apiTrafficRecvBytes MetricName = "traffic_received_bytes"
)

var (
	apiRejectedAuthTotalMD = NewCounterMD(apiRejectedAuthTotal,
		"Total number of requests rejected for auth failure", "type")
	apiRejectedHeaderTotalMD = NewCounterMD(apiRejectedHeaderTotal,
		"Total number of requests rejected for invalid header", "type")
	apiRejectedTimestampTotalMD = NewCounterMD(apiRejectedTimestampTotal,

import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.kerberos.KerberosKey;

import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;

import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.mockito.Mockito.when;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;

import javax.security.auth.kerberos.KerberosKey;

import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.BERTags;
import org.bouncycastle.asn1.DERGeneralString;

    - advanced/advanced-dependencies.md
    - Advanced Security:
      - advanced/security/index.md
      - advanced/security/oauth2-scopes.md
      - advanced/security/http-basic-auth.md
    - advanced/using-request-directly.md
    - advanced/dataclasses.md
    - advanced/middleware.md
    - advanced/sub-applications.md
    - advanced/behind-a-proxy.md
    - advanced/templates.md

Version: DEVELOPMENT.2023-02-05T05-17-27Z (go1.19.4 linux/amd64)

...
...
Object Lambda ARNs: arn:minio:s3-object-lambda::function:webhook

```

### Lambda Target with Auth Token

If your lambda target expects an authorization token then you can enable it per function target as follows

```

                // Use AES-GCM - nonce is 16 bytes
                final Cipher cipher = createGCMCipher(false, nonce);
                cipher.updateAAD(associatedData);

                // Combine ciphertext and auth tag for decryption
                final byte[] input = new byte[ciphertext.length + authTag.length];
                System.arraycopy(ciphertext, 0, input, 0, ciphertext.length);

        final Map<String, String> clientConfigMap = getConfigParameterMap(ConfigName.CLIENT);
        if (clientConfigMap != null) {
            paramMap.putAll(clientConfigMap);
        }

        // auth params
        final List<FileAuthentication> fileAuthList = fileAuthenticationService.getFileAuthenticationList(getId());
        final List<SmbAuthentication> smbAuthList = new ArrayList<>();

    pyenv local "3.11"
    export CLOUDSDK_PYTHON=$(pyenv which python3.11)
  else
    echo "Python 3.11 not found, falling back to system python"
    export CLOUDSDK_PYTHON=$(which python3)
  fi
  gcloud auth activate-service-account --key-file="${GOOGLE_APPLICATION_CREDENTIALS}"
fi
set -x

# "TFCI_MACOS_PYENV_INSTALL_ENABLE" controls whether to use Pyenv to install

* `users:read` oder `users:write` sind gängige Beispiele.
* `instagram_basic` wird von Facebook / Instagram verwendet.
* `https://www.googleapis.com/auth/drive` wird von Google verwendet.

/// info | Info

In OAuth2 ist ein „Scope“ nur ein String, der eine bestimmte erforderliche Berechtigung deklariert.

They are normally used to declare specific security permissions, for example:

* `users:read` or `users:write` are common examples.
* `instagram_basic` is used by Facebook / Instagram.
* `https://www.googleapis.com/auth/drive` is used by Google.

/// info

In OAuth2 a "scope" is just a string that declares a specific permission required.

It doesn't matter if it has other characters like `:` or if it is a URL.