labels.purgeUserInfoDay=刪除以前的使用者日誌
labels.reading=讀音
labels.roleTypeIds=角色ID
labels.scriptData=腳本
labels.scriptResult=結果
labels.scriptType=執行方法
labels.segmentation=分段
labels.startTime=開始時間
labels.target=目標
labels.token=令牌
labels.synonymFile=同義詞檔案
labels.stopwordsFile=停用詞檔案
labels.stemmerOverrideFile=詞幹覆蓋檔案
labels.mappingFile=映射檔案
labels.protwordsFile=Protwords檔案
labels.kuromojiFile=Kuromoji檔案
labels.elevateWordFile=提升詞檔案

	}
	data.CommonPrefixes = prefixes
	return data
}

// generates an ListObjectsV2 response for the said bucket with other enumerated options.
func generateListObjectsV2Response(ctx context.Context, bucket, prefix, token, nextToken, startAfter, delimiter, encodingType string, fetchOwner, isTruncated bool, maxKeys int, objects []ObjectInfo, prefixes []string, metadata metaCheckFn) ListObjectsV2Response {
	contents := make([]Object, 0, len(objects))

pkg encoding/base32, method (Encoding) WithPadding(int32) *Encoding
pkg encoding/csv, type Reader struct, ReuseRecord bool
pkg encoding/json, func Valid([]uint8) bool
pkg go/ast, type TypeSpec struct, Assign token.Pos
pkg go/types, func SizesFor(string, string) Sizes
pkg go/types, method (*TypeName) IsAlias() bool
pkg hash/fnv, func New128() hash.Hash
pkg hash/fnv, func New128a() hash.Hash

* **[alpha]** New Bootstrap Token authentication and management method. Works well with kubeadm. kubeadm now supports managing tokens, including time based expiration, after the cluster is launched.  See [kubeadm reference docs](https://kubernetes.io/docs/admin/kubeadm/#manage-tokens) for details.

				iamLogIf(ctx, nerr.Err)
			}
		}
	}
	return updatedAt, nil
}

// RevokeTokens - revokes all STS tokens, or those of specified type, for a user
// If `tokenRevokeType` is empty, all tokens are revoked.
func (sys *IAMSys) RevokeTokens(ctx context.Context, accessKey, tokenRevokeType string) error {
	if !sys.Initialized() {
		return errServerNotInitialized
	}

Это тот же механизм, когда вы даёте разрешения при входе через Facebook, Google, GitHub и т.д.:

<img src="/img/tutorial/security/image11.png">

## JWT-токены со scopes { #jwt-token-with-scopes }

Теперь измените операцию пути, выдающую токен, чтобы возвращать запрошенные scopes.

	default:
		return xml.UnmarshalError(fmt.Sprintf("expected element type <LegalHold>/<ObjectLockLegalHold> but have <%s>",
			start.Name.Local))
	}
	for {
		// Read tokens from the XML document in a stream.
		t, err := d.Token()
		if err != nil {
			if err == io.EOF {
				break
			}
			return err
		}

		if se, ok := t.(xml.StartElement); ok {
			switch se.Name.Local {
			case "Status":

labels.roleTypeIds=ID ролей
labels.scriptData=Скрипт
labels.scriptResult=Результат
labels.scriptType=Метод выполнения
labels.segmentation=Сегментация
labels.startTime=Время начала
labels.target=Цель
labels.token=Токен
labels.synonymFile=Файл синонимов
labels.stopwordsFile=Файл стоп-слов
labels.stemmerOverrideFile=Файл переопределения стеммера
labels.mappingFile=Файл сопоставления
labels.protwordsFile=Файл Protwords

   *
   * This includes the HTTP method, headers, request body (if present), and URL.
   *
   * Example:
   *
   * ```
   * curl 'https://example.com/api' \
   *   -X PUT \
   *   -H 'Authorization: Bearer token' \
   *   --data '{\"key\":\"value\"}'
   * ```
   *
   * **Note:** This will consume the request body. This may have side effects if the [RequestBody]
   * is streaming or can be consumed only once.
   */

# 패스워드 해싱을 이용한 OAuth2, JWT 토큰을 사용하는 Bearer 인증

모든 보안 흐름을 구성했으므로, 이제 <abbr title="JSON Web Tokens">JWT</abbr> 토큰과 패스워드 해싱을 사용해 애플리케이션을 안전하게 만들 것입니다.

이 코드는 실제로 애플리케이션에서 패스워드를 해싱하여 DB에 저장하는 등의 작업에 활용할 수 있습니다.

이전 장에 이어서 시작해 봅시다.

## JWT

JWT 는 "JSON Web Tokens" 을 의미합니다.

JSON 객체를 공백이 없는 긴 문자열로 인코딩하는 표준이며, 다음과 같은 형태입니다:

```