assertTrue(context.isValid());

        // Simulate validation failure (context should be invalidated)
        byte[] incorrectHash = new byte[64];
        secureRandom.nextBytes(incorrectHash);

        try {
            preauthService.validatePreauthIntegrity(sessionId, incorrectHash);

            if (file != null) {
                try {
                    // Invalidate any cached read data
                    // This would typically clear file's internal read buffers
                    // For now, we log the action as the actual implementation
                    // depends on SmbFile's internal caching mechanism
                    log.info("Invalidated read cache for: {}", path);
                } catch (Exception e) {

                    this.currentHash = newHash.clone();
                }
            }
        }

        public boolean isValid() {
            return isValid;
        }

        public void invalidate() {
            this.isValid = false;
            // Clear sensitive data
            synchronized (hashLock) {
                Arrays.fill(currentHash, (byte) 0);
            }
        }
    }

It would also mean that if you get data from the `Request` object directly (for example, read the body) it won't be validated, converted or documented (with OpenAPI, for the automatic API user interface) by FastAPI.

Although any other parameter declared normally (for example, the body with a Pydantic model) would still be validated, converted, annotated, etc.

But there are specific cases where it's useful to get the `Request` object.

* Validate **complex structures**:
    * Use of hierarchical Pydantic models, Python `typing`’s `List` and `Dict`, etc.
    * And validators allow complex data schemas to be clearly and easily defined, checked and documented as JSON Schema.
    * You can have deeply **nested JSON** objects and have them all validated and annotated.
* **Extensible**:

{* ../../docs_src/response_directly/tutorial002.py hl[1,18] *}

## Notes { #notes }

When you return a `Response` directly its data is not validated, converted (serialized), or documented automatically.

But you can still document it as described in [Additional Responses in OpenAPI](additional-responses.md){.internal-link target=_blank}.

* `limit`: with a value of `10`

As they are part of the URL, they are "naturally" strings.

But when you declare them with Python types (in the example above, as `int`), they are converted to that type and validated against it.

All the same process that applied for path parameters also applies for query parameters:

* Editor support (obviously)

You can actually use this same technique with an HTTP `PUT` operation.

But the example here uses `PATCH` because it was created for these use cases.

///

/// note

Notice that the input model is still validated.

So, if you want to receive partial updates that can omit all the attributes, you need to have a model with all the attributes marked as optional (with default values or `None`).

* A `skip` query parameter that is an `int`, with a default of `0`.
* A `limit` query parameter that is an `int`, with a default of `100`.

In both cases the data will be converted, validated, documented on the OpenAPI schema, etc.

## Use it { #use-it }

Now you can declare your dependency using this class.

{* ../../docs_src/dependencies/tutorial002_an_py310.py hl[19] *}

///

/// tip

Here we reuse the same Pydantic model.

But the same way, we could have validated it in some other way.