mixlib-authentication 1.4.2 → 3.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: e493785efc5cf2caf7d1134378fd613f35712f1f
-  data.tar.gz: d855dabe2ebea778d9c37037e3f843c49acbecb9
+SHA256:
+  metadata.gz: dfe9207033439727125b97e19e5d0f104f540545f8975fd09952e7d3c33d1912
+  data.tar.gz: a0105be8a06dc1a6cdbb7e87e86686873e561e714a6ba47c07fc1855ef4acc7a
 SHA512:
-  metadata.gz: '09e094e344bc46528877b69bb015c5d2386ab57da7f7f62edbbeda81dd338fae31194736f56e947d935b0a36306dac06d148b0dbddf5d11cd3249e3cfba65571'
-  data.tar.gz: 2f71c58ba5d85efbf1d00db61ca09abb57d0092d46e2f8d2fa578baf0c34d2e0ff86e36e1224b40e8d0e1ad8258ef717460dcb06385045d3c920f4cd5052a86b
+  metadata.gz: a04e5503e573c71382bc391fe3392419fc1480199a74c5ec757c83fa7dc3ba85cc6ffce01957ef0ada987ddc6e618572bcc8989e0c593ab7c9c055aa6d6d4af2
+  data.tar.gz: 410b2915042706210831ee5258fcb1e998251d289280c49d636dc93fcde357f219eb81ba6283de0fddd532a17ded913aa712db636a6fcb94c9c042b4631b543a

data/lib/mixlib/authentication.rb

@@ -1,6 +1,6 @@
 #
-# Author:: Christopher Brown (<cb@opscode.com>)
-# Copyright:: Copyright (c) 2009 Opscode, Inc.
+# Author:: Christopher Brown (<cb@chef.io>)
+# Copyright:: Copyright (c) 2009-2018 Chef Software, Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,7 @@
 
 module Mixlib
   module Authentication
-    DEFAULT_SERVER_API_VERSION = "0"
+    DEFAULT_SERVER_API_VERSION = "0".freeze
 
     attr_accessor :logger
     module_function :logger, :logger=

data/lib/mixlib/authentication/digester.rb

@@ -1,6 +1,6 @@
 #
-# Author:: Christopher Brown (<cb@opscode.com>)
-# Copyright:: Copyright (c) 2009 Opscode, Inc.
+# Author:: Christopher Brown (<cb@chef.io>)
+# Copyright:: Copyright (c) 2009-2018 Chef Software, Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");

data/lib/mixlib/authentication/http_authentication_request.rb

@@ -1,6 +1,6 @@
 #
-# Author:: Daniel DeLeo (<dan@opscode.com>)
-# Copyright:: Copyright (c) 2010 Opscode, Inc.
+# Author:: Daniel DeLeo (<dan@chef.io>)
+# Copyright:: Copyright (c) 2010-2018 Chef Software, Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -22,7 +22,7 @@ module Mixlib
   module Authentication
     class HTTPAuthenticationRequest
 
-      MANDATORY_HEADERS = [:x_ops_sign, :x_ops_userid, :x_ops_timestamp, :host, :x_ops_content_hash]
+      MANDATORY_HEADERS = %i{x_ops_sign x_ops_userid x_ops_timestamp host x_ops_content_hash}.freeze
 
       attr_reader :request
 
@@ -72,7 +72,7 @@ module Mixlib
         unless @request_signature
           @request_signature = headers.find_all { |h| h[0].to_s =~ /^x_ops_authorization_/ }
             .sort { |x, y| x.to_s[/\d+/].to_i <=> y.to_s[/\d+/].to_i }.map { |i| i[1] }.join("\n")
-          Mixlib::Authentication::Log.debug "Reconstituted (user-supplied) request signature: #{@request_signature}"
+          Mixlib::Authentication::Log.trace "Reconstituted (user-supplied) request signature: #{@request_signature}"
         end
         @request_signature
       end

data/lib/mixlib/authentication/null_logger.rb

@@ -4,7 +4,7 @@ module Mixlib
 
       attr_accessor :level
 
-      %i{debug info warn error fatal}.each do |method_name|
+      %i{trace debug info warn error fatal}.each do |method_name|
         class_eval(<<-METHOD_DEFN, __FILE__, __LINE__)
           def #{method_name}(msg=nil, &block)
             true
@@ -12,7 +12,7 @@ module Mixlib
         METHOD_DEFN
       end
 
