"""
        The OAuth 2 specification doesn't define the challenge that should be used,
        because a `Bearer` token is not really the only option to authenticate.

        But declaring any other authentication challenge would be application-specific
        as it's not defined in the specification.

        For practical reasons, this method uses the `Bearer` challenge by default, as
        it's probably the most common one.

        final String jwtClaim = "{\"user\":{\"id\":123,\"roles\":[\"admin\",\"user\"],\"permissions\":{\"read\":true,\"write\":false}}}";
        final Map<String, Object> attributes = new HashMap<>();

        authenticator.parseJwtClaim(jwtClaim, attributes);

        assertTrue(attributes.containsKey("user"));
        @SuppressWarnings("unchecked")
        final Map<String, Object> user = (Map<String, Object>) attributes.get("user");

[tool.fastapi]
entrypoint = "my_app.main:app"
```

### Use `fastapi` with a path

When adding the entrypoint to `pyproject.toml` is not possible, or the user explicitly asks not to, or it's running an independent small app, you can pass the app file path to the `fastapi` command:

```bash
fastapi dev my_app/main.py
```

Prefer to set the entrypoint in `pyproject.toml` when possible.

## Use `Annotated`

                """
            ),
        ] = None,
        callbacks: Annotated[
            list[BaseRoute] | None,
            Doc(
                """
                List of *path operations* that will be used as OpenAPI callbacks.

                This is only for OpenAPI documentation, the callbacks won't be used
                directly.

For debugging purposes we also need to keep track of what versions of artifacts are being used so that when we are debugging in the IDE we can find the specific sources for a given version of a library so that the developer can debug the correct version of a library being used for a plugin.

h3. Discovery all Plexus components

# Advanced User Guide { #advanced-user-guide }

## Additional Features { #additional-features }

The main [Tutorial - User Guide](../tutorial/index.md) should be enough to give you a tour through all the main features of **FastAPI**.

In the next sections you will see other options, configurations, and additional features.

/// tip

The next sections are **not necessarily "advanced"**.

import java.security.cert.Certificate
import java.security.cert.X509Certificate
import java.util.ArrayDeque
import java.util.Deque
import javax.net.ssl.SSLPeerUnverifiedException

/**
 * A certificate chain cleaner that uses a set of trusted root certificates to build the trusted
 * chain. This class duplicates the clean chain building performed during the TLS handshake. We
 * prefer other mechanisms where they exist, such as with

    /**
     * Disconnects the transport from the remote server.
     *
     * @param hard if true, force immediate disconnection
     * @param inuse whether the connection is currently in use
     * @return whether the connection was in use
     * @throws IOException if an I/O error occurs during disconnection
     */
    boolean disconnect(boolean hard, boolean inuse) throws IOException;

    /**

```

**Important**: Always match the link syntax used in the English source document. If the English source uses Markdown-style links (`[text](url)`), the translation must also use Markdown-style links. If the English source uses HTML-style links (`<a href="url">text</a>`), the translation must also use HTML-style links. The link format in the translation must always mirror the link format in the English source.

To customize the OpenAPI URL (or remove it), read the docs for [Tutorial - Metadata and Docs URLs](../tutorial/metadata.md#openapi-url).

## OpenAPI Docs URLs { #openapi-docs-urls }