- The default Bootstrap Token created with `kubeadm init` v1.8 expires
 and is deleted after 24 hours by default to limit the exposure of the
 valuable credential. You can create a new Bootstrap Token with
 `kubeadm token create` or make the default token permanently valid by specifying
 `--token-ttl 0` to `kubeadm init`. The default token can later be deleted with
 `kubeadm token delete`.

We see that we are going to need some dependencies used in several places of the application.

So we put them in their own `dependencies` module (`app/dependencies.py`).

We will now use a simple dependency to read a custom `X-Token` header:

//// tab | Python 3.9+

```Python hl_lines="3  6-8" title="app/dependencies.py"
{!> ../../docs_src/bigger_applications/app_an_py39/dependencies.py!}
```

////

//// tab | Python 3.8+

    * Einem Query-Parameter.
    * Einem Header.
    * Einem Cookie.
* `http`: Standard-HTTP-Authentifizierungssysteme, einschließlich:
    * `bearer`: ein Header `Authorization` mit dem Wert `Bearer` plus einem Token. Dies wird von OAuth2 geerbt.
    * HTTP Basic Authentication.
    * HTTP Digest, usw.
* `oauth2`: Alle OAuth2-Methoden zum Umgang mit Sicherheit (genannt „Flows“).

## Explore Further

- [Casdoor MinIO Integration](https://casdoor.org/docs/integration/minio)
- [MinIO STS Quickstart Guide](https://docs.min.io/community/minio-object-store/developers/security-token-service.html)

    * A query parameter.
    * A header.
    * A cookie.
* `http`: standard HTTP authentication systems, including:
    * `bearer`: a header `Authorization` with a value of `Bearer ` plus a token. This is inherited from OAuth2.
    * HTTP Basic authentication.
    * HTTP Digest, etc.
* `oauth2`: all the OAuth2 ways to handle security (called "flows").

# Length of API access token.
api.access.token.length=60
# Whether API access token is required.
api.access.token.required=false
# API access token request parameter.
api.access.token.request.parameter=
# Permissions for API admin access.
api.admin.access.permissions=Radmin-api
# Accepted referers for API search.

        with:
          distribution: 'zulu'
          java-version: 17

      - uses: graalvm/setup-graalvm@v1
        with:
          distribution: 'graalvm'
          java-version: 21
          github-token: ${{ secrets.GITHUB_TOKEN }}
          cache: 'gradle'
          native-image-job-reports: true

      - name: Setup Gradle
        uses: gradle/actions/setup-gradle@v4

      - name: Run Checks

pkg debug/pe, const IMAGE_FILE_MACHINE_ARMNT ideal-int
pkg expvar, method (*Map) Delete(string)
pkg go/doc, const PreserveAST = 4
pkg go/doc, const PreserveAST Mode
pkg go/importer, func ForCompiler(*token.FileSet, string, Lookup) types.Importer
pkg go/token, method (*File) LineStart(int) Pos
pkg io, type StringWriter interface { WriteString }
pkg io, type StringWriter interface, WriteString(string) (int, error)
pkg log, method (*Logger) Writer() io.Writer

│   ├── main.py
│   └── test_main.py
```

➡️ 💬 👈 🔜 📁 `main.py` ⏮️ 👆 **FastAPI** 📱 ✔️ 🎏 **➡ 🛠️**.

⚫️ ✔️ `GET` 🛠️ 👈 💪 📨 ❌.

⚫️ ✔️ `POST` 🛠️ 👈 💪 📨 📚 ❌.

👯‍♂️ *➡ 🛠️* 🚚 `X-Token` 🎚.

{* ../../docs_src/app_testing/app_b/main.py *}

### ↔ 🔬 📁

👆 💪 ⤴️ ℹ `test_main.py` ⏮️ ↔ 💯:

{* ../../docs_src/app_testing/app_b/test_main.py *}

            result.setParameterName(DfTypeUtil.toString(source.get("parameter_name")));
            result.setPermissions(toStringArray(source.get("permissions")));
            result.setToken(DfTypeUtil.toString(source.get("token")));
            result.setUpdatedBy(DfTypeUtil.toString(source.get("updatedBy")));
            result.setUpdatedTime(DfTypeUtil.toLong(source.get("updatedTime")));
            return updateEntity(source, result);