Updated rule

2026-04-27 14:26:07 -07:00 · 2026-04-27 14:26:07 -07:00 · cafa97f8d1
commit cafa97f8d1
parent 19dafa42ea
1 changed files with 87 additions and 0 deletions
--- a/crates/kingfisher-rules/data/rules/anypoint.yml
+++ b/crates/kingfisher-rules/data/rules/anypoint.yml
@ -41,3 +41,90 @@ rules:
                - 200
              type: StatusMatch
          url: https://anypoint.mulesoft.com/accounts/api/me
+
+  - name: Anypoint OAuth Client ID
+    id: kingfisher.anypoint.2
+    pattern: |
+      (?xi)
+      \b
+      anypoint
+      (?:.|[\n\r]){0,48}?
+      (?:
+        client[\s_.-]*id
+        |
+        app[\s_.-]*id
+        |
+        connected[\s_.-]*app[\s_.-]*id
+      )
+      (?:.|[\n\r]){0,16}?
+      \b
+      (
+        [0-9a-f]{32}
+      )
+      \b
+    pattern_requirements:
+      min_digits: 4
+      min_lowercase: 4
+    min_entropy: 3.0
+    confidence: medium
+    visible: false
+    examples:
+      - 'ANYPOINT_CLIENT_ID="4f2c9d1081ab7c3de56f9081a2bc4d7e"'
+      - 'anypoint connected app id: 9c7a21e45d6f0b8c3a1d4e6f7b2c9a10'
+    references:
+      - https://docs.mulesoft.com/access-management/connected-apps-developers
+      - https://docs.mulesoft.com/access-management/connected-app-bearer-token-example
+
+  - name: Anypoint OAuth Client Secret
+    id: kingfisher.anypoint.3
+    pattern: |
+      (?xi)
+      \b
+      anypoint
+      (?:.|[\n\r]){0,48}?
+      (?:
+        client[\s_.-]*secret
+        |
+        app[\s_.-]*secret
+        |
+        connected[\s_.-]*app[\s_.-]*secret
+        |
+        oauth[\s_.-]*secret
+      )
+      (?:.|[\n\r]){0,16}?
+      \b
+      (
+        [0-9A-Fa-f]{32}
+      )
+      \b
+    pattern_requirements:
+      min_digits: 4
+    min_entropy: 3.0
+    confidence: medium
+    examples:
+      - 'ANYPOINT_CLIENT_SECRET="3E7f94b18c2d6a40f1b7e9c24d6a8b0f"'
+      - 'anypoint oauth secret = 6a9c1e2f4b7d8a0c3e5f1b2d4a6c8e0f'
+    depends_on_rule:
+      - rule_id: kingfisher.anypoint.2
+        variable: CLIENT_ID
+    validation:
+      type: Http
+      content:
+        request:
+          method: POST
+          url: https://anypoint.mulesoft.com/accounts/api/v2/oauth2/token
+          headers:
+            Content-Type: application/x-www-form-urlencoded
+            Accept: application/json
+          body: "client_id={{ CLIENT_ID | url_encode }}&client_secret={{ TOKEN | url_encode }}&grant_type=client_credentials"
+          response_matcher:
+            - report_response: true
+            - type: StatusMatch
+              status: [200]
+            - type: JsonValid
+            - type: WordMatch
+              words:
+                - '"access_token"'
+    references:
+      - https://docs.mulesoft.com/access-management/connected-app-bearer-token-example
+      - https://docs.mulesoft.com/api-manager/latest/manage-client-apps-connected-apps-concept