gitlab-mail_room 0.0.14 → 0.0.18

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6be406940356ef2cd8f9f0121c5d605cb4dabdcf1a8dba6a5d8ccc6726cc6977
-  data.tar.gz: 55d0a8aece3f5ec5c69ded80c2de37b609e96d475767ea77bc42be4c9be6fa99
+  metadata.gz: b35546ba9ef63ad546144c97515d7203a56182abb48be0b4975061e7c8598555
+  data.tar.gz: c6d96b85320aeafd0b41004e6b606aad1a3642de8ebee52734becc92de387185
 SHA512:
-  metadata.gz: 758daf7cb8ff1494f54f145400e9e46b93490a876c6a544268492c4cad3487b970798f9c73afaf63e9001420f8b08b861c7e8c0210c3eb86850f5576b687d29c
-  data.tar.gz: 6d0b716a7fe2c8f0f2d1c4042ca1f5eb2a7056b27c67aaa9b9b86d3de1c6658fb8a1ee21ff33da1e7f1c298612a7a795610e543c42ed37e291a67830a38ddfa5
+  metadata.gz: 9732c479849c02606adfda10314f3cfd5d83a8c1283d4054b5464480a3eae20f1414e0db0147a8b8cf383fe0fd4d073fcc0f522377792a4fed0d64daa621ad6f
+  data.tar.gz: a7d5f829af0796d81deeb8b4b570c932723f0bcfb0d80f322e9bed02dddd809a286cac2beff486c199b992d3d93d1646f268e15b983f8e3e0eae6a8c0c36fb3c

data/.ruby-version

@@ -1 +1 @@
-2.7.2
+2.7.5

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## mail_room 0.10.1 ##
+
+* Fix db attribute on redis URL PR#130 - @jarkaK
+
 ## mail_room 0.10.0 ##
 
 * Remove imap backports

data/CONTRIBUTING.md

@@ -0,0 +1,40 @@
+## Developer Certificate of Origin and License
+
+By contributing to GitLab B.V., you accept and agree to the following terms and
+conditions for your present and future contributions submitted to GitLab B.V.
+Except for the license granted herein to GitLab B.V. and recipients of software
+distributed by GitLab B.V., you reserve all right, title, and interest in and to
+your Contributions.
+
+All contributions are subject to the Developer Certificate of Origin and license set out at [docs.gitlab.com/ce/legal/developer_certificate_of_origin](https://docs.gitlab.com/ce/legal/developer_certificate_of_origin).
+
+_This notice should stay as the first item in the CONTRIBUTING.md file._
+
+## Code of conduct
+
+As contributors and maintainers of this project, we pledge to respect all people
+who contribute through reporting issues, posting feature requests, updating
+documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free
+experience for everyone, regardless of level of experience, gender, gender
+identity and expression, sexual orientation, disability, personal appearance,
+body size, race, ethnicity, age, or religion.
+
+Examples of unacceptable behavior by participants include the use of sexual
+language or imagery, derogatory comments or personal attacks, trolling, public
+or private harassment, insults, or other unprofessional conduct.
+
+Project maintainers have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct. Project maintainers who do not follow the
+Code of Conduct may be removed from the project team.
+
+This code of conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior can be
+reported by emailing contact@gitlab.com.
+
+This Code of Conduct is adapted from the [Contributor Covenant](https://contributor-covenant.org), version 1.1.0,
+available at [https://contributor-covenant.org/version/1/1/0/](https://contributor-covenant.org/version/1/1/0/).

data/README.md

@@ -138,6 +138,17 @@ You will also need to install `faraday` or `letter_opener` if you use the `postb
     :delivery_options:
       :redis_url: redis://localhost:6379
       :worker: EmailReceiverWorker
+  -
+    :email: "user8@gmail.com"
+    :password: "password"
+    :name: "inbox"
+    :delivery_method: postback
+    :delivery_options:
+      :delivery_url: "http://localhost:3000/inbox"
+      :jwt_auth_header: "Mailroom-Api-Request"
+      :jwt_issuer: "mailroom"
+      :jwt_algorithm: "HS256"
+      :jwt_secret_path: "/etc/secrets/mailroom/.mailroom_secret"
 ```
 
 **Note:** If using `delete_after_delivery`, you also probably want to use

data/lib/mail_room/arbitration/redis.rb

@@ -31,7 +31,7 @@ module MailRoom
         # Any subsequent failure in the instance which gets the lock will be dealt
         # with by the expiration, at which time another instance can pick up the
         # message and try again.
-        client.set(key, 1, {nx: true, ex: expiration})
+        client.set(key, 1, nx: true, ex: expiration)
       end
 
       private

data/lib/mail_room/connection.rb

@@ -6,16 +6,23 @@ module MailRoom
 
     def initialize(mailbox)
       @mailbox = mailbox
+      @stopped = false
     end
 
     def on_new_message(&block)
       @new_message_handler = block
     end
 
+    def stopped?
