* For HTTPS, **the server** needs to **have "certificates"** generated by a **third party**.
    * Those certificates are actually **acquired** from the third party, not "generated".
* Certificates have a **lifetime**.
    * They **expire**.
    * And then they need to be **renewed**, **acquired again** from the third party.
* The encryption of the connection happens at the **TCP level**.
    * That's one layer **below HTTP**.

        id("${model.projectId}_SmokeTest_$id$suffix")
        name = "Smoke Tests with 3rd Party Plugins ($task) - ${testJava.version.toCapitalized()} Linux$suffix"
        description = "Smoke tests against third party plugins to see if they still work with the current Gradle version"

        if (flakyTestStrategy != FlakyTestStrategy.ONLY) {
            // No need to split in FlakyTestQuarantine
            tcParallelTests(splitNumber)

        uuid = "${DslContext.uuidPrefix}_${model.projectId}_Stage_${stage.stageName.uuid}_SmokeTest"
        name = "Smoke Test"
        description = "Smoke tests against third-party plugins, Gradle build, and IDE sync"
    }) {
    init {
        smokeBuildTypes.forEach(this::buildType)
    }

    companion object {
        /**

    lock3 = factory2.newReentrantLock(MyOrder.THIRD);

    CycleDetectingLockFactory.WithExplicitOrdering<OtherOrder> factory3 =
        newInstanceWithExplicitOrdering(OtherOrder.class, Policies.THROW);
    lock01 = factory3.newReentrantLock(OtherOrder.FIRST);
    lock02 = factory3.newReentrantLock(OtherOrder.SECOND);
    lock03 = factory3.newReentrantLock(OtherOrder.THIRD);
  }

    lock3 = factory2.newReentrantLock(MyOrder.THIRD);

    CycleDetectingLockFactory.WithExplicitOrdering<OtherOrder> factory3 =
        newInstanceWithExplicitOrdering(OtherOrder.class, Policies.THROW);
    lock01 = factory3.newReentrantLock(OtherOrder.FIRST);
    lock02 = factory3.newReentrantLock(OtherOrder.SECOND);
    lock03 = factory3.newReentrantLock(OtherOrder.THIRD);
  }

That's what would happen to a third party application that tried to access one of these *path operations* with a token provided by a user, depending on how many permissions the user gave the application.

## About third party integrations { #about-third-party-integrations }

In this example we are using the OAuth2 "password" flow.

        item.setNewInput("");
        assertEquals("", item.toLineString());
        assertTrue(item.isUpdated());
        assertTrue(item.isDeleted());

        item.setNewInput("third");
        assertEquals("third", item.toLineString());
        assertTrue(item.isUpdated());
        assertFalse(item.isDeleted());
    }

    @Test
    public void test_specialCharacters() {

        events.add(new LogNotificationEvent(base + 2000, "ERROR", "org.test.C", "third", null));

        String details = testableJob.testFormatDetails(events);

        int posFirst = details.indexOf("first");
        int posSecond = details.indexOf("second");
        int posThird = details.indexOf("third");
        assertTrue(posFirst < posSecond);
        assertTrue(posSecond < posThird);
    }

After a week, the token will be expired and the user will not be authorized and will have to sign in again to get a new token. And if the user (or a third party) tried to modify the token to change the expiration, you would be able to discover it, because the signatures would not match.

If you want to play with JWT tokens and see how they work, check [https://jwt.io](https://jwt.io/).

        assertTrue(item.isUpdated());
        assertTrue(item.isDeleted());
        assertEquals("", item.toLineString());

        item.setNewInput("third");
        assertTrue(item.isUpdated());
        assertFalse(item.isDeleted());
        assertEquals("third", item.toLineString());
    }

    @Test
    public void test_specialCharacters() {
        // Test with special characters in input