pkg go/types, method (*Scope) Child(int) *Scope
pkg go/types, method (*Scope) Contains(token.Pos) bool
pkg go/types, method (*Scope) End() token.Pos
pkg go/types, method (*Scope) Innermost(token.Pos) *Scope
pkg go/types, method (*Scope) Insert(Object) Object
pkg go/types, method (*Scope) Len() int
pkg go/types, method (*Scope) Lookup(string) Object
pkg go/types, method (*Scope) LookupParent(string, token.Pos) (*Scope, Object)

<img src="/img/tutorial/security/image10.png">

/// note

Notice the header `Authorization`, with a value that starts with `Bearer `.

///

## Advanced usage with `scopes` { #advanced-usage-with-scopes }

OAuth2 has the notion of "scopes".

You can use them to add a specific set of permissions to a JWT token.

 * trigger instantiation of the component, hence "weak" class name prefix. Only applies to mojo execution
 * scoped components.
 * </p>
 * <strong>Note:</strong> This interface is part of work in progress and can be changed or removed without notice.
 *
 * @see org.apache.maven.execution.MojoExecutionListener
 * @since 3.1.2
 */

```

::: fastapi.Depends

## `Security()`

For many scenarios, you can handle security (authorization, authentication, etc.) with dependencies, using `Depends()`.

But when you want to also declare OAuth2 scopes, you can use `Security()` instead of `Depends()`.

You can import `Security()` directly from `fastapi`:

```python
from fastapi import Security
```

<img src="/img/tutorial/security/image10.png">

/// note | 注意

留意標頭 `Authorization`，其值是以 `Bearer ` 開頭。

///

## 進階用法：`scopes` { #advanced-usage-with-scopes }

OAuth2 有「scopes」的概念。

你可以用它們替 JWT 權杖加上一組特定的權限。

接著你可以把這個權杖直接交給某個使用者或第三方，讓他們在一組受限條件下與你的 API 互動。

你可以在之後的「進階使用者指南」學到如何使用它們，以及它們如何整合進 **FastAPI**。

## 小結 { #recap }

      new PercentEscaper(URL_FORM_PARAMETER_OTHER_SAFE_CHARS, true);

  /**
   * Returns an {@link Escaper} instance that escapes strings so they can be safely included in <a
   * href="https://url.spec.whatwg.org/#syntax-url-path-segment">URL path segments</a>. The returned
   * escaper escapes all non-ASCII characters, even though <a
   * href="https://url.spec.whatwg.org/#url-code-points">many of these are accepted in modern

            },
            "components": {
                "securitySchemes": {
                    "OAuth2PasswordBearer": {
                        "type": "oauth2",
                        "flows": {"password": {"scopes": {}, "tokenUrl": "/token"}},
                        "description": "OAuth2PasswordBearer security scheme",
                    }
                }
            },
        }

	return c.with(func(db *DB) *DB {
		return db.Table(name, args...)
	})
}

func (c chainG[T]) Scopes(scopes ...func(db *Statement)) ChainInterface[T] {
	return c.with(func(db *DB) *DB {
		for _, fc := range scopes {
			fc(db.Statement)
		}
		return db
	})
}

func (c chainG[T]) Where(query interface{}, args ...interface{}) ChainInterface[T] {

      escaper.escape((String) null);
      Assert.fail("exception not thrown when escaping a null string");
    } catch (NullPointerException e) {
      // pass
    }
  }

  /**
   * Asserts that an escaper escapes the given character into the expected string.
   *
   * @param escaper the non-null escaper to test
   * @param expected the expected output string
   * @param c the character to escape
   */

      escaper.escape((String) null);
      Assert.fail("exception not thrown when escaping a null string");
    } catch (NullPointerException e) {
      // pass
    }
  }

  /**
   * Asserts that an escaper escapes the given character into the expected string.
   *
   * @param escaper the non-null escaper to test
   * @param expected the expected output string
   * @param c the character to escape
   */