faye-authentication 1.6.1 → 1.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5fad8ac96a666e80843039ab6fa912eb1fc6544b
-  data.tar.gz: 668b783f2b2ebfb837d321682e2315b9ca86d15a
+  metadata.gz: bf71f8b18a19f40de998593763092f543e29ece8
+  data.tar.gz: bdeb27cf3b04249d5cfddf381e993fc9a8a3e7e4
 SHA512:
-  metadata.gz: 79ed0f302ec3db027cd3522b321c495c86c496a9156f74a887081e3d17aaa97ac67d68df5262828fc85080504ca8f7c9e42c59c5f2c08e7c4fe582655f30e657
-  data.tar.gz: 2dd7664727dc9d2c32bd45b02b1500dd260f52f163f0b8a2e2cfbc307823be8742c5a43d72a463963f4776c7571e3511e1dfe335c51e4e10a5573377f3567277
+  metadata.gz: 70703294de6bcabc10ad6a69da8bfc98b62b6bb4f6c13ea9c2c70ab124c2b0e1a9cfabdf2157471fd7ab42ce88eadfc5af7ffc19d63e596b01a1696cb4974a87
+  data.tar.gz: 2237e1664fb593aa62c06803362670929bf719d23d4c598ed523fa6309e869ae4ea55e61f51bbadf927d612861e3170e14589745810189b57d59c43cdd53ceee

data/CHANGELOG.md

@@ -1,19 +1,22 @@
-## 0.5.0
+## 1.7.0
+ - Improve preformance by batching authentication requests (backward incompatible!)
+
+## 1.5.0
  - Add support for faye 1.1 (unreleased for now)
  - Drop support for faye < 1.1
  - More extensibility regarding public channels, extensions now take an options
    hash with a whitelist lambda / function that will be called with the channel
    name so developers can implement their own logic
 
-## 0.4.0
+## 1.4.0
   - Channels beginning by ``/public/`` do not require authentication anymore,
   However, globbing with public channels still require authentication.
 
-## 0.3.0
+## 1.3.0
   - Rename ``Faye::Authentication::Extension`` to ``Faye::Authentication::ServerExtension``
   - Add extension for faye Ruby Client : ``Faye::Authentication::ClientExtension``
 
-## 0.2.0
+## 1.2.0
 
   - Use JWT instead of HMAC for signing the messages
   - Allow expiration of the signature

data/README.md

@@ -6,12 +6,11 @@ Authentification implementation for faye
 
 This project implements (channel,client_id) authentication on channel subscription and publication and delegate it to an external HTTP endpoint through JWT tupple signature based on a shared secret key between Faye server and the endpoint.
 
-On channel subscription the JS client performe an Ajax Call to an HTTP endpoint to be granted a signature that will be provided to Faye Server to connect and publish to channel. The authentication of the endpoint itself is up to you but in the general case this will be a session authenticated resource of your app and you will decide to provide the signature or not depending on your own business logic.
+On channel subscription the JS client performs an Ajax Call to an HTTP endpoint to be granted a signature that will be provided to Faye Server to connect and publish to channel. The authentication of the endpoint itself is up to you but in the general case this will be a session authenticated resource of your app and you will decide to provide the signature or not depending on your own business logic.
 
-This signature is required and valid for each channel and client id tupple and rely on JWT for security.
+This signature is required for each channel and client id tupple and relies on JWT for security. The Faye server will verify the (channel,client_id) tupple signature and reject the message if the signature is incorrect or not present.
 
-The Faye server will verify the (channel,client_id) tupple signature and reject the message if the signature
-is incorrect or not present.
+If the browser needs multiple signatures (for multiple channels), they'll automatically be batched together into one signature HTTP request to your server.
 
 ## Current support
 
@@ -40,25 +39,30 @@ Or install it yourself as:
 
 ### Channels requiring authentication
 
-All channels require authentication by default, however, it is possible to provide
-a lambda to the faye extensions to let them know which channels are public.
+All channels require authentication by default, however, it is possible to provide a lambda to the faye extensions to let them know which channels are public.
 
 ### Authentication endpoint requirements
 
-The endpoint will receive a POST request, and shall return a JSON hash with a ``signature`` key.
+The endpoint will receive a POST request with one or more channels, and shall return a JSON document with the signatures.
 
