oauth2.errCb({
                        authId: oauth2.auth.name,
                        source: "auth",
                        level: "warning",
                        message: "Authorization may be unsafe, passed state was changed in server. The passed state wasn't returned from auth server."
                    });
                }

                if (qp.code) {
                    delete oauth2.state;

The following example shows how to get the details of the user with `{userid}` from `{realm}` realm:

```
curl \
  -H "Authorization: Bearer eyJhbGciOiJSUz..." \
  "http://localhost:8080/auth/admin/realms/{realm}/users/{userid}"
```

### Configure MinIO

    title: Stainless | Generate best-in-class SDKs
    img: https://fastapi.tiangolo.com/img/sponsors/stainless.png
  - url: https://www.permit.io/blog/implement-authorization-in-fastapi?utm_source=github&utm_medium=referral&utm_campaign=fastapi
    title: Fine-Grained Authorization for FastAPI
    img: https://fastapi.tiangolo.com/img/sponsors/permit.png
  - url: https://www.interviewpal.com/?utm_source=fastapi&utm_medium=open-source&utm_campaign=dev-hiring

	// authToken as is instead of adding 'Bearer'
	tokens := strings.Fields(target.args.AuthToken)
	switch len(tokens) {
	case 2:
		req.Header.Set("Authorization", target.args.AuthToken)
	case 1:
		req.Header.Set("Authorization", "Bearer "+target.args.AuthToken)
	}

	req.Header.Set("Content-Type", "application/json")

	resp, err := target.httpClient.Do(req)
	if err != nil {
		return err
	}

        .build()
    val authRequest = authenticator.authenticate(route, response)

    assertEquals(
      "Basic ${RecordingAuthenticator.BASE_64_CREDENTIALS}",
      authRequest!!.header("Authorization"),
    )
  }

  @Test
  fun noSupportForNonBasicAuth() {
    val request =
      Request
        .Builder()
        .url("https://server/robots.txt")
        .build()

    val response =

import java.io.File;
import java.io.InputStream;

import org.apache.maven.wagon.ResourceDoesNotExistException;
import org.apache.maven.wagon.TransferFailedException;
import org.apache.maven.wagon.authorization.AuthorizationException;
import org.apache.maven.wagon.events.TransferListener;
import org.apache.maven.wagon.providers.file.FileWagon;
import org.apache.maven.wagon.resource.Resource;

/**

/**
 * Exception thrown during SSO (Single Sign-On) processing with message code support.
 *
 * This exception is used to indicate errors that occur during SSO authentication
 * and authorization processes. It carries both a message code for internationalization
 * and localization purposes, as well as detailed error information. The message code
 * can be used by the UI layer to display appropriate error messages to users.

post() {
    local endpoint="$1"
    local data="$2"

    local response=$(curl -X POST \
        -H "Authorization: token $GITHUB_TOKEN" \
        -H "Accept: application/vnd.github.v3+json" \
        -H "Content-Type: application/json" \
        "https://api.github.com/repos/gradle/gradle$endpoint" \
        -d "$data" \

* フロントエンドはそのトークンを一時的にどこかに保存します。
* ユーザーがフロントエンドでクリックして、フロントエンドのWebアプリの別のセクションに移動します。
* フロントエンドはAPIからさらにデータを取得する必要があります。
    * しかし、特定のエンドポイントの認証が必要です。
    * したがって、APIで認証するため、HTTPヘッダー`Authorization`に`Bearer`の文字列とトークンを加えた値を送信します。
    * トークンに`foobar`が含まれている場合、`Authorization`ヘッダーの内容は次のようになります: `Bearer foobar`。

## **FastAPI**の`OAuth2PasswordBearer`

**FastAPI**は、これらのセキュリティ機能を実装するために、抽象度の異なる複数のツールを提供しています。

@app.get("/", dependencies=[Depends(bearer_scheme)])
async def get_root():
    return {"message": "Hello, World!"}


client = TestClient(app)


def test_get_root():
    response = client.get("/", headers={"Authorization": "Bearer token"})
    assert response.status_code == 200, response.text
    assert response.json() == {"message": "Hello, World!"}


def test_get_root_no_token():
    response = client.get("/")