tcompa
commented
1 month ago The next question would be: can we tweak napari so that it makes non-anonymous HTTP calls? This is the same as https://forum.image.sc/t/opening-a-zarr-image-on-a-http-server/80344.
After tracking the calls stack, the actual IO is handled by napari-ome-zarr in https://github.com/ome/ome-zarr-py/blob/master/ome_zarr/reader.py#L324, which is just a wrapper of dask.array.from_zarr (https://docs.dask.org/en/stable/generated/dask.array.from_zarr.html#dask.array.from_zarr). This function clearly accepts URLs, but does not describe any ways for making authenticated calls.
The best option to explore, as far as I understand, is to pass through the HTTPFileSystem provided by fsspec (https://filesystem-spec.readthedocs.io/en/latest/api.html#fsspec.implementations.http.HTTPFileSystem), which I guess could be injected into anything dask-array-related. In that case, the client_kwargs argument is passed to the underlying aiohttp.ClientSession class (https://docs.aiohttp.org/en/stable/client_reference.html), which clearly includes a cookies argument.
I'll try to play with storage_options over there.
I made a quick test in https://github.com/fractal-analytics-platform/fractal-vizarr-viewer/tree/napari-without-authorization:
I removed all authentication/authorization parts from the
fractal-vizarr-viewerapp, so that it simply serves data from the zarr folder (and the vizarr static files).I re-built the docker image and ran it as described in the README
docker run --network host \ -v $(pwd)/test_napari/allowed_users.txt:/allowed_users.txt \ -v $(pwd)/test_napari/zarr-files:/zarr-files \ -e ZARR_DATA_BASE_PATH=/zarr-files \ -e FRACTAL_SERVER_URL=http://localhost:8000 \ -e ALLOWED_USERS=/allowed_users.txt \ fractal-vizarr-viewer
napari --plugin napari-ome-zarr http://localhost:3000/vizarr/data/20200812-CardiomyocyteDifferentiation14-Cycle1_mip.zarr/B/03/0