///

/// info | "Informação"

Neste exemplo utilizamos cabeçalhos personalizados inventados `X-Keys` e `X-Token`.

Mas em situações reais, como implementações de segurança, você pode obter mais vantagens em usar as [Ferramentas de segurança integradas (o próximo capítulo)](../security/index.md){.internal-link target=_blank}.

///

        uses: mshick/add-pr-comment@dd126dd8c253650d181ad9538d8b4fa218fc31e8 # v2
        if: contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging')
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          message: |
            I pushed these containers:
            
            - `gcr.io/tensorflow-sigs/build:${{ github.event.number }}-python3.12`

if [[ "${ISTIO_ZTUNNEL_BASE_URL}" != "https://storage.googleapis.com/istio-build/ztunnel" ]]; then
  AUTH_HEADER="Authorization: Bearer $(gcloud auth print-access-token)"
  export AUTH_HEADER
fi

ZTUNNEL_REPO_SHA="${ZTUNNEL_REPO_SHA:-$(grep ZTUNNEL_REPO_SHA istio.deps  -A 4 | grep lastStableSHA | cut -f 4 -d '"')}"
ISTIO_ZTUNNEL_VERSION="${ISTIO_ZTUNNEL_VERSION:-${ZTUNNEL_REPO_SHA}}"

   * Sec-Token-Binding}</a> header field name.
   *
   * @since 25.1
   */
  public static final String SEC_TOKEN_BINDING = "Sec-Token-Binding";

  /**
   * The HTTP <a href="https://datatracker.ietf.org/doc/html/draft-ietf-tokbind-ttrp">{@code
   * Sec-Provided-Token-Binding-ID}</a> header field name.
   *
   * @since 25.1
   */

        }
        try {
            NegTokenInit tok = new NegTokenInit(initialToken);
            if ( log.isDebugEnabled() ) {
                log.debug("Have initial token " + tok);
            }
            if ( tok.getMechanisms() != null ) {
                Set<ASN1ObjectIdentifier> mechs = new HashSet<>(Arrays.asList(tok.getMechanisms()));
                boolean foundKerberos = false;

# 現在のユーザーの取得

一つ前の章では、（依存性注入システムに基づいた）セキュリティシステムは、 *path operation関数* に `str` として `token` を与えていました:

```Python hl_lines="10"
{!../../docs_src/security/tutorial001.py!}
```

しかし、それはまだそんなに有用ではありません。

現在のユーザーを取得するようにしてみましょう。

## ユーザーモデルの作成

まずは、Pydanticのユーザーモデルを作成しましょう。

ボディを宣言するのにPydanticを使用するのと同じやり方で、Pydanticを別のどんなところでも使うことができます:

```Python hl_lines="5  12-16"
{!../../docs_src/security/tutorial002.py!}
```

                                    <tr>
                                        <th><la:message
                                                key="labels.access_token_token"/></th>
                                        <td>${f:h(token)}</td>
                                    </tr>
                                    <tr>
                                        <th><la:message key="labels.permissions"/></th>

	}
	versionCmd.Example = `  # Retrieve version information directly from the control plane, using token security
  # (This is the usual way to get the control plane version with an out-of-cluster control plane.)
  istioctl x version --xds-address istio.cloudprovider.example.com:15012

  # Retrieve version information via Kubernetes config, using token security
  # (This is the usual way to get the control plane version with an in-cluster control plane.)

	}
}

// lines joins the arguments together as complete lines.
func lines(a ...string) string {
	return strings.Join(a, "\n") + "\n"
}

// drain returns a single string representing the processed input tokens.
func drain(input *Input) string {
	var buf strings.Builder
	for {
		tok := input.Next()
		if tok == scanner.EOF {
			return buf.String()
		}
		if tok == '#' {
			continue
		}

			verifyTestcaseOutput(t, Cmd(cli.NewFakeContext(nil)), c)
		})
	}
}

var generated = map[string]bool{
	"hosts":         true,
	"istio-token":   true,
	"mesh.yaml":     true,
	"root-cert.pem": true,
	"cluster.env":   true,
}

const goldenSuffix = ".golden"