github-authentication 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 13ed97d12d8f6c281dddeace6aa4f3f9cf89acec84329dfb40af0e9e47c79aa5
+  data.tar.gz: 7fbc0d346197fa5ec32969f93ba9e021a6c3f259fc25bf5c5d06f47035efd477
+SHA512:
+  metadata.gz: 796745050e0f7b9712eb28c7498c1e88c4032ffb6d0eb0a6ca6aaa6522190541879e115dfb329ca1beed45e511902b0d2a8761cd1ce83113391070a21171142b
+  data.tar.gz: 0c8ff23991ac13f648ad51bd108744cd4185a10bad1a13dc1e691d95d0c4d85d866d64bbf8d9f777b1bf92aa5da804600ad0751248825632d66a185a183ebc21

data/.github/workflows/tests.yml

@@ -0,0 +1,33 @@
+name: Tests
+
+on: [push]
+
+jobs:
+  ruby-tests:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        ruby: [ '2.6' ]
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Ruby ${{ matrix.ruby }}
+        uses: actions/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+      - name: Setup timezone
+        uses: zcong1993/setup-timezone@master
+        with:
+          timezone: UTC
+      - name: Lint Ruby
+        run: |
+          gem install bundler
+          bundle install --jobs 4 --retry 3
+          bin/rubocop
+      - name: Run Ruby tests
+        run: |
+          gem install bundler
+          bundle install --jobs 4 --retry 3
+          bin/rake test
+        env:
+          SUITE: ruby

data/.gitignore

@@ -0,0 +1,8 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rubocop.yml

@@ -0,0 +1,20 @@
+inherit_gem:
+  rubocop-shopify: rubocop.yml
+
+AllCops:
+  TargetRubyVersion: 2.6
+  CacheRootDirectory: tmp/rubocop
+  UseCache: true
+
+Style/MethodCallWithArgsParentheses:
+  IgnoredMethods:
+    - require
+    - raise
+    - assert
+    - refute
+    - assert_equal
+    - refute_equal
+    - assert_nil
+    - refute_nil
+    - assert_kind_of
+    - refute_kind_of

data/.travis.yml

@@ -0,0 +1,7 @@
+---
+sudo: false
+language: ruby
+cache: bundler
+rvm:
+  - 2.6.3
+before_install: gem install bundler -v 1.17.2

data/Gemfile

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+source "https://rubygems.org"
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in github-authentication-provider.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,63 @@
+PATH
+  remote: .
+  specs:
+    github-authentication (0.1.0)
+      jwt (~> 2.2)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    ast (2.4.0)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
+    hashdiff (1.0.1)
+    jaro_winkler (1.5.4)
+    jwt (2.2.1)
+    minitest (5.14.0)
+    mocha (1.11.2)
+    parallel (1.19.1)
+    parser (2.7.1.2)
+      ast (~> 2.4.0)
+    public_suffix (4.0.4)
+    rainbow (3.0.0)
+    rake (12.3.3)
+    rexml (3.2.4)
+    rubocop (0.82.0)
+      jaro_winkler (~> 1.5.1)
+      parallel (~> 1.10)
+      parser (>= 2.7.0.1)
+      rainbow (>= 2.2.2, < 4.0)
+      rexml
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 2.0)
+    rubocop-shopify (1.0.2)
+      rubocop (~> 0.82.0)
+    ruby-progressbar (1.10.1)
+    safe_yaml (1.0.5)
+    timecop (0.9.1)
+    unicode-display_width (1.7.0)
+    vcr (5.1.0)
+    webmock (3.8.3)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.17)
+  github-authentication!
+  minitest (~> 5.0)
+  mocha (~> 1.11)
+  rake (~> 12.3)
+  rubocop (~> 0.52)
+  rubocop-shopify
+  timecop (~> 0.9)
+  vcr (~> 5.1)
+  webmock (~> 3.8)
+
+BUNDLED WITH
+   1.17.3

