# HTTP Basic Auth

Para os casos mais simples, você pode utilizar o HTTP Basic Auth.

No HTTP Basic Auth, a aplicação espera um cabeçalho que contém um usuário e uma senha.

Caso ela não receba, ela retorna um erro HTTP 401 "Unauthorized" (*Não Autorizado*).

E retorna um cabeçalho `WWW-Authenticate` com o valor `Basic`, e um parâmetro opcional `realm`.

Isso sinaliza ao navegador para mostrar o prompt integrado para um usuário e senha.

# HTTP 基础授权

最简单的用例是使用 HTTP 基础授权（HTTP Basic Auth）。

在 HTTP 基础授权中，应用需要请求头包含用户名与密码。

如果没有接收到 HTTP 基础授权，就返回 HTTP 401 `"Unauthorized"` 错误。

并返回含 `Basic` 值的请求头 `WWW-Authenticate`以及可选的 `realm` 参数。

HTTP 基础授权让浏览器显示内置的用户名与密码提示。

输入用户名与密码后，浏览器会把它们自动发送至请求头。

## 简单的 HTTP 基础授权

* 导入 `HTTPBasic` 与 `HTTPBasicCredentials`
* 使用 `HTTPBasic` 创建**安全概图**
* 在*路径操作*的依赖项中使用 `security`
* 返回类型为 `HTTPBasicCredentials` 的对象：

# HTTP Basic Auth

For the simplest cases, you can use HTTP Basic Auth.

In HTTP Basic Auth, the application expects a header that contains a username and a password.

If it doesn't receive it, it returns an HTTP 401 "Unauthorized" error.

And returns a header `WWW-Authenticate` with a value of `Basic`, and an optional `realm` parameter.

That tells the browser to show the integrated prompt for a username and password.

# HTTP Basic Auth

Für die einfachsten Fälle können Sie <abbr title="HTTP-Basisauthentifizierung">HTTP Basic Auth</abbr> verwenden.

Bei HTTP Basic Auth erwartet die Anwendung einen Header, der einen Benutzernamen und ein Passwort enthält.

Wenn sie diesen nicht empfängt, gibt sie den HTTP-Error 401 „Unauthorized“ zurück.

Und gibt einen Header `WWW-Authenticate` mit dem Wert `Basic` und einem optionalen `realm`-Parameter („Bereich“) zurück.

```

🕐❔ 👆 🔄 📂 📛 🥇 🕰 (⚖️ 🖊 "🛠️" 🔼 🩺) 🖥 🔜 💭 👆 👆 🆔 & 🔐:

<img src="/img/tutorial/security/image12.png">

## ✅ 🆔

📥 🌅 🏁 🖼.

⚙️ 🔗 ✅ 🚥 🆔 &amp; 🔐 ☑.

👉, ⚙️ 🐍 🐩 🕹 <a href="https://docs.python.org/3/library/secrets.html" class="external-link" target="_blank">`secrets`</a> ✅ 🆔 &amp; 🔐.

`secrets.compare_digest()` 💪 ✊ `bytes` ⚖️ `str` 👈 🕴 🔌 🔠 🦹 (🕐 🇪🇸), 👉 ⛓ ⚫️ 🚫🔜 👷 ⏮️ 🦹 💖 `á`, `Sebastián`.

import okhttp3.internal.http.ExchangeCodec
import okhttp3.internal.http.RealInterceptorChain
import okhttp3.internal.http1.Http1ExchangeCodec
import okhttp3.internal.http2.ConnectionShutdownException
import okhttp3.internal.http2.ErrorCode
import okhttp3.internal.http2.FlowControlListener
import okhttp3.internal.http2.Http2Connection
import okhttp3.internal.http2.Http2ExchangeCodec
import okhttp3.internal.http2.Http2Stream

# Access Management Plugin Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)

MinIO now includes support for using an Access Management Plugin. This is to allow object storage access control to be managed externally via a webhook.

  }

  @Test
  fun serverTruncatesRequestOnLongPostHttp1() {
    serverTruncatesRequestOnLongPost(https = false)
  }

  @Test
  fun serverTruncatesRequestOnLongPostHttp2() {
    enableProtocol(Protocol.HTTP_2)
    serverTruncatesRequestOnLongPost(https = true)
  }

  private fun serverTruncatesRequestOnLongPost(https: Boolean) {
    server.enqueue(
      MockResponse(
        body = "abc",

    assertThat(response.trailers()).isEmpty()
  }

  @Test
  fun testFailsIfTrailersNotSet() {
    val response =
      newResponse("".toResponseBody()) {
        // All live paths (Http1, Http2) in OkHttp do this
        trailers { error("trailers not available") }
      }

    assertFailsWith<IllegalStateException>(message = "trailers not available") {
      response.trailers()
    }
  }

  @Test

a:\t\sfoo.com  s:a p:\sfoo.com
http://f:21/\sb\s?\sd\s#\se\s  s:http h:f port:21 p:/%20b%20 q:?%20d%20 f:#\se
http://f:/c  s:http h:f p:/c
http://f:0/c  s:http h:f port:0 p:/c
http://f:00000000000000/c  s:http h:f port:0 p:/c
http://f:00000000000000000000080/c  s:http h:f p:/c
http://f:b/c
http://f:\s/c
http://f:\n/c  s:http h:f p:/c
http://f:fifty-two/c
http://f:999999/c  s:http h:f port:999999 p:/c
http://f:\s21\s/\sb\s?\sd\s#\se\s