}

// BatchKeyRotateNotification success or failure notification endpoint for each job attempts
type BatchKeyRotateNotification struct {
	Endpoint string `yaml:"endpoint" json:"endpoint"`
	Token    string `yaml:"token" json:"token"`
}

// BatchJobKeyRotateFlags various configurations for replication job definition currently includes
// - filter
// - notify
// - retry
type BatchJobKeyRotateFlags struct {

///

## Retorne o token

A resposta do endpoint `token` deve ser um objeto JSON.

Deve ter um `token_type`. No nosso caso, como estamos usando tokens "Bearer", o tipo de token deve ser "`bearer`".

E deve ter um `access_token`, com uma string contendo nosso token de acesso.

Para este exemplo simples, seremos completamente inseguros e retornaremos o mesmo `username` do token.

/// tip | Dica

중복 헤더의 모든 값을 파이썬 `list`로 수신합니다.

예를 들어, 두 번 이상 나타날 수 있는 `X-Token`헤더를 선언하려면, 다음과 같이 작성합니다:

```Python hl_lines="9"
{!../../docs_src/header_params/tutorial003.py!}
```

다음과 같은 두 개의 HTTP 헤더를 전송하여 해당 *경로* 와 통신할 경우:

```
X-Token: foo
X-Token: bar
```

응답은 다음과 같습니다:

```JSON
{
    "X-Token values": [
        "bar",
        "foo"
    ]
}
```

## 요약

    name: Add to project
    runs-on: ubuntu-latest
    steps:
      - uses: actions/add-to-project@v1.0.2
        with:
          project-url: https://github.com/orgs/fastapi/projects/2

	}
}

// have reports whether the remaining tokens (including the current one) contain the specified token.
func (p *Parser) have(token lex.ScanToken) bool {
	for i := p.inputPos; i < len(p.input); i++ {
		if p.input[i].ScanToken == token {
			return true
		}
	}
	return false
}

// at reports whether the next tokens are as requested.

<img src="/img/tutorial/security/image11.png">

## Token JWT com escopos

Agora, modifique o *caminho de rota* para retornar os escopos solicitados.

Nós ainda estamos utilizando o mesmo `OAuth2PasswordRequestForm`. Ele inclui a propriedade `scopes` com uma `list` de `str`, com cada escopo que ele recebeu na requisição.

E nós retornamos os escopos como parte do token JWT.

/// danger | Cuidado

    """
    OAuth2 flow for authentication using a bearer token obtained with an OAuth2 code
    flow. An instance of it would be used as a dependency.
    """

    def __init__(
        self,
        authorizationUrl: str,
        tokenUrl: Annotated[
            str,
            Doc(
                """
                The URL to obtain the OAuth2 token.
                """
            ),
        ],

    public void setExpires(final Date date) {
        setExpiredTime(date != null ? date.getTime() : null);
    }

    @Override
    public String toString() {
        return "AccessToken [name=" + name + ", token=" + token + ", permissions=" + Arrays.toString(permissions) + ", parameterName="
                + parameterName + ", createdBy=" + createdBy + ", createdTime=" + createdTime + ", updatedBy=" + updatedBy

			validConfigFilename:   "list.conflist.golden",
			saFilename:            "token-foo",
		},
		{
			name:                "standalone CNI plugin",
			cniConfigFilename:   "istio-cni.conf",
			validConfigFilename: "istio-cni.conf",
			saFilename:          "token-foo",
			saNewFilename:       "token-bar",
		},
	}

	for _, c := range cases {
		t.Run(c.name, func(t *testing.T) {

<img src="/img/tutorial/security/image11.png">

## JWT token with scopes

Now, modify the token *path operation* to return the scopes requested.

We are still using the same `OAuth2PasswordRequestForm`. It includes a property `scopes` with a `list` of `str`, with each scope it received in the request.

And we return the scopes as part of the JWT token.

/// danger