How to use the @loopback/security.SecurityBindings.USER function in @loopback/security

*       const name = this.metadata.strategy;
   *       // logic to determine which authentication strategy to return
   *     }
   *   }
   * }
   * ```
   */
  export const METADATA = BindingKey.create(
    'authentication.operationMetadata',
  );

  export const AUTHENTICATION_STRATEGY_EXTENSION_POINT_NAME =
    'authentication.strategies';

  // Make `CURRENT_USER` the alias of SecurityBindings.USER for backward compatibility
  export const CURRENT_USER = SecurityBindings.USER;
}

/**
 * The key used to store method-level metadata for `@authenticate`
 */
export const AUTHENTICATION_METADATA_METHOD_KEY = MetadataAccessor.create<
  AuthenticationMetadata,
  MethodDecorator
>('authentication:method');

/**
 * Alias for AUTHENTICATION_METADATA_METHOD_KEY to keep it backward compatible
 */
export const AUTHENTICATION_METADATA_KEY = AUTHENTICATION_METADATA_METHOD_KEY;

/**

constructor(
    // The provider is instantiated for Sequence constructor,
    // at which time we don't have information about the current
    // route yet. This information is needed to determine
    // what auth strategy should be used.
    // To solve this, we are injecting a getter function that will
    // defer resolution of the strategy until authenticate() action
    // is executed.
    @inject.getter(AuthenticationBindings.STRATEGY)
    readonly getStrategy: Getter,
    @inject.setter(SecurityBindings.USER)
    readonly setCurrentUser: Setter,
  ) {}

invocationCtx.target,
      invocationCtx.methodName,
    );
    if (!metadata) {
      debug('No authorization metadata is found for %s', description);
    }
    metadata = metadata ?? this.options.defaultMetadata;
    if (!metadata || metadata?.skip) {
      debug('Authorization is skipped for %s', description);
      const result = await next();
      return result;
    }
    debug('Authorization metadata for %s', description, metadata);

    // retrieve it from authentication module
    const user = await invocationCtx.get(SecurityBindings.USER, {
      optional: true,
    });

    debug('Current user', user);

    const authorizationCtx: AuthorizationContext = {
      principals: user ? [createPrincipalFromUserProfile(user)] : [],
      roles: [],
      scopes: [],
      resource: invocationCtx.targetName,
      invocationContext: invocationCtx,
    };

    debug('Security context for %s', description, authorizationCtx);
    let authorizers = await loadAuthorizers(
      invocationCtx,

function givenRequestContext(
    user: UserProfile = {[securityId]: 'alice', name: 'alice'},
  ) {
    events = [];
    reqCtx = new Context(app);
    reqCtx.bind(SecurityBindings.USER).to(user);
    controller = new OrderController();
  }

function givenRequestContext() {
    events = [];
    reqCtx = new Context(app);
    reqCtx
      .bind(SecurityBindings.USER)
      .to({[securityId]: 'user-01', name: 'user-01'});
    controller = new OrderController();
  }

      constructor(@inject(SecurityBindings.USER) private user: UserProfile) {}

function givenRequestContext() {
    app = new Application();
    reqCtx = new Context(app);
    reqCtx
      .bind(SecurityBindings.USER)
      .to({[securityId]: 'user-01', name: 'user-01'});
    controller = new OrderController();
  }