mauth-client 7.0.0 → 7.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2bba0c6eb1611b4662a09c82bb2a0493ccdf10ad18519ca6cdfec4436da12fed
-  data.tar.gz: ea9cc4c97792777115f3e612a2baa1b7135c43f7b34302e66150a962f8dfd422
+  metadata.gz: 26dbb5eeff53416bf247a264a415eb7223359a142a2150e75734c0f62e824256
+  data.tar.gz: 6e73c8fdc1637927ba7625dc33b0e1ab0d8239f5e086c68a74d4a46385479940
 SHA512:
-  metadata.gz: 7cd8843becf3ad4eb6595fd2de37fe17d459178c0ee2648794e117fa4cb13283fa359a3d154031fc466a4448a796616d4727e3f1e4cae725f797ec33a8a540b8
-  data.tar.gz: d43181445129e3a8fa350547d29bb10e8b02ef9762d35ff85b4fb87a6f26c47c08a2a1c227ff7618f07544dd6deebb8c6fe60ddfe2ebeda6fa12f3fd89a74807
+  metadata.gz: c4eb6c25146c155208258e513ed64c9215c39dc0f250078db7fc57288d66df7f1d64f68aa41382be6c22ed25ed8dcf98249421433b93f2feb8ef7377d5922825
+  data.tar.gz: a06299bb7874d516e4391e33edab52c8c4d1ea8bef8ee39ca4e325115700b241ae25a0fe50ee49dee11029607056a6043922f2a0246c2393ad31aafa479341ab

data/.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,8 @@
+
+
+
+## Checklist
+
+- [ ] rebased onto latest `master`
+- [ ] followed the [Conventional Commits](https://www.conventionalcommits.org) convention
+- [ ] appraisal files updated (`bundle exec appraisal update`)

data/.github/dependabot.yml

@@ -0,0 +1,24 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+
+updates:
+  - package-ecosystem: bundler
+    directory: /
+    insecure-external-code-execution: allow
+    schedule:
+      interval: weekly
+    allow:
+      - dependency-type: all
+    groups:
+      dependencies:
+        patterns:
+        - "*"
+
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly

data/.github/workflows/ci.yml

@@ -0,0 +1,53 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+
+name: CI
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+
+    concurrency:
+      # Cancel intermediate builds
+      group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.ruby-version }}-${{ matrix.appraisal }}
+      cancel-in-progress: true
+
+    strategy:
+      matrix:
+        ruby-version: ['2.7', '3.0', '3.1', '3.2', '3.3']
+        appraisal: ['faraday_1.x', 'faraday_2.x']
+
+    env:
+      BUNDLE_JOBS: 4
+      BUNDLE_GEMFILE: gemfiles/${{ matrix.appraisal }}.gemfile
+
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+
+    - name: Run tests
+      run: |
+        bundle exec rspec
+        bundle exec rubocop
+        bundle exec rake benchmark

data/.github/workflows/fossa.yml

@@ -0,0 +1,17 @@
+name: FOSSA License Check
+
+on:
+  push:
+    # branches:
+    #   - master
+  pull_request:
+
+jobs:
+  fossa-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: mdsol/fossa_ci_scripts@main
+        env:
+          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
+          FOSSA_FAIL_BUILD: false

data/.github/workflows/publish.yml

@@ -0,0 +1,34 @@
+name: Publish
+
+on:
+  release:
+    types:
+      - published
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    name: Build + Publish
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: 3.3
+
+    - name: Publish to RubyGems
+      run: |
+        mkdir -p $HOME/.gem
+        touch $HOME/.gem/credentials
+        chmod 0600 $HOME/.gem/credentials
+        printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+        gem build *.gemspec
+        gem push *.gem
+      env:
+        GEM_HOST_API_KEY: "${{ secrets.RUBYGEMS_AUTH_TOKEN }}"

data/.github/workflows/release-please.yml

@@ -0,0 +1,16 @@
+name: release-please
+
+on:
+  push:
+    branches:
+      - master
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  release-please:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: google-github-actions/release-please-action@v4

