SOW for content providers for nbgitpuller that require authentication #6150
Description
nbgitpuller components
It is useful to think about the various abstract functional components nbgitpuller has, so we can separate the various improvements and changes we need to make. It has five functional parts:
- Fetch content (currently this is
gitonly) - Resolve conflicts between changes in the upstream content and the user's changes (uses
git, currently entangled with (1)) - A web UI to show progress of this fetching and conflict resolution
- A commandline UI to automatically do fetching and conflict resolution
- A web UI to generate links (https://nbgitpuller.readthedocs.io/en/latest/link.html)
This is one of 4 separate but related SOWs we are producing, so they can be discussed, funded and worked on clearly.
The Problem
There are content sources that require authentication to pull content from them. This is a valuable feature since some link-authors, such as course instructors, do not wish to make their content public.
Definition of Done
This SOW specifies an implementation plan that enables nbgitpuller to pull from authenticated content providers into a Jupyter environment that can authorise access to content using a
- Service token: authenticate on behalf of the JupyterHub service - limited permissions are granted to JupyterHub to access specific content
- User token: authenticate on behalf of the user – has the same permissions to perform actions as the user and can access all user owned content