/// info

L'en‑tête supplémentaire `WWW-Authenticate` avec la valeur `Bearer` que nous renvoyons ici fait également partie de la spécification.

Il est prévu qu'un code d'état HTTP (d'erreur) 401 « UNAUTHORIZED » renvoie également un en‑tête `WWW-Authenticate`.

Dans le cas des jetons bearer (notre cas), la valeur de cet en‑tête doit être `Bearer`.

### Target language

Translate to Simplified Chinese (简体中文).

Language code: zh.

### Grammar and tone

- Use clear, concise technical Chinese consistent with existing docs.
- Address the reader naturally (commonly using “你/你的”).

### Headings

- Follow existing Simplified Chinese heading style (short and descriptive).
- Do not add trailing punctuation to headings.

type DecoderError struct {
	msg       string // description of error
	context   string // additional error context
	pos       errPos
	atChar    byte
	readerErr error // underlying reader error, if any
}

// ReaderErr returns the underlying error.
func (e DecoderError) ReaderErr() error { return e.readerErr }

// Error returns a string representation of the error.
func (e DecoderError) Error() string {

    * 그래서 우리 API에 인증하기 위해 `Authorization` 헤더를, 값은 `Bearer `에 token을 더한 형태로 보냅니다.
    * token에 `foobar`가 들어 있다면 `Authorization` 헤더의 내용은 `Bearer foobar`가 됩니다.

## **FastAPI**의 `OAuth2PasswordBearer` { #fastapis-oauth2passwordbearer }

**FastAPI**는 이런 보안 기능을 구현하기 위해, 서로 다른 추상화 수준에서 여러 도구를 제공합니다.

이 예제에서는 **OAuth2**의 **Password** 플로우와 **Bearer** token을 사용합니다. 이를 위해 `OAuth2PasswordBearer` 클래스를 사용합니다.

/// info | 정보

### Target language

Translate to Traditional Chinese (繁體中文).

Language code: zh-hant.

### Grammar and tone

- Use clear, concise technical Traditional Chinese consistent with existing docs.
- Address the reader naturally (commonly using “你/你的”).

### Headings

- Follow existing Traditional Chinese heading style (short and descriptive).
- Do not add trailing punctuation to headings.

### Quotes and punctuation

    user = fake_decode_token(token)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Not authenticated",
            headers={"WWW-Authenticate": "Bearer"},
        )
    return user


async def get_current_active_user(current_user: User = Depends(get_current_user)):
    if current_user.disabled:

                org.dbflute.helper.jprop.JavaPropertiesReader reader =
                        new org.dbflute.helper.jprop.JavaPropertiesReader("test.properties", null);
                java.lang.reflect.Field readerPropsField = reader.getClass().getDeclaredField("_plainProperties");
                readerPropsField.setAccessible(true);
                readerPropsField.set(reader, props);

def test_incorrect_token():
    response = client.get("/items", headers={"Authorization": "Non-existent testtoken"})
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Not authenticated"}


def test_token():
    response = client.get("/items", headers={"Authorization": "Bearer testtoken"})
    assert response.status_code == 200, response.text

client = TestClient(app)


def test_security_oauth2():
    response = client.get("/users/me", headers={"Authorization": "Bearer footokenbar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"username": "Bearer footokenbar"}


def test_security_oauth2_password_other_header():
    response = client.get("/users/me", headers={"Authorization": "Other footokenbar"})
    assert response.status_code == 200, response.text

def test_get_credentials():
    response = client.get("/get-credentials", headers={"authorization": "Bearer token"})
    assert response.status_code == 200, response.text
    assert response.json() == {"token": "token", "scopes": ["a", "b"]}


def test_parameterless_with_scopes():
    response = client.get(
        "/parameterless-with-scopes", headers={"authorization": "Bearer token"}
    )
    assert response.status_code == 200, response.text