*.iml
.idea
.vscode
.DS_Store
/plugins/
/modules/
/tomcat.8080/
dbflute_fess/output/doc/lastadoc-fess.html
dbflute_fess/schema/project-lastadoc-fess.json
src/main/resources/fess_indices/fess_config.access_token/access_token.bulk
src/main/resources/ga_client_secrets.p12
src/main/webapp/WEB-INF/project.properties
/.apt_generated/
/.apt_generated_tests/
/.serena

            logger.info("Token: {}", testToken);
            return testToken;
        }

        given().contentType("application/json")
                .body("{\"index\":{\"_index\":\"fess_config.access_token\",\"_id\":\"" + DEFAULT_TEST_TOKEN_ID

& ⚫️ 🔜 ✔️ `access_token`, ⏮️ 🎻 ⚗ 👆 🔐 🤝.

👉 🙅 🖼, 👥 🔜 🍕 😟 & 📨 🎏 `username` 🤝.

/// tip

⏭ 📃, 👆 🔜 👀 🎰 🔐 🛠️, ⏮️ 🔐 #️⃣ &amp; <abbr title="JSON Web Tokens">🥙</abbr> 🤝.

✋️ 🔜, ➡️ 🎯 🔛 🎯 ℹ 👥 💪.

///

{* ../../docs_src/security/tutorial003.py hl[85] *}

/// tip

🔌, 👆 🔜 📨 🎻 ⏮️ `access_token` &amp; `token_type`, 🎏 👉 🖼.

                )

            creds = json.loads(response.data)

            query = {}
            query['Action'] = 'AssumeRoleWithClientGrants'
            query['Token'] = creds['access_token']
            query['DurationSeconds'] = creds['expires_in']
            query['Version'] = '2011-06-15'

            query_components = []
            for key in query:
                if query[key] is not None:

Он должен иметь `token_type`. В нашем случае, поскольку мы используем токены типа "Bearer", тип токена должен быть "`bearer`".

И в нем должна быть строка `access_token`, содержащая наш токен доступа.

В этом простом примере мы нарушим все правила безопасности, и будем считать, что имя пользователя (username) полностью соответствует токену (token)

/// tip | Подсказка

        ; fess_user.user = map:{
            ; package = user
            ; esclientDiFile = esclient.xml
            ; esfluteDiFile = esflute_user.xml
        }
        # Index: fess_user
        ; fess_config.access_token = map:{
            ; package = config
            ; esclientDiFile = esclient.xml
            ; esfluteDiFile = esflute_config.xml
        }
        ; fess_config.bad_word = map:{
            ; package = config

Die Response des `token`-Endpunkts muss ein JSON-Objekt sein.

Es sollte einen `token_type` haben. Da wir in unserem Fall „Bearer“-Token verwenden, sollte der Token-Typ "`bearer`" sein.

Und es sollte einen `access_token` haben, mit einem String, der unseren Zugriffstoken enthält.

In diesem einfachen Beispiel gehen wir einfach völlig unsicher vor und geben denselben `username` wie der Token zurück.

/// tip | Tipp

El response del endpoint `token` debe ser un objeto JSON.

Debe tener un `token_type`. En nuestro caso, como estamos usando tokens "Bearer", el tipo de token debe ser "`bearer`".

Y debe tener un `access_token`, con un string que contenga nuestro token de acceso.

Para este ejemplo simple, vamos a ser completamente inseguros y devolver el mismo `username` como el token.

/// tip | Consejo

The response of the `token` endpoint must be a JSON object.

It should have a `token_type`. In our case, as we are using "Bearer" tokens, the token type should be "`bearer`".

And it should have an `access_token`, with a string containing our access token.

For this simple example, we are going to just be completely insecure and return the same `username` as the token.

/// tip

		<!-- fess index -->
		<postConstruct name="addIndexConfig">
			<arg>"fess/doc"</arg>
		</postConstruct>
		<!-- fess_config index -->
		<postConstruct name="addIndexConfig">
			<arg>"fess_config.access_token/access_token"</arg>
		</postConstruct>
		<postConstruct name="addIndexConfig">
			<arg>"fess_config.bad_word/bad_word"</arg>
		</postConstruct>
		<postConstruct name="addIndexConfig">