Это тот же механизм, когда вы даёте разрешения при входе через Facebook, Google, GitHub и т.д.:

<img src="/img/tutorial/security/image11.png">

## JWT-токены со scopes { #jwt-token-with-scopes }

Теперь измените операцию пути, выдающую токен, чтобы возвращать запрошенные scopes.

    /**
     * Get the open flags returned by the server
     * @return the flags
     */
    public final byte getOpenFlags() {
        return this.openFlags;
    }

    /**
     * Get the create action taken by the server
     * @return the createAction
     */
    public final int getCreateAction() {
        return this.createAction;
    }

    /**
     * Get the file creation time

from pydantic.types import SecretBytes, SecretStr
from pydantic_core import PydanticUndefinedType

from ._compat import (
    Url,
    is_pydantic_v1_model_instance,
)


# Taken from Pydantic v1 as is
def isoformat(o: Union[datetime.date, datetime.time]) -> str:
    return o.isoformat()


# Adapted from Pydantic v1
# TODO: pv2 should this return strings instead?

     */
    boolean isAllowNTLMFallback();

    /**
     * Property {@code jcifs.smb.useRawNTLM} (boolean, default false)
     *
     * @return whether to use raw NTLMSSP tokens instead of SPNEGO wrapped ones
     * @since 2.1
     */
    boolean isUseRawNTLM();

    /**
     *
     * Property {@code jcifs.smb.client.disablePlainTextPasswords} (boolean, default true)
     *

labels.purgeUserInfoDay=删除以前的用户日志
labels.reading=阅读
labels.roleTypeIds=角色ID
labels.scriptData=脚本
labels.scriptResult=结果
labels.scriptType=执行方法
labels.segmentation=分段
labels.startTime=开始时间
labels.target=目标
labels.token=令牌
labels.synonymFile=同义词文件
labels.stopwordsFile=停用词文件
labels.stemmerOverrideFile=词干覆盖文件
labels.mappingFile=映射文件
labels.protwordsFile=Protwords文件
labels.kuromojiFile=Kuromoji文件
labels.elevateWordFile=提升词文件

```JSON
{
    "message": "Hello World",
    "root_path": "/api/v1"
}
```

/// tip

Notice that even though you are accessing it at `http://127.0.0.1:8000/app` it shows the `root_path` of `/api/v1`, taken from the option `--root-path`.

///

    "tags": []
}
```

FastAPI is smart enough (actually, Pydantic is smart enough) to realize that, even though `description`, `tax`, and `tags` have the same values as the defaults, they were set explicitly (instead of taken from the defaults).

So, they will be included in the JSON response.

/// tip

Notice that the default values can be anything, not only `None`.

They can be a list (`[]`), a `float` of `10.5`, etc.

- Node information is now embedded into Pod-bound service account tokens as additional metadata. The 'JTI' field is set in issued service account tokens, and this information is embedded as `authentication.kubernetes.io/credential-id` in the user's ExtraInfo. ([#123135](https://github.com/kubernetes/kubernetes/pull/123135), [@munnerz](https://github.com/munnerz))...

* 驗證外來的型別，比如:
    * URL
    * Email
    * UUID


### 安全性及身份驗證

FastAPI 已經整合了安全性和身份驗證的功能，但不會強制與特定的資料庫或資料模型進行綁定。

OpenAPI 中定義的安全模式，包括：

* HTTP 基本認證。
* **OAuth2**（也使用 **JWT tokens**）。在 [OAuth2 with JWT](tutorial/security/oauth2-jwt.md){.internal-link target=_blank} 查看教學。
* API 密鑰，在：
    * 標頭（Header）
    * 查詢參數
    * Cookies，等等。

加上来自 Starlette（包括 **session cookie**）的所有安全特性。

- Fix kubelet token cache returning stale tokens when service accounts are recreated with the same name. The token cache is now UID-aware and the new `TokenRequestServiceAccountUIDValidation` feature gate (Beta, enabled by default) validates the TokenRequest UID when set matches the service account UID. ([#132803...