data/.release-please-manifest.json

@@ -0,0 +1,3 @@
+{
+  ".": "7.2.0"
+}

data/Appraisals

@@ -1,11 +1,7 @@
 # frozen_string_literal: true
 
-appraise 'faraday_0.x' do
-  gem 'faraday', '~> 0.9'
-end
-
 appraise 'faraday_1.x' do
-  gem 'faraday', '~> 1.0'
+  gem 'faraday', '~> 1.10'
 end
 
 appraise 'faraday_2.x' do

data/CHANGELOG.md

@@ -1,3 +1,17 @@
+## v7.1.0
+- Add MAuth::PrivateKeyHelper.load method to process RSA private keys.
+- Update Faraday configuration in SecurityTokenCacher:
+  - Add the `MAUTH_USE_RAILS_CACHE` environment variable to make `Rails.cache` usable to cache public keys.
+  - Shorten timeout for connection, add retries, and use persistent HTTP connections.
+- Drop support for Faraday < 1.9.
+
+## [7.2.0](https://github.com/mdsol/mauth-client-ruby/compare/v7.1.0...v7.2.0) (2024-04-25)
+
+
+### Features
+
+* Support Ruby 3.3 ([245bb06](https://github.com/mdsol/mauth-client-ruby/commit/245bb06d8abb86bd6a4b557b84bc9d0898254a95))
+
 ## v7.0.0
 - Remove dice_bag and set configuration through environment variables directly.
 - Rename the `V2_ONLY_SIGN_REQUESTS`, `V2_ONLY_AUTHENTICATE`, `DISABLE_FALLBACK_TO_V1_ON_V2_FAILURE` and `V1_ONLY_SIGN_REQUESTS` environment variables.

data/README.md

@@ -1,5 +1,4 @@
 # MAuth-Client
-[![Build Status](https://travis-ci.org/mdsol/mauth-client-ruby.svg?branch=master)](https://travis-ci.org/mdsol/mauth-client-ruby)
 
 This gem consists of MAuth::Client, a class to manage the information needed to both sign and authenticate requests
 and responses, and middlewares for Rack and Faraday which leverage the client's capabilities.
@@ -30,7 +29,7 @@ $ gem install mauth-client
 Configuration is set through environment variables:
 
 - `MAUTH_PRIVATE_KEY`
-  - Required for signing and for authenticating responses.
+  - Required for signing and for authentication.
 
 - `MAUTH_PRIVATE_KEY_FILE`
   - May be used instead of `MAUTH_PRIVATE_KEY`, mauth-client will load the file instead.
@@ -56,6 +55,8 @@ Configuration is set through environment variables:
 - `MAUTH_V1_ONLY_SIGN_REQUESTS`
   - If true, all outgoing requests will be signed with only the V1 protocol. Defaults to true. Note, cannot be `true` if `MAUTH_V2_ONLY_SIGN_REQUESTS` is also `true`.
 
+- `MAUTH_USE_RAILS_CACHE`
+  - If true, `Rails.cache` is used to cache public keys for authentication.
 
 This is simply loaded and passed to either middleware or directly to a MAuth::Client instance.
 See the documentation for [MAuth::Client#initialize](lib/mauth/client.rb) for more details of what it accepts. Usually you will want:
@@ -67,10 +68,10 @@ MAUTH_CONF = MAuth::Client.default_config
 The `.default_config` method takes a number of options to tweak its expectations regarding defaults. See the
 documentation for [MAuth::Client.default_config](lib/mauth/client.rb) for details.
 
-The `private_key` and `app_uuid` enable local authentication (see section [Local Authentication](#local-authentication) below).
+The `private_key` and `app_uuid` are required for signing and for authentication.
 They’ll only work if the `app_uuid` has been stored in MAuth with a public key corresponding to the `private_key`.
 
-The `mauth_baseurl` and `mauth_api_version` are required.
+The `mauth_baseurl` and `mauth_api_version` are required for authentication.
 These tell the MAuth-Client where and how to communicate with the MAuth service.
 