 The parameters sent to the endpoint are the following :
 
 ```json
 {
-    "message" : {
-        "channel": "/foo/bar",
+    "messages": {
+      "0": {
+        "channel": "/foo",
         "clientId": "123abc"
+      },
+      "1": {
+        "channel": "/bar",
+        "clientId": "123abc"
+      }
     }
 }
 ```
 
-If the endpoint returns an error, the message won't be signed and the server will reject it.
+If the endpoint returns an error, the messages won't be signed and the server will reject them.
 
 You can use ``Faye::Authentication.sign`` to generate the signature from the message and a private key.
 
@@ -66,17 +70,19 @@ Example (For a Rails application)
 
 ```ruby
 def auth
-  if current_user.can?(:read, params[:message][:channel])
-    render json: {signature: Faye::Authentication.sign(params[:message].slice(:channel,:clientId), 'your shared secret key')}
-  else
-    render json: {error: 'Not authorized'}, status: 403
+  response = params[:messages].values.map do |message|
+    if current_user.can?(:read, message[:channel])
+      message.merge(signature: Faye::Authentication.sign(message, FAYE_CONFIG['secret']))
+    else
+      message.merge(error: 'Forbidden')
+    end
   end
+  render json: {signatures: response}
 end
 
 ```
 
-A Ruby HTTP Client is also available for publishing messages to your faye server
-without the hassle of using EventMachine :
+A Ruby HTTP Client is also available for publishing messages to your faye server without the hassle of using EventMachine :
 
 ```ruby
 Faye::Authentication::HTTPClient.publish('http://localhost:9290/faye', '/channel', 'data', 'your private key')
@@ -128,9 +134,7 @@ Faye::Authentication::ServerExtension expect that :
 
 Otherwise Faye Server will refuse the message.
 
-If you want to specify some channels for which you don't want the extension require
-authentication, you can pass an options hash with a ``whitelist`` key mapping
-to a lambda :
+If you want to specify some channels for which you don't want the extension require authentication, you can pass an options hash with a ``whitelist`` key mapping to a lambda :
 
 ````ruby
 channel_whitelist = lambda do |channel|

data/VERSION

@@ -1 +1 @@
-1.6.1
+1.7.0

data/app/assets/javascripts/faye-authentication.js

@@ -4,64 +4,97 @@ function FayeAuthentication(client, endpoint, options) {
   this._signatures = {};
   this._outbox = {};
   this._options = options || {};
+  this._waiting_signatures = [];
+  this._timer = null;
 }
 
 FayeAuthentication.prototype.endpoint = function() {
   return (this._endpoint);
 };
 
+FayeAuthentication.prototype.resolveWaitingSignatures = function() {
+  if (this._waiting_signatures.length == 0) {
+    return ;
+  }
+  var self = this;
+  var messages = [];
+  $.each(this._waiting_signatures, function(key, params) {
+    messages.push(params);
+  });
+  this._waiting_signatures = [];
+  messages = messages.sort(function(a, b) {
+    return (a.channel > b.channel);
+  });
+
+  $.post(self.endpoint(), {messages: messages}, function(response) {
+    $.each(messages, function(key, params) {
+      var signature = $.grep(response.signatures || [], function(e) {
+        return (e.channel == params.channel && e.clientId == params.clientId);
+      })[0];
+      Faye.Promise.resolve(self._signatures[params.clientId][params.channel], signature ? signature.signature : null);
+    });
+  }, 'json').fail(function(xhr, textStatus, e) {
+    self.error('Failure when trying to fetch JWT signature for data "' + JSON.stringify(messages) + '", error was : ' + textStatus);
+    $.each(messages, function(key, params) {
+      Faye.Promise.resolve(self._signatures[params.clientId][params.channel], null);
+    });
+  });
+};
+
 FayeAuthentication.prototype.signMessage = function(message, callback) {
   var channel = message.subscription || message.channel;
   var clientId = message.clientId;
 
