labels.roleTypeIds=ID de rôle
labels.scriptData=Script
labels.scriptResult=Résultat
labels.scriptType=Méthode d'exécution
labels.segmentation=Segmentation
labels.startTime=Heure de début
labels.target=Cible
labels.token=Jeton
labels.synonymFile=Fichier de synonymes
labels.stopwordsFile=Fichier de mots vides
labels.stemmerOverrideFile=Fichier de remplacement de racinisation
labels.mappingFile=Fichier de mappage

- Fix kubelet token cache returning stale tokens when service accounts are recreated with the same name. The token cache is now UID-aware and the new `TokenRequestServiceAccountUIDValidation` feature gate (Beta, enabled by default) validates the TokenRequest UID when set matches the service account UID. ([#132803...

			continue
		}
		if tokenRevokeType != "" {
			claims, err := getClaimsFromTokenWithSecret(ui.Credentials.SessionToken, secret)
			if err != nil {
				continue // skip if token is invalid
			}
			// skip if token type is given and does not match
			if v, _ := claims.Lookup(tokenRevokeTypeClaim); v != tokenRevokeType {
				continue
			}
		}

`get_current_user`を更新して、先ほどと同じトークンを受け取るようにしますが、今回はJWTトークンを使用します。

受け取ったトークンを復号して検証し、現在のユーザーを返します。

トークンが無効な場合は、すぐにHTTPエラーを返します。

{* ../../docs_src/security/tutorial004.py hl[89:106] *}

## `/token` パスオペレーションの更新

トークンの有効期限を表す`timedelta`を作成します。

JWTアクセストークンを作成し、それを返します。

{* ../../docs_src/security/tutorial004.py hl[115:130] *}

### JWTの"subject" `sub` についての技術的な詳細

## Changelog since v1.5.5

### Other notable changes

- Fixes a 1.32 regression in with the ServiceAccountNodeAudienceRestriction feature where `azureFile` volumes encounter "failed to get service accoount token attributes" errors. Reverts the `ServiceAccountNodeAudienceRestriction` feature to disabled in v1.32. Refer to https://github.com/kubernetes/kubernetes/issues/129935 for more details. If you're using in-tree inline volumes or in-tree persistent volumes...

  is now available as alpha (off by default). When enabled, the `legacy-service-account-token-cleaner`
  controller loop removes service account token secrets that have not been used
  in the time specified by `--legacy-service-account-token-clean-up-period` (defaulting
  to one year), **and are** referenced from the `.secrets` list of a ServiceAccount

* fix pod stuck issue due to corrupt mnt point in flexvol plugin, call Unmount if PathExists returns any error ([#75234](https://github.com/kubernetes/kubernetes/pull/75234), [@andyzhangx](https://github.com/andyzhangx))
* vSphere: allow SAML token delegation (required for Zones support) ([#78876](https://github.com/kubernetes/kubernetes/pull/78876), [@dougm](https://github.com/dougm))

* 👷 Refactor GitHub Action to comment docs deployment URLs and update token. PR [#11925](https://github.com/fastapi/fastapi/pull/11925) by [@tiangolo](https://github.com/tiangolo).
* 👷 Update tokens for GitHub Actions. PR [#11924](https://github.com/fastapi/fastapi/pull/11924) by [@tiangolo](https://github.com/tiangolo).

// applicable here.
//
// Service accounts are replicated as long as they are not meant for the root
// user.
//
// STS accounts are replicated, but only if the session token is verifiable
// using the local cluster's root credential.
func (c *SiteReplicationSys) IAMChangeHook(ctx context.Context, item madmin.SRIAMItem) error {
	// The IAM item has already been applied to the local cluster at this