-      %i{debug? info? warn? error? fatal?}.each do |method_name|
+      %i{trace? debug? info? warn? error? fatal?}.each do |method_name|
         class_eval(<<-METHOD_DEFN, __FILE__, __LINE__)
           def #{method_name}
             false

data/lib/mixlib/authentication/signatureverification.rb

@@ -1,7 +1,7 @@
 #
-# Author:: Christopher Brown (<cb@opscode.com>)
-# Author:: Christopher Walters (<cw@opscode.com>)
-# Copyright:: Copyright (c) 2009, 2010 Opscode, Inc.
+# Author:: Christopher Brown (<cb@chef.io>)
+# Author:: Christopher Walters (<cw@chef.io>)
+# Copyright:: Copyright (c) 2009-2018 Chef Software, Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -76,7 +76,7 @@ module Mixlib
       # X-Ops-Content-Hash:
       # X-Ops-Authorization-#{line_number}
       def authenticate_request(user_secret, time_skew = (15 * 60))
-        Mixlib::Authentication.logger.debug "Initializing header auth : #{request.inspect}"
+        Mixlib::Authentication.logger.trace "Initializing header auth : #{request.inspect}"
 
         @user_secret       = user_secret
         @allowed_time_skew = time_skew # in seconds
@@ -149,15 +149,15 @@ module Mixlib
                              (request_decrypted_block == candidate_block)
                            end
 
-        # Keep the debug messages lined up so it's easy to scan them
-        Mixlib::Authentication.logger.debug("Verifying request signature:")
-        Mixlib::Authentication.logger.debug(" Expected Block is: '#{candidate_block}'")
-        Mixlib::Authentication.logger.debug("Decrypted block is: '#{request_decrypted_block}'")
-        Mixlib::Authentication.logger.debug("Signatures match? : '#{@valid_signature}'")
+        # Keep the trace messages lined up so it's easy to scan them
+        Mixlib::Authentication.logger.trace("Verifying request signature:")
+        Mixlib::Authentication.logger.trace(" Expected Block is: '#{candidate_block}'")
+        Mixlib::Authentication.logger.trace("Decrypted block is: '#{request_decrypted_block}'")
+        Mixlib::Authentication.logger.trace("Signatures match? : '#{@valid_signature}'")
 
         @valid_signature
       rescue => e
-        Mixlib::Authentication.logger.debug("Failed to verify request signature: #{e.class.name}: #{e.message}")
+        Mixlib::Authentication.logger.trace("Failed to verify request signature: #{e.class.name}: #{e.message}")
         @valid_signature = false
       end
 
@@ -168,10 +168,10 @@ module Mixlib
       def verify_content_hash
         @valid_content_hash = (content_hash == hashed_body)
 
-        # Keep the debug messages lined up so it's easy to scan them
-        Mixlib::Authentication.logger.debug("Expected content hash is: '#{hashed_body}'")
-        Mixlib::Authentication.logger.debug(" Request Content Hash is: '#{content_hash}'")
-        Mixlib::Authentication.logger.debug("           Hashes match?: #{@valid_content_hash}")
+        # Keep the trace messages lined up so it's easy to scan them
+        Mixlib::Authentication.logger.trace("Expected content hash is: '#{hashed_body}'")
+        Mixlib::Authentication.logger.trace(" Request Content Hash is: '#{content_hash}'")
+        Mixlib::Authentication.logger.trace("           Hashes match?: #{@valid_content_hash}")
 
         @valid_content_hash
       end
@@ -203,7 +203,7 @@ module Mixlib
           # No file_param; we're running in Merb, or it's just not there..
           if file_param.nil?
             hash_param = request.params.values.find { |value| value.respond_to?(:has_key?) } # Hash responds to :has_key? .
-            if !hash_param.nil?
+            unless hash_param.nil?
               file_param = hash_param.values.find { |value| value.respond_to?(:read) } # File/Tempfile responds to :read.
             end
           end
@@ -211,11 +211,11 @@ module Mixlib
           # Any file that's included in the request is hashed if it's there. Otherwise,
           # we hash the body.
           if file_param
-            Mixlib::Authentication.logger.debug "Digesting file_param: '#{file_param.inspect}'"
+            Mixlib::Authentication.logger.trace "Digesting file_param: '#{file_param.inspect}'"
             @hashed_body = digester.hash_file(file_param, digest)
           else
             body = request.raw_post
-            Mixlib::Authentication.logger.debug "Digesting body: '#{body}'"
+            Mixlib::Authentication.logger.trace "Digesting body: '#{body}'"
             @hashed_body = digester.hash_string(body, digest)
           end
         end
@@ -232,7 +232,7 @@ module Mixlib
       def timestamp_within_bounds?(time1, time2)
         time_diff = (time2 - time1).abs
         is_allowed = (time_diff < @allowed_time_skew)
-        Mixlib::Authentication.logger.debug "Request time difference: #{time_diff}, within #{@allowed_time_skew} seconds? : #{!!is_allowed}"
+        Mixlib::Authentication.logger.trace "Request time difference: #{time_diff}, within #{@allowed_time_skew} seconds? : #{!!is_allowed}"
         is_allowed
       end
     end