 The `v2_only_sign_requests` and `v2_only_authenticate` flags were added to facilitate conversion from the MAuth V1 protocol to the MAuth
@@ -248,9 +249,7 @@ Only use the `MAuth::Faraday::ResponseAuthenticator` middleware if you are expec
 `MAUTH_CONF` is the same as in Rack middleware, and as with the Rack middleware is used to initialize a `MAuth::Client` instance.
 Also as with the Rack middleware, you can pass in a `MAuth::Client` instance you are using yourself on the `:mauth_client` key, and omit any other configuration.
 
-Behavior is likewise similar to rack: if a `private_key` and `app_uuid` are specified, then ResponseAuthenticator will authenticate locally (see [Local Authentication](#local-authentication) below); if not, then it will go to the
-mauth service to authenticate.
-`MAuth::Faraday::RequestSigner` cannot be used without a `private_key` and `app_uuid`.
+Both `MAuth::Faraday::ResponseAuthenticator` and `MAuth::Faraday::RequestSigner` cannot be used without a `private_key` and `app_uuid`.
 
 If a response which does not appear to be authentic is received by the `MAuth::Faraday::ResponseAuthenticator` middleware, a `MAuth::InauthenticError` will be raised.
 
@@ -272,18 +271,6 @@ request = MAuth::Request.new(verb: my_verb, request_url: my_request_url, body: m
 ```
 `mauth_client.signed_headers(request)` will then return mauth headers which you can apply to your request.
 
-## Local Authentication
-
-When doing local authentication, the MAuth-Client will periodically fetch and cache public keys from MAuth.
-Each public key will be cached locally for 60 seconds.
-Applications which connect frequently to the app will benefit most from this caching strategy.
-When fetching public keys from MAuth, the following rules apply:
-
-1. If MAuth returns the public key for a given `app_uuid`, MAuth-Client will refresh its local cache with this new public key.
-2. If MAuth cannot find the public key for a given `app_uuid` (i.e. returns a 404 status code), MAuth-Client will remove the corresponding public key from its local cache and authentication of any message from the application with this public key will fail as a consequence.
-3. If the request to MAuth times out or MAuth returns a 500 status code, the requested public key will not be removed from local MAuth-Client cache (if it exists there in the first place).
-   The cached version will continue to be used for local authentication until MAuth::Client is able to again communicate with MAuth.
-
 ## Warning
 
 During development classes are typically not cached in Rails applications.

data/UPGRADE_GUIDE.md

@@ -8,7 +8,7 @@
 Version 7.0.0 drops dice_bag.
 
 Please remove the following files and update the `.gitignore` file accordingly:
-- `config/initializers/mauth.rb.dice`
+- `config/initializers/mauth.rb.dice` (rename to `mauth.rb` and remove the top line `<%= warning.as_yaml_comment %>`)
 - `config/mauth_key`
 - `config/mauth_key.dice`
 - `config/mauth.yml`

data/gemfiles/faraday_1.x.gemfile

@@ -2,7 +2,7 @@
 
 source "https://rubygems.org"
 
-gem "faraday", "~> 1.0"
+gem "faraday", "~> 1.10"
 
 group :development do
   gem "appraisal", "~> 2.4"

data/lib/mauth/client/security_token_cacher.rb

@@ -1,16 +1,24 @@
 # frozen_string_literal: true
 
 require 'faraday-http-cache'
+require 'faraday/retry'
+if Gem::Version.new(Faraday::VERSION) >= Gem::Version.new('2.0')
+  require 'faraday/net_http_persistent'
+else
+  require 'net/http/persistent'
+end
 require 'mauth/faraday'
 
 module MAuth
   class Client
     module Authenticator
       class SecurityTokenCacher
