// There is no max length enforcement for access keys
	accessKeyMaxLen = 20

	// Minimum length for MinIO secret key for both server
	secretKeyMinLen = 8

	// Maximum secret key length for MinIO, this
	// is used when autogenerating new credentials.
	// There is no max length enforcement for secret keys
	secretKeyMaxLen = 40

	// Alpha numeric table used for generating access keys.

sleep 5

./s3-check-md5 -h

failed_count_site1=$(./s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://site1-nginx:9001 -bucket testbucket 2>&1 | grep FAILED | wc -l)
failed_count_site2=$(./s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://site2-nginx:9002 -bucket testbucket 2>&1 | grep FAILED | wc -l)

if [ $failed_count_site1 -ne 0 ]; then

          dd if=/dev/urandom of=key.secret bs=2k count=1
          LOOP=$(losetup -f)
          sudo losetup $LOOP dm-crypt.img
          sudo cryptsetup luksFormat -q --key-file key.secret "$LOOP"
          sudo cryptsetup open --key-file key.secret "$LOOP" secret --verbose
          sudo mkfs.ext2 /dev/mapper/secret
          sudo mkdir /mnt/secret
          sudo mount /dev/mapper/secret /mnt/secret
          sudo chown -R jenkins /mnt/secret

如果你點擊鎖頭圖示登出，然後再次嘗試相同操作，你會得到 HTTP 401 錯誤：

```JSON
{
  "detail": "Not authenticated"
}
```

### 未啟用的使用者 { #inactive-user }

現在改用一個未啟用的使用者，使用以下帳密驗證：

User: `alice`

Password: `secret2`

然後再呼叫 `GET` 方法的 `/users/me`。

你會得到「Inactive user」的錯誤，例如：

```JSON
{
  "detail": "Inactive user"
}
```

## 小結 { #recap }

{
  "detail": "Not authenticated"
}
```

### Неактивный пользователь { #inactive-user }

Теперь попробуйте с неактивным пользователем, аутентифицируйтесь с:

Пользователь: `alice`

Пароль: `secret2`

И попробуйте использовать операцию `GET` с путём `/users/me`.

Вы получите ошибку "Inactive user", как здесь:

```JSON
{
  "detail": "Inactive user"
}
```

## Резюме { #recap }

    response = client.post(
        "/login",
        data={"username": "johndoe", "password": "secret", "grant_type": "password"},
    )
    assert response.status_code == 200
    assert response.json() == {
        "grant_type": "password",
        "username": "johndoe",
        "password": "secret",
        "scopes": [],
        "client_id": None,
        "client_secret": None,
    }

    response = client.post(
        "/login",
        data={"username": "johndoe", "password": "secret", "grant_type": "password"},
    )
    assert response.status_code == 200, response.text
    assert response.json() == {
        "grant_type": "password",
        "username": "johndoe",
        "password": "secret",
        "scopes": [],
        "client_id": None,
        "client_secret": None,
    }

	}
	if len(cred.SecretKey) != secretKeyMaxLen {
		t.Fatalf("secret key length: expected: %v, got: %v", secretKeyMaxLen, len(cred.SecretKey))
	}
}

func TestCreateCredentials(t *testing.T) {
	testCases := []struct {
		accessKey   string
		secretKey   string
		valid       bool
		expectedErr error
	}{
		// Valid access and secret keys with minimum length.

./s3-check-md5 -versions -access-key minio -secret-key minio123 -endpoint http://127.0.0.1:9001/ -bucket bucket
./s3-check-md5 -versions -access-key minio -secret-key minio123 -endpoint http://127.0.0.1:9002/ -bucket bucket
./s3-check-md5 -versions -access-key minio -secret-key minio123 -endpoint http://127.0.0.1:9003/ -bucket bucket
./s3-check-md5 -versions -access-key minio -secret-key minio123 -endpoint http://127.0.0.1:9004/ -bucket bucket

from fastapi import Depends, FastAPI, Header, HTTPException


async def verify_token(x_token: str = Header()):
    if x_token != "fake-super-secret-token":
        raise HTTPException(status_code=400, detail="X-Token header invalid")


async def verify_key(x_key: str = Header()):
    if x_key != "fake-super-secret-key":
        raise HTTPException(status_code=400, detail="X-Key header invalid")
    return x_key