Пройдите авторизацию так же, как делали раньше.

Используя учетные данные пользователя:

Username: `johndoe`
Password: `secret`

/// check | Заметка
Обратите внимание, что нигде в коде не используется открытый текст пароля "`secret`", мы используем только его хэшированную версию.
///

<img src="/img/tutorial/security/image08.png">

Вызвав эндпоинт `/users/me/`, вы получите ответ в виде:

	// The identifiers for the temporary security credentials that the operation
	// returns.
	AssumedRoleUser AssumedRoleUser `xml:",omitempty"`

	// The temporary security credentials, which include an access key ID, a secret
	// access key, and a security (or session) token.
	//
	// Note: The size of the security token that STS APIs return is not fixed. We
	// strongly recommend that you make no assumptions about the maximum size. As

 *   // If this is preemptive auth, use a preemptive credential.
 *   if (challenge.scheme().equalsIgnoreCase("OkHttp-Preemptive")) {
 *     return response.request().newBuilder()
 *         .header("Proxy-Authorization", "secret")
 *         .build();
 *   }
 * }
 * return null; // Didn't find a preemptive auth scheme.
 * ```
 *
 * ## Reactive Authentication
 *

/**
 * API access to the <a href="https://api.slack.com/apps">Slack API</a> as an application. One
 * instance of this class may operate without a user, or on behalf of many users. Use the Slack API
 * dashboard to create a client ID and secret for this application.
 *
 * <p>You must configure your Slack API OAuth and Permissions page with a localhost URL like {@code
 * http://localhost:53203/oauth/}, passing the same port to this class’ constructor.
 */

        with:
          role-to-assume: arn:aws:iam::992382829881:role/GHASecrets_gradle_all
          secret-ids: |
            ORG_TEAM_GITHUB_ACCESS_TOKEN, gha/gradle/_all/ORG_TEAM_GITHUB_ACCESS_TOKEN

      - uses: actions/checkout@v5

      - name: GitHub CODEOWNERS Validator

`user_in`은 Pydantic 모델 클래스인 `UserIn`입니다.

Pydantic 모델은 모델 데이터를 포함한 `dict`를 반환하는 `.dict()` 메서드를 제공합니다.

따라서, 다음과 같이 Pydantic 객체 `user_in`을 생성할 수 있습니다:

```Python
user_in = UserIn(username="john", password="secret", email="******@****.***")
```

그 다음, 다음과 같이 호출합니다:

```Python
user_dict = user_in.dict()
```

이제 변수 `user_dict`에 데이터가 포함된 `dict`를 가지게 됩니다(이는 Pydantic 모델 객체가 아닌 `dict`입니다).

그리고 다음과 같이 호출하면:

<img src="/img/tutorial/security/image07.png">

Autorize a aplicação da mesma maneira que antes.

Usando as credenciais:

Username: `johndoe`
Password: `secret`

/// check | Verifique

Observe que em nenhuma parte do código está a senha em texto puro "`secret`", nós temos apenas o hash.

///

<img src="/img/tutorial/security/image08.png">

Chame o endpoint `/users/me/`, você receberá o retorno como:

    // Patterns for sensitive data - compiled once and cached
    private static final Pattern PASSWORD_PATTERN = Pattern.compile(
            "(?i)(password|passwd|pwd|secret|token|key|credential|auth)([\"']?\\s*[:=]\\s*[\"']?)([^\"',\\s]+)", Pattern.CASE_INSENSITIVE);

    private static final Pattern IP_PATTERN = Pattern.compile("\\b(?:[0-9]{1,3}\\.){3}[0-9]{1,3}\\b");

side applications need not create a presigned URL and serve to the client for each file. Since, the client would have the session it can do it by itself.

The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to MinIO API operations. The policy applied to these temporary credentials is inherited from the MinIO user credentials. By default, the temporary security...

- Veeam requires TLS connections to the object storage.  This can be configured per <https://docs.min.io/community/minio-object-store/operations/network-encryption.html>
- The S3 bucket, Access Key and Secret Key have to be created before and outside of Veeam.
- Configure the minio client for the Veeam MinIO endpoint - <https://docs.min.io/community/minio-object-store/operations/deployments/baremetal-deploy-minio-on-redhat-linux.html>