List<AnalyzeToken> tokens1 = analyzer1.analyze(text, field, lang);
        List<AnalyzeToken> tokens2 = analyzer2.analyze(text, field, lang);

        assertNotNull(tokens1);
        assertNotNull(tokens2);
        assertEquals(tokens1.size(), tokens2.size());

        for (int i = 0; i < tokens1.size(); i++) {
            assertEquals(tokens1.get(i).getTerm(), tokens2.get(i).getTerm());
        }
    }

Bu, Facebook/Google/GitHub vb. ile giriş yaparken izin verdiğinizde kullanılan mekanizmanın aynısıdır:

<img src="/img/tutorial/security/image11.png">

## Scope'lu JWT token { #jwt-token-with-scopes }

Şimdi token *path operation*'ını, istenen scope'ları döndürecek şekilde değiştirin.

}

// AssumeRoleWithCustomToken implements user authentication with custom tokens.
// These tokens are opaque to MinIO and are verified by a configured (external)
// Identity Management Plugin.
//
// API endpoint: https://minio:9000?Action=AssumeRoleWithCustomToken&Token=xxx
func (sts *stsAPIHandlers) AssumeRoleWithCustomToken(w http.ResponseWriter, r *http.Request) {

        this.finishReason = finishReason;
    }

    /**
     * Gets the number of prompt tokens.
     *
     * @return the prompt tokens count
     */
    public Integer getPromptTokens() {
        return promptTokens;
    }

    /**
     * Sets the number of prompt tokens.
     *
     * @param promptTokens the prompt tokens count
     */
    public void setPromptTokens(final Integer promptTokens) {

     *
     * @return The value of the string.
     */
    public String getStringValue() {
        return sval;
    }

    /**
     * Advances to the next token.
     *
     * @return The type of the token.
     */
    public int nextToken() {
        initVal();
        if (processEOF()) {
            return ttype;
        }
        if (processWhitespace()) {

	Close()
}

// A Token is a scan token plus its string value.
// A macro is stored as a sequence of Tokens with spaces stripped.
type Token struct {
	ScanToken
	text string
}

// Make returns a Token with the given rune (ScanToken) and text representation.
func Make(token ScanToken, text string) Token {
	// Substitute the substitutes for . and /.
	text = strings.ReplaceAll(text, "\u00B7", ".")

		forceTLS      bool
	)

	var err error
	for _, arg := range args {
		tokens := strings.SplitN(arg, "=", 2)
		if len(tokens) != 2 {
			logger.Fatal(fmt.Errorf("invalid arguments passed to --ftp=%s", arg), "unable to start FTP server")
		}
		switch tokens[0] {
		case "address":
			host, portStr, err := net.SplitHostPort(tokens[1])
			if err != nil {

	if err != nil {
		return nil, err
	}

	// Verify if the authToken already contains
	// <Key> <Token> like format, if this is
	// already present we can blindly use the
	// authToken as is instead of adding 'Bearer'
	tokens := strings.Fields(target.args.AuthToken)
	switch len(tokens) {
	case 2:
		req.Header.Set("Authorization", target.args.AuthToken)
	case 1:

# OAuth2 с паролем (и хешированием), Bearer с JWT-токенами { #oauth2-with-password-and-hashing-bearer-with-jwt-tokens }

Теперь, когда у нас определен процесс обеспечения безопасности, давайте сделаем приложение действительно безопасным, используя токены <abbr title="JSON Web Tokens - веб‑токены JSON">JWT</abbr> и безопасное хеширование паролей.

Этот код можно реально использовать в своем приложении, сохранять хэши паролей в базе данных и т.д.

<img src="/img/tutorial/security/image11.png">

## 內含 scopes 的 JWT token { #jwt-token-with-scopes }

現在，修改 token 的路徑操作以回傳所請求的 scopes。

我們仍然使用相同的 `OAuth2PasswordRequestForm`。它包含屬性 `scopes`，其為 `list` 的 `str`，列出請求中收到的每個 scope。

並且我們將這些 scopes 作為 JWT token 的一部分回傳。

/// danger

為了簡化，這裡我們只是直接把接收到的 scopes 加進 token。

但在你的應用中，為了安全性，你應確保只加入該使用者實際可擁有或你預先定義的 scopes。

///