We see that we are going to need some dependencies used in several places of the application.

So we put them in their own `dependencies` module (`app/dependencies.py`).

We will now use a simple dependency to read a custom `X-Token` header:

//// tab | Python 3.9+

```Python hl_lines="3  6-8" title="app/dependencies.py"
{!> ../../docs_src/bigger_applications/app_an_py39/dependencies.py!}
```

////

//// tab | Python 3.8+

                                                        data-href="${contextPath}/admin/dict/kuromoji/details/${f:u(dictId)}/4/${f:u(data.id)}">
                                                    <td>${f:h(data.token)}</td>
                                                    <td>${f:h(data.reading)}</td>
                                                </tr>
                                            </c:forEach>

    * Einem Query-Parameter.
    * Einem Header.
    * Einem Cookie.
* `http`: Standard-HTTP-Authentifizierungssysteme, einschließlich:
    * `bearer`: ein Header `Authorization` mit dem Wert `Bearer` plus einem Token. Dies wird von OAuth2 geerbt.
    * HTTP Basic Authentication.
    * HTTP Digest, usw.
* `oauth2`: Alle OAuth2-Methoden zum Umgang mit Sicherheit (genannt „Flows“).

## Explore Further

- [Casdoor MinIO Integration](https://casdoor.org/docs/integration/minio)
- [MinIO STS Quickstart Guide](https://docs.min.io/community/minio-object-store/developers/security-token-service.html)

    * A query parameter.
    * A header.
    * A cookie.
* `http`: standard HTTP authentication systems, including:
    * `bearer`: a header `Authorization` with a value of `Bearer ` plus a token. This is inherited from OAuth2.
    * HTTP Basic authentication.
    * HTTP Digest, etc.
* `oauth2`: all the OAuth2 ways to handle security (called "flows").

        final PagingList<KuromojiItem> itemList = kuromojiFile.selectList(0, 5);
        for (int i = 0; i < itemList.size(); i++) {
            final KuromojiItem kuromojiItem = itemList.get(i);
            assertEquals("token" + (i + 1), kuromojiItem.getToken());
            assertEquals("seg" + (i + 1), kuromojiItem.getSegmentation());
            assertEquals("reading" + (i + 1), kuromojiItem.getReading());

 - The default Bootstrap Token created with `kubeadm init` v1.8 expires
 and is deleted after 24 hours by default to limit the exposure of the
 valuable credential. You can create a new Bootstrap Token with
 `kubeadm token create` or make the default token permanently valid by specifying
 `--token-ttl 0` to `kubeadm init`. The default token can later be deleted with
 `kubeadm token delete`.

# Length of API access token.
api.access.token.length=60
# Whether API access token is required.
api.access.token.required=false
# API access token request parameter.
api.access.token.request.parameter=
# Permissions for API admin access.
api.admin.access.permissions=Radmin-api
# Accepted referers for API search.

        with:
          distribution: 'zulu'
          java-version: 17

      - uses: graalvm/setup-graalvm@v1
        with:
          distribution: 'graalvm'
          java-version: 21
          github-token: ${{ secrets.GITHUB_TOKEN }}
          cache: 'gradle'
          native-image-job-reports: true

      - name: Setup Gradle
        uses: gradle/actions/setup-gradle@v4

      - name: Run Checks

pkg debug/pe, const IMAGE_FILE_MACHINE_ARMNT ideal-int
pkg expvar, method (*Map) Delete(string)
pkg go/doc, const PreserveAST = 4
pkg go/doc, const PreserveAST Mode
pkg go/importer, func ForCompiler(*token.FileSet, string, Lookup) types.Importer
pkg go/token, method (*File) LineStart(int) Pos
pkg io, type StringWriter interface { WriteString }
pkg io, type StringWriter interface, WriteString(string) (int, error)
pkg log, method (*Logger) Writer() io.Writer