<img src="/img/tutorial/security/image11.png">

## Token JWT com escopos

Agora, modifique o *caminho de rota* para retornar os escopos solicitados.

Nós ainda estamos utilizando o mesmo `OAuth2PasswordRequestForm`. Ele inclui a propriedade `scopes` com uma `list` de `str`, com cada escopo que ele recebeu na requisição.

E nós retornamos os escopos como parte do token JWT.

/// danger | Cuidado

{* ../../docs_src/security/tutorial001.py hl[6] *}

/// tip | 豆知識

ここで、`tokenUrl="token"`は、まだ作成していない相対URL`token`を指します。相対URLなので、`./token`と同じです。

相対URLを使っているので、APIが`https://example.com/`にある場合、`https://example.com/token`を参照します。しかし、APIが`https://example.com/api/v1/`にある場合は`https://example.com/api/v1/token`を参照することになります。

    }

    /**
     * Gets the file identifier.
     *
     * @return the fid
     */
    public final int getFid() {
        return this.fid;
    }

    /**
     * Gets the create action taken.
     *
     * @return the createAction
     */
    public final int getCreateAction() {
        return this.createAction;
    }

    /**
     * Gets the extended file attributes.
     *

Das Wort „**Server**“ bezieht sich häufig sowohl auf den entfernten-/Cloud-Computer (die physische oder virtuelle Maschine) als auch auf das Programm, das auf dieser Maschine ausgeführt wird (z. B. Uvicorn).

Denken Sie einfach daran, wenn Sie „Server“ im Allgemeinen lesen, dass es sich auf eines dieser beiden Dinge beziehen kann.

import com.google.common.annotations.GwtCompatible;
import com.google.common.collect.Multimap;

/**
 * Helper methods/assertions for use with {@code com.google.common.collect} types.
 *
 * @author Colin Decker
 */
@GwtCompatible
final class GoogleHelpers {

  private GoogleHelpers() {}

  static void assertEmpty(Multimap<?, ?> multimap) {
    if (!multimap.isEmpty()) {

import com.google.common.annotations.J2ktIncompatible;

/**
 * Modes for opening a file for writing. The default when mode when none is specified is to truncate
 * the file before writing.
 *
 * @author Colin Decker
 */
@J2ktIncompatible
@GwtIncompatible
public enum FileWriteMode {
  /** Specifies that writes to the opened file should append to the end of the file. */
  APPEND

But doing that, in some minutes or hours the attackers would have guessed the correct username and password, with the "help" of our application, just using the time taken to answer.

#### Fix it with `secrets.compare_digest()` { #fix-it-with-secrets-compare-digest }

But in our code we are actually using `secrets.compare_digest()`.

		ll: &localLocker{
			mutex:   sync.Mutex{},
			lockMap: make(map[string][]lockRequesterInfo),
		},
	}
	creds := globalActiveCred
	token, err := authenticateNode(creds.AccessKey, creds.SecretKey)
	if err != nil {
		t.Fatal(err)
	}
	return fsDir, locker, token
}

// Test function to remove lock entries from map based on name & uid combination
func TestLockRpcServerRemoveEntry(t *testing.T) {

      - name: Install Material for MkDocs Insiders
        if: ( github.event_name != 'pull_request' || github.secret_source == 'Actions' )
        run: uv pip install -r requirements-docs-insiders.txt
        env:
          TOKEN: ${{ secrets.FASTAPI_MKDOCS_MATERIAL_INSIDERS }}
      - name: Verify Docs
        run: python ./scripts/docs.py verify-docs
      - name: Export Language Codes
        id: show-langs
        run: |

constraints.Past.message = {item} moet een waarde uit het verleden zijn.
constraints.Pattern.message = {item} komt niet overeen met "{regexp}".
constraints.Size.message = De grootte van {item} moet tussen {min} en {max} tekens liggen.
# ----------------------------------------------------------
# Hibernate Validator
# -------------------
constraints.CreditCardNumber.message = {item} is geen geldig creditcardnummer.