.pre-commit-config.yaml

@@ -30,7 +30,7 @@ repos:
         files: \.py$
 
   - repo: https://github.com/pre-commit/mirrors-mypy
-    rev: v0.961
+    rev: v0.971
     hooks:
       - id: mypy
         additional_dependencies: [types-requests]
@@ -41,39 +41,35 @@ repos:
       - id: prettier
 
   - repo: https://github.com/asottile/pyupgrade
-    rev: v2.37.1
+    rev: v2.37.3
     hooks:
       - id: pyupgrade
         args: [--py37-plus]
 
   - repo: https://github.com/PyCQA/doc8
-    rev: 0.11.2
+    rev: v1.0.0
     hooks:
       - id: doc8
         args: [--max-line-length=200]
         exclude: docs/source/other/full-config.rst
         stages: [manual]
 
   - repo: https://github.com/pycqa/flake8
-    rev: 4.0.1
+    rev: 5.0.4
     hooks:
       - id: flake8
         additional_dependencies:
-          [
-            "flake8-bugbear==20.1.4",
-            "flake8-logging-format==0.6.0",
-            "flake8-implicit-str-concat==0.2.0",
-          ]
+          ["flake8-bugbear==22.6.22", "flake8-implicit-str-concat==0.2.0"]
         stages: [manual]
 
   - repo: https://github.com/pre-commit/mirrors-eslint
-    rev: v8.19.0
+    rev: v8.23.0
     hooks:
       - id: eslint
         stages: [manual]
 
   - repo: https://github.com/sirosen/check-jsonschema
-    rev: 0.17.0
+    rev: 0.18.1
     hooks:
       - id: check-jsonschema
         name: "Check GitHub Workflows"

docs/doc-requirements.txt

@@ -2,6 +2,7 @@ ipykernel
 jinja2
 jupyter_client
 jupyter_server
+mistune<1.0.0
 myst-parser
 nbformat
 prometheus_client

docs/environment.yml

@@ -5,3 +5,4 @@ dependencies:
   - pip
   - pip:
       - -r doc-requirements.txt
+      - ..

docs/source/conf.py

@@ -108,7 +108,7 @@
 # |version| and |release|, also used in various other places throughout the
 # built documents.
 #
-__version__ = "2.0.0b0"
+__version__ = "2.1.0.dev0"
 # The short X.Y version.
 version_parsed = parse_version(__version__)
 version = f"{version_parsed.major}.{version_parsed.minor}"

docs/source/operators/security.rst

@@ -101,7 +101,7 @@ as all requests requiring _authorization_ must first complete _authentication_.
 Identity Providers
 ******************
 
-The :class:`.IdentityProvider` class is responsible for the "authorization" step,
+The :class:`.IdentityProvider` class is responsible for the "authentication" step,
 identifying the user making the request,
 and constructing information about them.
 

examples/simple/simple_ext1/handlers.py

@@ -1,3 +1,4 @@
+from jupyter_server.auth import authorized
 from jupyter_server.base.handlers import JupyterHandler
 from jupyter_server.extension.handler import (
     ExtensionHandlerJinjaMixin,
@@ -7,6 +8,9 @@
 
 
 class DefaultHandler(ExtensionHandlerMixin, JupyterHandler):
+    auth_resource = "simple_ext1:default"
+
+    @authorized
     def get(self):
         # The name of the extension to which this handler is linked.
         self.log.info(f"Extension Name in {self.name} Default Handler: {self.name}")

examples/simple/tests/test_handlers.py

@@ -2,13 +2,31 @@
 
 
 @pytest.fixture
-def jp_server_config(jp_template_dir):
+def jp_server_auth_resources(jp_server_auth_core_resources):
+    for url_regex in [
+        "/simple_ext1/default",
+    ]:
+        jp_server_auth_core_resources[url_regex] = "simple_ext1:default"
+    return jp_server_auth_core_resources
+
+
+@pytest.fixture
+def jp_server_config(jp_template_dir, jp_server_authorizer):
     return {
-        "ServerApp": {"jpserver_extensions": {"simple_ext1": True}},
+        "ServerApp": {
+            "jpserver_extensions": {"simple_ext1": True},
+            "authorizer_class": jp_server_authorizer,
+        },
     }
 
 
-async def test_handler_default(jp_fetch):
+async def test_handler_default(jp_fetch, jp_serverapp):
+    jp_serverapp.authorizer.permissions = {
+        "actions": ["read"],
+        "resources": [
+            "simple_ext1:default",
+        ],
+    }
     r = await jp_fetch("simple_ext1/default", method="GET")
     assert r.code == 200
     assert r.body.decode().index("Hello Simple 1 - I am the default...") > -1

jupyter_server/__init__.py

@@ -1,5 +1,6 @@
 """The Jupyter Server"""
 import os
+import pathlib
 import subprocess
 import sys
 
@@ -10,6 +11,8 @@
 ]
 
 DEFAULT_JUPYTER_SERVER_PORT = 8888
+JUPYTER_SERVER_EVENTS_URI = "https://events.jupyter.org/jupyter_server"
+DEFAULT_EVENTS_SCHEMA_PATH = pathlib.Path(__file__).parent / "event_schemas"
 
 del os
 

jupyter_server/_version.py

@@ -2,5 +2,5 @@
 store the current version info of the server.
 
