* Einem Query-Parameter.
    * Einem Header.
    * Einem Cookie.
* `http`: Standard-HTTP-Authentifizierungssysteme, einschließlich:
    * `bearer`: ein Header `Authorization` mit dem Wert `Bearer ` plus einem Token. Dies wird von OAuth2 geerbt.
    * HTTP Basic Authentication.
    * HTTP Digest, usw.
* `oauth2`: Alle OAuth2-Methoden zum Umgang mit Sicherheit (genannt „Flows“).

    * A query parameter.
    * A header.
    * A cookie.
* `http`: standard HTTP authentication systems, including:
    * `bearer`: a header `Authorization` with a value of `Bearer ` plus a token. This is inherited from OAuth2.
    * HTTP Basic authentication.
    * HTTP Digest, etc.
* `oauth2`: all the OAuth2 ways to handle security (called "flows").

/// tip | 提示

有些编辑器会检查代码中没使用过的函数参数，并显示错误提示。

在*路径操作装饰器*中使用 `dependencies` 参数，可以确保在执行依赖项的同时，避免编辑器显示错误提示。

使用路径装饰器依赖项还可以避免开发新人误会代码中包含无用的未使用参数。

///

/// info | 说明

本例中，使用的是自定义响应头 `X-Key` 和 `X-Token`。

但实际开发中，尤其是在实现安全措施时，最好使用 FastAPI 内置的[安全工具](../security/index.md){.internal-link target=_blank}（详见下一章）。

///

## 依赖项错误和返回值

路径装饰器依赖项也可以使用普通的依赖项*函数*。

### 依赖项的需求项

路径装饰器依赖项可以声明请求的需求项（比如响应头）或其他子依赖项：

## Explore Further

- [Casdoor MinIO Integration](https://casdoor.org/docs/integration/minio)
- [MinIO STS Quickstart Guide](https://docs.min.io/community/minio-object-store/developers/security-token-service.html)

String unescaped = JsonUtil.unescape(escaped);

// Text tokenization
Tokenizer tokenizer = new Tokenizer("field1,field2,field3", ",");
while (tokenizer.hasMoreTokens()) {
    String token = tokenizer.nextToken();
    // Process each token
}

// Decimal formatting
DecimalFormat format = DecimalFormatUtil.getDecimalFormat("###,###.00");
```

### Exception Handling
```java
import org.codelibs.core.exception.*;

labels.roleTypeIds=Rollen-IDs
labels.scriptData=Skript
labels.scriptResult=Ergebnis
labels.scriptType=Ausführungsmethode
labels.segmentation=Segmentierung
labels.startTime=Startzeit
labels.target=Ziel
labels.token=Token
labels.synonymFile=Synonymdatei
labels.stopwordsFile=Stopwörterdatei
labels.stemmerOverrideFile=Stemmer-Überschreibungsdatei
labels.mappingFile=Zuordnungsdatei
labels.protwordsFile=Protwords-Datei

    }
  }

  /** See https://api.slack.com/methods/rtm.start. */
  public RtmStartResponse rtmStart(String accessToken) throws IOException {
    HttpUrl url = baseUrl.newBuilder("rtm.start")
        .addQueryParameter("token", accessToken)
        .build();
    Request request = new Request.Builder()
        .url(url)
        .build();
    Call call = httpClient.newCall(request);
    try (Response response = call.execute()) {

    // Patterns for sensitive data - compiled once and cached
    private static final Pattern PASSWORD_PATTERN = Pattern.compile(
            "(?i)(password|passwd|pwd|secret|token|key|credential|auth)([\"']?\\s*[:=]\\s*[\"']?)([^\"',\\s]+)", Pattern.CASE_INSENSITIVE);

    private static final Pattern IP_PATTERN = Pattern.compile("\\b(?:[0-9]{1,3}\\.){3}[0-9]{1,3}\\b");

# Length of API access token.
api.access.token.length=60
# Whether API access token is required.
api.access.token.required=false
# API access token request parameter.
api.access.token.request.parameter=
# Permissions for API admin access.
api.admin.access.permissions=Radmin-api
# Accepted referers for API search.

    @Throws(IOException::class)
    fun parse(responseHeaders: Headers): WebSocketExtensions {
      // Note that this code does case-insensitive comparisons, even though the spec doesn't specify
      // whether extension tokens and parameters are case-insensitive or not.

      var compressionEnabled = false
      var clientMaxWindowBits: Int? = null
      var clientNoContextTakeover = false
      var serverMaxWindowBits: Int? = null