forked from mirrors/kingfisher
44 lines
1.1 KiB
YAML
44 lines
1.1 KiB
YAML
rules:
|
|
- name: Box API Access Token
|
|
id: kingfisher.box.1
|
|
pattern: |
|
|
(?x)
|
|
\b
|
|
(?i:box)
|
|
(?:.|[\n\r]){0,32}?
|
|
(?i:ACCESS|TOKEN|DEVELOPER)
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
[A-Za-z0-9]{32}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_uppercase: 1
|
|
min_lowercase: 1
|
|
min_entropy: 3.5
|
|
confidence: medium
|
|
examples:
|
|
- 'BOX_DEVELOPER_TOKEN="DkXZmsjUKizvL2z0WiaLvMBeQ756XCGG"'
|
|
- |
|
|
box_access_token = 'A4bC5dE6fG7hI8jK9lM0nO1pQ2rS3tU4'
|
|
negative_examples:
|
|
- 'BOX_DOC_URL="https://developer.box.com"'
|
|
- 'sandbox_mode = true'
|
|
references:
|
|
- https://developer.box.com/reference/
|
|
- https://developer.box.com/guides/authentication/tokens/developer-tokens/
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: https://api.box.com/2.0/users/me
|
|
headers:
|
|
Authorization: 'Bearer {{ TOKEN }}'
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: JsonValid
|