Yuvi

We've finally got some dedicated time from @oliverroick so hopefully with that we can push this one to completion

Will need to be rebased on https://github.com/jupyterhub/binderhub/pull/1891 but otherwise pretty close!

I've merged #1891 here, and the failing tests are all actually genuine failures! \o/

Looking at the build token and seeing how that is generated: ```python build_token = jwt.encode( { "exp": int(time.time()) + self.settings["build_token_expires_seconds"], "aud": provider_spec, "origin": self.token_origin(), }, key=self.settings["build_token_secret"], algorithm="HS256", ) ``` It...

I've added support for build tokens! It still fails, but that's a genuine failure - I think it shows up because there was custom logic in https://github.com/jupyterhub/binderhub/blob/main/binderhub/static/js/src/form.js#L13 that we haven't...

Looks like we've *kinda* uncovered a rats nest of 'when do we expect repo to be encoded'? For example, with zenodo, we *don't* expect it to be encoded - localhost:8000/services/binder/v2/zenodo/10.5281/zenodo.3242074/...

The *only* times repo is actually uriEncoded is: 1. When using `gl` provider (due to explicit check) 2. When using `git` provider (as repo is a full http URL, and...

The existing route is ` (r"/v2/([^/]+)/(.+)", ParameterizedMainHandler),`. Basically I *think* we lucked out that repoproviders that aren't listed in https://github.com/jupyterhub/binderhub/pull/1856#issuecomment-2529602076 happen to have `/` in the repo part because DOIs...

> For frontend purposes, it should be an explicit property of the provider whether the input to the resource / repo / etc. needs encoding or not. Yep, this is...

yay! all tests pass!