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2020 Frederik Dudzik
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,111 @@
+# Github::Authentication
+
+This gem allows you to authenticate with GitHub. Specifically, as a [GitHub app](https://developer.github.com/apps/building-github-apps/creating-a-github-app/).
+
+The app works well with the ActiveSupport::Cache, uses retries to mitigate GitHub flakiness, and is thread safe
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'github-authentication'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install github-authentication
+
+## Usage
+
+```ruby
+require 'github-authentication'
+
+cache = Github::Authentication::Cache.new(storage: Github::Authentication::ObjectCache.new)
+generator = Github::Authentication::Generator::App.new(pem: ENV['GITHUB_PEM'],
+                                          installation_id: ENV['GITHUB_INSTALLATION_ID'],
+                                          app_id: ENV['GITHUB_APP_ID'])
+provider = Github::Authentication::Provider.new(generator: generator, cache: cache)
+
+provider.token
+```
+
+### Cache
+
+The cache takes a storage argument. You can pass an instance of an `ActiveSupport::Cache` implementation or use the provided 
+`Github::Authentication::ObjectCache` if you are using it in a script.
+
+### Generator::App
+
+Generates a token for a GitHub app.
+
+```ruby
+Github::Authentication::Generator::App.new(pem: ENV['GITHUB_PEM'],
+                                          installation_id: ENV['GITHUB_INSTALLATION_ID'],
+                                          app_id: ENV['GITHUB_APP_ID'])
+```
+
+### Generator::Personal
+
+Mostly for testing purposes you can provide a github token that gets retrieved.
+```ruby
+Github::Authentication::Generator::Personal.new(github_token: ENV['GITHUB_TOKEN'])
+```
+
+## Example
+
+```ruby
+
+require "base64"
+
+module GitHub
+  APP_ID = "<APP_ID>"
+  INSTALLATION_ID = "<INSTALLATION_ID>"
+
+  class << self
+    def token
+      @token_provider ||= begin
+        if ENV['GITHUB_TOKEN']
+          storage = Github::Authentication::ObjectCache.new
+          generator = Github::Authentication::Generator::Personal.new(github_token: ENV['GITHUB_TOKEN'])
+        else
+          storage = ActiveSupport::Cache::RedisCacheStore.new
+          pem = Base64.decode64(ENV['GITHUB_PEM'])
+          generator = Github::Authentication::Generator::App.new(pem: pem, installation_id: INSTALLATION_ID,
+                                                                 app_id: APP_ID)
+        end
+        cache = Github::Authentication::Cache.new(storage: storage)
+        Github::Authentication::Provider.new(generator: generator, cache: cache)
+      end
+      @token_provider.token
+    end
+
+    def client
+      if ENV['GITHUB_TOKEN']
+        Octokit::Client.new(access_token: token.to_s)
+      else
+        Octokit::Client.new(bearer_token: token.to_s)
+      end
+    end
+  end
+end
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/Shopify/github-authentication.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList["test/**/*_test.rb"]
+end
+
+task(default: :test)

data/bin/console

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "github/authentication/provider"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/rake

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rake' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load(Gem.bin_path("rake", "rake"))

data/bin/rubocop

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rubocop' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load(Gem.bin_path("rubocop", "rubocop"))

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/github-authentication.gemspec

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "github/authentication/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "github-authentication"
+  spec.version       = Github::Authentication::VERSION
+  spec.authors       = ["Frederik Dudzik"]
+  spec.email         = ["frederik.dudzik@shopify.com"]
+
+  spec.summary       = "GitHub authetication"
+  spec.description   = "Authenticate with GitHub"
+  spec.homepage      = "https://github.com/Shopify/github-authentication"
+  spec.license       = "MIT"
+
+  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
+  # to allow pushing to a single host or delete this section to allow pushing to any host.
+  if spec.respond_to?(:metadata)
+    spec.metadata["homepage_uri"] = spec.homepage
+    spec.metadata["source_code_uri"] = "https://github.com/Shopify/github-authentication"
+  else
+    raise "RubyGems 2.0 or newer is required to protect against " \
+      "public gem pushes."
+  end
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
+    %x(git ls-files -z).split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency("jwt", "~> 2.2")
+
+  spec.add_development_dependency("bundler", "~> 1.17")
+  spec.add_development_dependency("rake", "~> 12.3")
+  spec.add_development_dependency("minitest", "~> 5.0")
+  spec.add_development_dependency("timecop", "~> 0.9")
+  spec.add_development_dependency("mocha", "~> 1.11")
+  spec.add_development_dependency("webmock", "~> 3.8")
+  spec.add_development_dependency("vcr", "~> 5.1")
+  spec.add_development_dependency("rubocop", "~> 0.52")
+  spec.add_development_dependency("rubocop-shopify")
+end

data/lib/github/authentication.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+require "github/authentication/version"
+require "github/authentication/generator"
+require "github/authentication/provider"
+require "github/authentication/cache"
+require "github/authentication/object_cache"

