```

## Die Abhängigkeiten aktualisieren

Aktualisieren Sie `get_current_user`, um den gleichen Token wie zuvor zu erhalten, dieses Mal jedoch unter Verwendung von JWT-Tokens.

Dekodieren Sie den empfangenen Token, validieren Sie ihn und geben Sie den aktuellen Benutzer zurück.

Wenn der Token ungültig ist, geben Sie sofort einen HTTP-Fehler zurück.

=== "Python 3.10+"

    ```Python hl_lines="89-106"

## Return the token

The response of the `token` endpoint must be a JSON object.

It should have a `token_type`. In our case, as we are using "Bearer" tokens, the token type should be "`bearer`".

And it should have an `access_token`, with a string containing our access token.

    {!> ../../../docs_src/security/tutorial004.py!}
    ```

## Update the dependencies

Update `get_current_user` to receive the same token as before, but this time, using JWT tokens.

Decode the received token, verify it, and return the current user.

If the token is invalid, return an HTTP error right away.

=== "Python 3.10+"

    ```Python hl_lines="89-106"

WSO2 generates tokens in first style by default, but if to be used with MinIO we should configure WSO2 to provide JWT tokens instead.

### 3. Generate Self-contained Access Tokens

By default, a UUID is issued as an id_token in WSO2 Identity Server, which is of the first type above. But, it also can be configured to issue a self-contained id_token (JWT), which is of the second type above.

## Den Token zurückgeben

Die Response des `token`-Endpunkts muss ein JSON-Objekt sein.

Es sollte einen `token_type` haben. Da wir in unserem Fall „Bearer“-Token verwenden, sollte der Token-Typ "`bearer`" sein.

Und es sollte einen `access_token` haben, mit einem String, der unseren Zugriffstoken enthält.

Previously, site replication required the root credentials of peer sites to be identical. This is no longer necessary because STS tokens are now signed with the site replicator service account credentials, thus allowing flexibility in the independent management of root accounts across sites and the ability to disable root accounts eventually.

# Punctuation tokens to remove
,
.
`
-
_
=
?
'
|
"
(
)
{
}
[
]
<
>
*
#
&
^
$
@
!
~
:
;
+
/
\
《
》
—
－
，
。
、
：
；
！
·
？
“
”
）
（
【
】
［
］
●
# the line below contains an IDEOGRAPHIC SPACE character (Used as a space in Chinese)
　

# English Stop Words

# Punctuation tokens to remove
,
.
`
-
_
=
?
'
|
"
(
)
{
}
[
]
<
>
*
#
&
^
$
@
!
~
:
;
+
/
\
《
》
—
－
，
。
、
：
；
！
·
？
“
”
）
（
【
】
［
］
●
# the line below contains an IDEOGRAPHIC SPACE character (Used as a space in Chinese)
　

# English Stop Words

## 토큰 반환하기

`token` 엔드포인트의 응답은 JSON 객체여야 합니다.

`token_type`이 있어야 합니다. 여기서는 "Bearer" 토큰을 사용하므로 토큰 유형은 "`bearer`"여야 합니다.

그리고 액세스 토큰을 포함하는 문자열과 함께 `access_token`이 있어야 합니다.

이 간단한 예제에서는 완전히 안전하지 않고, 동일한 `username`을 토큰으로 반환합니다.

!!! 팁
    다음 장에서는 패스워드 해싱 및 <abbr title="JSON Web Tokens">JWT</abbr> 토큰을 사용하여 실제 보안 구현을 볼 수 있습니다.

    하지만 지금은 필요한 세부 정보에 집중하겠습니다.

* Configure any required permissions and roles using dependencies.
* Never store plaintext passwords, only password hashes.
* Implement and use well-known cryptographic tools, like Passlib and JWT tokens, etc.
* Add more granular permission controls with OAuth2 scopes where needed.
* ...etc.