/**
 * An SPI interface to extend Maven with new enum values for extensible enumerations.
 * <p>
 * Maven uses extensible enumerations to allow plugins and extensions to add new values
 * to various categories like languages, scopes, and packaging types. This interface is the
 * base for all providers that register such extensions.
 * <p>
 * Implementations of this interface are discovered through the Java ServiceLoader mechanism.

* Never store plaintext passwords, only password hashes.
* Implement and use well-known cryptographic tools, like pwdlib and JWT tokens, etc.
* Add more granular permission controls with OAuth2 scopes where needed.
* ...etc.

Nevertheless, you might have a very specific use case where you really need to disable the API docs for some environment (e.g. for production) or depending on configurations from environment variables.

	var names1 []string
	DB.Model(&User{}).Where("name like ?", "distinct%").Distinct().Order("name").Pluck("Name", &names1)

	AssertEqual(t, names1, []string{"distinct", "distinct-2", "distinct-3"})

	var names2 []string
	DB.Scopes(func(db *gorm.DB) *gorm.DB {
		return db.Table("users")
	}).Where("name like ?", "distinct%").Order("name").Pluck("name", &names2)
	AssertEqual(t, names2, []string{"distinct", "distinct", "distinct", "distinct-2", "distinct-3"})

./mc cp /etc/hosts myminio/test-bucket

./mc idp openid add myminio \
	config_url="http://localhost:5556/dex/.well-known/openid-configuration" \
	client_id="minio-client-app" \
	client_secret="minio-client-app-secret" \
	scopes="openid,groups,email,profile" \
	redirect_uri="http://127.0.0.1:10000/oauth_callback" \
	display_name="Login via dex1" \
	role_policy="consoleAdmin"

./mc admin service restart myminio --json
./mc ready myminio

 * errors while processing the event, it can report these problems via {@link ModelBuildingEvent#getProblems()}.
 * Note: To cope with future extensions to this interface, it is strongly recommended to extend
 * {@link AbstractModelBuildingListener} rather than to directly implement this interface.
 *

     * annotated with the {@link Resolution} annotation.
     */
    @Nonnull
    boolean dependencyCollection() default false;

    /**
     * Comma separated list of path scopes that will be
     * required for dependency resolution.
     * If not set, it will be inferred from the fields
     * annotated with the {@link Resolution} annotation.
     */
    @Nonnull

  @ListFeature.Require(absent = {SUPPORTS_SET, SUPPORTS_ADD_WITH_INDEX})
  public void testListIterator_unmodifiable() {
    runListIteratorTest(UNMODIFIABLE);
  }

  /*
   * For now, we don't cope with testing this when the list supports only some
   * modification operations.
   */
  @CollectionFeature.Require(SUPPORTS_REMOVE)
  @ListFeature.Require({SUPPORTS_SET, SUPPORTS_ADD_WITH_INDEX})

    if [[ ! -s $BATS_TEST_TMPDIR/files ]]; then return 0; fi
    xargs -a $BATS_TEST_TMPDIR/files -n1 -P $(nproc --all) \
        python -m pylint --rcfile=tensorflow/tools/ci_build/pylintrc --score false \
        | grep -v "**** Module" \
        | tee $BATS_TEST_TMPDIR/needs_help.txt
    [[ ! -s $BATS_TEST_TMPDIR/needs_help.txt ]]
}

            - name: MINIO_IDENTITY_OPENID_CLAIM_PREFIX
              value: {{ .Values.oidc.claimPrefix }}
            - name: MINIO_IDENTITY_OPENID_SCOPES
              value: {{ .Values.oidc.scopes }}
            - name: MINIO_IDENTITY_OPENID_COMMENT
              value: {{ .Values.oidc.comment }}
            - name: MINIO_IDENTITY_OPENID_REDIRECT_URI
              value: {{ .Values.oidc.redirectUri }}

<img src="/img/tutorial/security/image10.png">

/// note

`Bearer `로 시작하는 `Authorization` 헤더에 주목하십시오.

///

## `scopes` 의 고급 사용법

OAuth2는 "스코프(scopes)" 라는 개념을 갖고 있습니다.

이를 사용하여 JWT 토큰에 특정 권한 집합을 추가할 수 있습니다.

그 후 이 토큰을 사용자에게 직접 제공하거나 제3자에게 제공하여, 특정 제한사항 하에있는 API와 통신하도록 할 수 있습니다.

**FastAPI** 에서의 사용 방법과 통합 방식은 **심화 사용자 안내서** 에서 자세히 배울 수 있습니다.