+      @stopped
+    end
+
     def wait
       raise NotImplementedError
     end
 
-    def quit; end
+    def quit
+      @stopped = true
+    end
   end
 end

data/lib/mail_room/delivery/postback.rb

@@ -1,11 +1,12 @@
 require 'faraday'
+require "mail_room/jwt"
 
 module MailRoom
   module Delivery
     # Postback Delivery method
     # @author Tony Pitale
     class Postback
-      Options = Struct.new(:url, :token, :username, :password, :logger, :content_type) do
+      Options = Struct.new(:url, :token, :username, :password, :logger, :content_type, :jwt) do
         def initialize(mailbox)
           url =
             mailbox.delivery_url ||
@@ -17,6 +18,8 @@ module MailRoom
             mailbox.delivery_options[:delivery_token] ||
             mailbox.delivery_options[:token]
 
+          jwt = initialize_jwt(mailbox.delivery_options)
+
           username = mailbox.delivery_options[:username]
           password = mailbox.delivery_options[:password]
 
@@ -24,16 +27,31 @@ module MailRoom
 
           content_type = mailbox.delivery_options[:content_type]
 
-          super(url, token, username, password, logger, content_type)
+          super(url, token, username, password, logger, content_type, jwt)
         end
 
         def token_auth?
           !self[:token].nil?
         end
 
+        def jwt_auth?
+          self[:jwt].valid?
+        end
+
         def basic_auth?
           !self[:username].nil? && !self[:password].nil?
         end
+
+        private
+
+        def initialize_jwt(delivery_options)
+          ::MailRoom::JWT.new(
+            header: delivery_options[:jwt_auth_header],
+            secret_path: delivery_options[:jwt_secret_path],
+            algorithm: delivery_options[:jwt_algorithm],
+            issuer: delivery_options[:jwt_issuer]
+          )
+        end
       end
 
       # Build a new delivery, hold the delivery options
@@ -60,13 +78,27 @@ module MailRoom
         connection.post do |request|
           request.url @delivery_options.url
           request.body = message
-          # request.options[:timeout] = 3
-          request.headers['Content-Type'] = @delivery_options.content_type unless @delivery_options.content_type.nil?
+          config_request_content_type(request)
+          config_request_jwt_auth(request)
         end
 
         @delivery_options.logger.info({ delivery_method: 'Postback', action: 'message pushed', url: @delivery_options.url })
         true
       end
+
+      private
+
+      def config_request_content_type(request)
+        return if @delivery_options.content_type.nil?
+
+        request.headers['Content-Type'] = @delivery_options.content_type
+      end
+
+      def config_request_jwt_auth(request)
+        return unless @delivery_options.jwt_auth?
+
+        request.headers[@delivery_options.jwt.header] = @delivery_options.jwt.token
+      end
     end
   end
 end

data/lib/mail_room/jwt.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+require 'faraday'
+require 'securerandom'
+
+module MailRoom
+  # Responsible for validating and generating JWT token
+  class JWT
+    DEFAULT_ISSUER = 'mailroom'
+    DEFAULT_ALGORITHM = 'HS256'
+
+    attr_reader :header, :secret_path, :issuer, :algorithm
+
+    def initialize(header:, secret_path:, issuer:, algorithm:)
+      @header = header
+      @secret_path = secret_path
+      @issuer = issuer || DEFAULT_ISSUER
+      @algorithm = algorithm || DEFAULT_ALGORITHM
+    end
+
+    def valid?
+      [@header, @secret_path, @issuer, @algorithm].none?(&:nil?)
+    end
+
+    def token
+      return nil unless valid?
