# HTTP Basic Auth { #http-basic-auth }

En basit senaryolarda HTTP Basic Auth kullanabilirsiniz.

HTTP Basic Auth’ta uygulama, içinde kullanıcı adı ve şifre bulunan bir header bekler.

Eğer bunu almazsa HTTP 401 "Unauthorized" hatası döndürür.

Ayrıca değeri `Basic` olan ve isteğe bağlı `realm` parametresi içerebilen `WWW-Authenticate` header’ını da döndürür.

Bu da tarayıcıya, kullanıcı adı ve şifre için entegre giriş penceresini göstermesini söyler.

        .build()

    client.newCall(request).execute().use { response ->
      if (!response.isSuccessful) throw IOException("Unexpected code $response")

      for ((name, value) in response.headers) {
        println("$name: $value")
      }

      println(response.body.string())
    }
  }
}

fun main() {
  SynchronousGet().run()

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3.internal.http2.hpackjson

/**
 * Representation of one story, a set of request headers to encode or decode. This class is used
 * reflectively with Moshi to parse stories from files.
 */
data class Story(
  val description: String? = null,
  val cases: List<Case>,
  val fileName: String? = null,
) {

        server site1-minio4:9000;
    }

    server {
        listen       9001;
        listen  [::]:9001;
        server_name  localhost;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value
        client_max_body_size 0;

        server site2-minio4:9000;
    }

    server {
        listen       9002;
        listen  [::]:9002;
        server_name  localhost;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value
        client_max_body_size 0;

    return {"scheme": credentials.scheme, "credentials": credentials.credentials}


client = TestClient(app)


def test_security_http_base():
    response = client.get("/users/me", headers={"Authorization": "Other foobar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"scheme": "Other", "credentials": "foobar"}


def test_security_http_base_no_credentials():

   * response body is [closed][ResponseBody]. The recipient of the callback may consume the response
   * body on another thread.
   *
   * Note that transport-layer success (receiving a HTTP response code, headers and body) does not
   * necessarily indicate application-layer success: `response` may still indicate an unhappy HTTP
   * response code like 404 or 500.
   */
  @Throws(IOException::class)
  fun onResponse(

     *
     * @param out the output stream to write properties to
     * @param header a descriptive header for the properties
     * @throws IOException if an I/O error occurs
     */
    public static void store(final OutputStream out, final String header) throws IOException {
        prp.store(out, header);
    }

    /**
     * List the properties in the <code>Config</code>.
     *

        prop.load(inStream);
        properties = prop;
    }

    @Override
    public synchronized void load(final Reader reader) throws IOException {
        final Properties prop = new Properties();
        lastModified = propertiesFile.lastModified();
        prop.load(reader);
        properties = prop;
    }

    @Override

* El frontend necesita obtener más datos de la API.
    * Pero necesita autenticación para ese endpoint específico.
    * Así que, para autenticarse con nuestra API, envía un `header` `Authorization` con un valor de `Bearer ` más el token.
    * Si el token contiene `foobar`, el contenido del `header` `Authorization` sería: `Bearer foobar`.

## `OAuth2PasswordBearer` de **FastAPI** { #fastapis-oauth2passwordbearer }