data/lib/mixlib/authentication/signedheaderauth.rb

@@ -1,7 +1,7 @@
 #
-# Author:: Christopher Brown (<cb@opscode.com>)
-# Author:: Christopher Walters (<cw@opscode.com>)
-# Copyright:: Copyright (c) 2009, 2010 Opscode, Inc.
+# Author:: Christopher Brown (<cb@chef.io>)
+# Author:: Christopher Walters (<cw@chef.io>)
+# Copyright:: Copyright (c) 2009-2018 Chef Software, Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -34,7 +34,7 @@ module Mixlib
         "1.0" => "sha1",
         "1.1" => "sha1",
         "1.3" => "sha256",
-      }.freeze()
+      }.freeze
 
       # Use of SUPPORTED_ALGORITHMS and SUPPORTED_VERSIONS is deprecated. Use
       # ALGORITHM_FOR_VERSION instead
@@ -74,15 +74,14 @@ module Mixlib
       # * `:host`: The host part of the URI
       def self.signing_object(args = {})
         SigningObject.new(args[:http_method],
-                          args[:path],
-                          args[:body],
-                          args[:host],
-                          args[:timestamp],
-                          args[:user_id],
-                          args[:file],
-                          args[:proto_version],
-                          args[:headers]
-                         )
+          args[:path],
+          args[:body],
+          args[:host],
+          args[:timestamp],
+          args[:user_id],
+          args[:file],
+          args[:proto_version],
+          args[:headers])
       end
 
       def algorithm
@@ -95,9 +94,28 @@ module Mixlib
 
       # Build the canonicalized request based on the method, other headers, etc.
       # compute the signature from the request, using the looked-up user secret
-      # ====Parameters
-      # private_key<OpenSSL::PKey::RSA>:: user's RSA private key.
-      def sign(private_key, sign_algorithm = algorithm, sign_version = proto_version)
+      #
+      # @param rsa_key [OpenSSL::PKey::RSA] User's RSA key. If `use_ssh_agent` is
+      #   true, this must have the public key portion populated. If `use_ssh_agent`
+      #   is false, this must have the private key portion populated.
+      # @param use_ssh_agent [Boolean] If true, use ssh-agent for request signing.
+      def sign(rsa_key, sign_algorithm = algorithm, sign_version = proto_version, **opts)
+        # Backwards compat stuff.
+        if sign_algorithm.is_a?(Hash)
+          # Was called like sign(key, sign_algorithm: 'foo', other: 'bar')
+          opts.update(sign_algorithm)
+          opts[:sign_algorithm] ||= algorithm
+          opts[:sign_version] ||= sign_version
+        else
+          # Was called like sign(key, 'foo', '1.3', other: 'bar')
+          Mixlib::Authentication.logger.warn("Using deprecated positional arguments for sign(), please update to keyword arguments (from #{caller[1][/^(.*:\d+):in /, 1]})") unless sign_algorithm == algorithm
+          opts[:sign_algorithm] ||= sign_algorithm
+          opts[:sign_version] ||= sign_version
+        end
+        sign_algorithm = opts[:sign_algorithm]
+        sign_version = opts[:sign_version]
+        use_ssh_agent = opts[:use_ssh_agent]
+
         digest = validate_sign_version_digest!(sign_algorithm, sign_version)
         # Our multiline hash for authorization will be encoded in multiple header
         # lines - X-Ops-Authorization-1, ... (starts at 1, not 0!)
@@ -108,14 +126,14 @@ module Mixlib
           "X-Ops-Content-Hash" => hashed_body(digest),
         }
 
-        signature = Base64.encode64(do_sign(private_key, digest, sign_algorithm, sign_version)).chomp
+        signature = Base64.encode64(do_sign(rsa_key, digest, sign_algorithm, sign_version, use_ssh_agent)).chomp
         signature_lines = signature.split(/\n/)
         signature_lines.each_index do |idx|
           key = "X-Ops-Authorization-#{idx + 1}"
           header_hash[key] = signature_lines[idx]
         end
 
