rules:
  - name: 1Password Service-Account Token
    id: kingfisher.1password.1
    pattern: |
      (?xi)
      \b
      (
        ops_eyj[A-Za-z0-9_-]{80,500}
      )
      \b
    pattern_requirements:
      min_digits: 2
    min_entropy: 4.0
    confidence: medium
    examples:
      - export OP_SERVICE_ACCOUNT_TOKEN=ops_eyJzaWduSW5BZGRyZXNzIjoibXkuMXBhc3N3b3JkLmV1IiwidXNlckF1dGgiOnsibWV0aG9kIjoiU1JQZy00MDk2IiwiYWxnIjoiUEJFUzJnLUhTMjU2IiwiaXRlcmF0aW9ucyI6NjUwMDAwLCJzYWx0IjoiUUNYYy1wTDUtakdCaDlTVjFHb1lpUSJ9LCJlbWFpbCI6ImF2ZGxyZ3JramU3dm9AMXBhc3N3b3Jkc2VydmljZWFjY291bnRzLmV1Iiwic3JwWCI6IjExNjFkMmYwNTQ3NDgxNTBmOTEwOWMxZDEzYTllZjFiNGY0ZjZiYzhlNTFlNWZkMWI5NmI5ZjQwZjY3NWEyNTciLCJtdWsiOnsiYWxnIjoiQTI1Nkd1111111111
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://events.1password.com/api/v2/auth/introspect
          headers:
            Authorization: "Bearer {{ TOKEN }}"
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: WordMatch
              words: ['"features"']
              match_all_words: true
    references:
      - https://developer.1password.com/docs/service-accounts/security
      - https://developer.1password.com/docs/service-accounts/get-started
      - https://developer.1password.com/docs/cli/environment-variables
      - https://developer.1password.com/docs/events-api/reference

  - name: 1Password Account Secret Key
    id:  kingfisher.1password.2
    pattern: |
      (?xi)
      (
        A[0-9]-[A-Z0-9]{6}-[A-Z0-9]{6}-[A-Z0-9]{5}(?:-[A-Z0-9]{5}){3}
      )
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.8
    confidence: medium
    examples:
      - A3-R69SQK-TZ9KPW-8MXYD-6W373-V7GHJ-EDJQW
      - A3-ASWWYB-798JRY-LJVD4-23DC2-86TVM-H43EB
    references:
      - https://support.1password.com/secret-key-security/
      - https://1passwordstatic.com/files/security/1password-white-paper.pdf