amazon_s3_base_path=%BRANCH%
      - shell: |
          #!/usr/local/bin/runbld --redirect-stderr
          set -euo pipefail

          set +x
          VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id=$VAULT_ROLE_ID secret_id=$VAULT_SECRET_ID)
          export VAULT_TOKEN
          export data=$(vault read -format=json aws-test/creds/elasticsearch-ci-s3)

#!/bin/bash

cd `dirname $0`
. ./_project.sh

FIRST_ARG=$1
SECOND_ARG=$2

sh $DBFLUTE_HOME/etc/cmd/_df-manage.sh $MY_PROPERTIES_PATH $FIRST_ARG $SECOND_ARG
taskReturnCode=$?

if [ $taskReturnCode -ne 0 ];then
  exit $taskReturnCode;

     * For example, if a Java tools accepts only class-path elements, then the filter should return
     * {@code true} for {@link JavaPathType#CLASSES} and {@code false} for {@link JavaPathType#MODULES}.
     * If no filter is explicitly set, then the default is a filter accepting everything.
     *

 * in compliance with, at your election, the Elastic License 2.0 or the Server
 * Side Public License, v 1.
 */

// we do not want any of these dependencies on the compilation classpath
// because they could then be used within Elasticsearch
List<String> FORBIDDEN_DEPENDENCIES = [
  'guava'
]

Closure checkDeps = { Configuration configuration ->
  configuration.resolutionStrategy.eachDependency {

    /*
     * Since we can't loop inside awaitUninterruptibly(Condition, ...), the user is responsible for
     * calling us again in case of interrupt. Then, if we were to call await(...) immediately, as we
     * do in the other Uninterruptibles methods, it would throw immediately. Then we'd restore the
     * interrupt and return again, and the user would call us again, creating a busy wait.
     *

            // Just returning an Integer with the index here is faster, but requires a lot of if/then/else to check for
            // -1
            //  or QUALIFIERS.size and then resort to lexical ordering. Most comparisons are decided by the first
            // character,
            // so this is still fast. If more characters are needed then it requires a lexical sort anyway.

pkg go/token, const AND_NOT_ASSIGN Token
pkg go/token, const ARROW Token
pkg go/token, const ASSIGN Token
pkg go/token, const BREAK Token
pkg go/token, const CASE Token
pkg go/token, const CHAN Token
pkg go/token, const CHAR Token
pkg go/token, const COLON Token
pkg go/token, const COMMA Token
pkg go/token, const COMMENT Token
pkg go/token, const CONST Token
pkg go/token, const CONTINUE Token

#
# Re-direct all links in $1 that point to /lib... to point to $1/lib... instead.

BASE="$1"
find "${BASE}" -type l | \
  while read l ; do
    if [[ "$(readlink "$l")" == /lib* ]]; then
      ORIG="$(readlink "$l")";
      rm "$l";
      ln -s "${BASE}${ORIG}" "$l"
    fi

///

## トークンを返す { #return-the-token }

`token` エンドポイントのレスポンスは JSON オブジェクトでなければなりません。

`token_type` を含める必要があります。ここでは「Bearer」トークンを使うので、トークンタイプは「`bearer`」です。

そして `access_token` を含め、その中にアクセストークンの文字列を入れます。

この単純な例では、完全に安全ではありませんが、トークンとして同じ `username` をそのまま返します。

/// tip | 豆知識

次の章では、パスワードハッシュ化と <abbr title="JSON Web Tokens - JSON Web Token">JWT</abbr> トークンを使った本当に安全な実装を見ます。

            throw new SsoLoginException("could not validate nonce", e);
        }
    }

    /**
     * Obtains an access token using a refresh token.
     * @param refreshToken The refresh token to use for token acquisition.
     * @return The authentication result containing the access token.
     */
    public IAuthenticationResult getAccessToken(final String refreshToken) {