   var self = this;
-  if (!this._signatures[clientId])
+  if (!this._signatures[clientId]) {
     this._signatures[clientId] = {};
+  }
   if (this._signatures[clientId][channel]) {
     this._signatures[clientId][channel].then(function(signature) {
       message.signature = signature;
-      if (!message.retried)
+      if (!message.retried) {
         self._outbox[message.id] = {message: message, clientId: clientId};
+      }
       callback(message);
     });
   } else {
-    self._signatures[clientId][channel] = new Faye.Promise(function(success, failure) {
-      $.post(self.endpoint(), {message: {channel: channel, clientId: clientId}}, function(response) {
-        success(response.signature);
-      }, 'json').fail(function(xhr, textStatus, e) {
-        success(null);
-      });
-    });
-    self._signatures[clientId][channel].then(function(signature) {
+    var promise = self._signatures[clientId][channel] = new Faye.Promise();
+    promise.then(function(signature) {
       message.signature = signature;
-      if (!message.retried){
+      if (!message.retried) {
         self._outbox[message.id] = {message: message, clientId: clientId};
       }
       callback(message);
     });
+    this._waiting_signatures.push({channel: channel, clientId: clientId});
+    clearTimeout(this._timer);
+    this._timer = setTimeout(function() {
+      self.resolveWaitingSignatures();
+    }, 200);
   }
 }
 
 FayeAuthentication.prototype.outgoing = function(message, callback) {
-  if (this.authentication_required(message))
+  if (this.authentication_required(message)) {
     this.signMessage(message, callback);
-  else
+  } else {
     callback(message);
+  }
 };
 
 FayeAuthentication.prototype.authentication_required = function(message) {
   var subscription_or_channel = message.subscription || message.channel;
-  if (message.channel == '/meta/subscribe' || message.channel.lastIndexOf('/meta/', 0) !== 0)
+  if (message.channel == '/meta/subscribe' || message.channel.lastIndexOf('/meta/', 0) !== 0) {
     if(this._options.whitelist) {
       try {
         return (!this._options.whitelist(subscription_or_channel));
       } catch (e) {
         this.error("Error caught when evaluating whitelist function : " + e.message);
       }
-    } else
-      return (true);
-  else
-    return (false);
+    }
+    return (true);
+  }
+  return (false);
 };
 
 FayeAuthentication.prototype.incoming = function(message, callback) {
@@ -73,9 +106,9 @@ FayeAuthentication.prototype.incoming = function(message, callback) {
     delete outbox_message.message.id;
     delete this._outbox[message.id];
     this._client._sendMessage(outbox_message.message, {}, callback);
-  }
-  else
+  } else {
     callback(message);
+  }
 };
 
 $(function() {

data/spec/javascripts/faye-authentication_spec.js

@@ -111,135 +111,4 @@ describe('faye-authentication', function() {
 
   });
 
