is ignored except as it separates tokens
that would otherwise combine into a single token. Also, a newline or end of file
may trigger the insertion of a <a href="#Semicolons">semicolon</a>.
While breaking the input into tokens,
the next token is the longest sequence of characters that form a
valid token.
</p>

<h3 id="Semicolons">Semicolons</h3>

<p>

)
```

/// info | 정보

`**user_dict`에 대한 자세한 설명은 [**추가 모델** 문서](../extra-models.md#about-user-in-dict)를 다시 확인해보세요.

///

## 토큰 반환하기 { #return-the-token }

`token` 엔드포인트의 응답은 JSON 객체여야 합니다.

`token_type`이 있어야 합니다. 여기서는 "Bearer" 토큰을 사용하므로 토큰 유형은 "`bearer`"여야 합니다.

그리고 액세스 토큰을 포함하는 문자열과 함께 `access_token`이 있어야 합니다.

이 간단한 예제에서는 완전히 안전하지 않고, 동일한 `username`을 토큰으로 반환합니다.

///

/// info | Bilgi

Bu örnekte uydurma özel header'lar olan `X-Key` ve `X-Token` kullanıyoruz.

Ancak gerçek senaryolarda, security uygularken, entegre [Security yardımcı araçlarını (bir sonraki bölüm)](../security/index.md) kullanmak size daha fazla fayda sağlar.

///

			ClientCert:        env.Get(clientCertEnv, kv.Get(target.NATSClientCert)),
			ClientKey:         env.Get(clientKeyEnv, kv.Get(target.NATSClientKey)),
			Token:             env.Get(tokenEnv, kv.Get(target.NATSToken)),
			NKeySeed:          env.Get(nKeySeedEnv, kv.Get(target.NATSNKeySeed)),
			TLS:               env.Get(tlsEnv, kv.Get(target.NATSTLS)) == config.EnableOn,

///

/// info | Info

In diesem Beispiel verwenden wir zwei erfundene benutzerdefinierte Header `X-Key` und `X-Token`.

Aber in realen Fällen würden Sie bei der Implementierung von Sicherheit mehr Vorteile durch die Verwendung der integrierten [Sicherheits-Werkzeuge (siehe nächstes Kapitel)](../security/index.md) erzielen.

///

### Casos de uso: servicio externo { #use-cases-external-service }

Un ejemplo podría ser que tienes un proveedor de autenticación externo al que necesitas llamar.

Le envías un token y te devuelve un usuario autenticado.

Este proveedor podría estar cobrándote por cada request, y llamarlo podría tomar más tiempo adicional que si tuvieras un usuario mock fijo para los tests.

///

/// info | Примечание

В этом примере мы используем выдуманные пользовательские HTTP-заголовки `X-Key` и `X-Token`.

Но в реальных проектах, при внедрении системы безопасности, вы получите больше пользы используя интегрированные [средства защиты (следующая глава)](../security/index.md).

///

- Fix kubelet token cache returning stale tokens when service accounts are recreated with the same name. The token cache is now UID-aware and the new `TokenRequestServiceAccountUIDValidation` feature gate (Beta, enabled by default) validates the TokenRequest UID when set matches the service account UID. ([#132803...

Si le jeton est invalide, renvoyez immédiatement une erreur HTTP.

{* ../../docs_src/security/tutorial004_an_py310.py hl[93:110] *}

## Mettre à jour le *chemin d'accès* `/token` { #update-the-token-path-operation }

Créez un `timedelta` avec la durée d'expiration du jeton.

Créez un véritable jeton d'accès JWT et renvoyez-le.

{* ../../docs_src/security/tutorial004_an_py310.py hl[121:136] *}

这里有一些包裹在 HTML "abbr" 元素中的内容（有些是虚构的）：

### abbr 提供了完整短语 { #the-abbr-gives-a-full-phrase }

* <abbr title="Getting Things Done - 尽管去做">GTD</abbr>
* <abbr title="less than - 小于"><code>lt</code></abbr>
* <abbr title="XML Web Token - XML Web 令牌">XWT</abbr>
* <abbr title="Parallel Server Gateway Interface - 并行服务器网关接口">PSGI</abbr>

### abbr 提供了完整短语与解释 { #the-abbr-gives-a-full-phrase-and-an-explanation }