ll: &localLocker{
			mutex:   sync.Mutex{},
			lockMap: make(map[string][]lockRequesterInfo),
		},
	}
	creds := globalActiveCred
	token, err := authenticateNode(creds.AccessKey, creds.SecretKey)
	if err != nil {
		t.Fatal(err)
	}
	return fsDir, locker, token
}

// Test function to remove lock entries from map based on name & uid combination
func TestLockRpcServerRemoveEntry(t *testing.T) {

<img src="/img/tutorial/security/image11.png">

## JWT token with scopes { #jwt-token-with-scopes }

Now, modify the token *path operation* to return the scopes requested.

We are still using the same `OAuth2PasswordRequestForm`. It includes a property `scopes` with a `list` of `str`, with each scope it received in the request.

And we return the scopes as part of the JWT token.

/// danger

	if clntHashedPayload != "" && clntHashedPayload != query.Get(xhttp.AmzContentSha256) {
		return ErrContentSHA256Mismatch
	}
	// Verify if security token is correct.
	if token != "" && subtle.ConstantTimeCompare([]byte(token), []byte(cred.SessionToken)) != 1 {
		return ErrInvalidToken
	}

	// Verify finally if signature is same.

	// Get canonical request.

type sender interface {
	msgp.MarshalSizer
	Op() Op
}

type connectReq struct {
	ID    [16]byte
	Host  string
	Time  time.Time
	Token string
}

// addToken will add the token to the connect request.
func (c *connectReq) addToken(fn AuthFn) {
	c.Token = fn()
}

func (connectReq) Op() Op {
	return OpConnect
}

type connectResp struct {
	ID             [16]byte
	Accepted       bool

    }

    public void setToken_Terms(ConditionOptionCall<TermsAggregationBuilder> opLambda) {
        setToken_Terms("token", opLambda, null);
    }

    public void setToken_Terms(ConditionOptionCall<TermsAggregationBuilder> opLambda, OperatorCall<BsAccessTokenCA> aggsLambda) {
        setToken_Terms("token", opLambda, aggsLambda);
    }

# Получить текущего пользователя { #get-current-user }

В предыдущей главе система безопасности (основанная на системе внедрения зависимостей) передавала *функции-обработчику пути* `token` типа `str`:

{* ../../docs_src/security/tutorial001_an_py39.py hl[12] *}

Но это всё ещё не слишком полезно.

Сделаем так, чтобы она возвращала текущего пользователя.

## Создать модель пользователя { #create-a-user-model }

  notify:
    endpoint: https://notify.endpoint # notification endpoint to receive job completion status
    token: Bearer xxxxx # optional authentication token for the notification endpoint
  
  retry:
    attempts: 10 # number of retries for the job before giving up
    delay: 500ms # least amount of delay between each retry
`
	var job BatchJobRequest

{* ../../docs_src/security/tutorial002_an_py310.py hl[25] *}

## Obter o usuário { #get-the-user }

`get_current_user` usará uma função utilitária (falsa) que criamos, que recebe um token como uma `str` e retorna nosso modelo Pydantic `User`:

	  #     value: "image/*" # match objects with 'content-type', with all values starting with 'image/'

	notify:
	  endpoint: "https://notify.endpoint" # notification endpoint to receive job status events
	  token: "Bearer xxxxx" # optional authentication token for the notification endpoint

	retry:
	  attempts: 10 # number of retries for the job before giving up
	  delay: "500ms" # least amount of delay between each retry
```

def test_token(client: TestClient):
    response = client.get("/items", headers={"Authorization": "Bearer testtoken"})
    assert response.status_code == 200, response.text
    assert response.json() == {"token": "testtoken"}


def test_incorrect_token(client: TestClient):
    response = client.get("/items", headers={"Authorization": "Notexistent testtoken"})
    assert response.status_code == 401, response.text