-  describe('extension', function() {
-    beforeEach(function() {
-      jasmine.Ajax.install();
-      this.client = new Faye.Client('http://localhost:9296/faye');
-      this.auth = new FayeAuthentication(this.client);
-      this.client.addExtension(this.auth);
-    });
-
-    afterEach(function() {
-      jasmine.Ajax.uninstall();
-    });
-
-    it('should make an ajax request to the extension endpoint', function(done) {
-      this.client.subscribe('/foobar');
-      var self = this;
-      setTimeout(function() {
-        var request = jasmine.Ajax.requests.mostRecent();
-        expect(request.url).toBe(self.auth.endpoint());
-        done();
-      }, 500);
-    });
-
-    it('should make an ajax request with the correct params', function(done) {
-      this.client.subscribe('/foobar');
-      var self = this;
-      setTimeout(function() {
-        var request = jasmine.Ajax.requests.mostRecent();
-        expect(request.data()['message[channel]'][0]).toBe('/foobar');
-        done();
-      }, 500);
-    });
-
-
-    describe('signature', function() {
-
-      beforeEach(function() {
-        jasmine.Ajax.stubRequest('/faye/auth').andReturn({
-          'responseText': '{"signature": "foobarsignature"}'
-        });
-
-        this.dispatcher = {connectionType: "fake", sendMessage: function() {}, selectTransport: function() { }};
-        spyOn(this.dispatcher, 'sendMessage');
-        spyOn(this.dispatcher, 'selectTransport');
-        Faye.extend(this.dispatcher, Faye.Publisher)
-      });
-
-      it('should add the signature to subscribe message', function(done) {
-        var self = this;
-
-        this.client.handshake(function() {
-          self.client._dispatcher = self.dispatcher;
-          self.client.subscribe('/foobar');
-
-          setTimeout(function() {
-            var calls = self.dispatcher.sendMessage.calls.all();
-            var last_call = calls[calls.length - 1];
-            var message = last_call.args[0];
-            expect(message.channel).toBe('/meta/subscribe');
-            expect(message.signature).toBe('foobarsignature');
-            done();
-          }, 300);
-
-        }, this.client);
-      });
-
-      it('should add the signature to publish message', function(done) {
-        var self = this;
-
-        this.client.handshake(function() {
-          self.client._dispatcher = self.dispatcher;
-          self.client.publish('/foobar', {text: 'hallo'});
-
-          setTimeout(function() {
-            var calls = self.dispatcher.sendMessage.calls.all();
-            var last_call = calls[calls.length - 1];
-            var message = last_call.args[0];
-            expect(message.channel).toBe('/foobar');
-            expect(message.signature).toBe('foobarsignature');
-            done();
-          }, 300);
-
-        }, this.client);
-      });
-
-      it('preserves messages integrity', function(done) {
-        var self = this;
-
-        this.client.handshake(function() {
-          self.client._dispatcher = self.dispatcher;
-          self.client.publish('/foo', {text: 'hallo'});
-          self.client.subscribe('/foo');
-
-          setTimeout(function() {
-            var calls = self.dispatcher.sendMessage.calls.all();
-            var subscribe_call = calls[calls.length - 1];
-            var publish_call = calls[calls.length - 2];
-            var subscribe_message = subscribe_call.args[0];
-            var publish_message = publish_call.args[0];
-            expect(publish_message.channel).toBe('/foo');
-            expect(subscribe_message.channel).toBe('/meta/subscribe');
-            expect(publish_message.signature).toBe('foobarsignature');
-            expect(subscribe_message.signature).toBe('foobarsignature');
-            done();
-          }, 300);
-
-        }, this.client);
-      });
-
-      it('does not add the signature if authentication is not required', function(done) {
-        var self = this;
-
-        spyOn(this.auth, 'authentication_required').and.returnValue(false);
-
-        this.client.handshake(function() {
-          self.client._dispatcher = self.dispatcher;
-          self.client.publish('/foobar', {text: 'hallo'});
-
-          setTimeout(function() {
-            var calls = self.dispatcher.sendMessage.calls.all();
-            var last_call = calls[calls.length - 1];
-            var message = last_call.args[0];
-            expect(message.channel).toBe('/foobar');
-            expect(message.signature).toBe(undefined);
-            done();
-          }, 300);
-        }, this.client);
-
-      });
-
-    });
-  });
 });

data/spec/javascripts/faye-extension_spec.js

@@ -35,12 +35,131 @@ describe('Faye extension', function() {
         var signature = jwtsign.serialize("macaroni");
 
         jasmine.Ajax.stubRequest('/faye/auth').andReturn({
-          'responseText': '{"signature": "' + signature + '"}'
+          'responseText': '{"signatures": [{"channel" : "/foobar", "clientId": "'+ self.client._dispatcher.clientId +'", "signature" : "' + signature + '"}]}'
         });
         callback();
       }, self.client);
     }
 
