--initial-cluster s1=http://0.0.0.0:2380 \
  --initial-cluster-token tkn \
  --initial-cluster-state new
```

You may also setup etcd with TLS following this documentation [here](https://coreos.com/etcd/docs/latest/op-guide/security.html)

### 3. Setup MinIO with etcd

MinIO server expects environment variable for etcd as `MINIO_ETCD_ENDPOINTS`, this environment variable takes many comma separated entries.

```

    }

    @Test
    @DisplayName("createContext: no Kerberos in initial token and no fallback -> throws")
    void createContext_noKerberosNoFallback_throws() throws CIFSException {
        Kerb5Authenticator auth = new Kerb5Authenticator((Subject) null);

        // Build a token with an arbitrary non-kerberos mechanism OID
        ASN1ObjectIdentifier unsupported = new ASN1ObjectIdentifier("1.2.3.4.5");

labels.boost_document_rule_boost_expr=Boost Expression
labels.boost_document_rule_sort_order=Sort Order
labels.access_token_configuration=Access Token
labels.access_token_title_details=Access Token
labels.access_token_list_name=Name
labels.access_token_name=Name
labels.access_token_token=Token
labels.access_token_expires=Expires
labels.access_token_parameter_name=Parameter Name
labels.access_token_updated_time=Created Date

	if err != nil {
		c.Fatalf("bucket create error: %v", err)
	}

	// Generate web identity STS token by interacting with OpenID IDP.
	token, err := MockOpenIDTestUserInteraction(ctx, testAppParams, "******@****.***", "dillon")
	if err != nil {
		c.Fatalf("mock user err: %v", err)
	}
	// fmt.Printf("TOKEN: %s\n", token)

	webID := cr.STSWebIdentity{
		Client:      s.TestSuiteCommon.client,

type sender interface {
	msgp.MarshalSizer
	Op() Op
}

type connectReq struct {
	ID    [16]byte
	Host  string
	Time  time.Time
	Token string
}

// addToken will add the token to the connect request.
func (c *connectReq) addToken(fn AuthFn) {
	c.Token = fn()
}

func (connectReq) Op() Op {
	return OpConnect
}

type connectResp struct {
	ID             [16]byte
	Accepted       bool

from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
from fastapi.testclient import TestClient
from inline_snapshot import snapshot

app = FastAPI()

security = HTTPBearer(description="HTTP Bearer token scheme")


@app.get("/users/me")
def read_current_user(credentials: HTTPAuthorizationCredentials = Security(security)):
    return {"scheme": credentials.scheme, "credentials": credentials.credentials}

# Получить текущего пользователя { #get-current-user }

В предыдущей главе система безопасности (основанная на системе внедрения зависимостей) передавала *функции-обработчику пути* `token` типа `str`:

{* ../../docs_src/security/tutorial001_an_py310.py hl[12] *}

Но это всё ещё не слишком полезно.

Сделаем так, чтобы она возвращала текущего пользователя.

## Создать модель пользователя { #create-a-user-model }

{* ../../docs_src/security/tutorial001_an_py310.py hl[8] *}

/// tip | 豆知識

ここで、`tokenUrl="token"`は、まだ作成していない相対URL`token`を指します。相対URLなので、`./token`と同じです。

相対URLを使っているので、APIが`https://example.com/`にある場合、`https://example.com/token`を参照します。しかし、APIが`https://example.com/api/v1/`にある場合は`https://example.com/api/v1/token`を参照することになります。

相対 URL を使うことは、[プロキシの背後](../../advanced/behind-a-proxy.md)のような高度なユースケースでもアプリケーションを動作させ続けるために重要です。

import org.junit.jupiter.api.Test;

import jcifs.pac.PACDecodingException;

/**
 * Tests for KerberosEncData.
 */
class KerberosEncDataTest {

    /**
     * Test constructor with a valid token.
     *
     * @throws IOException if an I/O error occurs
     * @throws PACDecodingException if a PAC decoding error occurs
     * @throws UnknownHostException if the IP address is not found
     */
    @Test

    public void setExpires(final Date date) {
        setExpiredTime(date != null ? date.getTime() : null);
    }

    @Override
    public String toString() {
        return "AccessToken [name=" + name + ", token=" + token + ", permissions=" + Arrays.toString(permissions) + ", parameterName="
                + parameterName + ", createdBy=" + createdBy + ", createdTime=" + createdTime + ", updatedBy=" + updatedBy