* provide a better implementation than the input Collection, at least without dramatic changes
     * like copying it to a new Set—which might then test for element equality differently.
     */
    @SuppressWarnings("UndefinedEquals")
    public boolean equals(@Nullable Object obj) {
      if (obj instanceof InPredicate) {

 *
 * **Not all cipher suites are supported on all platforms.** As newer cipher suites are created (for
 * stronger privacy, better performance, etc.) they will be adopted by the platform and then exposed
 * here. Cipher suites that are not available on either Android (through API level 24) or Java
 * (through JDK 9) are omitted for brevity.
 *

    }
  }

  /**
   * This test attempts to create a situation in which one thread is constantly changing a file from
   * being a real directory to being a symlink to another directory. It then calls
   * deleteDirectoryContents thousands of times on a directory whose subtree contains the file
   * that's switching between directory and symlink to try to ensure that under no circumstance does

그리고 접근을 허용할 스코프를 선택할 수 있게 됩니다: `me`와 `items`.

이는 Facebook, Google, GitHub 등으로 로그인하면서 권한을 부여할 때 사용되는 것과 동일한 메커니즘입니다:

<img src="/img/tutorial/security/image11.png">

## 스코프를 포함한 JWT 토큰 { #jwt-token-with-scopes }

이제 토큰 *경로 처리*를 수정해, 요청된 스코프를 반환하도록 합니다.

여전히 동일한 `OAuth2PasswordRequestForm`을 사용합니다. 여기에는 요청에서 받은 각 스코프를 담는 `scopes` 속성이 있으며, 타입은 `str`의 `list`입니다.

그리고 JWT 토큰의 일부로 스코프를 반환합니다.

/// danger | 위험

    cache.evictAll()
    assertThat(editor.newSource(0)).isNull()
  }

  @Test
  fun `edit discarded after editor detached`() {
    set("k1", "a", "a")

    // Create an editor, then detach it.
    val editor = cache.edit("k1")!!
    editor.newSink(0).buffer().use { sink ->
      cache.evictAll()

      // Complete the original edit. It goes into a black hole.
      sink.writeUtf8("bb")

ServiceAccount. Use the [TokenRequest](https://kubernetes.io/docs/reference/kubernetes-api/authentication-resources/token-request-v1/) API to acquire service account tokens, or if a non-expiring token is required, create a Secret API object for the token controller to populate with a service account token by following this [guide](https://kubernetes.io/docs/concepts/configuration/secret/#service-account-token-secrets). ([#108309](https://github.com/kubernetes/kubernetes/pull/108309), [@zshihang](https://github.com/zshihang))...

  public final ImmutableList<V> replaceValues(K key, Iterable<? extends V> values) {
    throw new UnsupportedOperationException();
  }

  /**
   * @serialData number of distinct keys, and then for each distinct key: the key, the number of
   *     values for that key, and the key's values
   */
  @GwtIncompatible
  @J2ktIncompatible
    private void writeObject(ObjectOutputStream stream) throws IOException {

  }

  public void testCopyOf_array_empty() {
    /*
     * We don't guarantee the same-as property, so we aren't obligated to test it. However, it's
     * useful in testing - when two things are the same then one can't have bugs the other doesn't.
     */
    assertThat(ImmutableDoubleArray.copyOf(new double[0]))
        .isSameInstanceAs(ImmutableDoubleArray.of());
  }

  public void testCopyOf_array_nonempty() {

            out[i] = ch;
            i++;
            p++;
        }
        while (p < len && pathInfo.charAt(p) == '/') {
            p++;
        }
        if (p < len) { /* then there must be a share */
            out[i] = '/';
            i++;
            do { /* collect the share name */
                out[i++] = ch = pathInfo.charAt(p++);
            } while (p < len && ch != '/');

C’est le même mécanisme utilisé lorsque vous donnez des permissions en vous connectant avec Facebook, Google, GitHub, etc. :

<img src="/img/tutorial/security/image11.png">

## Jeton JWT avec scopes { #jwt-token-with-scopes }

Modifiez maintenant le *chemin d’accès* du jeton pour renvoyer les scopes demandés.