if (response.code == 401) {
        assertThat(response.body.string()).isEqualTo("{\"error\":{\"message\":\"No auth credentials found\",\"code\":401}}")
        request = request.newBuilder().header("Authorization", "XYZ").build()
      } else {
        response.processEventSource(listener)
        listener.assertOpen()
        listener.assertEvent(null, null, "hey")
        listener.assertClose()
      }
    }

  public static final String ACCESS_CONTROL_REQUEST_METHOD = "Access-Control-Request-Method";

  /** The HTTP {@code Authorization} header field name. */
  public static final String AUTHORIZATION = "Authorization";

  /** The HTTP {@code Connection} header field name. */
  public static final String CONNECTION = "Connection";

  /** The HTTP {@code Cookie} header field name. */

        }
      }
    };

    RequestBody requestBody = RequestBody.create(
      new File("docs/images/logo-square.png"),
      MEDIA_TYPE_PNG);

    Request request = new Request.Builder()
      .header("Authorization", "Client-ID " + IMGUR_CLIENT_ID)
      .url("https://api.imgur.com/3/image")
      .post(new ProgressRequestBody(requestBody, progressListener))
      .build();

    Response response = client.newCall(request).execute();

     */
    @Test
    void testDoGet_NoAuthentication() throws Exception {
        initializeNetworkExplorer(false, "jCIFS");

        when(request.getHeader("Authorization")).thenReturn(null);

        networkExplorer.doGet(request, response);

        verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(response).setHeader("WWW-Authenticate", "NTLM");

        PERMANENT, // Operation cannot succeed
        FATAL // Connection or session must be terminated
    }

    /**
     * Error categories
     */
    public enum Category {
        AUTHENTICATION, AUTHORIZATION, NETWORK, PROTOCOL, RESOURCE, CONFIGURATION, ENCRYPTION, TIMEOUT, IO, UNKNOWN
    }

    private final int errorCode;
    private final Severity severity;
    private final Category category;

/** Returns true if we should void putting this this header in an exception or toString(). */
internal fun isSensitiveHeader(name: String): Boolean =
  name.equals("Authorization", ignoreCase = true) ||
    name.equals("Cookie", ignoreCase = true) ||
    name.equals("Proxy-Authorization", ignoreCase = true) ||
    name.equals("Set-Cookie", ignoreCase = true)

internal fun Char.parseHexDigit(): Int =
  when (this) {

In this section you will see how to manage authentication and authorization with the same OAuth2 with scopes in your **FastAPI** application.

/// warning

This is a more or less advanced section. If you are just starting, you can skip it.

You don't necessarily need OAuth2 scopes, and you can handle authentication and authorization however you want.

    * Einem Query-Parameter.
    * Einem Header.
    * Einem Cookie.
* `http`: Standard-HTTP-Authentifizierungssysteme, einschließlich:
    * `bearer`: ein Header `Authorization` mit dem Wert `Bearer` plus einem Token. Dies wird von OAuth2 geerbt.
    * HTTP Basic Authentication.
    * HTTP Digest, usw.
* `oauth2`: Alle OAuth2-Methoden zum Umgang mit Sicherheit (genannt „Flows“).

   * due to any of:
   *
   *  * A stale connection. The request was made on a reused connection and that reused connection
   *    has since been closed by the server.
   *  * A client timeout (HTTP 408).
   *  * A authorization challenge (HTTP 401 and 407) that is satisfied by the [Authenticator].
   *  * A retryable server failure (HTTP 503 with a `Retry-After: 0` response header).
   *  * A misdirected request (HTTP 421) on a coalesced connection.

            throwValidationErrorApi(messages -> messages.addErrorsFailedToDeleteFile(GLOBAL, pi.getName()));
        }
        return null;
    }

    // curl -XPOST -H "Authorization: CHANGEME" localhost:8080/api/admin/storage/upload/ -F path=/ -F file=@...
    // PUT /api/admin/storage/upload/{pathId}/
    /**
     * Uploads a file to storage.