-        Mixlib::Authentication.logger.debug "Header hash: #{header_hash.inspect}"
+        Mixlib::Authentication.logger.trace "Header hash: #{header_hash.inspect}"
 
         header_hash
       end
@@ -156,7 +174,7 @@ module Mixlib
       # ====Parameters
       #
       def canonical_path
-        p = path.gsub(/\/+/, "/")
+        p = path.gsub(%r{/+}, "/")
         p.length > 1 ? p.chomp("/") : p
       end
 
@@ -172,6 +190,7 @@ module Mixlib
         else
           @hashed_body_digest = digest
         end
+
         # Hash the file object if it was passed in, otherwise hash based on
         # the body.
         # TODO: tim 2009-12-28: It'd be nice to just remove this special case,
@@ -236,7 +255,7 @@ module Mixlib
           memo[field_name.to_sym] = field_value.strip
           memo
         end
-        Mixlib::Authentication.logger.debug "Parsed signing description: #{parts.inspect}"
+        Mixlib::Authentication.logger.trace "Parsed signing description: #{parts.inspect}"
         parts
       end
 
@@ -244,18 +263,75 @@ module Mixlib
         Mixlib::Authentication::Digester
       end
 
-      # private
-      def do_sign(private_key, digest, sign_algorithm, sign_version)
+      # Low-level RSA signature implementation used in {#sign}.
+      #
+      # @api private
+      # @param rsa_key [OpenSSL::PKey::RSA] User's RSA key. If `use_ssh_agent` is
+      #   true, this must have the public key portion populated. If `use_ssh_agent`
+      #   is false, this must have the private key portion populated.
+      # @param digest [Class] Sublcass of OpenSSL::Digest to use while signing.
+      # @param sign_algorithm [String] Hash algorithm to use while signing.
+      # @param sign_version [String] Version number of the signing protocol to use.
+      # @param use_ssh_agent [Boolean] If true, use ssh-agent for request signing.
+      # @return [String]
+      def do_sign(rsa_key, digest, sign_algorithm, sign_version, use_ssh_agent)
         string_to_sign = canonicalize_request(sign_algorithm, sign_version)
-        Mixlib::Authentication.logger.debug "String to sign: '#{string_to_sign}'"
+        Mixlib::Authentication.logger.trace "String to sign: '#{string_to_sign}'"
         case sign_version
         when "1.3"
-          private_key.sign(digest.new, string_to_sign)
+          if use_ssh_agent
+            do_sign_ssh_agent(rsa_key, string_to_sign)
+          else
+            raise AuthenticationError, "RSA private key is required to sign requests, but a public key was provided" unless rsa_key.private?
+
+            rsa_key.sign(digest.new, string_to_sign)
+          end
         else
-          private_key.private_encrypt(string_to_sign)
+          raise AuthenticationError, "Agent signing mode requires signing protocol version 1.3 or newer" if use_ssh_agent
+          raise AuthenticationError, "RSA private key is required to sign requests, but a public key was provided" unless rsa_key.private?
+
+          rsa_key.private_encrypt(string_to_sign)
         end
       end
 
+      # Low-level signing logic for using ssh-agent. This requires the user has
+      # already set up ssh-agent and used ssh-add to load in a (possibly encrypted)
+      # RSA private key. ssh-agent supports keys other than RSA, however they
+      # are not supported as Chef's protocol explicitly requires RSA keys/sigs.
+      #
+      # @api private
+      # @param rsa_key [OpenSSL::PKey::RSA] User's RSA public key.
+      # @param string_to_sign [String] String data to sign with the requested key.
+      # @return [String]
+      def do_sign_ssh_agent(rsa_key, string_to_sign)
+        # First try loading net-ssh as it is an optional dependency.
+        begin
+          require "net/ssh"
+        rescue LoadError => e
+          # ???: Since agent mode is explicitly enabled, should we even catch
+          # this in the first place? Might be cleaner to let the LoadError bubble.
+          raise AuthenticationError, "net-ssh gem is not available, unable to use ssh-agent signing: #{e.message}"
+        end
+
+        # Try to connect to ssh-agent.
+        begin
+          agent = Net::SSH::Authentication::Agent.connect
+        rescue Net::SSH::Authentication::AgentNotAvailable => e
+          raise AuthenticationError, "Could not connect to ssh-agent. Make sure the SSH_AUTH_SOCK environment variable is set and ssh-agent is running: #{e.message}"
+        end
+
+        begin
+          ssh2_signature = agent.sign(rsa_key.public_key, string_to_sign, Net::SSH::Authentication::Agent::SSH_AGENT_RSA_SHA2_256)
+        rescue Net::SSH::Authentication::AgentError => e
+          raise AuthenticationError, "Unable to sign request with ssh-agent. Make sure your key is loaded with ssh-add: #{e.class.name} #{e.message})"
+        end
+
+        # extract signature from SSH Agent response => skip first 20 bytes for RSA keys
+        # "\x00\x00\x00\frsa-sha2-256\x00\x00\x01\x00"
+        # (see http://api.libssh.org/rfc/PROTOCOL.agent for details)
+        ssh2_signature[20..-1]
+      end
+
       private :canonical_time, :canonical_path, :parse_signing_description, :digester, :canonicalize_user_id
 
