import java.net.Proxy.Type.SOCKS
import okhttp3.HttpUrl.Companion.toHttpUrl
import okhttp3.OkHttpClient
import okhttp3.Request
import okhttp3.containers.BasicMockServerTest.Companion.MOCKSERVER_IMAGE
import org.junit.jupiter.api.Test
import org.mockserver.client.MockServerClient
import org.mockserver.model.HttpRequest.request
import org.mockserver.model.HttpResponse.response
import org.testcontainers.containers.GenericContainer

    OkHttpDebugLogging.enable("org.bouncycastle.jsse")
    platform.assumeBouncyCastle()
  }

  @Test
  fun testMozilla() {
    assumeNetwork()

    val request = Request.Builder().url("https://mozilla.org/robots.txt").build()

    client.newCall(request).execute().use {
      assertThat(it.protocol).isEqualTo(Protocol.HTTP_2)
      assertThat(it.handshake!!.tlsVersion).isEqualTo(TlsVersion.TLS_1_3)
    }
  }

	}
	testCases := []struct {
		req         *http.Request
		expectedErr error
	}{
		// Set valid authorization header.
		{
			req: &http.Request{
				Header: http.Header{
					"Authorization": []string{token},
				},
			},
			expectedErr: nil,
		},
		// No authorization header.
		{
			req: &http.Request{
				Header: http.Header{},
			},
			expectedErr: errNoAuthToken,
		},

    route: Route?,
    response: Response,
  ): Request? {
    if (route == null) throw NullPointerException("route == null")
    responses += response
    routes += route
    if (!schemeMatches(response) || credential == null) return null
    val header =
      when (response.code) {
        407 -> "Proxy-Authorization"
        else -> "Authorization"
      }
    return response.request.newBuilder()
      .addHeader(header, credential)

import org.robolectric.annotation.Implements
import org.robolectric.shadow.api.Shadow

@Implements(DnsResolver::class)
class ShadowDnsResolver {
  var responder: (Request) -> Unit = {
    it.callback.onAnswer(listOf(), 0)
  }

  data class Request(
    val network: Network?,
    val domain: String,
    val nsType: Int,
    val flags: Int,
    val callback: DnsResolver.Callback<List<InetAddress>>,
  )

     *
     * @param request The toolchains building request that holds the parameters, must not be {@code null}.
     * @return The result of the toolchains building, never {@code null}.
     * @throws ToolchainsBuildingException If the effective toolchains could not be built.
     */
    ToolchainsBuildingResult build(ToolchainsBuildingRequest request) throws ToolchainsBuildingException;

So, you could add additional data to the automatically generated schema.

For example, you could decide to read and validate the request with your own code, without using the automatic features of FastAPI with Pydantic, but you could still want to define the request in the OpenAPI schema.

You could do that with `openapi_extra`:

```Python hl_lines="19-36  39-40"

1. If the destination is on our node, we "fast path" the request and convert this into an inbound request.
   This has the same semantics as if we had sent a request back to ourselves, but is more efficient and reduces complexity in the Ztunnel.
1. Otherwise, we forward the request to the destination using HBONE. If the destination is a Service, we resolve this to a specific pod IP.

        Set<String> roleSet = new HashSet<>();
        roleQueryHelperImpl.processParameter(request, roleSet);
        return roleSet;
    }

    private Set<String> buildByHeader(final RoleQueryHelper roleQueryHelperImpl, final HttpServletRequest request) {
        Set<String> roleSet = new HashSet<>();
        roleQueryHelperImpl.processHeader(request, roleSet);
        return roleSet;
    }

		date    time.Time
		region  string
		service string
		request string
	}
}

// Return scope string.
func (c credentialHeader) getScope() string {
	return strings.Join([]string{
		c.scope.date.Format(yyyymmdd),
		c.scope.region,
		c.scope.service,
		c.scope.request,
	}, SlashSeparator)
}

func getReqAccessKeyV4(r *http.Request, region string, stype serviceType) (auth.Credentials, bool, APIErrorCode) {