Das ist derselbe Mechanismus, der verwendet wird, wenn Sie beim Anmelden mit Facebook, Google, GitHub, usw. Berechtigungen erteilen:

<img src="/img/tutorial/security/image11.png">

## JWT-Token mit Scopes

Ändern Sie nun die Token-*Pfadoperation*, um die angeforderten Scopes zurückzugeben.

    runs-on: ubuntu-latest
    permissions:
      # Needed to upload the results to code-scanning dashboard.
      security-events: write
      # Needed to publish results and get a badge (see publish_results below).
      id-token: write
      # Uncomment the permissions below if installing in a private repository.
      # contents: read
      # actions: read

    steps:
      - name: "Checkout code"

  @Override
  public int remainingCapacity() {
    return delegate().remainingCapacity();
  }

  @CanIgnoreReturnValue // TODO(kak): consider removing this
  @Override
  public E take() throws InterruptedException {
    return delegate().take();
  }

{
    "properties": {
      "name": {
        "type": "keyword"
      },
      "token": {
        "type": "keyword"
      },
      "permissions": {
        "type": "keyword"
      },
      "parameter_name" : {
        "type": "keyword"
      },
      "expiredTime": {
        "type": "long"
      },
      "createdBy": {
        "type": "keyword"
      },
      "createdTime": {
        "type": "long"
      },

  - Click on `account`
  - Settings, set `Valid Redirect URIs` to `*`, expand `Advanced Settings` and set `Access Token Lifespan` to `1 Hours`
  - Save

- Go to Clients
  - Click on `account`
  - Mappers
  - Create
    - `Name` with any text
    - `Mapper Type` is `User Attribute`
    - `User Attribute` is `policy`
    - `Token Claim Name` is `policy`
    - `Claim JSON Type` is `string`
  - Save

 */
@Deprecated
public interface ArtifactTransformationManager {
    String ROLE = ArtifactTransformationManager.class.getName();

    /**
     * Take in an artifact and return the transformed artifact for locating in the remote repository. If no
     * transformation has occurred the original artifact is returned.
     *
     * @param artifact           Artifact to be transformed.

   *       superclass, no equality check is done on the deserialized instance because it's not clear
   *       whether the author intended for the class to be a value type.
   *   <li>If a constructor or factory method takes a parameter whose type is interface, a dynamic
   *       proxy will be passed to the method. It's possible that the method body expects an

labels.boost_document_rule_boost_expr=Boost Expression
labels.boost_document_rule_sort_order=Sort Order
labels.access_token_configuration=Access Token
labels.access_token_title_details=Access Token
labels.access_token_list_name=Name
labels.access_token_name=Name
labels.access_token_token=Token
labels.access_token_expires=Expires
labels.access_token_parameter_name=Parameter Name
labels.access_token_updated_time=Created Date

    public void setExpires(final Date date) {
        setExpiredTime(date != null ? date.getTime() : null);
    }

    @Override
    public String toString() {
        return "AccessToken [name=" + name + ", token=" + token + ", permissions=" + Arrays.toString(permissions) + ", parameterName="
                + parameterName + ", createdBy=" + createdBy + ", createdTime=" + createdTime + ", updatedBy=" + updatedBy

      - name: Install Material for MkDocs Insiders
        if: ( github.event_name != 'pull_request' || github.secret_source == 'Actions' )
        run: uv pip install -r requirements-docs-insiders.txt
        env:
          TOKEN: ${{ secrets.FASTAPI_MKDOCS_MATERIAL_INSIDERS }}
      - name: Verify Docs
        run: python ./scripts/docs.py verify-docs
      - name: Export Language Codes
        id: show-langs
        run: |