+        attr_reader :mauth_client
+
         def initialize(mauth_client)
           @mauth_client = mauth_client
           # TODO: should this be UnableToSignError?
-          @mauth_client.assert_private_key(
+          mauth_client.assert_private_key(
             UnableToAuthenticateError.new('Cannot fetch public keys from mAuth service without a private key!')
           )
         end
@@ -19,7 +27,7 @@ module MAuth
           # url-encode the app_uuid to prevent trickery like escaping upward with ../../ in a malicious
           # app_uuid - probably not exploitable, but this is the right way to do it anyway.
           url_encoded_app_uuid = CGI.escape(app_uuid)
-          path = "/mauth/#{@mauth_client.mauth_api_version}/security_tokens/#{url_encoded_app_uuid}.json"
+          path = "/mauth/#{mauth_client.mauth_api_version}/security_tokens/#{url_encoded_app_uuid}.json"
           response = signed_mauth_connection.get(path)
 
           case response.status
@@ -29,11 +37,11 @@ module MAuth
             # signing with a key mAuth doesn't know about is considered inauthentic
             raise InauthenticError, "mAuth service responded with 404 looking up public key for #{app_uuid}"
           else
-            @mauth_client.send(:mauth_service_response_error, response)
+            mauth_client.send(:mauth_service_response_error, response)
           end
         rescue ::Faraday::ConnectionFailed, ::Faraday::TimeoutError => e
           msg = "mAuth service did not respond; received #{e.class}: #{e.message}"
-          @mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
+          mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
           raise UnableToAuthenticateError, msg
         end
 
@@ -43,21 +51,20 @@ module MAuth
           JSON.parse response_body
         rescue JSON::ParserError => e
           msg = "mAuth service responded with unparseable json: #{response_body}\n#{e.class}: #{e.message}"
-          @mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
+          mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
           raise UnableToAuthenticateError, msg
         end
 
         def signed_mauth_connection
           @signed_mauth_connection ||= begin
-            if @mauth_client.ssl_certs_path
-              @mauth_client.faraday_options[:ssl] = { ca_path: @mauth_client.ssl_certs_path }
-            end
+            mauth_client.faraday_options[:ssl] = { ca_path: mauth_client.ssl_certs_path } if mauth_client.ssl_certs_path
 
-            ::Faraday.new(@mauth_client.mauth_baseurl, @mauth_client.faraday_options) do |builder|
+            ::Faraday.new(mauth_client.mauth_baseurl, mauth_client.faraday_options) do |builder|
               builder.use MAuth::Faraday::MAuthClientUserAgent
-              builder.use MAuth::Faraday::RequestSigner, 'mauth_client' => @mauth_client
-              builder.use :http_cache, logger: MAuth::Client.new.logger, shared_cache: false
-              builder.adapter ::Faraday.default_adapter
+              builder.use MAuth::Faraday::RequestSigner, 'mauth_client' => mauth_client
+              builder.use :http_cache, store: mauth_client.cache_store, logger: mauth_client.logger, shared_cache: false
+              builder.request :retry, max: 2
+              builder.adapter :net_http_persistent
             end
           end
         end

data/lib/mauth/client.rb

@@ -12,6 +12,7 @@ require 'mauth/client/authenticator'
 require 'mauth/client/signer'
 require 'mauth/config_env'
 require 'mauth/errors'
+require 'mauth/private_key_helper'
 
 module MAuth