+
+      secret = Base64.strict_decode64(File.read(@secret_path).chomp)
+      payload = {
+        nonce: SecureRandom.hex(12),
+        iat: Time.now.to_i, # https://github.com/jwt/ruby-jwt#issued-at-claim
+        iss: @issuer
+      }
+      ::JWT.encode payload, secret, @algorithm
+    end
+  end
+end

data/lib/mail_room/microsoft_graph/connection.rb

@@ -22,6 +22,8 @@ module MailRoom
       end
 
       def wait
+        return if stopped?
+
         process_mailbox
 
         @throttled_count = 0
@@ -42,17 +44,30 @@ module MailRoom
       private
 
       def wait_for_new_messages
-        sleep poll_interval
+        sleep_while_running(poll_interval)
       end
 
       def backoff
-        sleep backoff_secs
+        sleep_while_running(backoff_secs)
       end
 
       def backoff_secs
         [60 * 10, 2**throttled_count].min
       end
 
+      # Unless wake up periodically, we won't notice that the thread was stopped
+      # if we sleep the entire interval.
+      def sleep_while_running(sleep_interval)
+        sleep_interval.times do
+          do_sleep(1)
+          return if stopped?
+        end
+      end
+
+      def do_sleep(interval)
+        sleep(interval)
+      end
+
       def reset
         @token = nil
         @throttled_count = 0

data/lib/mail_room/version.rb

@@ -1,4 +1,4 @@
 module MailRoom
   # Current version of gitlab-mail_room gem
-  VERSION = "0.0.14"
+  VERSION = "0.0.18"
 end

data/mail_room.gemspec

@@ -19,6 +19,7 @@ Gem::Specification.new do |gem|
 
   gem.add_dependency             "net-imap", ">= 0.2.1"
   gem.add_dependency             "oauth2", "~> 1.4.4"
+  gem.add_dependency             "jwt", ">= 2.0"
 
   # Pinning io-wait to 0.1.0, which is the last version to support Ruby < 3
   gem.add_dependency              "io-wait", "~> 0.1.0"
@@ -34,7 +35,7 @@ Gem::Specification.new do |gem|
   gem.add_development_dependency "faraday"
   gem.add_development_dependency "mail"
   gem.add_development_dependency "letter_opener"
-  gem.add_development_dependency "redis", "~> 3.3.1"
+  gem.add_development_dependency "redis", "~> 4"
   gem.add_development_dependency "redis-namespace"
   gem.add_development_dependency "pg"
   gem.add_development_dependency "charlock_holmes"

data/spec/fixtures/jwt_secret

@@ -0,0 +1 @@
+aGVsbG93b3JsZA==

data/spec/lib/arbitration/redis_spec.rb

@@ -15,6 +15,7 @@ describe MailRoom::Arbitration::Redis do
 
   # Private, but we don't care.
   let(:redis) { subject.send(:client) }
+  let(:raw_client) { redis._client }
 
   describe '#deliver?' do
     context "when called the first time" do
@@ -95,7 +96,7 @@ describe MailRoom::Arbitration::Redis do
       it 'client has same specified url' do
         subject.deliver?(123)
 
-        expect(redis.client.options[:url]).to eq redis_url
+        expect(raw_client.options[:url]).to eq redis_url
       end
 
       it 'client is a instance of Redis class' do
@@ -137,10 +138,10 @@ describe MailRoom::Arbitration::Redis do
       before { ::Redis::Client::Connector::Sentinel.any_instance.stubs(:resolve).returns(sentinels) }
 
       it 'client has same specified sentinel params' do
-        expect(redis.client.instance_variable_get(:@connector)).to be_a Redis::Client::Connector::Sentinel
-        expect(redis.client.options[:host]).to eq('sentinel-master')
-        expect(redis.client.options[:password]).to eq('mypassword')
-        expect(redis.client.options[:sentinels]).to eq(sentinels)
+        expect(raw_client.instance_variable_get(:@connector)).to be_a Redis::Client::Connector::Sentinel
+        expect(raw_client.options[:host]).to eq('sentinel-master')
+        expect(raw_client.options[:password]).to eq('mypassword')
+        expect(raw_client.options[:sentinels]).to eq(sentinels)
       end
     end
   end

data/spec/lib/delivery/postback_spec.rb

