## Explore Further

- [MinIO Client Complete Guide](https://docs.min.io/community/minio-object-store/reference/minio-mc.html)
- [MinIO STS Quickstart Guide](https://docs.min.io/community/minio-object-store/developers/security-token-service.html)
- [MinIO Admin Complete Guide](https://docs.min.io/community/minio-object-store/reference/minio-mc-admin.html)

    )
  }

  // Example taken from twitter/hpack DecoderTest.testUnusedIndex
  @Test
  fun readIndexedHeaderFieldIndex0() {
    bytesIn.writeByte(0x80) // == Indexed - Add idx = 0
    assertFailsWith<IOException> {
      hpackReader!!.readHeaders()
    }.also { expected ->
      assertThat(expected.message).isEqualTo("index == 0")
    }
  }

  // Example taken from twitter/hpack DecoderTest.testIllegalIndex

Also fügen wir sie in ihr eigenes `dependencies`-Modul (`app/dependencies.py`) ein.

Wir werden nun eine einfache Abhängigkeit verwenden, um einen benutzerdefinierten `X-Token`-Header zu lesen:

//// tab | Python 3.9+

```Python hl_lines="3  6-8" title="app/dependencies.py"
{!> ../../docs_src/bigger_applications/app_an_py39/dependencies.py!}
```

////

Мы поместим их в отдельный модуль `dependencies` (`app/dependencies.py`).

Теперь мы воспользуемся простой зависимостью, чтобы прочитать кастомизированный `X-Token` из заголовка:

//// tab | Python 3.9+

```Python hl_lines="3  6-8" title="app/dependencies.py"
{!> ../../docs_src/bigger_applications/app_an_py39/dependencies.py!}
```

////

- On finding at least one associated policy, MinIO generates temporary credentials for the user storing the list of groups in a cryptographically secure session token. The temporary access key, secret key and session token are returned to the user.
- The user can now use these credentials to make requests to the MinIO server.

│   ├── main.py
│   └── test_main.py
```

이제 **FastAPI** 앱이 있는 `main.py` 파일에 몇 가지 다른 **경로 작업** 이 추가된 경우를 생각해봅시다.

단일 오류를 반환할 수 있는 `GET` 작업이 있습니다.

여러 다른 오류를 반환할 수 있는 `POST` 작업이 있습니다.

두 *경로 작업* 모두 `X-Token` 헤더를 요구합니다.

//// tab | Python 3.10+

```Python
{!> ../../docs_src/app_testing/app_b_an_py310/main.py!}
```

////

//// tab | Python 3.9+

```Python

		t: t,
		objAPITest: func(obj ObjectLayer, instanceType, bucketName string, apiRouter http.Handler, credentials auth.Credentials, t *testing.T) {
			objectName := "dummy-object"
			functionID := "lambda1"
			functionToken := "token123"

			// Lambda mock server
			lambdaServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
				w.Header().Set(xhttp.AmzRequestRoute, functionID)

* Sécurité et authentification, y compris la prise en charge de **OAuth2** avec les **<abbr title="en anglais : JWT tokens">jetons <abbr title="JSON Web Tokens">JWT</abbr></abbr>** et l'authentification **HTTP Basic**.

    this.wordSeparator = wordSeparator;
  }

  /**
   * Converts the specified {@code String str} from this format to the specified {@code format}. A
   * "best effort" approach is taken; if {@code str} does not conform to the assumed format, then
   * the behavior of this method is undefined but we make a reasonable effort at converting anyway.
   */
  public final String to(CaseFormat format, String str) {

Beveiliging en authenticatie is geïntegreerd. Zonder compromissen te doen naar databases of datamodellen.

Alle beveiligingsschema's gedefinieerd in OpenAPI, inclusief:

* HTTP Basic.
* **OAuth2** (ook met **JWT tokens**). Bekijk de tutorial over [OAuth2 with JWT](tutorial/security/oauth2-jwt.md){.internal-link target=_blank}.
* API keys in:
    * Headers.
    * Query parameters.
    * Cookies, enz.