import org.opensearch.index.query.QueryBuilders;

/**
 * Implementation of IndexUpdateCallback that handles file list index updates with concurrent processing.
 * This callback processes file events (create, modify, delete) and manages document indexing and deletion
 * operations in the search engine. It supports recursive crawling with configurable depth and access count limits.
 *

import jakarta.annotation.PostConstruct;
import jakarta.annotation.PreDestroy;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

/**
 * RankFusionProcessor manages multiple search engines and combines their results using rank fusion algorithms.
 * This processor supports searching with multiple searchers concurrently and merging their results based on

                    break;
                }
                curReq = next;
                curResp = next.getResponse();
            }
        }
    }

    /**
     * Sends a request and manages the response handling.
     *
     * @param <T> the response type
     * @param request the request to send
     * @param response the response object to populate

# 추가 모델 { #extra-models }

지난 예제에 이어서, 연관된 모델을 여러 개 갖는 것은 흔한 일입니다.

특히 사용자 모델의 경우에 그러한데, 왜냐하면:

* **입력 모델**은 비밀번호를 가질 수 있어야 합니다.
* **출력 모델**은 비밀번호를 가지면 안 됩니다.
* **데이터베이스 모델**은 아마도 해시 처리된 비밀번호를 가질 필요가 있을 것입니다.

/// danger

절대 사용자의 비밀번호를 평문으로 저장하지 마세요. 항상 이후에 검증 가능한 "안전한 해시(secure hash)"로 저장하세요.

만약 이게 무엇인지 모르겠다면, [보안 장](security/simple-oauth2.md#password-hashing)에서 "password hash"가 무엇인지 배울 수 있습니다.

///

								<li class="nav-item" data-bs-toggle="tooltip" data-placement="left" title="<la:message key="labels.eol_error" />">
									<a class="nav-link active" href="${eolLink}" target="_olh"><i class="fas fa-times-circle text-danger" aria-hidden="true"></i></a>
								</li>
							</c:if>
							<c:if test="${developmentMode}">
								<li class="nav-item" data-bs-toggle="tooltip" data-placement="left"

Und wir geben die Scopes als Teil des JWT-Tokens zurück.

/// danger | Gefahr

Der Einfachheit halber fügen wir hier die empfangenen Scopes direkt zum Token hinzu.

import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;

/**
 * Helper class for managing Fess plugins and artifacts.
 * This class provides functionality to discover, install, and manage various types of plugins
 * including data stores, themes, ingest processors, scripts, web applications, thumbnails, and crawlers.
 */
public class PluginHelper {
    /** Logger instance for this class */

In this case, it might not be a problem, because it's the same user sending the password.

But if we use the same model for another *path operation*, we could be sending our user's passwords to every client.

/// danger

Never store the plain password of a user or send it in a response like this, unless you know all the caveats and you know what you are doing.

///

## Add an output model { #add-an-output-model }

Neste caso, pode não ser um problema, porque é o mesmo usuário enviando a senha.

Mas se usarmos o mesmo modelo para outra *operação de rota*, poderíamos estar enviando as senhas dos nossos usuários para todos os clientes.

/// danger | Cuidado

Nunca armazene a senha simples de um usuário ou envie-a em uma resposta como esta, a menos que você saiba todas as ressalvas e saiba o que está fazendo.

///

## 带作用域的 JWT 令牌 { #jwt-token-with-scopes }

现在，修改令牌的*路径操作*以返回请求的作用域。

我们仍然使用 `OAuth2PasswordRequestForm`。它包含 `scopes` 属性，其值是 `list[str]`，包含请求中接收到的每个作用域。

我们把这些作用域作为 JWT 令牌的一部分返回。

/// danger | 危险

为简单起见，此处我们只是把接收到的作用域直接添加到了令牌中。

但在你的应用里，为了安全起见，你应该只添加该用户实际能够拥有的作用域，或你预先定义的作用域。

///

{* ../../docs_src/security/tutorial005_an_py310.py hl[157] *}