case http.MethodGet:
		_, _ = writer.Write([]byte(getResponse))
	}
}

func setupHTTPServer() (*httptest.Server, *url.URL) {
	handler := http.NewServeMux()
	handler.HandleFunc("/scopej/ads", adsHandler)
	handler.HandleFunc("/scopej/resource", resourceHandler)
	server := httptest.NewServer(handler)
	url, _ := url.Parse(server.URL)
	return server, url
}

func Test_flagState_run(t *testing.T) {

		"Comma-separated list of output logging level for scopes in the format of <scope>:<level>[,<scope>:<level>,...]. "+
			"Possible values for <level>: none, error, warn, info, debug")
	logCmd.PersistentFlags().StringVar(&stackTraceLevel, "stack-trace-level", stackTraceLevel,
		"Comma-separated list of stack trace level for scopes in the format of <scope>:<stack-trace-level>[,<scope>:<stack-trace-level>,...]. "+

<img src="/img/tutorial/security/image11.png">

## JWT-Token mit Scopes

Ändern Sie nun die Token-*Pfadoperation*, um die angeforderten Scopes zurückzugeben.

Wir verwenden immer noch dasselbe `OAuth2PasswordRequestForm`. Es enthält eine Eigenschaft `scopes` mit einer `list`e von `str`s für jeden Scope, den es im Request erhalten hat.

Und wir geben die Scopes als Teil des JWT-Tokens zurück.

/// danger | "Gefahr"

For this, we use `security_scopes.scopes`, that contains a `list` with all these scopes as `str`.

{* ../../docs_src/security/tutorial005_an_py310.py hl[129:135] *}

## Dependency tree and scopes

Let's review again this dependency tree and the scopes.

//  limitations under the License.

package scopes

import (
	"istio.io/istio/cni/pkg/constants"
	"istio.io/istio/pkg/log"
)

// Required to get global logging to work
var (
	CNIAgent  = log.RegisterScope(constants.CNIAgentLogScope, "CNI agent scope")
	CNIPlugin = log.RegisterScope(constants.CNIPluginLogScope, "CNI plugin scope")

                        * 👉 `security_scopes` 🔢 ✔️ 🏠 `scopes` ⏮️ `list` ⚗ 🌐 👫 ↔ 📣 🔛,:
                            * `security_scopes.scopes` 🔜 🔌 `["me", "items"]` *➡ 🛠️* `read_own_items`.
                            * `security_scopes.scopes` 🔜 🔌 `["me"]` *➡ 🛠️* `read_users_me`, ↩️ ⚫️ 📣 🔗 `get_current_active_user`.

                        * `security_scopes` 参数的属性 `scopes` 是包含上述声明的所有作用域的**列表**，因此：
                            * `security_scopes.scopes` 包含用于*路径操作*的 `["me", "items"]`
                            * `security_scopes.scopes` 包含*路径操作* `read_users_me` 的 `["me"]`，因为它在依赖项里被声明
                            * `security_scopes.scopes` 包含用于*路径操作* `read_system_status` 的 `[]`（空列表），并且它的依赖项 `get_current_user` 也没有声明任何 `scope`

/// tip | "提示"

/// tip | Dica

A coisa importante e "mágica" aqui é que `get_current_user` terá diferentes listas de `scopes` para validar para cada *operação de rota*.

import static java.lang.annotation.ElementType.ANNOTATION_TYPE;
import static java.lang.annotation.RetentionPolicy.RUNTIME;

@Target(ANNOTATION_TYPE)
@Retention(RUNTIME)
@Documented

      <version>0.2</version>
      <scope>compile</scope>
    </dependency>
    <dependency>
      <groupId>test</groupId>
      <artifactId>c</artifactId>
      <version>0.2</version>
      <scope>runtime</scope>
    </dependency>
    <dependency>
      <groupId>test</groupId>
      <artifactId>d</artifactId>
      <version>0.2</version>
      <scope>test</scope>
    </dependency>
    <dependency>