 """
-version_info = (2, 0, 0, "b", "0")
+version_info = (2, 1, 0, ".dev", "0")
 __version__ = ".".join(map(str, version_info[:3])) + "".join(version_info[3:])

jupyter_server/auth/identity.py

@@ -9,6 +9,7 @@
 
 import binascii
 import datetime
+import json
 import os
 import re
 import sys
@@ -24,6 +25,7 @@
 from jupyter_server.transutils import _i18n
 
 from .security import passwd_check, set_password
+from .utils import get_anonymous_username
 
 # circular imports for type checking
 if TYPE_CHECKING:
@@ -290,11 +292,28 @@ def user_to_cookie(self, user: User) -> str:
         Default is just the user's username.
         """
         # default: username is enough
-        return user.username
+        cookie = json.dumps(
+            {
+                "username": user.username,
+                "name": user.name,
+                "display_name": user.display_name,
+                "initials": user.initials,
+                "color": user.color,
+            }
+        )
+        return cookie
 
     def user_from_cookie(self, cookie_value: str) -> User | None:
         """Inverse of user_to_cookie"""
-        return User(username=cookie_value)
+        user = json.loads(cookie_value)
+        return User(
+            user["username"],
+            user["name"],
+            user["display_name"],
+            user["initials"],
+            None,
+            user["color"],
+        )
 
     def get_cookie_name(self, handler: JupyterHandler) -> str:
         """Return the login cookie name
@@ -396,7 +415,6 @@ def get_token(self, handler: JupyterHandler) -> str | None:
         - in URL parameters: ?token=<token>
         - in header: Authorization: token <token>
         """
-
         user_token = handler.get_argument("token", "")
         if not user_token:
             # get it from Authorization header
@@ -447,8 +465,12 @@ def generate_anonymous_user(self, handler: JupyterHandler) -> User:
         but does not identify a user.
         """
         user_id = uuid.uuid4().hex
+        moon = get_anonymous_username()
+        name = display_name = f"Anonymous {moon}"
+        initials = f"A{moon[0]}"
+        color = None
         handler.log.info(f"Generating new user for token-authenticated request: {user_id}")
-        return User(user_id)
+        return User(user_id, name, display_name, initials, None, color)
 
     def should_check_origin(self, handler: JupyterHandler) -> bool:
         """Should the Handler check for CORS origin validation?

jupyter_server/auth/utils.py

@@ -3,6 +3,7 @@
 # Copyright (c) Jupyter Development Team.
 # Distributed under the terms of the Modified BSD License.
 import importlib
+import random
 import re
 import warnings
 
@@ -74,3 +75,95 @@ def match_url_to_resource(url, regex_mapping=None):
         pattern = re.compile(regex)
         if pattern.fullmatch(url):
             return auth_resource
+
+
+# From https://en.wikipedia.org/wiki/Moons_of_Jupiter
+moons_of_jupyter = [
+    "Metis",
+    "Adrastea",
+    "Amalthea",
+    "Thebe",
+    "Io",
+    "Europa",
+    "Ganymede",
+    "Callisto",
+    "Themisto",
+    "Leda",
+    "Ersa",
+    "Pandia",
+    "Himalia",
+    "Lysithea",
+    "Elara",
+    "Dia",
+    "Carpo",
+    "Valetudo",
+    "Euporie",
+    "Eupheme",
+    # 'S/2003 J 18',
+    # 'S/2010 J 2',
+    "Helike",
+    # 'S/2003 J 16',
+    # 'S/2003 J 2',
+    "Euanthe",
+    # 'S/2017 J 7',
+    "Hermippe",
+    "Praxidike",
+    "Thyone",
+    "Thelxinoe",
+    # 'S/2017 J 3',
+    "Ananke",
+    "Mneme",
+    # 'S/2016 J 1',
+    "Orthosie",
+    "Harpalyke",
+    "Iocaste",
+    # 'S/2017 J 9',
+    # 'S/2003 J 12',
+    # 'S/2003 J 4',
+    "Erinome",
+    "Aitne",
+    "Herse",
+    "Taygete",
+    # 'S/2017 J 2',
+    # 'S/2017 J 6',
+    "Eukelade",
+    "Carme",
+    # 'S/2003 J 19',
+    "Isonoe",
+    # 'S/2003 J 10',
+    "Autonoe",
+    "Philophrosyne",
+    "Cyllene",
+    "Pasithee",
+    # 'S/2010 J 1',
+    "Pasiphae",
+    "Sponde",
+    # 'S/2017 J 8',
+    "Eurydome",
+    # 'S/2017 J 5',
+    "Kalyke",
+    "Hegemone",
+    "Kale",
+    "Kallichore",
+    # 'S/2011 J 1',
+    # 'S/2017 J 1',
+    "Chaldene",
+    "Arche",
+    "Eirene",
+    "Kore",
+    # 'S/2011 J 2',
+    # 'S/2003 J 9',
+    "Megaclite",
+    "Aoede",
+    # 'S/2003 J 23',
+    "Callirrhoe",
+    "Sinope",
+]
+
+
+def get_anonymous_username() -> str:
+    """
+    Get a random user-name based on the moons of Jupyter.
+    This function returns names like "Anonymous Io" or "Anonymous Metis".
+    """
+    return moons_of_jupyter[random.randint(0, len(moons_of_jupyter) - 1)]

jupyter_server/base/handlers.py

@@ -20,6 +20,7 @@
 import prometheus_client
 from jinja2 import TemplateNotFound
 from jupyter_core.paths import is_hidden
+from jupyter_events import EventLogger
 from tornado import web
 from tornado.log import app_log
 from traitlets.config import Application
@@ -335,8 +336,8 @@ def config_manager(self):
         return self.settings["config_manager"]
 
     @property
-    def event_bus(self):
-        return self.settings["event_bus"]
+    def event_logger(self) -> EventLogger:
+        return self.settings["event_logger"]
 
     # ---------------------------------------------------------------
     # CORS