+    it('should make an ajax request to the extension endpoint', function(done) {
+      this.client.subscribe('/foobar');
+      var self = this;
+      setTimeout(function() {
+        var request = jasmine.Ajax.requests.mostRecent();
+        expect(request.url).toBe(self.extension.endpoint());
+        done();
+      }, 500);
+    });
+
+    it('should make an ajax request with the correct params', function(done) {
+      this.client.subscribe('/foobar');
+      var self = this;
+      setTimeout(function() {
+        var request = jasmine.Ajax.requests.mostRecent();
+        expect(request.data()['messages[0][channel]'][0]).toBe('/foobar');
+        done();
+      }, 500);
+    });
+
+    describe('signature', function() {
+
+      beforeEach(function() {
+        jasmine.Ajax.stubRequest('/faye/auth').andReturn({
+          'responseText': '{"signatures": [{"channel": "/foobar", "clientId": "1234", "signature": "foobarsignature"}]}'
+        });
+
+        this.dispatcher = {connectionType: "fake", clientId: '1234', sendMessage: function() {}, selectTransport: function() { }};
+        spyOn(this.dispatcher, 'sendMessage');
+        spyOn(this.dispatcher, 'selectTransport');
+        Faye.extend(this.dispatcher, Faye.Publisher)
+      });
+
+      it('should add the signature to subscribe message', function(done) {
+        var self = this;
+
+        this.client.handshake(function() {
+          self.client._dispatcher = self.dispatcher;
+
+          self.client.subscribe('/foobar');
+
+          setTimeout(function() {
+            var calls = self.dispatcher.sendMessage.calls.all();
+            var last_call = calls[calls.length - 1];
+            var message = last_call.args[0];
+            expect(message.channel).toBe('/meta/subscribe');
+            expect(message.signature).toBe('foobarsignature');
+            done();
+          }, 300);
+
+        }, this.client);
+      });
+
+      it('should add the signature to publish message', function(done) {
+        var self = this;
+
+        this.client.handshake(function() {
+          self.client._dispatcher = self.dispatcher;
+          self.client.publish('/foobar', {text: 'hallo'});
+
+          setTimeout(function() {
+            var calls = self.dispatcher.sendMessage.calls.all();
+            var last_call = calls[calls.length - 1];
+            var message = last_call.args[0];
+            expect(message.channel).toBe('/foobar');
+            expect(message.signature).toBe('foobarsignature');
+            done();
+          }, 300);
+
+        }, this.client);
+      });
+
+      it('preserves messages integrity', function(done) {
+        var self = this;
+
+        this.client.handshake(function() {
+          self.client._dispatcher = self.dispatcher;
+          self.client.publish('/foobar', {text: 'hallo'});
+          self.client.subscribe('/foobar');
+
+          setTimeout(function() {
+            var calls = self.dispatcher.sendMessage.calls.all();
+            var subscribe_call = calls[calls.length - 1];
+            var publish_call = calls[calls.length - 2];
+            var subscribe_message = subscribe_call.args[0];
+            var publish_message = publish_call.args[0];
+            expect(publish_message.channel).toBe('/foobar');
+            expect(subscribe_message.channel).toBe('/meta/subscribe');
+            expect(publish_message.signature).toBe('foobarsignature');
+            expect(subscribe_message.signature).toBe('foobarsignature');
+            done();
+          }, 300);
+
+        }, this.client);
+      });
+
+      it('does not add the signature if authentication is not required', function(done) {
+        var self = this;
+
+        spyOn(this.extension, 'authentication_required').and.returnValue(false);
+
+        this.client.handshake(function() {
+          self.client._dispatcher = self.dispatcher;
+          self.client.publish('/foobar', {text: 'hallo'});
+
+          setTimeout(function() {
+            var calls = self.dispatcher.sendMessage.calls.all();
+            var last_call = calls[calls.length - 1];
+            var message = last_call.args[0];
+            expect(message.channel).toBe('/foobar');
+            expect(message.signature).toBe(undefined);
+            done();
+          }, 300);
+        }, this.client);
+
+      });
+
+    });
+
     it('succeeds to subscribe', function(done) {
       var self = this;
       stubSignature(this, function() {
@@ -62,26 +181,73 @@ describe('Faye extension', function() {
     it('should make only one ajax call when dealing with one channel', function(done) {
       this.client.subscribe('/foobar');
       this.client.publish('/foobar', {text: 'hallo'});
-      this.client.publish('/foobar', {text: 'hallo'});
 
       setTimeout(function() {
         expect(jasmine.Ajax.requests.count()).toBe(2); // Handshake + auth * 1
         done();
       }, 500);
 
-    })
+    });
 
-    it('should make two ajax calls when dealing with two channels', function(done) {
+    it('should make two ajax calls when dealing with two channels in a not-so-short period', function(done) {
       this.client.subscribe('/foobar');
       this.client.publish('/foobar', {text: 'hallo'});
+
+      var self = this;
+
+      setTimeout(function() {
+        self.client.subscribe('/bar');
+        self.client.publish('/bar', {text: 'hallo'});
+
+        setTimeout(function() {
+          expect(jasmine.Ajax.requests.count()).toBe(3); // Handshake + auth * 2
+          done();
+        }, 500);
+      }, 250);
+    });
+
+    it('should make two ajax calls when dealing with three channels and separating calls', function(done) {
+      this.client.subscribe('/foobar');
       this.client.publish('/foobar', {text: 'hallo'});
 
