forked from mirrors/kingfisher
41 lines
1.2 KiB
YAML
41 lines
1.2 KiB
YAML
rules:
|
|
- name: Fullstory API Key
|
|
id: kingfisher.fullstory.1
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
(?:fullstory|fs_api|fullstory_api)
|
|
(?:.|[\n\r]){0,32}?
|
|
(?:SECRET|PRIVATE|ACCESS|KEY|TOKEN|AUTHORIZATION|API)
|
|
(?:.|[\n\r]){0,16}?
|
|
\b
|
|
(
|
|
(?:na1|eu1)\.[A-Za-z0-9]{20,}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_lowercase: 2
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- FULLSTORY_API_KEY=na1.Abcd1234Efgh5678Ijkl9012Mnop3456
|
|
- 'fs_api_key: "eu1.Abcd1234Efgh5678Ijkl9012Mnop3456"'
|
|
references:
|
|
- https://developer.fullstory.com/server/v1/getting-started/
|
|
- https://developer.fullstory.com/server/authentication/
|
|
- https://developer.fullstory.com/server/v1/authentication/me/
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: https://api.fullstory.com/me
|
|
headers:
|
|
Authorization: "Basic {{ TOKEN | append: ':' | b64enc }}"
|
|
Accept: application/json
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: JsonValid
|