Ability to update authorization token in documentManager after creation

[IngeCeux]

Problem

I'm currently building a frontend in Angular using JupyterLab components (NotebookPanel). We use an extended Jupyter Server instance that uses authorization tokens which refresh every so often. To account for this, I now set the token in the PageConfig upon loading the app, and update it every time the token is refreshed. I've noticed, however, that once I've created the DocumentManager to handle the Widget creation and communication with the backend (api calls like /sessions, /kernels, /content,...), the token is not updated since the initial creation. So the Authorization header in the api calls stays the same and gives me a 401 Unauthorized response once the token is no longer valid.

Proposed Solution

I need a way to update this token in an existing DocumentManager serverSettings, which will then automatically update the serverSettings.token in all the children (ServiceManager>SessionManager, ContentsManager, KernelManager,...). Maybe a simple method refreshToken(token) in the docManager will do?

[welcome]

Thank you for opening your first issue in this project! Engagement like this is essential for open source projects! 🤗

If you haven't done so already, check out Jupyter's Code of Conduct. Also, please try to follow the issue template as it helps other other community members to contribute more effectively.

You can meet the other Jovyans by joining our Discourse forum. There is also an intro thread there where you can stop by and say Hi! 👋

Welcome to the Jupyter community! 🎉

[IngeCeux]

If it's at all possible, even just making the serverSettings.token not readonly would fix this issue.

[lneves12]

this would be very helpful to me as well. @IngeCeux have you found any workaround to this ? Thanks!

[iceux]

this would be very helpful to me as well. @IngeCeux have you found any workaround to this ? Thanks!

I created a fork of the repo and removed the 'readonly' from the token in packages/services/src/serverconnection.ts as a temporary fix. I do very much still hope a fix for this gets implemented in the main repo, because the fork creates more maintenance work.

[lneves12]

ah I see, yeah that would be nice to have on upstream as well.

I found a different workaround that seems to be working fine in my initial tests:

I basically extended the ServerConnection.makeSettings function to inject my own implementation of websockets + fetch

import { ServerConnection } from '@jupyterlab/services';

let changingToken = "token";

function fetchWithToken(input: RequestInfo, init?: RequestInit) {
  if (!init) {
    init = {};
  }
  if (!init.headers) {
    init.headers = new Headers();
  }

  const bearer = `Bearer ${changingToken}`;
  if (init.headers instanceof Headers) {
    init.headers.append('Authorization', bearer);
  } else if (init.headers instanceof Array) {
    init.headers.push(['Authorization', bearer]);
  } else {
    init.headers['Authorization'] = bearer;
  }

  return window.fetch(input, init);
}

class WebSocketWithToken extends window.WebSocket {
  constructor(url: string | URL) {
    super(`${url}&jwtToken=${changingToken}`);
  }
}

const originalMakeSettings = ServerConnection['makeSettings'];
ServerConnection['makeSettings'] = function makeSettings(
  options?: Partial<ServerConnection.ISettings>
): ServerConnection.ISettings {
  return originalMakeSettings({
    ...options,
    WebSocket: WebSocketWithToken,
    fetch: fetchWithToken
  });
};

// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore
/**
 * Initialization data for the cloud-integration extension.
 */
const plugin: JupyterFrontEndPlugin<void> = {
  id: 'cloud-integration:plugin',