add {
            failOnText {
                conditionType = BuildFailureOnText.ConditionType.CONTAINS
                pattern = "%unmaskedFakeCredentials%"
                failureMessage = "This build might be leaking credentials"
                reverse = false
                stopBuildOnFailure = true
            }
        }
    }

    if (os !in listOf(Os.WINDOWS, Os.MACOS)) {
        steps {

The JWT specification says that there's a key `sub`, with the subject of the token.

It's optional to use it, but that's where you would put the user's identification, so we are using it here.

JWT might be used for other things apart from identifying a user and allowing them to perform operations directly on your API.

For example, you could identify a "car" or a "blog post".

                    }
                    return null;
                } catch (final IOException se) {
                    if (request != null && request.getResponse() != null) {
                        // tree connect might still have succeeded
                        response = (TreeConnectResponse) request.getResponse();
                        if (response.isReceived() && !response.isError() && response.getErrorCode() == NtStatus.NT_STATUS_SUCCESS) {

   *
   * <p>The multimap supports mapping removal, which removes the corresponding mapping from the map.
   * It does not support any operations which might add mappings, such as {@code put}, {@code
   * putAll} or {@code replaceValues}.
   *
   * <p>The returned multimap will be serializable if the specified map is serializable.
   *

   *
   * <p>NOTE: This method is failsafe for security purposes: ALL IPv6 addresses (except localhost
   * (::1)) are hashed to avoid the security risk associated with extracting an embedded IPv4
   * address that might permit elevated privileges.
   *
   * @param ip {@link InetAddress} to "coerce"
   * @return {@link Inet4Address} represented "coerced" address
   * @since 7.0
   */

                    } else {
                        // Other threads try to read password
                        String pwd = auth.getPassword();
                        // Password might be null if already wiped
                        assertTrue(pwd == null || pwd.equals("ConcurrentPass123!"));
                    }
                } catch (InterruptedException e) {

It will have a property `scopes` with a list containing all the scopes required by itself and all the dependencies that use this as a sub-dependency. That means, all the "dependants"... this might sound confusing, it is explained again later below.

                assertTrue(encoded > 0);
                offset += encoded;
            }

            // Verify each context was encoded
            assertTrue(offset > 0);
            // The actual encoded size might be different from size() due to padding
            // Just verify that we encoded something for each context
            for (CreateContextRequest context : contexts) {
                assertNotNull(context.getName());

              if (entry.getLowerBound().compareTo(subRange.upperBound) >= 0) {
                return endOfData();
              } else if (entry.getUpperBound().compareTo(subRange.lowerBound) > 0) {
                // this might not be true e.g. at the start of the iteration
                return immutableEntry(entry.getKey().intersection(subRange), entry.getValue());
              }
            }
            return endOfData();
          }

        it's probably the most common one.

        If you are implementing an OAuth2 authentication scheme other than the provided
        ones in FastAPI (based on bearer tokens), you might want to override this.

        Ref: https://datatracker.ietf.org/doc/html/rfc6749
        """
        return HTTPException(
            status_code=HTTP_401_UNAUTHORIZED,
            detail="Not authenticated",