forked from mirrors/kingfisher
73 lines
2.1 KiB
YAML
73 lines
2.1 KiB
YAML
rules:
|
|
- name: BrowserStack Access Key
|
|
id: kingfisher.browserstack.1
|
|
pattern: |
|
|
(?xi)
|
|
\b(?:browserstack|BROWSERSTACK)
|
|
(?:.|[\n\r]){0,64}?
|
|
(?:access[_-]?key|key|secret|token)
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
[a-zA-Z0-9]{20}
|
|
)
|
|
\b
|
|
confidence: medium
|
|
min_entropy: 3.0
|
|
examples:
|
|
- 'BROWSERSTACK_ACCESS_KEY=qA1bC2dE3fG4hI5jK6lM'
|
|
- 'browserstack.access_key = "rN7oP8qR9sT0uV1wX2yZ"'
|
|
references:
|
|
- https://www.browserstack.com/docs/automate/api-reference/selenium/introduction
|
|
depends_on_rule:
|
|
- rule_id: kingfisher.browserstack.2
|
|
variable: BROWSERSTACK_USERNAME
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: "https://api.browserstack.com/automate/plan.json"
|
|
headers:
|
|
Authorization: "Basic {{ BROWSERSTACK_USERNAME | append: ':' | append: TOKEN | b64enc }}"
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
revocation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: PUT
|
|
url: "https://api.browserstack.com/automate/recycle_key.json"
|
|
headers:
|
|
Authorization: "Basic {{ BROWSERSTACK_USERNAME | append: ':' | append: TOKEN | b64enc }}"
|
|
Content-Type: "application/json"
|
|
body: "{}"
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: WordMatch
|
|
words:
|
|
- '"old_key"'
|
|
- '"new_key"'
|
|
match_all_words: true
|
|
|
|
- name: BrowserStack Username
|
|
id: kingfisher.browserstack.2
|
|
visible: false
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
(?:BROWSERSTACK_USERNAME|BROWSERSTACK_USER|browserstack[._-]?user(?:name)?)
|
|
\s* [=:] \s* ["']?
|
|
(
|
|
[a-zA-Z0-9_-]+
|
|
)
|
|
["']?
|
|
confidence: medium
|
|
min_entropy: 1.0
|
|
examples:
|
|
- 'BROWSERSTACK_USERNAME=build-user'
|
|
- 'browserstack_user: "ci_bot_01"'
|