Master branch: KeyError on self.settings["authorizer"]

[martinRenou]

Description

Using voila with jupyter_server master, I get the following error:

Traceback (most recent call last):
  File "/home/martin/miniconda3/envs/voila/lib/python3.10/site-packages/tornado/web.py", line 1702, in _execute
    result = method(*self.path_args, **self.path_kwargs)
  File "/home/martin/miniconda3/envs/voila/lib/python3.10/site-packages/tornado/web.py", line 3173, in wrapper
    return method(self, *args, **kwargs)
  File "/home/martin/github/jupyter_server/jupyter_server/auth/decorator.py", line 64, in inner
    if self.authorizer.is_authorized(self, user, action, resource):
  File "/home/martin/github/jupyter_server/jupyter_server/base/handlers.py", line 196, in authorizer
    return self.settings["authorizer"]
KeyError: 'authorizer'

Reproduce

1. Install Voila
2. Install jupyter_server master
3. Run a Notebook with voila

Expected behavior

Context

• Operating System and version: Linux
• Browser and version:
• Jupyter Server version: master branch

Troubleshoot Output

Paste the output from running `jupyter troubleshoot` from the command line here.
You may want to sanitize the paths in the output.

Command Line Output

Paste the output from your command line running `jupyter lab` here, use `--debug` if possible.

Browser Output

Paste the output from your browser Javascript console here, if applicable.

[Zsailer]

This is caused by #165. It looks like it introduced a backwards incompatible change that we missed in the review.

The kernel/ZMQ handlers from jupyter_server now have an authorization layer built-in and it expects the underlying Tornado web application to have an Authorizer in its settings. By default, this authorizer allows all requests, see the AllowAllAuthorizer.

Because Voila uses the kernel handlers but defines its own web application, it doesn't pick up this authorizer class in its settings. We didn't consider Voila's use-case in the review—a library that uses jupyter_server's handlers but not its webapp.

We need to address this case in Jupyter server to prevent the backward incompatibility issue.

In the meantime, you can work around this in Voila by defining an authorizer setting in the webapp and use the AllowAllAuthorizer. Voila might greatly benefit from the new authorization API added in #165.

[ruomad]

In the meantime, you can work around this in Voila by defining an authorizer setting in the webapp and use the AllowAllAuthorizer.

I didn't find a way to use the workaround you mention... is it possible to set this authorizer in voila arguments or in some config file ?