   # does operations which require a private key and corresponding app uuid. this is primarily:
@@ -60,7 +61,7 @@ module MAuth
 
     # new client with the given App UUID and public key. config may include the following (all
     # config keys may be strings or symbols):
-    # - private_key - required for signing and for authenticating responses.
+    # - private_key - required for signing and for authentication.
     #   may be given as a string or a OpenSSL::PKey::RSA instance.
     # - app_uuid - required in the same circumstances where a private_key is required
     # - mauth_baseurl - required. needed to retrieve public keys.
@@ -80,7 +81,7 @@ module MAuth
         when nil
           nil
         when String
-          OpenSSL::PKey::RSA.new(given_config['private_key'])
+          PrivateKeyHelper.load(given_config['private_key'])
         when OpenSSL::PKey::RSA
           given_config['private_key']
         else
@@ -102,7 +103,7 @@ module MAuth
         end
       end
 
-      request_config = { timeout: 10, open_timeout: 10 }
+      request_config = { timeout: 10, open_timeout: 3 }
       request_config.merge!(symbolize_keys(given_config['faraday_options'])) if given_config['faraday_options']
       @config['faraday_options'] = { request: request_config } || {}
       @config['ssl_certs_path'] = given_config['ssl_certs_path'] if given_config['ssl_certs_path']
@@ -115,6 +116,7 @@ module MAuth
 
       @config['disable_fallback_to_v1_on_v2_failure'] =
         given_config['disable_fallback_to_v1_on_v2_failure'].to_s.casecmp('true').zero?
+      @config['use_rails_cache'] = given_config['use_rails_cache']
     end
 
     def logger
@@ -165,6 +167,10 @@ module MAuth
       raise err unless private_key
     end
 
+    def cache_store
+      Rails.cache if @config['use_rails_cache'] && Object.const_defined?(:Rails) && ::Rails.respond_to?(:cache)
+    end
+
     private
 
     def mauth_service_response_error(response)

data/lib/mauth/config_env.rb

@@ -13,7 +13,8 @@ module MAuth
       'MAUTH_V2_ONLY_AUTHENTICATE' => false,
       'MAUTH_V2_ONLY_SIGN_REQUESTS' => false,
       'MAUTH_DISABLE_FALLBACK_TO_V1_ON_V2_FAILURE' => false,
-      'MAUTH_V1_ONLY_SIGN_REQUESTS' => true
+      'MAUTH_V1_ONLY_SIGN_REQUESTS' => true,
+      'MAUTH_USE_RAILS_CACHE' => false
     }.freeze
 
     class << self
@@ -24,11 +25,12 @@ module MAuth
           'mauth_baseurl' => env[:mauth_url] || 'http://localhost:7000',
           'mauth_api_version' => env[:mauth_api_version],
           'app_uuid' => env[:mauth_app_uuid] || 'fb17460e-9868-11e1-8399-0090f5ccb4d3',
-          'private_key' => private_key || generate_private_key,
+          'private_key' => private_key || PrivateKeyHelper.generate.to_s,
           'v2_only_authenticate' => env[:mauth_v2_only_authenticate],
           'v2_only_sign_requests' => env[:mauth_v2_only_sign_requests],
           'disable_fallback_to_v1_on_v2_failure' => env[:mauth_disable_fallback_to_v1_on_v2_failure],
-          'v1_only_sign_requests' => env[:mauth_v1_only_sign_requests]
+          'v1_only_sign_requests' => env[:mauth_v1_only_sign_requests],
+          'use_rails_cache' => env[:mauth_use_rails_cache]
         }
       end
 
@@ -74,11 +76,6 @@ module MAuth
 
         File.read(env[:mauth_private_key_file])
       end
-
-      def generate_private_key
-        require 'openssl'
-        OpenSSL::PKey::RSA.generate(2048).to_s
-      end
     end
   end
 end

data/lib/mauth/private_key_helper.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require 'openssl'
+
+module MAuth
