dpop 0.0.1 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a18eef1638fff53ada134d2a1e10f3d085cbe9a08394ed1afe27350c89202600
-  data.tar.gz: f380c04a36bf0ff8f350ed812956b9b8398163932110dbfa35e7cca5241a5f62
+  metadata.gz: 515c773b21830f39448b7cf146d976eb66c0121efb97a316063b9643d00589fb
+  data.tar.gz: 7c8e28c5dde868992435cd6e2df6c5801d809d1e3124b0ec2101b1f1ee7e7a30
 SHA512:
-  metadata.gz: 1feb52a87b8bb798be1d6322d37d23f38f780ffff2bd99ae132cdeb6491c2ad51271fa2878fa4fbc9fde0dd4557e40cf7cd50e873f55f77bef2455f7e0d1ea70
-  data.tar.gz: d53d6ae7c08e6af14b36f8b7aa3b5beafd6429018fc57589c8eda5825e8ab1c5bc0b3d3d824d134fcdb895f14566827f8764394d39ab66c821cfe515ee6c9360
+  metadata.gz: 3c83c6fd46e8290ef434c7869b2fd3096771e829119308d2ff096ebfe6227df24ac2a2b64cef7f58a45a1fa2ba836e6abadc46f4c5067509fb3640c3d96bd929
+  data.tar.gz: c12968b246fb12df9a0e82318d799e48c11ea48df8ec1480e0ecbbe11ff4c78c39c270a11de70393820e5c8fd38fc1546bd76b7b5414ed120c95bb2e83b406d2

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,20 @@
+require:
+- rubocop-rails
+
+Style/StringLiterals:
+  Enabled: false
+
+Metrics/BlockLength:
+  Enabled: false
+
+Metrics/ParameterLists:
+  Enabled: false
+
+Naming/FileName:
+  Enabled: false
+
+Naming/MethodParameterName:
+  Enabled: false
+
+Rails/RakeEnvironment:
+  Enabled: false

data/CHANGELOG.md

@@ -0,0 +1,8 @@
+## v0.1.0
+ - Initial setup:
+   - Configuration
+   - Controller
+   - CookieJar
+   - Encryptor
+   - KeyGenerator
+   - ProofGenerator

data/Gemfile.lock

@@ -0,0 +1,80 @@
+PATH
+  remote: .
+  specs:
+    dpop (0.1.0)
+      activesupport
+      jwt
+      openssl
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (7.0.3.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+    ast (2.4.2)
+    concurrent-ruby (1.1.10)
+    diff-lcs (1.5.0)
+    i18n (1.12.0)
+      concurrent-ruby (~> 1.0)
+    jwt (2.4.1)
+    minitest (5.16.2)
+    openssl (3.0.0)
+    parallel (1.22.1)
+    parser (3.1.2.0)
+      ast (~> 2.4.1)
+    rack (2.2.3)
+    rainbow (3.1.1)
+    rake (13.0.6)
+    regexp_parser (2.3.1)
+    rexml (3.2.5)
+    rspec (3.11.0)
+      rspec-core (~> 3.11.0)
+      rspec-expectations (~> 3.11.0)
+      rspec-mocks (~> 3.11.0)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-mocks (3.11.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-support (3.11.0)
+    rubocop (1.28.2)
+      parallel (~> 1.10)
+      parser (>= 3.1.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml
+      rubocop-ast (>= 1.17.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.17.0)
+      parser (>= 3.1.1.0)
+    rubocop-rails (2.14.2)
+      activesupport (>= 4.2.0)
+      rack (>= 1.1)
+      rubocop (>= 1.7.0, < 2.0)
+    ruby-progressbar (1.11.0)
+    tzinfo (2.0.5)
+      concurrent-ruby (~> 1.0)
+    unicode-display_width (2.1.0)
+
+PLATFORMS
+  ruby
+  x86_64-darwin-19
+
+DEPENDENCIES
+  bundler
+  dpop!
+  jwt
+  rake (~> 13.0)
+  rspec
+  rubocop
+  rubocop-rails
+
+BUNDLED WITH
+   2.3.15

data/README.md

@@ -1,8 +1,8 @@
 # Dpop
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/dpop`. To experiment with that code, run `bin/console` for an interactive prompt.
+Implementation of DPoP ([Demonstrating Proof-of-Possession at the Application Layer](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-dpop)) for Ruby and Rails apps.
 
