"type": "object",
                    "title": "HTTPValidationError",
                },
                "Subscription": {
                    "properties": {
                        "username": {"type": "string", "title": "Username"},
                        "monthly_fee": {"type": "number", "title": "Monthly Fee"},
                        "start_date": {
                            "type": "string",

        // TODO Auto-generated method stub
        return null;
    }

    /**
     * Generates a Type 3 NTLM message.
     * @param username The username.
     * @param password The password.
     * @param domain The domain.
     * @param workstation The workstation.
     * @param challenge The Type 2 challenge message.
     * @return The Type 3 message.

     *
     * @param form the create form
     * @param username the current username
     * @param currentTime the current time
     * @return optional key match entity
     */
    public static OptionalEntity<KeyMatch> getEntity(final CreateForm form, final String username, final long currentTime) {
        switch (form.crudMode) {
        case CrudMode.CREATE:

So, let's review it from that simplified point of view:

* The user types the `username` and `password` in the frontend, and hits `Enter`.
* The frontend (running in the user's browser) sends that `username` and `password` to a specific URL in our API (declared with `tokenUrl="token"`).
* The API checks that `username` and `password`, and responds with a "token" (we haven't implemented any of this yet).

                    "type": "object",
                    "title": "HTTPValidationError",
                },
                "Subscription": {
                    "properties": {
                        "username": {"type": "string", "title": "Username"},
                        "monthly_fee": {"type": "number", "title": "Monthly Fee"},
                        "start_date": {
                            "type": "string",

from fastapi.testclient import TestClient
from pydantic import BaseModel

app = FastAPI()

api_key = APIKeyHeader(name="key")


class User(BaseModel):
    username: str


def get_current_user(oauth_header: str = Security(api_key)):
    user = User(username=oauth_header)
    return user


@app.get("/users/me")
def read_current_user(current_user: User = Depends(get_current_user)):
    return current_user

from pydantic import BaseModel

app = FastAPI()

api_key = APIKeyHeader(name="key", description="An API Key Header")


class User(BaseModel):
    username: str


def get_current_user(oauth_header: str = Security(api_key)):
    user = User(username=oauth_header)
    return user


@app.get("/users/me")
def read_current_user(current_user: User = Depends(get_current_user)):
    return current_user

                            "type": "string",
                        },
                        "username": {
                            "title": "Username",
                            "type": "string",
                        },
                    },
                    "required": [
                        "username",
                        "email",
                    ],
                    "title": "User",

## Obtenha o `username` e a `password` { #get-the-username-and-password }

É utilizado o utils de segurança da **FastAPI** para obter o `username` e a `password`.

OAuth2 especifica que ao usar o "password flow" (fluxo de senha), que estamos usando, o cliente/usuário deve enviar os campos `username` e `password` como dados do formulário.

    }

    private String maskUsername(String username) {
        if (!maskSensitiveData || username == null) {
            return username;
        }

        // Show first and last character only
        if (username.length() <= 2) {
            return "***";
        }

        return username.charAt(0) + "***" + username.charAt(username.length() - 1);
    }