Add APIKEY (IAM apikey) based authentication support for long running notebook usecases

[djain13]

The current implementation of accepting tokens(token with shorter validity, say an hour) via the environment variable KG_HEADERS is limiting in scenarios where Notebook runs for a duration longer than the token validity. Once the token expires user needs to restart the Notebook or create a new Kernel and resume.

To overcome this we propose to have an APIKEY based authentication in addition to existing authentication methods. Here is the high-level proposal:

• Accept API-key and token generation URL as an environment variable, KG_APIKEY and KG_TOKEN_URL
• Refresh the token if expires and pass that token to the JEG server

[kevin-bates]

Hi @djain13 - I like the idea behind this, however, NB2KG is no longer taking enhancements since this code has not been use for 3 years after it was incorporated into the respective server offerings: Notebook and Jupyter Server. As a result, I would suggest this be pursued from the Jupyter Server aspect since Notebook is essentially in a "new feature freeze" pattern as well.

We need to make this messaging clearer.

[jaswanth99999]

Hi All,

We have added the APIKEY (IAM apikey) based authentication support to the nb2kg code which is presently in the fork repo. Is there any standard test cases that we need to consider and pass before creating a pull request?

Regards -Jaswanth

[kevin-bates]

Hi @jaswanth99999 - this repository doesn't have test coverage, unfortunately. Given its "support state", I would not worry about including test code until an applicable change is submitted to the gateway package in jupyter_server.

Regarding my previous comment about not taking "new features" in this repository, I have since realized there are institutions still leveraging NB2KG in their Notebook offerings and, while they do plan to move to JupyterServer and JuptyerLab, they must still support their existing customers and environments. So, assuming the scope of changes is not significant and can be applied in a backward-compatible manner, then we should consider them for inclusion here. Where there will be stronger pushback is in the Jupyter Notebook repository - where JupyterServer is the clear choice for these kinds of changes.

Please go ahead with your pull request and we'll take things from there.