Notebooks: Remote Jupyter Server: Support custom auth schemas

[jschaeck]

Hello,

connecting VS Code notebooks to a remote server works really nice. However, right now , the expectation is that the authentication is exclusively done via ?token as a query param to the url.

Some cloud vendors hosting Jupyter Notebooks are using alternative auth schemas however and that prevents using VS Code NBs in that case.

I wondered if support for additional auth schemas could be added. The jupyter community also did that in the Jupyter Server Gateway component: jupyter-server/jupyter_server#529

As tokens might time out, it would be even better if it would be possible to register a callback function like getAuthHeaderForOutboundCall that users can implement on their own. (In there, the auth tokens could be recreated from an api key for example if they time out)

[rchiodo]

We do support user/password as well (common option when not using token for jupyter).

For other auth schemes there is an API that you could write an extension to support (and it supports timeout).

There's an example here of using it:
https://github.com/microsoft/vscode-jupyter/tree/main/src/test/datascience/extensionapi/exampleextension/ms-ai-tools-test

The Azure ML Extension in VS code uses it to provide connections to jupyter servers behind an Azure proxy.

[rchiodo]

The root of the API is the 'registerRemoteServerProvider' function.

vscode-jupyter/src/platform/api.ts

Line 42 in 1143125

registerRemoteServerProvider(serverProvider: IJupyterUriProvider): void;

You call this from your extension.

You can see the implementation of the remote server provider in the example here:

vscode-jupyter/src/test/datascience/extensionapi/exampleextension/ms-ai-tools-test/src/serverPicker.ts

Line 83 in bd63750

authorizationHeader: { Authorization: `Bearer ${output.accessToken}` },

It is returning an object that has the authorization headers for the request and a timeout that causes the jupyter extension to reask later.