+  module PrivateKeyHelper
+    HEADER = '-----BEGIN RSA PRIVATE KEY-----'
+    FOOTER = '-----END RSA PRIVATE KEY-----'
+
+    module_function
+
+    def generate
+      OpenSSL::PKey::RSA.generate(2048)
+    end
+
+    def load(key)
+      OpenSSL::PKey::RSA.new(to_rsa_format(key))
+    rescue OpenSSL::PKey::RSAError
+      raise 'The private key provided is invalid'
+    end
+
+    def to_rsa_format(key)
+      return key if key.include?("\n")
+
+      body = key.strip.delete_prefix(HEADER).delete_suffix(FOOTER).strip
+      body = body.include?("\s") ? body.tr("\s", "\n") : body.scan(/.{1,64}/).join("\n")
+      "#{HEADER}\n#{body}\n#{FOOTER}"
+    end
+  end
+end

data/lib/mauth/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module MAuth
-  VERSION = '7.0.0'
+  VERSION = '7.2.0'
 end

data/mauth-client.gemspec

@@ -23,8 +23,11 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency 'addressable', '~> 2.0'
   spec.add_dependency 'coderay', '~> 1.0'
-  spec.add_dependency 'faraday', '>= 0.9', '< 3.0'
+  spec.add_dependency 'faraday', '>= 1.9', '< 3.0'
   spec.add_dependency 'faraday-http-cache', '>= 2.0', '< 3.0'
+  spec.add_dependency 'faraday-net_http_persistent'
+  spec.add_dependency 'faraday-retry'
+  spec.add_dependency 'net-http-persistent', '>= 3.1'
   spec.add_dependency 'rack', '> 2.2.3'
   spec.add_dependency 'term-ansicolor', '~> 1.0'
 end

data/release-please-config.json

@@ -0,0 +1,11 @@
+{
+  "release-type": "ruby",
+  "include-component-in-tag": false,
+  "include-v-in-tag": true,
+  "packages": {
+    ".": {
+      "package-name": "mauth-client",
+      "version-file": "lib/mauth/version.rb"
+    }
+  }
+}

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: mauth-client
 version: !ruby/object:Gem::Version
-  version: 7.0.0
+  version: 7.2.0
 platform: ruby
 authors:
 - Matthew Szenher
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-05-24 00:00:00.000000000 Z
+date: 2024-04-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -47,7 +47,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: '1.9'
     - - "<"
       - !ruby/object:Gem::Version
         version: '3.0'
@@ -57,7 +57,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: '1.9'
     - - "<"
       - !ruby/object:Gem::Version
         version: '3.0'
@@ -81,6 +81,48 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: faraday-net_http_persistent
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: faraday-retry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: net-http-persistent
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.1'
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement
@@ -120,13 +162,18 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- ".fossa.yml"
+- ".github/PULL_REQUEST_TEMPLATE.md"
+- ".github/dependabot.yml"
+- ".github/workflows/ci.yml"
+- ".github/workflows/fossa.yml"
+- ".github/workflows/publish.yml"
+- ".github/workflows/release-please.yml"
 - ".gitignore"
 - ".gitmodules"
+- ".release-please-manifest.json"
 - ".rspec"
 - ".rubocop.yml"
 - ".ruby-version"
-- ".travis.yml"
 - ".yardopts"
 - Appraisals
 - CHANGELOG.md
@@ -145,7 +192,6 @@ files:
 - examples/mauth_key
 - exe/mauth-client
 - exe/mauth-proxy
-- gemfiles/faraday_0.x.gemfile
 - gemfiles/faraday_1.x.gemfile
 - gemfiles/faraday_2.x.gemfile
 - lib/mauth-client.rb
@@ -160,6 +206,7 @@ files:
 - lib/mauth/fake/rack.rb
 - lib/mauth/faraday.rb
 - lib/mauth/middleware.rb
+- lib/mauth/private_key_helper.rb
 - lib/mauth/proxy.rb
 - lib/mauth/rack.rb
 - lib/mauth/request_and_response.rb
@@ -167,6 +214,7 @@ files:
 - lib/mauth/version.rb
