assert response.status_code == 401, response.text
    assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'


def test_security_http_basic_invalid_credentials():
    response = client.get(
        "/users/me", headers={"Authorization": "Basic notabase64token"}
    )
    assert response.status_code == 401, response.text
    assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'

//
// Header specification:
// Continuation messages contain two headers, as follows:
// https://docs.aws.amazon.com/AmazonS3/latest/API/images/s3select-frame-diagram-cont.png
//
// Payload specification:
// Continuation messages have no payload.
var continuationMessage = []byte{
	0, 0, 0, 57, // total byte-length.
	0, 0, 0, 41, // headers byte-length.
	139, 161, 157, 242, // prelude crc.

        Map<String, List<String>> headers = new HashMap<>();
        headers.put("Content-Type", Arrays.asList("application/json"));
        headers.put("Content-Length", Arrays.asList("100"));

        response.setHeaders(headers);

        Map<String, List<String>> result = response.getHeaders();
        assertNotNull(result);
        // Headers should be stored in lowercase

import com.google.common.collect.testing.testers.MapIsEmptyTester;
import com.google.common.collect.testing.testers.MapPutAllTester;
import com.google.common.collect.testing.testers.MapPutTester;
import com.google.common.collect.testing.testers.MapRemoveTester;
import com.google.common.collect.testing.testers.MapSerializationTester;
import com.google.common.collect.testing.testers.MapSizeTester;

    val localPrincipal: Principal? = handshake.localPrincipal()
  }

  @Test @Disabled
  fun headers() {
    var headers: Headers = Headers.of("", "")
    headers = Headers.of(mapOf("" to ""))
    val size: Int = headers.size()
  }

  @Test @Disabled
  fun httpLoggingInterceptor() {
    val interceptor = HttpLoggingInterceptor()

	public final fun getThrottleBytesPerPeriod ()J
	public final fun getThrottlePeriodNanos ()J
	public final fun getTrailers ()Lokhttp3/Headers;
	public final fun getTrailersDelayNanos ()J
	public final fun getWebSocketListener ()Lokhttp3/WebSocketListener;
	public final fun headers (Lokhttp3/Headers;)Lmockwebserver3/MockResponse$Builder;
	public final fun headersDelay (JLjava/util/concurrent/TimeUnit;)Lmockwebserver3/MockResponse$Builder;

        headers = Headers.headersOf("content-type", "application/json"),
      ),
    )
    server.enqueue(
      MockResponse(
        body =
          """
          |data: hey
          |
          |
          """.trimMargin(),
        headers = Headers.headersOf("content-type", "text/event-stream"),
      ),
    )

def test_read_item():
    response = client.get("/items/foo", headers={"X-Token": "coneofsilence"})
    assert response.status_code == 200
    assert response.json() == {
        "id": "foo",
        "title": "Foo",
        "description": "There goes my hero",
    }


def test_read_item_bad_token():
    response = client.get("/items/foo", headers={"X-Token": "hailhydra"})
    assert response.status_code == 400

**FastAPI** **extraerá** los datos para **cada campo** de los **headers** en el request y te dará el modelo Pydantic que definiste.

## Revisa la Documentación { #check-the-docs }

Puedes ver los headers requeridos en la interfaz de documentación en `/docs`:

<div class="screenshot">
<img src="/img/tutorial/header-param-models/image01.png">
</div>

## Prohibir Headers Extra { #forbid-extra-headers }

    val connect = server.takeRequest()
    assertThat(connect.headers["Private"]).isNull()
    assertThat(connect.headers["Proxy-Authorization"]).isNull()
    assertThat(connect.headers["User-Agent"]).isEqualTo(USER_AGENT)
    assertThat(connect.headers["Host"]).isEqualTo("android.com:443")
    assertThat(connect.headers["Proxy-Connection"]).isEqualTo("Keep-Alive")
    val get = server.takeRequest()