forked from mirrors/kingfisher
65 lines
No EOL
1.8 KiB
YAML
65 lines
No EOL
1.8 KiB
YAML
rules:
|
|
- name: Axiom API Token
|
|
id: kingfisher.axiom.1
|
|
pattern: |
|
|
(?x)
|
|
\b
|
|
(
|
|
xaat-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}
|
|
)
|
|
\b
|
|
confidence: medium
|
|
examples:
|
|
- 'AXIOM_TOKEN=xaat-fa97e617-e653-45a8-2f3b-f1c0ccf731ae'
|
|
- 'Authorization: Bearer xaat-deadbeef-1234-5678-9abc-def012345678'
|
|
references:
|
|
- https://axiom.co/docs/reference/tokens
|
|
- https://axiom.co/docs/restapi/endpoints/getDatasets
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: https://api.axiom.co/v2/datasets
|
|
headers:
|
|
Authorization: "Bearer {{ TOKEN }}"
|
|
Accept: application/json
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: JsonValid
|
|
|
|
- name: Axiom Personal Access Token
|
|
id: kingfisher.axiom.2
|
|
pattern: |
|
|
(?x)
|
|
\b
|
|
(
|
|
xapt-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}
|
|
)
|
|
\b
|
|
confidence: medium
|
|
examples:
|
|
- 'AXIOM_TOKEN=xapt-726c99a4-1d8c-4ccb-8e54-e89f21b25f4e'
|
|
- 'Authorization: Bearer xapt-deadbeef-1234-5678-9abc-def012345678'
|
|
references:
|
|
- https://axiom.co/docs/reference/tokens
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: https://api.axiom.co/v2/datasets
|
|
headers:
|
|
Authorization: "Bearer {{ TOKEN }}"
|
|
Accept: application/json
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [400]
|
|
- type: JsonValid
|
|
- type: WordMatch
|
|
words:
|
|
- '"forbidden"'
|
|
negative: true |