-TODO: Delete this and the text above, and describe your gem
+Adds a 
 
 ## Installation
 
@@ -16,14 +16,105 @@ If bundler is not being used to manage dependencies, install the gem by executin
 
 ## Usage
 
-TODO: Write usage instructions here
+In general, this gem provides two concepts: A wrapper for creating private keys that this gem can consume, and an API for consuming those private keys to generate Proof JWT's for a given request.
+
+### Setup
+
+This gem uses a configuration concept for setup, and then can be accessed through module methods on `Dpop`
+
+Run the configurer to set with defaults:
+```ruby
+Dpop.configure
+```
+
+Or pass a block to overwrite defaults:
+```ruby
+Dpop.configure do |config|
+  config.encryption_key = MY_SECURE_SECRET_PASSPHRASE
+end
+```
+
+|Configurable variable|Description|Default value|
+|===|===|===|
+|cookie_name|Cookie saved on the browser when using the Rails controller concern|"_proof_keys"|
+|encryption_key|Secure passphrase used for encrypting cookes with Rails|ENV["DPOP_ENCRYPTION_KEY"]|
+|generated_key_size|Byte size of generated private keys|1024|
+
+
+### Module methods
+
+To generate a consumable private key, run `Dpop.generate_key_pair`. That will return a PEM string, which can be used with openssl by running `OpenSSL::PKey::RSA.new(key)`
+
+To generate a Proof JWT, run `Dpop.get_proof_with_key(key, htu: "https://www.website.call/path", htm: "GET"`. That will return a JWT string, which should be added to the Dpop header of your http request.
+
+### Rails
+
+In Rails apps, this gem automatically configures on initialization using a Railtie. At any time, those configuration variables can be overwritten manually as described above, but running `Dpop.configure` to initialize the gem isn't mandatory.
+
+The app provides a controller concern that can be used to ensure user's browsers have a private key saved in their cookies, which can be relied on to prove possession of their browser. A proof can then be generated using that key, to be attached to your HTTP requests.
+
+In your `ApplicationController`, add `include Dpop::Controller`.
+
+In your controllers where you'd like to ensure your user has a key set, or in your `ApplicationController`, add `ensure_dpop!`
+
+When you want to create a proof signed with that key, use `get_proof(htu: "https://www.website.call/path", htm: "GET")`
+
+Example using `Net::HTTP`:
+```
+class MyController < ApplicationController
+  ensure_dpop!
+
+  def index
+    uri = URI("https://www.myresourcehost.com/index?page=1")
+    proof = get_proof(htu: dpop_htu(uri), htm: "GET")
+
+    req = Net::HTTP::Get.new(uri)
+    req['authorization'] = "DPoP #{my_access_token}"
+    req['dpop'] = proof
+
+    res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') do |http|
+      http.request(req)
+    end
+
+    @data = res.body
+  end
+
+  def create
+    uri = URI("https://www.myresourcehost.com/index?page=1")
+    proof = get_proof(htu: dpop_htu(uri), htm: "GET")
+
+    req = Net::HTTP::Post.new(uri)
+    req['authorization'] = "DPoP #{my_access_token}"
+    req['dpop'] = proof
+
+    res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') do |http|
+      http.request(req)
+    end
+
+    @data = res.body
+  end
+
+  private
+
+  # Only pass scheme, host, and path following DPoP spec
+  def dpop_htu(uri)
+    uri.fragment = dpop_uri.query = nil
+    uri
+  end
+
+end
+```
 
 ## Development
 
-After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+`bundle install` to setup. Develop using `bundle console` for ruby, or by installing the gem through `path:` in your consuming app.
 
