Closed chuyqa closed 5 years ago
@chuyqa - thanks for the issue. I know nothing about websocket authorization other than the google I just performed. :smile:
Since there will be others possibly using the current form, would it make sense to introduce a new variable - KG_BEARER_TOKEN
that is then inserted into 'Bearer <bearer_token>'
just as KG_AUTH_TOKEN
is inserted into 'token <auth_token>'
?
If so, we'd look for `KG_BEARER_TOKEN first, then fallback to the current functionality if not present.
I'm not in a position to test this kind of thing out. Would you be able to make this change?
Once the change is made here, we'll want to update the embedded version in notebook. The env names are different and it supports command-line arguments.
One interesting part here is that if KG_BEARER_TOKEN
is not set, we'll still set the headers to
'Authorization': 'token '
.
This would need a bit of refactoring If we go the route of
KG_HEADERS
Authorization:
if KG_BEARER_TOKEN
is setAuthorization:
if KG_AUTH_TOKEN
is setAs we'd still need to adjust KG_AUTH_TOKEN
to only update if set.
Given that only 1 Authorization: <>
can be present in the Headers, what are your thoughts on an approach where we make KG_HEADERS
slightly more flexible and allow it to pass in Authorization
without it being over-written, while keeping the existing functionality if KG_HEADERS does not include Authorization
?
PR with this approach https://github.com/jupyter/nb2kg/pull/30
Closing via #30
Regarding the KG_HEADERS:
For common JWT Header based authentication, the format for the token will be
The problem with nb2kg's setup for these headers is the
'token
string will always be prepended.KG_HEADERS={'Authorization':'Bearer eyJ1....oWSQ'}
,KG_HEADERS.update
will drop the bearer token and set to empty stringKG_AUTH_TOKEN=Bearer eyJ1....oWSQ
, then the KG_HEADERS constructed are:'Authorization': 'token Bearer eyJ1....oWSQ