public static final String URL = "url";

    @SuppressWarnings("deprecation")
    public static final String PDF_PASSWORD = PDFParser.PASSWORD;

    public static final String FILE_PASSWORDS = "file.passwords";

    protected Map<String, String[]> metadata = new HashMap<>();

    protected String content;

    public ExtractData() {
        // nothing
    }

But first, let's check some small concepts.

## In a hurry?

If you don't care about any of these terms and you just need to add security with authentication based on username and password *right now*, skip to the next chapters.

## OAuth2

OAuth2 is a specification that defines several ways to handle authentication and authorization.

 */
public class CreateForm {

    @ValidateTypeFailure
    public Integer crudMode;

    @Required
    @Size(max = 100)
    public String name;

    @Size(max = 100)
    public String password;

    @Size(max = 100)
    public String confirmPassword;

    public Map<String, String> attributes = new HashMap<>();

    public String[] roles;

    public String[] groups;

                .longOpt("encrypt-master-password")
                .hasArg()
                .optionalArg(true)
                .desc("Encrypt master security password")
                .build());
        options.addOption(Option.builder(ENCRYPT_PASSWORD)
                .longOpt("encrypt-password")
                .hasArg()
                .optionalArg(true)

        }
        return itemList;
    }

    protected static boolean isMaskedValue(final String key) {
        return "http.proxy.password".equals(key) //
                || "ldap.admin.security.credentials".equals(key) //
                || "spnego.preauth.password".equals(key) //
                || "app.cipher.key".equals(key) //
                || "oic.client.id".equals(key) //

`Body`や`Query`の場合と同じようにフォームパラメータを作成します:

```Python hl_lines="7"
{!../../docs_src/request_forms/tutorial001.py!}
```

例えば、OAuth2仕様が使用できる方法の１つ（「パスワードフロー」と呼ばれる）では、フォームフィールドとして`username`と`password`を送信する必要があります。

<abbr title="仕様">仕様</abbr>では、フィールドの名前が`username`と`password`であることと、JSONではなくフォームフィールドとして送信されることを要求しています。

`Form`では`Body`（および`Query`や`Path`、`Cookie`）と同じメタデータとバリデーションを宣言することができます。

/// info | "情報"

`Form`は`Body`を直接継承するクラスです。

///

                }
            }
        },
        "components": {
            "securitySchemes": {
                "OAuth2PasswordBearer": {
                    "type": "oauth2",
                    "flows": {"password": {"scopes": {}, "tokenUrl": "token"}},
                }
            }
        },

import java.net.Authenticator
import java.net.PasswordAuthentication

class RecordingAuthenticator(
  private val authentication: PasswordAuthentication? =
    PasswordAuthentication(
      "username",
      "password".toCharArray(),
    ),
) : Authenticator() {
  val calls = mutableListOf<String>()

  override fun getPasswordAuthentication(): PasswordAuthentication? {
    calls.add(

        val credentialHeader = if (proxyAuthorization) "Proxy-Authorization" else "Authorization"
        val credential =
          Credentials.basic(
            auth.userName,
            String(auth.password),
            challenge.charset,
          )
        return request.newBuilder()
          .header(credentialHeader, credential)
          .build()
      }
    }

@needs_py39
def test_security_http_basic(client: TestClient):
    response = client.get("/users/me", auth=("john", "secret"))
    assert response.status_code == 200, response.text
    assert response.json() == {"username": "john", "password": "secret"}


@needs_py39
def test_security_http_basic_no_credentials(client: TestClient):
    response = client.get("/users/me")
    assert response.json() == {"detail": "Not authenticated"}