     end
@@ -265,25 +341,25 @@ module Mixlib
     # generate a request signature. `SignedHeaderAuth.signing_object()`
     # provides a more convenient interface to the constructor.
     SigningObject = Struct.new(:http_method, :path, :body, :host,
-                                     :timestamp, :user_id, :file, :proto_version,
-                                     :headers) do
+      :timestamp, :user_id, :file, :proto_version,
+      :headers) do
 
-      include SignedHeaderAuth
+        include SignedHeaderAuth
 
-      def proto_version
-        (self[:proto_version] || SignedHeaderAuth::DEFAULT_PROTO_VERSION).to_s
-      end
+        def proto_version
+          (self[:proto_version] || SignedHeaderAuth::DEFAULT_PROTO_VERSION).to_s
+        end
 
-      def server_api_version
-        key = (self[:headers] || {}).keys.select do |k|
-          k.casecmp("x-ops-server-api-version") == 0
-        end.first
-        if key
-          self[:headers][key]
-        else
-          DEFAULT_SERVER_API_VERSION
+        def server_api_version
+          key = (self[:headers] || {}).keys.select do |k|
+            k.casecmp("x-ops-server-api-version") == 0
+          end.first
+          if key
+            self[:headers][key]
+          else
+            DEFAULT_SERVER_API_VERSION
+          end
         end
       end
-    end
   end
 end

data/lib/mixlib/authentication/version.rb

@@ -1,4 +1,5 @@
-# Copyright:: Copyright (c) 2010-2015 Chef Software, Inc.
+#
+# Copyright:: Copyright (c) 2010-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,6 +16,6 @@
 
 module Mixlib
   module Authentication
-    VERSION = "1.4.2"
+    VERSION = "3.0.4".freeze
   end
 end

metadata

@@ -1,96 +1,22 @@
 --- !ruby/object:Gem::Specification
 name: mixlib-authentication
 version: !ruby/object:Gem::Version
-  version: 1.4.2
+  version: 3.0.4
 platform: ruby
 authors:
 - Chef Software, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-08-17 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
-  name: rspec-core
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.2'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.2'
-- !ruby/object:Gem::Dependency
-  name: rspec-expectations
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.2'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.2'
-- !ruby/object:Gem::Dependency
-  name: rspec-mocks
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.2'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.2'
-- !ruby/object:Gem::Dependency
-  name: chefstyle
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '11'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '11'
+date: 2019-10-31 00:00:00.000000000 Z
+dependencies: []
 description: Mixes in simple per-request authentication
 email: info@chef.io
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- Gemfile
 - LICENSE
-- NOTICE
-- README.md
-- Rakefile
 - lib/mixlib/authentication.rb
 - lib/mixlib/authentication/digester.rb
 - lib/mixlib/authentication/http_authentication_request.rb
@@ -98,13 +24,7 @@ files:
 - lib/mixlib/authentication/signatureverification.rb
 - lib/mixlib/authentication/signedheaderauth.rb
 - lib/mixlib/authentication/version.rb
-- mixlib-authentication.gemspec
-- spec/mixlib/authentication/digester_spec.rb
-- spec/mixlib/authentication/http_authentication_request_spec.rb
-- spec/mixlib/authentication/mixlib_authentication_spec.rb
-- spec/mixlib/authentication/mixlib_log_missing_spec.rb
-- spec/spec_helper.rb
-homepage: https://www.chef.io
+homepage: https://github.com/chef/mixlib-authentication
 licenses:
 - Apache-2.0
 metadata: {}
@@ -116,15 +36,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Mixes in simple per-request authentication