Arrays.asList(
        "a=b; Path=/c; Domain=example.com; Max-Age=5; Secure; HttpOnly",
        "a= ; Path=/c; Domain=example.com; Max-Age=5; Secure; HttpOnly",
        "a=b;          Domain=example.com; Max-Age=5; Secure; HttpOnly",
        "a=b; Path=/c;                     Max-Age=5; Secure; HttpOnly",
        "a=b; Path=/c; Domain=example.com;            Secure; HttpOnly",
        "a=b; Path=/c; Domain=example.com; Max-Age=5;         HttpOnly",

    level = DeprecationLevel.ERROR,
  )
  fun httpOnly(): Boolean = httpOnly

  @JvmName("-deprecated_secure")
  @Deprecated(
    message = "moved to val",
    replaceWith = ReplaceWith(expression = "secure"),
    level = DeprecationLevel.ERROR,
  )
  fun secure(): Boolean = secure

  /**
   * @param forObsoleteRfc2965 true to include a leading `.` on the domain pattern. This is

##### Figure 1 - Secure Channel construction

```

	Endpoint         string
	Secure           bool
	Err              error
}

func (rs *replStat) endpoint() string {
	scheme := "http"
	if rs.Secure {
		scheme = "https"
	}
	return scheme + "://" + rs.Endpoint
}

func (rs *replStat) set(arn string, n int64, duration time.Duration, status replication.StatusType, opType replication.Type, endpoint string, secure bool, err error) {
	rs.Endpoint = endpoint

 * `RESTRICTED_TLS` is a secure configuration, intended to meet stricter compliance requirements.
 * `MODERN_TLS` is a secure configuration that connects to modern HTTPS servers.
 * `COMPATIBLE_TLS` is a secure configuration that connects to secure–but not current–HTTPS servers.
 * `CLEARTEXT` is an insecure configuration that is used for `http://` URLs.

	}
	if n.Token != "" {
		connOpts = append(connOpts, nats.Token(n.Token))
	}
	if n.Secure || n.TLS && n.TLSSkipVerify {
		connOpts = append(connOpts, nats.Secure(nil))
	} else if n.TLS {
		connOpts = append(connOpts, nats.Secure(&tls.Config{RootCAs: n.RootCAs}))
	}
	if n.CertAuthority != "" {
		connOpts = append(connOpts, nats.RootCAs(n.CertAuthority))
	}

        .addHeader(
          "Set-Cookie: a=android; " +
            "expires=Fri, 31-Dec-9999 23:59:59 GMT; " +
            "path=/path; " +
            "domain=${urlWithIpAddress.host}; " +
            "secure",
        )
        .build(),
    )
    get(urlWithIpAddress)
    val cookies = cookieManager.cookieStore.cookies
    assertThat(cookies.size).isEqualTo(1)
    val cookie = cookies[0]

	config := tcfg.Credentials
	creds := credentials.NewStaticV4(config.AccessKey, config.SecretKey, "")

	api, err := minio.New(tcfg.Endpoint, &minio.Options{
		Creds:     creds,
		Secure:    tcfg.Secure,
		Region:    tcfg.Region,
		Transport: globalRemoteTargetTransport,
	})
	if err != nil {
		return nil, err
	}
	api.SetAppInfo("minio-replication-target", ReleaseTag+" "+tcfg.Arn)

func (s *TestSuiteIAM) iamSetup(c *check) {
	var err error
	// strip url scheme from endpoint
	s.endpoint = strings.TrimPrefix(s.endPoint, "http://")
	if s.secure {
		s.endpoint = strings.TrimPrefix(s.endPoint, "https://")
	}

	s.adm, err = madmin.New(s.endpoint, s.accessKey, s.secretKey, s.secure)
	if err != nil {
		c.Fatalf("error creating admin client: %v", err)
	}
	// Set transport, so that TLS is handled correctly.

# OAuth2 with Password (and hashing), Bearer with JWT tokens

Now that we have all the security flow, let's make the application actually secure, using <abbr title="JSON Web Tokens">JWT</abbr> tokens and secure password hashing.

This code is something you can actually use in your application, save the password hashes in your database, etc.

We are going to start from where we left in the previous chapter and increment it.

## About JWT