data/lib/github/authentication/cache.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+require 'github/authentication/token'
+
+module Github
+  module Authentication
+    class Cache
+      # storage = ActiveSupport::Cache
+      def initialize(storage:, key: '')
+        @storage = storage
+        @key = "github:authentication:#{key}"
+      end
+
+      def read
+        json = @storage.read(@key)
+        Token.from_json(json)
+      end
+
+      def write(token)
+        @storage.write(@key, token.to_json, expires_in: token.expires_in)
+      end
+
+      def clear
+        @storage.delete(@key)
+      end
+    end
+  end
+end

data/lib/github/authentication/generator.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require "github/authentication/generator/app"
+require "github/authentication/generator/personal"

data/lib/github/authentication/generator/app.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'jwt'
+require "uri"
+require 'openssl'
+
+require "github/authentication/http"
+
+module Github
+  module Authentication
+    module Generator
+      class App
+        attr_reader :app_id, :installation_id
+
+        def initialize(pem:, installation_id:, app_id:)
+          @private_key = OpenSSL::PKey::RSA.new(pem)
+          @installation_id = installation_id
+          @app_id = app_id
+        end
+
+        def generate
+          url = "https://api.github.com/app/installations/#{installation_id}/access_tokens"
+          response = Http.post(url) do |request|
+            request["Authorization"] = "Bearer #{jwt}"
+            request["Accept"] = "application/vnd.github.machine-man-preview+json"
+            request
+          end
+          Token.from_json(response.body)
+        end
+
+        private
+
+        def jwt
+          payload = {
+            # issued at time
+            iat: Time.now.utc.to_i,
+            # JWT expiration time (10 minute maximum)
+            exp: Time.now.utc.to_i + (10 * 60),
+            # GitHub App's identifier
+            iss: app_id,
+          }
+          JWT.encode(payload, @private_key, "RS256")
+        end
+      end
+    end
+  end
+end

data/lib/github/authentication/generator/personal.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require "github/authentication/token"
+
+module Github
+  module Authentication
+    module Generator
+      class Personal
+        def initialize(github_token:)
+          @github_token = github_token
+        end
+
+        def generate
+          a_year_from_now = Time.now.utc + 31_556_952
+          Token.new(@github_token, a_year_from_now)
+        end
+      end
+    end
+  end
+end

data/lib/github/authentication/http.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'timeout'
+
+require 'github/authentication/retriable'
+
+module Github
+  module Authentication
+    module Http
+      class << self
+        include Retriable
+
+        def post(url)
+          uri = URI.parse(url)
+          with_retries(SystemCallError, Timeout::Error) do
+            http = Net::HTTP.new(uri.host, uri.port)
+            http.use_ssl = true
+            http.start
+            begin
+
+              request = Net::HTTP::Post.new(uri.request_uri)
+              yield(request) if block_given?
+
+              http.request(request)
+            ensure
+              http.finish
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/github/authentication/object_cache.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'github/authentication/token'
+
+module Github
+  module Authentication
+    class ObjectCache
+      def initialize
+        @cache = {}
+      end
+
+      def read(key)
+        return unless @cache.key?(key)
+
+        options = @cache[key][:options]
+        if options.key?(:expires_at) && Time.now.utc > options[:expires_at]
+          @cache.delete(key)
+          return nil
+        end
+
+        @cache[key][:value]
+      end
+
+      def write(key, value, options = {})
+        if options.key?(:expires_in)
+          options[:expires_at] = Time.now.utc + options[:expires_in] * 60
+        end
+        @cache[key] = { value: value, options: options }
+      end
+
+      def clear(key)
+        @cache.delete(key)
+      end
+    end
+  end
+end

data/lib/github/authentication/provider.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+require "mutex_m.rb"
+
+require 'github/authentication/retriable'
+
+module Github
+  module Authentication
+    class Provider
+      include Retriable
+      include Mutex_m
+
+      Error = Class.new(StandardError)
+      TokenGeneratorError = Class.new(Error)
+
+      def initialize(generator:, cache:)
+        super()
+        @token = nil
+        @generator = generator
+        @cache = cache
+      end
+
+      def token(seconds_ttl: 5 * 60)
+        return @token if @token&.valid_for?(seconds_ttl)
+
+        with_retries(TokenGeneratorError) do
+          mu_synchronize do
+            return @token if @token&.valid_for?(seconds_ttl)
+
+            if (@token = @cache.read)
+              return @token if @token.valid_for?(seconds_ttl)
+            end
+
+            if (@token = @generator.generate)
+              if @token.valid_for?(seconds_ttl)
+                @cache.write(@token)
+                return @token
+              end
+            end
+
+            raise TokenGeneratorError, "Couldn't create a token with a TTL of #{seconds_ttl}"
+          end
+        end
+      end
+
+      def reset_token
+        @token = nil
+        @cache.clear
+      end
+
+      # prevent credential leak
+      def inspect
+        "#<#{self.class.name}>"
+      end
+    end
+  end
+end