@@ -65,11 +65,10 @@ describe MailRoom::Delivery::Postback do
           }
         })}
 
-  
         let(:delivery_options) {
           MailRoom::Delivery::Postback::Options.new(mailbox)
         }
-  
+
         it 'posts the message with faraday' do
           connection = stub
           request = stub
@@ -82,10 +81,59 @@ describe MailRoom::Delivery::Postback do
           connection.expects(:basic_auth).with('user1', 'password123abc')
 
           MailRoom::Delivery::Postback.new(delivery_options).deliver('a message')
-          
+
           expect(request.headers['Content-Type']).to eq('text/plain')
         end
       end
+
+      context 'with jwt token in the delivery options' do
+        let(:mailbox) {build_mailbox({
+          delivery_options: {
+            url: 'http://localhost/inbox',
+            jwt_auth_header: "Mailroom-Api-Request",
+            jwt_issuer: "mailroom",
+            jwt_algorithm: "HS256",
+            jwt_secret_path: "secret_path"
+          }
+        })}
+
+        let(:delivery_options) {
+          MailRoom::Delivery::Postback::Options.new(mailbox)
+        }
+
+        it 'posts the message with faraday' do
+          connection = stub
+          request = stub
+          Faraday.stubs(:new).returns(connection)
+
+          connection.expects(:post).yields(request).twice
+          request.stubs(:url)
+          request.stubs(:body=)
+          request.stubs(:headers).returns({})
+
+          jwt = stub
+          MailRoom::JWT.expects(:new).with(
+            header: 'Mailroom-Api-Request',
+            issuer: 'mailroom',
+            algorithm: 'HS256',
+            secret_path: 'secret_path'
+          ).returns(jwt)
+          jwt.stubs(:valid?).returns(true)
+          jwt.stubs(:header).returns('Mailroom-Api-Request')
+          jwt.stubs(:token).returns('a_jwt_token')
+
+          delivery = MailRoom::Delivery::Postback.new(delivery_options)
+
+          delivery.deliver('a message')
+          expect(request.headers['Mailroom-Api-Request']).to eql('a_jwt_token')
+
+          # A different jwt token for the second time
+          jwt.stubs(:token).returns('another_jwt_token')
+
+          delivery.deliver('another message')
+          expect(request.headers['Mailroom-Api-Request']).to eql('another_jwt_token')
+        end
+      end
     end
   end
 end

data/spec/lib/delivery/sidekiq_spec.rb

@@ -4,6 +4,7 @@ require 'mail_room/delivery/sidekiq'
 describe MailRoom::Delivery::Sidekiq do
   subject { described_class.new(options) }
   let(:redis) { subject.send(:client) }
+  let(:raw_client) { redis._client }
   let(:options) { MailRoom::Delivery::Sidekiq::Options.new(mailbox) }
 
   describe '#options' do
@@ -20,7 +21,7 @@ describe MailRoom::Delivery::Sidekiq do
 
       context 'with simple redis url' do
         it 'client has same specified redis_url' do
-          expect(redis.client.options[:url]).to eq(redis_url)
+          expect(raw_client.options[:url]).to eq(redis_url)
         end
 
         it 'client is a instance of RedisNamespace class' do
@@ -39,7 +40,7 @@ describe MailRoom::Delivery::Sidekiq do
         end
 
         it 'client has correct redis_url' do
-          expect(redis.client.options[:url]).to eq(redis_url)
+          expect(raw_client.options[:url]).to eq(redis_url)
         end
 
 
@@ -87,10 +88,10 @@ describe MailRoom::Delivery::Sidekiq do
       before { ::Redis::Client::Connector::Sentinel.any_instance.stubs(:resolve).returns(sentinels) }
 
       it 'client has same specified sentinel params' do
-        expect(redis.client.instance_variable_get(:@connector)).to be_a Redis::Client::Connector::Sentinel
-        expect(redis.client.options[:host]).to eq('sentinel-master')
-        expect(redis.client.options[:password]).to eq('mypassword')
-        expect(redis.client.options[:sentinels]).to eq(sentinels)