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+To release a new version, update the version number in `version.rb`, run `bundle install` to update Gemfile.lock, and add a CHANGELOG.md entry for your version.
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/dpop.
+Bug reports and pull requests are welcome on GitHub at https://github.com/WilliamNHarvey/dpop-ruby. Please add clear testing instructions in your PR.
+
+## License
+
+[Apache Version 2.0](https://www.apache.org/licenses/LICENSE-2.0)

data/lib/dpop/configuration.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Dpop
+  # Configures the app's module methods
+  class Configuration
+    attr_accessor :cookie_name, :encryption_key, :generated_key_size, :key_alg
+
+    DEFAULT_COOKIE_NAME = "_proof_keys"
+    DEFAULT_ENCRYPTION_KEY = ENV["DPOP_ENCRYPTION_KEY"] || ""
+    DEFAULT_GENERATED_KEY_SIZE = 1024
+    DEFAULT_KEY_ALG = :rsa
+
+    def initialize
+      self.cookie_name = DEFAULT_COOKIE_NAME
+      self.encryption_key = DEFAULT_ENCRYPTION_KEY
+      self.generated_key_size = DEFAULT_GENERATED_KEY_SIZE
+      self.key_alg = DEFAULT_KEY_ALG
+    end
+
+    def encryptor
+      @encryptor ||= Dpop::Encryptor.new(encryption_key)
+    end
+  end
+end

data/lib/dpop/controller.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Dpop
+  # Controller concern for Rails
+  module Controller
+    extend ActiveSupport::Concern
+
+    # Error for DPoP cookie not being found
+    class MissingDpopCookie < StandardError
+      def initialize(cookie_name)
+        super("No DPoP cookie found with name `#{cookie_name}`. Try running `ensure_dpop!` before using this concern.")
+      end
+    end
+
+    included do
+      class_attribute :ensure_dpop_on_actions
+      self.ensure_dpop_on_actions = false
+
+      # Set up the around_action which ensures the cookie is set on request if the controller has ensure_dpop! set
+      before_action :set_dpop_cookie
+    end
+
+    class_methods do
+      def ensure_dpop!
+        self.ensure_dpop_on_actions = true
+      end
+    end
+
+    def get_proof(**args)
+      dpop_key = cookie_jar[Dpop.config.cookie_name]
+      raise MissingDpopCookie, Dpop.config.cookie_name unless dpop_key
+
+      generator = Dpop::ProofGenerator.new(dpop_key, "RS256")
+      generator.create_dpop_proof(args)
+    end
+
+    def set_dpop_cookie
+      return unless ensure_dpop_on_actions
+      return if cookie_jar[Dpop.config.cookie_name]
+
+      generated = Dpop::KeyGenerator.generate(Dpop.config.key_alg)
+
+      cookie_jar[Dpop.config.cookie_name] = generated
+    end
+
+    private
+
+    def cookie_jar
+      Dpop::CookieJar.new(Dpop.config.encryptor, request.cookies)
+    end
+  end
+end

data/lib/dpop/cookie_jar.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+module Dpop
+  # Manages browser cookies
+  class CookieJar
+    # Error for when cookie is not decipherable
+    class InvalidCookieError < StandardError
+      def initialize(cookie_name, cookie_value)
+        super("invalid value for #{cookie_name}: #{cookie_value}")
+      end
+    end
+
+    def initialize(encryptor, request_cookies)
+      @encryptor       = encryptor
+      @request_cookies = request_cookies
+    end
+
+    def [](cookie_name)
+      try_decrypt(cookie_name)
+    end
+
+    def []=(cookie_name, value)
+      encrypted_value = @encryptor.encrypt_and_sign(value)
+      @request_cookies[cookie_name] = encrypted_value
+    end
+
+    def key?(cookie_name)
+      @request_cookies.key?(cookie_name)
+    end
+
+    private
+
+    def try_decrypt(cookie_name)
+      value = @request_cookies[cookie_name]
+      return nil if value.blank?
+
+      @encryptor.decrypt_and_verify(value)
+    rescue ActiveSupport::MessageVerifier::InvalidSignature
+      raise InvalidCookieError.new(cookie_name, value)
+    end
+  end
+end

