# OAuth2 с паролем (и хешированием), Bearer с JWT-токенами { #oauth2-with-password-and-hashing-bearer-with-jwt-tokens }

Теперь, когда у нас определен процесс обеспечения безопасности, давайте сделаем приложение действительно безопасным, используя токены <abbr title="JSON Web Tokens - веб‑токены JSON">JWT</abbr> и безопасное хеширование паролей.

Этот код можно реально использовать в своем приложении, сохранять хэши паролей в базе данных и т.д.

                    file = details.getFile();
                } catch (final UnsupportedOperationException e) {
                    // we get invoked with stubbed details, there is no way to introspect this other than catching this exception
                    return false;
                }
                for (final File symbolicLink : visitedSymbolicLinks) {
                    if (isChildOf(symbolicLink, file)) return true;

 * limitations under the License.
 */

package com.google.common.collect;

import static com.google.common.collect.Hashing.smear;

import com.google.common.annotations.GwtCompatible;
import junit.framework.TestCase;
import org.jspecify.annotations.NullMarked;

/** Tests for {@code Hashing}. */
@GwtCompatible
@NullMarked
public class HashingTest extends TestCase {
  public void testSmear() {

     * @param argTypes
     *            The parameter types array
     * @return The {@link Constructor} object for the {@code public} constructor matching the specified {@code argTypes}
     * @throws NoSuchConstructorRuntimeException
     *             If a matching constructor is not found
     * @see Class#getConstructor(Class...)
     */

///

## 패스워드 해싱 { #password-hashing }

"해싱(Hashing)"은 어떤 내용(여기서는 패스워드)을 알아볼 수 없는 바이트 시퀀스(그냥 문자열)로 변환하는 것을 의미합니다.

정확히 같은 내용(정확히 같은 패스워드)을 넣으면 정확히 같은 알아볼 수 없는 문자열이 나옵니다.

하지만 그 알아볼 수 없는 문자열에서 다시 패스워드로 되돌릴 수는 없습니다.

### 패스워드 해싱을 사용하는 이유 { #why-use-password-hashing }

데이터베이스를 탈취당하더라도, 침입자는 사용자의 평문 패스워드 대신 해시만 얻게 됩니다.

import java.io.ObjectInputStream;
import java.io.Serializable;
import org.jspecify.annotations.Nullable;

/**
 * List returned by {@link ImmutableCollection#asList} that delegates {@code contains} checks to the
 * backing collection.
 *
 * @author Jared Levy
 * @author Louis Wasserman
 */
@GwtCompatible
@SuppressWarnings("serial")
abstract class ImmutableAsList<E> extends ImmutableList<E> {

## TensorFlow models are programs

TensorFlow
[**models**](https://developers.google.com/machine-learning/glossary/#model) (to
use a term commonly used by machine learning practitioners) are expressed as
programs that TensorFlow executes. TensorFlow programs are encoded as
computation
[**graphs**](https://developers.google.com/machine-learning/glossary/#graph).
Since models are practically programs that TensorFlow executes, using untrusted

                break;
            }
        }
        assertTrue(foundTestMethod);
    }

    @Test
    public void test_throwAndCatch() {
        // Test throwing and catching the exception
        String expectedMessage = "Offset limit exceeded: 10000";

        try {
            throw new ResultOffsetExceededException(expectedMessage);
        } catch (ResultOffsetExceededException e) {

     * mirror, its URL and ID will be updated to match the values from the mirror specification. Repositories without a
     * matching mirror will pass through unchanged. Note: This method must be called before
     * {@link #injectAuthentication(List, List)} or the repositories will end up with the wrong credentials.
     *

import com.google.common.annotations.VisibleForTesting;

/**
 * Implementation of FarmHash Fingerprint64, an open-source fingerprinting algorithm for strings.
 *
 * <p>Its speed is comparable to CityHash64, and its quality of hashing is at least as good.
 *
 * <p>Note to maintainers: This implementation relies on signed arithmetic being bit-wise equivalent
 * to unsigned arithmetic in all cases except:
 *
 * <ul>