+        expect(raw_client.instance_variable_get(:@connector)).to be_a Redis::Client::Connector::Sentinel
+        expect(raw_client.options[:host]).to eq('sentinel-master')
+        expect(raw_client.options[:password]).to eq('mypassword')
+        expect(raw_client.options[:sentinels]).to eq(sentinels)
       end
     end
 

data/spec/lib/jwt_spec.rb

@@ -0,0 +1,80 @@
+require 'spec_helper'
+
+require 'mail_room/jwt'
+
+describe MailRoom::JWT do
+  let(:secret_path) { File.expand_path('../fixtures/jwt_secret', File.dirname(__FILE__)) }
+  let(:secret) { Base64.strict_decode64(File.read(secret_path).chomp) }
+
+  let(:standard_config) do
+    {
+      secret_path: secret_path,
+      issuer: 'mailroom',
+      header: 'Mailroom-Api-Request',
+      algorithm: 'HS256'
+    }
+  end
+
+  describe '#token' do
+    let(:jwt) { described_class.new(**standard_config) }
+
+    it 'generates a valid jwt token' do
+      token = jwt.token
+      expect(token).not_to be_empty
+
+      payload = nil
+      expect do
+        payload = JWT.decode(token, secret, true, iss: 'mailroom', verify_iat: true, verify_iss: true, algorithm: 'HS256')
+      end.not_to raise_error
+      expect(payload).to be_an(Array)
+      expect(payload).to match(
+        [
+          a_hash_including(
+            'iss' => 'mailroom',
+            'nonce' => be_a(String),
+            'iat' => be_a(Integer)
+          ),
+          { 'alg' => 'HS256' }
+        ]
+      )
+    end
+
+    it 'generates a different token for each invocation' do
+      expect(jwt.token).not_to eql(jwt.token)
+    end
+  end
+
+  describe '#valid?' do
+    it 'returns true if all essential components are present' do
+      jwt = described_class.new(**standard_config)
+      expect(jwt.valid?).to eql(true)
+    end
+
+    it 'returns true if header and secret path are present' do
+      jwt = described_class.new(
+        secret_path: secret_path,
+        header: 'Mailroom-Api-Request',
+        issuer: nil,
+        algorithm: nil
+      )
+      expect(jwt.valid?).to eql(true)
+      expect(jwt.issuer).to eql(described_class::DEFAULT_ISSUER)
+      expect(jwt.algorithm).to eql(described_class::DEFAULT_ALGORITHM)
+    end
+
+    it 'returns false if either header or secret_path are missing' do
+      expect(described_class.new(
+        secret_path: nil,
+        header: 'Mailroom-Api-Request',
+        issuer: nil,
+        algorithm: nil
+      ).valid?).to eql(false)
+      expect(described_class.new(
+        secret_path: secret_path,
+        header: nil,
+        issuer: nil,
+        algorithm: nil
+      ).valid?).to eql(false)
+    end
+  end
+end

data/spec/lib/microsoft_graph/connection_spec.rb

@@ -17,34 +17,53 @@ describe MailRoom::MicrosoftGraph::Connection do
   let(:base_url) { 'https://graph.microsoft.com/v1.0/users/user@example.com/mailFolders/inbox/messages' }
   let(:message_base_url) { 'https://graph.microsoft.com/v1.0/users/user@example.com/messages' }
 
+  let(:connection) { described_class.new(mailbox) }
+  let(:uid) { 1 }
+  let(:access_token) { SecureRandom.hex }
+  let(:refresh_token) { SecureRandom.hex }
+  let(:expires_in) { Time.now + 3600 }
+  let(:unread_messages_body) { '' }
+  let(:status) { 200 }
+  let!(:stub_token) do
+    stub_request(:post, "https://login.microsoftonline.com/#{tenant_id}/oauth2/v2.0/token").to_return(
+      body: { 'access_token' => access_token, 'refresh_token' => refresh_token, 'expires_in' => expires_in }.to_json,
+      headers: { 'Content-Type' => 'application/json' }
+    )
+  end
+  let!(:stub_unread_messages_request) do
+    stub_request(:get, "#{base_url}?$filter=isRead%20eq%20false").to_return(
+      status: status,
+      body: unread_messages_body.to_json,
+      headers: { 'Content-Type' => 'application/json' }
+    )
+  end
+
   before do
     WebMock.enable!