 - lib/rack/mauth.rb
 - mauth-client.gemspec
+- release-please-config.json
 homepage: https://github.com/mdsol/mauth-client-ruby
 licenses:
 - MIT
@@ -186,7 +234,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.5.9
 signing_key: 
 specification_version: 4
 summary: Sign and authenticate requests and responses with mAuth authentication.

data/.fossa.yml

@@ -1,14 +0,0 @@
-# Generated by FOSSA CLI (https://github.com/fossas/fossa-cli)
-# Visit https://fossa.io to learn more
-
-version: 1
-cli:
-  server: https://app.fossa.io
-  fetcher: custom
-  project: mauth-client-ruby
-analyze:
-  modules:
-  - name: Gemfile
-    type: gem
-    target: .
-    path: .

data/.travis.yml

@@ -1,56 +0,0 @@
-dist: focal
-language: ruby
-cache: bundler
-
-rvm:
-  - 2.7
-  - 3.0
-  - 3.1
-  - 3.2
-
-env:
-  global:
-    - BUNDLE_JOBS=4
-
-jobs:
-  exclude:
-    - rvm: 3.0
-      gemfile: gemfiles/faraday_0.x.gemfile # Faraday v0.x does not officially support Ruby 3 (see: https://github.com/lostisland/faraday/releases/tag/v1.3.0)
-    - rvm: 3.1
-      gemfile: gemfiles/faraday_0.x.gemfile # Faraday v0.x does not officially support Ruby 3 (see: https://github.com/lostisland/faraday/releases/tag/v1.3.0)
-    - rvm: 3.2
-      gemfile: gemfiles/faraday_0.x.gemfile # Faraday v0.x does not officially support Ruby 3 (see: https://github.com/lostisland/faraday/releases/tag/v1.3.0)
-
-gemfile:
-  - gemfiles/faraday_0.x.gemfile
-  - gemfiles/faraday_1.x.gemfile
-  - gemfiles/faraday_2.x.gemfile
-
-before_install:
-  - gem update --system -N > /dev/null && echo "Rubygems version $(gem --version)" && bundle --version
-
-install:
-  - bundle install
-  - >-
-    curl -H 'Cache-Control: no-cache'
-    https://raw.githubusercontent.com/mdsol/fossa_ci_scripts/main/travis_ci/fossa_install.sh |
-    bash -s -- -b $TRAVIS_BUILD_DIR
-
-script:
-  - bundle exec rspec
-  - bundle exec rubocop
-  - bundle exec rake benchmark
-  - >-
-    curl -H 'Cache-Control: no-cache'
-    https://raw.githubusercontent.com/mdsol/fossa_ci_scripts/main/travis_ci/fossa_run.sh |
-    bash -s -- -b $TRAVIS_BUILD_DIR
-
-deploy:
-  provider: rubygems
-  gem: mauth-client
-  api_key:
-    secure: QDp0P/lMGLYc4+A3M6VD9y551X6GrGwOSBE6xSG4lE6mPXoSISK5Yj18vNWQRQuQ4BsE6CdfZ/xsPjSRDda6b+yUQbgisjJ+Ry6jUVE1v9UKTZ0VHgHyXcsaJFC29tBKBeuGCj0AD5qhbTO1+ybeZSUfdSeVVoidD4W/bSnvzlT1Lht7IE8jbHbR57LsJKoEaDxKu33dg4CYV96xrlYGxHAS2UgEgi5Ve3ohzBWkX9RWF/wWoGCzIYhJBzXgCEEFw8iWkspjTePgv9yjD2HIMtF44aiSTHM5iqBBsYJ7A8+kUwoq7+srsashHZ1wZz1YulsCSkjwM9AXZ4E0f9AnERw/RQ5gG7bCuHZtSG9g/0SWBQeNfkAF3An6eTSS24KVfnarGdH2bk0G28k2oP26MWiDKz8nlQxNAY4rH+dITael18bgf45H4KccQqiooBEGnuYpUAuIPB+1l+BsIcRQnrU3LDtmtZn0KrCHHJ7EHOdogOG+/Pxof8ht1xF7V+HYhhzSRJs2JkvmZsp4q2T7W6b6kfi59Cz3LpqA1HHYcL5/OFZeLA/TlCNke0CRMxG8k3udDKj50jqFATXEa8lNyGLjmWh7tL9Bb/uy+CU47qUdx+V4K+kheAvNFtHfpxmyUGJSY0FH02H1VBPWm10DZ7kH+6jgCKyXuql+yWDw62s=
-  on:
-    tags: true
-    repo: mdsol/mauth-client-ruby
-    condition: $TRAVIS_RUBY_VERSION == 3.2 && $BUNDLE_GEMFILE == $TRAVIS_BUILD_DIR/gemfiles/faraday_2.x.gemfile

data/gemfiles/faraday_0.x.gemfile

@@ -1,23 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gem "faraday", "~> 0.9"
-
-group :development do
-  gem "appraisal", "~> 2.4"
-  gem "benchmark-ips", "~> 2.7"
-  gem "bundler", ">= 1.17"
-  gem "byebug", "~> 11.1"
-  gem "rack-test", "~> 1.1"
-  gem "rake", "~> 12.0"
-  gem "rspec", "~> 3.8"
-  gem "rubocop", "~> 1.25"
-  gem "rubocop-mdsol", "~> 0.1"
-  gem "rubocop-performance", "~> 1.13"
-  gem "simplecov", "~> 0.16"
-  gem "timecop", "~> 0.9"
-  gem "webmock", "~> 3.0"
-end
-
-gemspec path: "../"