///

## Взгляд издалека { #global-view }

Сначала быстро посмотрим, что изменилось по сравнению с примерами из основного раздела **Учебник - Руководство пользователя** — [OAuth2 с паролем (и хешированием), Bearer с JWT-токенами](../../tutorial/security/oauth2-jwt.md). Теперь — с использованием OAuth2 scopes:

{* ../../docs_src/security/tutorial005_an_py310.py hl[5,9,13,47,65,106,108:116,122:126,130:136,141,157] *}

///

## Gesamtübersicht { #global-view }

Sehen wir uns zunächst kurz die Teile an, die sich gegenüber den Beispielen im Haupt-**Tutorial – Benutzerhandbuch** für [OAuth2 mit Password (und Hashing), Bearer mit JWT-Tokens](../../tutorial/security/oauth2-jwt.md) ändern. Diesmal verwenden wir OAuth2-Scopes:

{* ../../docs_src/security/tutorial005_an_py310.py hl[5,9,13,47,65,106,108:116,122:126,130:136,141,157] *}

* form model
* model object

* class
* base class
* parent class
* subclass
* child class
* sibling class
* class method

* header
* headers
* authorization header
* `Authorization` header
* forwarded header

* dependency injection system
* dependency
* dependable
* dependant

* I/O bound
* CPU bound
* concurrency
* parallelism
* multiprocessing

///

## Vista global { #global-view }

Primero, echemos un vistazo rápido a las partes que cambian desde los ejemplos en el **Tutorial - User Guide** principal para [OAuth2 con Password (y hashing), Bearer con tokens JWT](../../tutorial/security/oauth2-jwt.md). Ahora usando scopes de OAuth2:

{* ../../docs_src/security/tutorial005_an_py310.py hl[5,9,13,47,65,106,108:116,122:126,130:136,141,157] *}

Dans cette section, vous verrez comment gérer l’authentification et l’autorisation avec le même OAuth2 avec scopes dans votre application **FastAPI**.

/// warning | Alertes

C’est une section plus ou moins avancée. Si vous débutez, vous pouvez la passer.

Vous n’avez pas nécessairement besoin des scopes OAuth2, et vous pouvez gérer l’authentification et l’autorisation comme vous le souhaitez.

`:` 같은 다른 문자가 있거나 URL이어도 상관없습니다.

그런 세부사항은 구현에 따라 달라집니다.

OAuth2 입장에서는 그저 문자열입니다.

///

## 전체 개요 { #global-view }

먼저, 메인 **튜토리얼 - 사용자 가이드**의 [비밀번호(및 해싱)를 사용하는 OAuth2, JWT 토큰을 사용하는 Bearer](../../tutorial/security/oauth2-jwt.md) 예제에서 어떤 부분이 바뀌는지 빠르게 살펴보겠습니다. 이제 OAuth2 스코프를 사용합니다:

{* ../../docs_src/security/tutorial005_an_py310.py hl[5,9,13,47,65,106,108:116,122:126,130:136,141,157] *}

이제 변경 사항을 단계별로 살펴보겠습니다.

				"application/vnd.unity",
				"application/vnd.uoml+xml",
				"application/vnd.uplanet.alert",
				"application/vnd.uplanet.alert-wbxml",
				"application/vnd.uplanet.bearer-choice",
				"application/vnd.uplanet.bearer-choice-wbxml",
				"application/vnd.uplanet.cacheop",
				"application/vnd.uplanet.cacheop-wbxml",
				"application/vnd.uplanet.channel",
				"application/vnd.uplanet.channel-wbxml",

	req, _ := http.NewRequest(http.MethodOptions, s.endPoint, nil)
	req.Header.Set("Origin", "http://foobar.com")
	res, err := s.client.Do(req)
	if err != nil {
		c.Fatal(err)
	}

	for k := range expectedMap {
		if v, ok := res.Header[k]; !ok {
			c.Errorf("Expected key %s missing from %v", k, res.Header)
		} else {
			expectedSet := set.CreateStringSet(expectedMap[k]...)

- Fixed ambiguous behavior when bearer token (kubectl --token=..) and an exec credential plugin was configured in the same context - the bearer token now takes precedence. ([#91745](https://github.com/kubernetes/kubernetes/pull/91745), [@anderseknert](https://github.com/anderseknert)) [SIG API Machinery, Auth and Testing]

```

Read the new docs: [Query Parameter Models](https://fastapi.tiangolo.com/tutorial/query-param-models/).

#### `Header` Parameter Models

Use Pydantic models for `Header` parameters:

```python
from typing import Annotated

from fastapi import FastAPI, Header
from pydantic import BaseModel

app = FastAPI()


class CommonHeaders(BaseModel):
    host: str