   end
 
-  context '#wait' do
-    let(:connection) { described_class.new(mailbox) }
-    let(:uid) { 1 }
-    let(:access_token) { SecureRandom.hex }
-    let(:refresh_token) { SecureRandom.hex }
-    let(:expires_in) { Time.now + 3600 }
-    let(:unread_messages_body) { '' }
-    let(:status) { 200 }
-    let!(:stub_token) do
-      stub_request(:post, "https://login.microsoftonline.com/#{tenant_id}/oauth2/v2.0/token").to_return(
-        body: { 'access_token' => access_token, 'refresh_token' => refresh_token, 'expires_in' => expires_in }.to_json,
-        headers: { 'Content-Type' => 'application/json' }
-      )
+  context '#quit' do
+    it 'returns false' do
+      expect(connection.stopped?).to be_falsey
     end
-    let!(:stub_unread_messages_request) do
-      stub_request(:get, "#{base_url}?$filter=isRead%20eq%20false").to_return(
-        status: status,
-        body: unread_messages_body.to_json,
-        headers: { 'Content-Type' => 'application/json' }
-      )
+
+    it 'returns true' do
+      connection.quit
+
+      expect(connection.stopped?).to be_truthy
+    end
+
+    it 'does not attempt to process the mailbox' do
+      connection.quit
+
+      connection.expects(:process_mailbox).times(0)
+      connection.wait
     end
+  end
 
+  context '#wait' do
     before do
-      connection.stubs(:wait_for_new_messages)
+      connection.stubs(:do_sleep)
     end
 
     describe 'poll interval' do
@@ -52,6 +71,12 @@ describe MailRoom::MicrosoftGraph::Connection do
         expect(connection.send(:poll_interval)).to eq(60)
       end
 
+      it 'calls do_sleep 60 times' do
+        connection.expects(:do_sleep).with(1).times(60)
+
+        connection.wait
+      end
+
       context 'interval set to 10' do
         let(:options) do
           {
@@ -68,6 +93,12 @@ describe MailRoom::MicrosoftGraph::Connection do
         it 'sets the poll interval to 10' do
           expect(connection.send(:poll_interval)).to eq(10)
         end
+
+        it 'calls do_sleep 10 times' do
+          connection.expects(:do_sleep).with(1).times(10)
+
+          connection.wait
+        end
       end
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-mail_room
 version: !ruby/object:Gem::Version
-  version: 0.0.14
+  version: 0.0.18
 platform: ruby
 authors:
 - Tony Pitale
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-10-21 00:00:00.000000000 Z
+date: 2021-12-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: net-imap
@@ -38,6 +38,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.4.4
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: io-wait
   requirement: !ruby/object:Gem::Requirement
@@ -184,14 +198,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.3.1
+        version: '4'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.3.1
+        version: '4'
 - !ruby/object:Gem::Dependency
   name: redis-namespace
   requirement: !ruby/object:Gem::Requirement
@@ -265,6 +279,7 @@ files:
 - ".travis.yml"
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
+- CONTRIBUTING.md
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -290,6 +305,7 @@ files:
 - lib/mail_room/imap.rb
 - lib/mail_room/imap/connection.rb
 - lib/mail_room/imap/message.rb
+- lib/mail_room/jwt.rb
 - lib/mail_room/logger/structured.rb
 - lib/mail_room/mailbox.rb
 - lib/mail_room/mailbox_watcher.rb
@@ -299,6 +315,7 @@ files:
 - lib/mail_room/version.rb
 - logfile.log
 - mail_room.gemspec
+- spec/fixtures/jwt_secret
 - spec/fixtures/test_config.yml
 - spec/lib/arbitration/redis_spec.rb
 - spec/lib/cli_spec.rb
@@ -313,6 +330,7 @@ files:
 - spec/lib/health_check_spec.rb
 - spec/lib/imap/connection_spec.rb
 - spec/lib/imap/message_spec.rb
+- spec/lib/jwt_spec.rb
 - spec/lib/logger/structured_spec.rb
 - spec/lib/mailbox_spec.rb
 - spec/lib/mailbox_watcher_spec.rb
@@ -322,7 +340,7 @@ files:
 homepage: http://github.com/tpitale/mail_room
 licenses: []
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -337,12 +355,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
-signing_key: 
+rubygems_version: 3.1.6
+signing_key:
 specification_version: 4
 summary: mail_room will proxy email (gmail) from IMAP to a callback URL, logger, or
   letter_opener
 test_files:
+- spec/fixtures/jwt_secret
 - spec/fixtures/test_config.yml
 - spec/lib/arbitration/redis_spec.rb
 - spec/lib/cli_spec.rb
@@ -357,6 +376,7 @@ test_files:
 - spec/lib/health_check_spec.rb
 - spec/lib/imap/connection_spec.rb
 - spec/lib/imap/message_spec.rb
+- spec/lib/jwt_spec.rb
 - spec/lib/logger/structured_spec.rb
 - spec/lib/mailbox_spec.rb
 - spec/lib/mailbox_watcher_spec.rb