# Security Tools

When you need to declare dependencies with OAuth2 scopes you use `Security()`.

But you still need to define what is the dependable, the callable that you pass as a parameter to `Depends()` or `Security()`.

There are multiple tools that you can use to create those dependables, and they get integrated into OpenAPI so they are shown in the automatic docs UI, they can be used by automatically generated clients and SDKs, etc.

 * <p>
 * This interface allows plugins and extensions to define and register additional project scopes
 * beyond the standard {@link ProjectScope#MAIN} and {@link ProjectScope#TEST} scopes.
 * Implementations of this interface will be discovered through the Java ServiceLoader mechanism
 * and their provided project scopes will be available throughout the Maven build process.
 * <p>
 * Example usage:
 * <pre>

claim_name    (string)    JWT canned policy claim name, defaults to "policy"
claim_prefix  (string)    JWT claim namespace prefix e.g. "customer1/"
scopes        (csv)       Comma separated list of OpenID scopes for server, defaults to advertised scopes from discovery document e.g. "email,admin"
comment       (sentence)  optionally add a comment to this setting
```

and ENV based options

```

    assertThat(transformation.inverse().transform(y1 + yDelta))
        .isWithin(ALLOWED_ERROR)
        .of(x1 + xDelta);
    assertThat(transformation.slope()).isWithin(ALLOWED_ERROR).of(yDelta / xDelta);
    assertThat(transformation.inverse().slope()).isWithin(ALLOWED_ERROR).of(xDelta / yDelta);
    assertThat(transformation.inverse()).isSameInstanceAs(transformation.inverse());

- The scheduler skips the `InterPodAffinity` Score plugin when nothing to do with the Pod.
  It will affect some metrics values related to the InterPodAffinity Score plugin. ([#117794](https://github.com/kubernetes/kubernetes/pull/117794), [@utam0k](https://github.com/utam0k)) [SIG Scheduling]

/// note | Hinweis

Beachten Sie den Header `Authorization` mit einem Wert, der mit `Bearer ` beginnt.

///

## Fortgeschrittene Verwendung mit `scopes` { #advanced-usage-with-scopes }

OAuth2 hat ein Konzept von <abbr title="Geltungsbereiche">„Scopes“</abbr>.

Sie können diese verwenden, um einem JWT-Token einen bestimmten Satz von Berechtigungen zu übergeben.

<img src="/img/tutorial/security/image10.png">

/// note | Nota

Observa el header `Authorization`, con un valor que comienza con `Bearer `.

///

## Uso avanzado con `scopes` { #advanced-usage-with-scopes }

OAuth2 tiene la noción de "scopes".

Puedes usarlos para agregar un conjunto específico de permisos a un token JWT.

    mockWebServer.start(slackApi.port);
  }

  public HttpUrl newAuthorizeUrl(String scopes, String team, Listener listener) {
    if (mockWebServer == null) throw new IllegalStateException();

    ByteString state = randomToken();
    synchronized (this) {
      listeners.put(state, listener);
    }

    return slackApi.authorizeUrl(scopes, redirectUrl(), state, team);
  }

  private ByteString randomToken() {

<img src="/img/tutorial/security/image10.png">

/// note | Nota

Perceba que o cabeçalho `Authorization`, com o valor que começa com `Bearer `.

///

## Uso avançado com `scopes` { #advanced-usage-with-scopes }

O OAuth2 tem a noção de "scopes" (escopos).

Você pode usá-los para adicionar um conjunto específico de permissões a um token JWT.

        resolutionErrorHandler.throwErrors(request, result);
        assertEquals(2, result.getArtifacts().size());

        //
        // System scoped version which should
        //
        d.setScope(Artifact.SCOPE_SYSTEM);
        File file = new File(getBasedir(), "src/test/repository-system/maven-core-2.1.0.jar");