eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
kingfisher/crates/kingfisher-rules/data/rules/asana.yml
Mick Grove afee0b7181 updated rules
2026-04-07 10:42:44 -07:00

201 lines
4.9 KiB
YAML
Raw Permalink Blame History

rules:
- name: Asana Client ID
id: kingfisher.asana.1
pattern: |
(?xi)
\b
asana
(?:.|[\n\r]){0,32}?
\b
(
[0-9]{16}
)
\b
pattern_requirements:
min_digits: 2
min_entropy: 3.5
confidence: medium
examples:
- asana_key = "8195513847023883"
- "ASANA_API_TOKEN: 1234567890123456"
references:
- https://developers.asana.com/docs/authentication
- name: Asana Client Secret
id: kingfisher.asana.2
pattern: |
(?xi)
\b
asana
(?:.|[\n\r]){0,64}?
\b
(
[a-z0-9]{30,40}
)
\b
pattern_requirements:
min_digits: 2
min_lowercase: 1
min_entropy: 3.5
confidence: medium
examples:
- "asana :'20c2F0d03201af478ca1aBE9515A1A4FEfb'"
- ASANA_PAT = 1234567890abcdef1234567890abcdef12
depends_on_rule:
- rule_id: kingfisher.asana.1
variable: ASANA_CLIENT_ID
validation:
type: Http
content:
request:
method: POST
url: https://app.asana.com/-/oauth_token
headers:
Content-Type: application/x-www-form-urlencoded
Accept: application/json
body: >
grant_type=authorization_code&client_id={{ ASANA_CLIENT_ID | url_encode }}&client_secret={{ TOKEN | url_encode }}&redirect_uri={{ "https://example.com/oauth/callback" | url_encode }}&code=invalid_code
response_matcher:
- report_response: true
- type: StatusMatch
status: [400]
- type: WordMatch
words:
- invalid_client
negative: true
# Revocation not added: Asana's revoke endpoint deauthorizes refresh tokens,
# not OAuth client secrets.
references:
- https://developers.asana.com/docs/oauth
- name: Asana OAuth / Personal Access Token (Legacy)
id: kingfisher.asana.3
pattern: |
(?xi)
\b
asana
(?:.|[\n\r]){0,64}?
\b
(
0/
[a-f0-9]{32}
)
\b
pattern_requirements:
min_digits: 4
min_entropy: 3.5
confidence: medium
examples:
- asana token = 0/d6f1e29e5b4b4d8c9bb419b2d882154d
categories:
- api
- key
- asana
references:
- https://developers.asana.com/docs/personal-access-token#example
validation:
type: Http
content:
request:
headers:
Authorization: Bearer {{ TOKEN }}
method: GET
response_matcher:
- report_response: true
- match_all_words: true
type: WordMatch
words:
- 'data:'
- email
- name
url: https://app.asana.com/api/1.0/users/me
- name: Asana OAuth / Personal Access Token (V1)
id: kingfisher.asana.4
pattern: |
(?xi)
\b
asana
(?:.|[\n\r]){0,64}?
\b
(
1/
[0-9]{14,16}
:
[a-f0-9]{32}
)
\b
pattern_requirements:
min_digits: 4
min_entropy: 3.5
confidence: medium
examples:
- asana_pat = 1/1248440223456784:d3d7e52e5c4a5d4c9bc424d2d882324d
categories:
- api
- key
- asana
references:
- https://developers.asana.com/docs/personal-access-token#example
validation:
type: Http
content:
request:
headers:
Authorization: Bearer {{ TOKEN }}
method: GET
response_matcher:
- report_response: true
- match_all_words: true
type: WordMatch
words:
- 'data:'
- email
- name
url: https://app.asana.com/api/1.0/users/me
- name: Asana OAuth / Personal Access Token (V2)
id: kingfisher.asana.5
pattern: |
(?xi)
\b
asana
(?:.|[\n\r]){0,64}?
\b
(
2/
[0-9]{16}
/
[0-9]{16}
:
[a-f0-9]{32}
)
\b
pattern_requirements:
min_digits: 4
min_entropy: 3.5
confidence: medium
examples:
- ASANA_TOKEN = "2/1208779539612523/1208824174176866:99d6decca6ce6ef503bf0c5bca554e1a"
categories:
- api
- key
- asana
references:
- https://developers.asana.com/docs/personal-access-token#example
validation:
type: Http
content:
request:
headers:
Authorization: Bearer {{ TOKEN }}
method: GET
response_matcher:
- report_response: true
- match_all_words: true
type: WordMatch
words:
- 'data:'
- email
- name
url: https://app.asana.com/api/1.0/users/me
View git blame Copy permalink