data/lib/dpop/encryptor.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Dpop
+  # Encrypts and decrypts messages
+  class Encryptor
+    extend Forwardable
+
+    SECRET = "dpop encrypted message"
+    SIGN_SECRET = "signed dpop encrypted message"
+    CIPHER = "aes-256-gcm"
+
+    def_delegators :@message_encryptor, :encrypt_and_sign, :decrypt_and_verify
+
+    def initialize(secret)
+      @message_encryptor = build_message_encryptor(secret)
+    end
+
+    private
+
+    def build_message_encryptor(secret)
+      key_generator = ActiveSupport::CachingKeyGenerator.new(
+        ActiveSupport::KeyGenerator.new(
+          secret,
+          iterations: 1000,
+          hash_digest_class: OpenSSL::Digest::SHA256
+        )
+      )
+      secret        = key_generator.generate_key(SECRET)[0, 32]
+      sign_secret   = key_generator.generate_key(SIGN_SECRET)
+      ActiveSupport::MessageEncryptor.new(secret, sign_secret, serializer: JSON, cipher: CIPHER)
+    end
+  end
+end

data/lib/dpop/key_generator.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Dpop
+  # Generates private keys
+  module KeyGenerator
+    # Error for receiving an unrecognized algorithm
+    class UnsupportedAlgorithmError < StandardError
+      def initialize(alg)
+        super("Unsupported algorithm received: #{alg}")
+      end
+    end
+
+    def generate(alg = :rsa)
+      # TODO: support more algs
+      raise UnsupportedAlgorithmError, alg if alg != :rsa
+
+      OpenSSL::PKey::RSA.generate(Dpop.config.generated_key_size).to_pem
+    end
+
+    module_function :generate
+  end
+end

data/lib/dpop/proof_generator.rb

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+
+module Dpop
+  # Generates Proof JWT's
+  class ProofGenerator
+    JWT_TYPE = "dpop+jwt"
+    RSA = "RSA"
+
+    # Error for DPoP key being uninitialized
+    class MissingKeyError < StandardError
+      def initialize
+        super("DPoP key blank")
+      end
+    end
+
+    # Error for unsupported key formats
+    class InvalidKeyError < StandardError
+      def initialize(key)
+        super("Unrecognized key format for DPoP key: #{key}")
+      end
+    end
+
+    def initialize(dpop_key, alg)
+      raise MissingKeyError if dpop_key.blank?
+
+      @dpop_key = dpop_key
+      @alg = alg
+    end
+
+    # Takes the path being called. Returns a signed JWT
+    def create_dpop_proof(htu:, htm:, nonce: nil, ath: nil, iat: Time.now.to_i, jti: SecureRandom.uuid, **additional)
+      private_key, public_key = keys
+
+      headers = create_headers(public_key)
+
+      payload = create_payload(
+        htu: htu, htm: htm, ath: ath, iat: iat, jti: jti, nonce: nonce, **additional
+      )
+
+      JWT.encode(payload, private_key, @alg, headers)
+    end
+
+    private
+
+    def create_headers(public_key)
+      {
+        alg: @alg,
+        typ: JWT_TYPE,
+        jwk: public_key
+      }
+    end
+
+    def create_payload(htu:, htm:, nonce: nil, ath: nil, iat: Time.now.to_i, jti: SecureRandom.uuid, **additional)
+      {
+        htu: htu,
+        htm: htm,
+        ath: ath,
+        iat: iat,
+        jti: jti,
+        nonce: nonce
+      }.merge(additional).compact
+    end
+
+    # We only support RSA keys in the form of pem strings.
+    def keys
+      return [@private_key, @public_key] if defined?(@private_key) && defined?(@public_key)
+
+      raise InvalidKeyError, @dpop_key unless @dpop_key.instance_of? String
+
+      @private_key = OpenSSL::PKey::RSA.new(@dpop_key)
+      @public_key = {
+        kty: RSA,
+        n: Base64.urlsafe_encode64(@private_key.n.to_s(2), padding: false),
+        e: Base64.urlsafe_encode64(@private_key.e.to_s(2), padding: false)
+      }
+      [@private_key, @public_key]
+    end
+  end
+end