data/lib/github/authentication/retriable.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Github
+  module Authentication
+    module Retriable
+      def with_retries(*exceptions, max_attempts: 4, sleep_between_attempts: 0.1, exponential_backoff: true)
+        attempt = 1
+        previous_failure = nil
+
+        begin
+          return_value = yield(attempt, previous_failure)
+        rescue *exceptions => exception
+          raise unless attempt < max_attempts
+
+          sleep_after_attempt(
+            attempt: attempt,
+            base_sleep_time: sleep_between_attempts,
+            exponential_backoff: exponential_backoff
+          )
+
+          attempt += 1
+          previous_failure = exception
+          retry
+        else
+          return_value
+        end
+      end
+
+      private
+
+      def sleep_after_attempt(attempt:, base_sleep_time:, exponential_backoff:)
+        return unless base_sleep_time > 0
+
+        time_to_sleep = if exponential_backoff
+          calculate_exponential_backoff(attempt: attempt, base_sleep_time: base_sleep_time)
+        else
+          base_sleep_time
+        end
+
+        Kernel.sleep(time_to_sleep)
+      end
+
+      def calculate_exponential_backoff(attempt:, base_sleep_time:)
+        # Double the max sleep time for every attempt (exponential backoff).
+        # Randomize sleep time for more optimal request distribution.
+        lower_bound = Float(base_sleep_time)
+        upper_bound = lower_bound * (2 << (attempt - 2))
+        Kernel.rand(lower_bound..upper_bound)
+      end
+    end
+  end
+end

data/lib/github/authentication/token.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module Github
+  module Authentication
+    class Token
+      attr_reader :expires_at
+
+      def self.from_json(data)
+        return nil if data.nil?
+
+        token, expires_at = JSON.parse(data).values_at('token', 'expires_at')
+        new(token, Time.iso8601(expires_at))
+      rescue JSON::ParserError
+        nil
+      end
+
+      def initialize(token, expires_at)
+        @token = token
+        @expires_at = expires_at
+      end
+
+      def expires_in
+        (@expires_at - Time.now.utc).to_i / 60
+      end
+
+      def expired?(seconds_ttl: 300)
+        @expires_at < Time.now.utc + seconds_ttl
+      end
+
+      def valid_for?(ttl)
+        !expired?(seconds_ttl: ttl)
+      end
+
+      def inspect
+        # Truncating the token should be enough not to leak it in error messages etc
+        "#<#{self.class.name} @token=#{truncate(@token, 10)} @expires_at=#{@expires_at}>"
+      end
+
+      def to_json
+        JSON.dump(token: @token, expires_at: @expires_at.iso8601)
+      end
+
+      def to_s
+        @token
+      end
+      alias_method :to_str, :to_s
+
+      private
+
+      def truncate(string, max)
+        string.length > max ? "#{string[0...max]}..." : string
+      end
+    end
+  end
+end

data/lib/github/authentication/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Github
+  module Authentication
+    VERSION = "0.1.0"
+  end
+end

metadata

@@ -0,0 +1,210 @@
+--- !ruby/object:Gem::Specification
+name: github-authentication
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Frederik Dudzik
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2020-05-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.17'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.17'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.1'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.52'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.52'
+- !ruby/object:Gem::Dependency
+  name: rubocop-shopify
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Authenticate with GitHub
+email:
+- frederik.dudzik@shopify.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/workflows/tests.yml"
+- ".gitignore"
+- ".rubocop.yml"
+- ".travis.yml"
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/rake
+- bin/rubocop
+- bin/setup
+- github-authentication.gemspec
+- lib/github/authentication.rb
+- lib/github/authentication/cache.rb
+- lib/github/authentication/generator.rb
+- lib/github/authentication/generator/app.rb
+- lib/github/authentication/generator/personal.rb
+- lib/github/authentication/http.rb
+- lib/github/authentication/object_cache.rb
+- lib/github/authentication/provider.rb
+- lib/github/authentication/retriable.rb
+- lib/github/authentication/token.rb
+- lib/github/authentication/version.rb
+homepage: https://github.com/Shopify/github-authentication
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/Shopify/github-authentication
+  source_code_uri: https://github.com/Shopify/github-authentication
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: GitHub authetication
+test_files: []