As a PyPI package maintainer, you've been entrusted with a top secret project. Suddenly, the project is stolen! You must recover it by exchanging short-lived identity tokens between a trusted third-party service and PyPI in order to authenticate and publish the project. Navigate through obstacles and solve puzzles to retrieve the stolen project before it's too late!