from fastapi.testclient import TestClient
from inline_snapshot import snapshot
from pydantic import BaseModel

app = FastAPI()

reusable_oauth2 = OAuth2(
    flows={
        "password": {
            "tokenUrl": "token",
            "scopes": {"read:users": "Read the users", "write:users": "Create users"},
        }
    },
    description="OAuth2 security scheme",
    auto_error=False,
)


class User(BaseModel):

                It is also useful when you want to have authentication that can be
                provided in one of multiple optional ways (for example, in a query
                parameter or in an HTTP Bearer token).
                """
            ),
        ] = True,
    ):
        super().__init__(
            location=APIKeyIn.query,
            name=name,
            scheme_name=scheme_name,

    * of NTLMv2 authentication.
    */
    int NTLMSSP_NEGOTIATE_NTLM2 = 0x00080000;

    /**
     * Requests an initial response token.
     */
    int NTLMSSP_REQUEST_INIT_RESPONSE = 0x00100000;

    /**
     * Requests an accept response token.
     */
    int NTLMSSP_REQUEST_ACCEPT_RESPONSE = 0x00200000;

    /**
     * Requests the use of a non-NT session key.
     */

            uv.lock
    - name: Install GitHub Actions dependencies
      run: uv sync --locked --no-dev --group github-actions
    - name: Label Approved
      run: uv run ./scripts/label_approved.py
      env:
        TOKEN: ${{ secrets.GITHUB_TOKEN }}
        CONFIG: >
          {
            "approved-1":
              {
                "number": 1,
                "await_label": "awaiting-review"
              }

    cause: Throwable,
  ): Boolean =
    when (className) {
      "okhttp3.recipes.CheckHandshake" -> true

      // by design
      "okhttp3.recipes.RequestBodyCompression" -> true

      // expired token
      else -> false
    }

    runs-on: ubuntu-latest
    permissions:
      # Needed to upload the results to code-scanning dashboard.
      security-events: write
      # Needed to publish results and get a badge (see publish_results below).
      id-token: write

    steps:
      - name: "Checkout code"
        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
        with:
          persist-credentials: false

      - name: "Run analysis"

# 获取当前用户 { #get-current-user }

上一章中，（基于依赖注入系统的）安全系统向*路径操作函数*传递了 `str` 类型的 `token`：

{* ../../docs_src/security/tutorial001_an_py310.py hl[12] *}

但这并不实用。

接下来，我们学习如何返回当前用户。


## 创建用户模型 { #create-a-user-model }

首先，创建 Pydantic 用户模型。

与使用 Pydantic 声明请求体相同，并且可在任何位置使用：

{* ../../docs_src/security/tutorial002_an_py310.py hl[5,12:6] *}

## 创建 `get_current_user` 依赖项 { #create-a-get-current-user-dependency }

labels.boost_document_rule_boost_expr=Boost Expression
labels.boost_document_rule_sort_order=Sort Order
labels.access_token_configuration=Access Token
labels.access_token_title_details=Access Token
labels.access_token_list_name=Name
labels.access_token_name=Name
labels.access_token_token=Token
labels.access_token_expires=Expires
labels.access_token_parameter_name=Parameter Name
labels.access_token_updated_time=Created Date

	defer s.Shutdown()

	clientConfig := &NATSArgs{
		Enable: true,
		Address: xnet.Host{
			Name:      "localhost",
			Port:      (xnet.Port(opts.Port)),
			IsPortSet: true,
		},
		Subject: "test",
		Token:   opts.Authorization,
	}

	con, err := clientConfig.connectNats()
	if err != nil {
		t.Errorf("Could not connect to nats: %v", err)
	}
	defer con.Close()
}

func TestNatsConnNKeySeed(t *testing.T) {

            azure_storage_base_path=%BRANCH%
      - shell: |
          #!/usr/local/bin/runbld --redirect-stderr
          set -euo pipefail
          set +x
          VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id=$VAULT_ROLE_ID secret_id=$VAULT_SECRET_ID)
          export VAULT_TOKEN
          export data=$(vault read -format=json secret/elasticsearch-ci/azure_thirdparty_test_creds)