}

    @Test
    @DisplayName("getConfig should return the provided configuration")
    void testGetConfig() {
        // When
        Configuration config = context.getConfig();

        // Then
        assertSame(mockConfig, config, "Should return the same configuration instance");
    }

    @Test

   *       the same.
   *   <li>The unreserved characters ".", "-", "~", and "_" remain the same.
   *   <li>The general delimiters "@" and ":" remain the same.
   *   <li>The subdelimiters "!", "$", "&amp;", "'", "(", ")", "*", "+", ",", ";", and "=" remain
   *       the same.
   *   <li>The space character " " is converted into %20.

After that, all of the processing logic is the same.

But because of our changes in `GzipRequest.body`, the request body will be automatically decompressed when it is loaded by **FastAPI** when needed.

## Accessing the request body in an exception handler { #accessing-the-request-body-in-an-exception-handler }

/// tip

    * So, by using FastAPI you are saving development time, bugs, lines of code, and you would probably get the same performance (or better) you would if you didn't use it (as you would have to implement it all in your code).

# Path Parameters and Numeric Validations { #path-parameters-and-numeric-validations }

In the same way that you can declare more validations and metadata for query parameters with `Query`, you can declare the same type of validations and metadata for path parameters with `Path`.

## Import `Path` { #import-path }

First, import `Path` from `fastapi`, and import `Annotated`:

{* ../../docs_src/path_params_numeric_validations/tutorial001_an_py310.py hl[1,3] *}

This will be especially useful when you use it in a **large code base** where you use **the same dependencies** over and over again in **many *path operations***.

## To `async` or not to `async` { #to-async-or-not-to-async }

As dependencies will also be called by **FastAPI** (the same as your *path operation functions*), the same rules apply while defining your functions.

    public String toString() {
        return "{" + getUserId() + "}";
    }

    @Override
    public String getUserId() {
        return nameId;
    }

    /**
     * Gets the SAML user.
     * @return The SAML user.
     */
    public SamlUser getUser() {
        return new SamlUser(nameId, sessionIndex, nameIdFormat, nameidNameQualifier, nameidSPNameQualifier, getDefaultGroupsAsArray(),

///

And we are using this model to declare our input and the same model to declare our output:

{* ../../docs_src/response_model/tutorial002_py310.py hl[16] *}

Now, whenever a browser is creating a user with a password, the API will return the same password in the response.

In this case, it might not be a problem, because it's the same user sending the password.

    @DisplayName("Constructor stores and exposes same array reference")
    void constructor_and_get_referenceSemantics() {
        // Arrange
        byte[] data = new byte[] { (byte) 0xDE, (byte) 0xAD, (byte) 0xBE, (byte) 0xEF };

        // Act
        SecurityBlob blob = new SecurityBlob(data);

        // Assert
        assertSame(data, blob.get(), "get() should expose the same array reference passed in");

This is the same mechanism used when you give permissions while logging in with Facebook, Google, GitHub, etc:

<img src="/img/tutorial/security/image11.png">

## JWT token with scopes { #jwt-token-with-scopes }

Now, modify the token *path operation* to return the scopes requested.