-      this.client.subscribe('/bar');
-      this.client.publish('/bar', {text: 'hallo'});
-      this.client.publish('/bar', {text: 'hallo'});
+      var self = this;
 
       setTimeout(function() {
-        expect(jasmine.Ajax.requests.count()).toBe(3); // Handshake + auth * 2
+        self.client.subscribe('/bar');
+        self.client.publish('/bar', {text: 'hallo'});
+
+        self.client.subscribe('/baz');
+        self.client.publish('/baz', {text: 'hallo'});
+
+        setTimeout(function() {
+          expect(jasmine.Ajax.requests.count()).toBe(3); // Handshake + auth * 2
+          var first_auth = jasmine.Ajax.requests.at(1);
+          var second_auth = jasmine.Ajax.requests.at(2);
+          expect(first_auth.data()['messages[0][channel]'][0]).toBe('/foobar');
+          expect(first_auth.data()['messages[1]']).toBe(undefined);
+
+          expect(second_auth.data()['messages[0][channel]'][0]).toBe('/bar');
+          expect(second_auth.data()['messages[1][channel]'][0]).toBe('/baz');
+          done();
+        }, 500);
+      }, 250);
+    });
+
+    it('should make only one ajax calls when subscribing several times in a short period', function(done) {
+      var self = this;
+      this.client.subscribe('/foobar');
+      setTimeout(function() {
+        self.client.subscribe('/foobar2');
+        setTimeout(function() {
+          self.client.subscribe('/foobar3');
+        }, 50)
+      }, 50);
+      setTimeout(function() {
+        expect(jasmine.Ajax.requests.count()).toBe(2); // Handshake + auth
+        var request = jasmine.Ajax.requests.mostRecent();
+        expect(request.data()['messages[0][channel]'][0]).toBe('/foobar');
+        expect(request.data()['messages[1][channel]'][0]).toBe('/foobar2');
+        expect(request.data()['messages[2][channel]'][0]).toBe('/foobar3');
         done();
       }, 500);
     });
@@ -108,19 +274,19 @@ describe('Faye extension', function() {
         var request = jasmine.Ajax.requests.mostRecent();
         var params = queryString.parse(request.params);
 
-        var jwtsign_bad   = new jwt.WebToken('{"clientId": "' + params['message[clientId]'] + '", "channel": "/foo", "exp": 1}', '{"alg": "HS256"}');
+        var jwtsign_bad   = new jwt.WebToken('{"clientId": "' + params['messages[0][clientId]'] + '", "channel": "/foo", "exp": 1}', '{"alg": "HS256"}');
         var signature_bad = jwtsign_bad.serialize("macaroni");
 
-        var jwtsign_good   = new jwt.WebToken('{"clientId": "' + params['message[clientId]'] + '", "channel": "/foo", "exp": 2803694528}', '{"alg": "HS256"}');
+        var jwtsign_good   = new jwt.WebToken('{"clientId": "' + params['messages[0][clientId]'] + '", "channel": "/foo", "exp": 2803694528}', '{"alg": "HS256"}');
         var signature_good = jwtsign_good.serialize("macaroni");
 
         request.response({
           'status' : 200,
-          'responseText': '{"signature": "' + signature_bad + '"}'
+          'responseText': '{"signatures": [{"channel": "/foo", "clientId": "'+ params['messages[0][clientId]'] +'", "signature":  "' + signature_bad + '"}]}'
         });
 
         jasmine.Ajax.stubRequest('/faye/auth').andReturn({
-          'responseText': '{"signature": "' + signature_good + '"}'
+          'responseText': '{"signatures": [{"channel": "/foo", "clientId": "'+ params['messages[0][clientId]'] +'", "signature":  "' + signature_good + '"}]}'
         });
 
       }, 1000);

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: faye-authentication
 version: !ruby/object:Gem::Version
-  version: 1.6.1
+  version: 1.7.0
 platform: ruby
 authors:
 - Adrien Siami
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-15 00:00:00.000000000 Z
+date: 2015-02-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt