.security.KeyPairGenerator
import java.security.Principal
import java.security.cert.Certificate
import java.security.cert.X509Certificate
import java.time.Duration
import java.time.Instant
import java.util.Date
import java.util.concurrent.ExecutorService

# Security

There are many ways to handle security, authentication and authorization.

And it normally is a complex and "difficult" topic.

In many frameworks and systems just handling security and authentication takes a big amount of effort and code (in many cases it can be 50% or more of all the code written).

//// tab | Python 3.10+

```Python hl_lines="4  78"
{!> ../../docs_src/security/tutorial003_an_py310.py!}
```

////

//// tab | Python 3.9+

```Python hl_lines="4  78"
{!> ../../docs_src/security/tutorial003_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="4  79"
{!> ../../docs_src/security/tutorial003_an.py!}
```

////

//// tab | Python 3.10+ non-Annotated

///

```Python hl_lines="155"
{!../../docs_src/security/tutorial005.py!}
```

## 📣 ↔ *➡ 🛠️* & 🔗

🔜 👥 📣 👈 *➡ 🛠️* `/users/me/items/` 🚚 ↔ `items`.

👉, 👥 🗄 & ⚙️ `Security` ⚪️➡️ `fastapi`.

👆 💪 ⚙️ `Security` 📣 🔗 (💖 `Depends`), ✋️ `Security` 📨 🔢 `scopes` ⏮️ 📇 ↔ (🎻).

👉 💼, 👥 🚶‍♀️ 🔗 🔢 `get_current_active_user` `Security` (🎏 🌌 👥 🔜 ⏮️ `Depends`).

from fastapi import Depends, FastAPI, Security
from fastapi.security.open_id_connect_url import OpenIdConnect
from fastapi.testclient import TestClient
from pydantic import BaseModel

app = FastAPI()

oid = OpenIdConnect(openIdConnectUrl="/openid")


class User(BaseModel):
    username: str


def get_current_user(oauth_header: str = Security(oid)):
    user = User(username=oauth_header)
    return user

# Gelişmiş Güvenlik

## Ek Özellikler

[Tutorial - User Guide: Security](../../tutorial/security/index.md){.internal-link target=_blank} sayfasında ele alınanların dışında güvenlikle ilgili bazı ek özellikler vardır.

/// tip | "İpucu"

Sonraki bölümler **mutlaka "gelişmiş" olmak zorunda değildir**.

Kullanım şeklinize bağlı olarak, çözümünüz bu bölümlerden birinde olabilir.

///

## Önce Öğreticiyi Okuyun