data/lib/dpop/railtie.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module Dpop
+  # Railtie for gem setup on Rails, to automatically configure
+  class Railtie < Rails::Railtie
+    initializer "dpop.configure_rails_initialization" do
+      Dpop.configure
+    end
+  end
+end

data/lib/dpop/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dpop
-  VERSION = "0.0.1"
+  VERSION = "0.1.0"
 end

data/lib/dpop.rb

@@ -1,8 +1,52 @@
 # frozen_string_literal: true
 
-require_relative "dpop/version"
+require "active_support/json"
+require "active_support/key_generator"
+require "active_support/message_encryptor"
+require "jwt"
+require "openssl"
+require "securerandom"
 
+# DPoP top level methods
 module Dpop
   class Error < StandardError; end
-  # Your code goes here...
+
+  autoload :Configuration,  "dpop/configuration"
+  autoload :Controller,     "dpop/controller"
+  autoload :CookieJar,      "dpop/cookie_jar"
+  autoload :Encryptor,      "dpop/encryptor"
+  autoload :KeyGenerator,   "dpop/key_generator"
+  autoload :ProofGenerator, "dpop/proof_generator"
+  autoload :Version,        "dpop/version"
+
+  class << self
+    # Configure Dpop application-wide settings.
+    #
+    # Yields a configuration object that can be used to override default settings.
+    def configure
+      yield(configuration) if block_given?
+    end
+
+    # Returns the client's Configuration object, or creates one if not yet created.
+    def configuration
+      @configuration ||= Dpop::Configuration.new
+    end
+
+    alias config configuration
+
+    def get_proof_with_key(dpop_key, **args)
+      generator = Dpop::ProofGenerator.new(dpop_key, "RS256")
+      generator.create_dpop_proof(args)
+    end
+
+    def generate_key_pair(alg = :rsa)
+      Dpop::KeyGenerator.generate(alg)
+    end
+
+    def load_integration
+      require "dpop/railtie" if defined?(Rails::Railtie)
+    end
+  end
 end
+
+Dpop.load_integration

metadata

@@ -1,15 +1,127 @@
 --- !ruby/object:Gem::Specification
 name: dpop
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors:
 - WilliamNHarvey
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-08-06 00:00:00.000000000 Z
-dependencies: []
+date: 2022-08-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: openssl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description:
 email:
 - williamnharvey@gmail.com
@@ -17,14 +129,23 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".rspec"
+- ".rubocop.yml"
 - CHANGELOG.md
 - Gemfile
+- Gemfile.lock
 - LICENSE
 - README.md
 - Rakefile
 - lib/dpop.rb
+- lib/dpop/configuration.rb
+- lib/dpop/controller.rb
+- lib/dpop/cookie_jar.rb
+- lib/dpop/encryptor.rb
+- lib/dpop/key_generator.rb
+- lib/dpop/proof_generator.rb
+- lib/dpop/railtie.rb
 - lib/dpop/version.rb
-- sig/dpop.rbs
 homepage: https://github.com/WilliamNHarvey/dpop-ruby
 licenses: []
 metadata:
@@ -39,7 +160,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.6.0
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -49,6 +170,6 @@ requirements: []
 rubygems_version: 3.1.2
 signing_key:
 specification_version: 4
-summary: Implementation of DPoP (Demonstrative Proof of Possession on the Application
-  Layer) for Ruby and Rails apps
+summary: Implementation of DPoP (Demonstrating Proof-of-Possession at the Application
+  Layer) for Ruby and Rails
 test_files: []

data/sig/dpop.rbs

@@ -1,4 +0,0 @@
-module Dpop
-  VERSION: String
-  # See the writing guide of rbs: https://github.com/ruby/rbs#guides
-end