const _debugMsg_name = "debugShutdowndebugKillInbounddebugKillOutbounddebugWaitForExitdebugSetConnPingDurationdebugSetClientPingDurationdebugAddToDeadlinedebugIsOutgoingClosed"

var _debugMsg_index = [...]uint8{0, 13, 29, 46, 62, 86, 112, 130, 151}

func (i debugMsg) String() string {
	if i < 0 || i >= debugMsg(len(_debugMsg_index)-1) {
		return "debugMsg(" + strconv.FormatInt(int64(i), 10) + ")"
	}
	return _debugMsg_name[_debugMsg_index[i]:_debugMsg_index[i+1]]

    //                                                                            ========
    /**
     * {@inheritDoc} <br>
     * Application Origin Methods:
     * <pre>
     * <span style="font-size: 130%; color: #553000">[Small Helper]</span>
     * o saveInfo() <span style="color: #3F7E5E">// save messages to session</span>
     * o write() <span style="color: #3F7E5E">// write text to specified file</span>

var _Op_index = [...]uint8{0, 7, 22, 26, 30, 40, 55, 74, 93, 105, 117, 130, 142, 148, 155, 163, 173, 179}

func (i Op) String() string {
	i -= 1
	if i >= Op(len(_Op_index)-1) {
		return "Op(" + strconv.FormatInt(int64(i+1), 10) + ")"
	}
	return _Op_name[_Op_index[i]:_Op_index[i+1]]

                    <mxGeometry x="130" y="565" width="370" height="100" as="geometry"/>
                </mxCell>
                <mxCell id="5" value="" style="rounded=0;whiteSpace=wrap;html=1;fontStyle=1;strokeWidth=4;" parent="1" vertex="1">

如果令牌无效，则直接返回 HTTP 错误。

```Python hl_lines="89-106"
{!../../../docs_src/security/tutorial004.py!}
```

## 更新 `/token` *路径操作*

用令牌过期时间创建 `timedelta` 对象。

创建并返回真正的 JWT 访问令牌。

```Python hl_lines="115-130"
{!../../../docs_src/security/tutorial004.py!}
```

### JWT `sub` 的技术细节

JWT 规范还包括 `sub` 键，值是令牌的主题。

该键是可选的，但要把用户标识放在这个键里，所以本例使用了该键。

除了识别用户与许可用户在 API 上直接执行操作之外，JWT 还可能用于其它事情。

  // the rolling update starts, such that the total number of old and new pods do not exceed
  // 130% of desired pods. Once old pods have been killed,
  // new ReplicaSet can be scaled up further, ensuring that total number of pods running
  // at any time during the update is at most 130% of desired pods.
  // +optional
  optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2;
}

  // the rolling update starts, such that the total number of old and new pods do not exceed
  // 130% of desired pods. Once old pods have been killed,
  // new ReplicaSet can be scaled up further, ensuring that total number of pods running
  // at any time during the update is at most 130% of desired pods.
  // +optional
  optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2;
}

		String: "90402c78d2dccddee1e9e86222ce2c6361675f3529d26000ae2e900ff216b3cb59e130e092d8a2981e776f4d0bd60941",
	},
	{ // 5
		ETag:   ETag{32, 0, 15, 0, 219, 45, 144, 167, 180, 7, 130, 212, 207, 242, 180, 26, 119, 153, 252, 30, 126, 173, 37, 151, 45, 182, 81, 80, 17, 141, 251, 226, 186, 118, 163, 192, 2, 218, 40, 248, 92, 132, 12, 210, 0, 26, 40, 169},

	_ = x[ErrBucketTaggingNotFound-125]
	_ = x[ErrObjectLockInvalidHeaders-126]
	_ = x[ErrInvalidTagDirective-127]
	_ = x[ErrPolicyAlreadyAttached-128]
	_ = x[ErrPolicyNotAttached-129]
	_ = x[ErrExcessData-130]
	_ = x[ErrInvalidEncryptionMethod-131]
	_ = x[ErrInvalidEncryptionKeyID-132]
	_ = x[ErrInsecureSSECustomerRequest-133]
	_ = x[ErrSSEMultipartEncrypted-134]
	_ = x[ErrSSEEncryptedObject-135]

    {!> ../../../docs_src/security/tutorial004_py310.py!}
    ```

=== "Python 3.8+ non-Annotated"

    !!! tip
        Prefer to use the `Annotated` version if possible.

    ```Python hl_lines="115-130"
    {!> ../../../docs_src/security/tutorial004.py!}
    ```

### Technical details about the JWT "subject" `sub`

The JWT specification says that there's a key `sub`, with the subject of the token.