forked from mirrors/kingfisher
62 lines
1.6 KiB
YAML
62 lines
1.6 KiB
YAML
rules:
|
|
- name: Contentstack API Key
|
|
id: kingfisher.contentstack.2
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
contentstack
|
|
(?:.|[\n\r]){0,32}?
|
|
(?:API[_\s]?KEY|STACK[_\s]?API[_\s]?KEY)
|
|
(?:.|[\n\r]){0,16}?
|
|
\b
|
|
(
|
|
blt[a-f0-9]{10}
|
|
)
|
|
\b
|
|
min_entropy: 3.0
|
|
confidence: medium
|
|
visible: false
|
|
examples:
|
|
- CONTENTSTACK_API_KEY=blt1234567890
|
|
- name: Contentstack Management Token
|
|
id: kingfisher.contentstack.1
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
contentstack
|
|
(?:.|[\n\r]){0,32}?
|
|
(?:MANAGEMENT[_\s]?TOKEN|AUTH[_\s]?TOKEN|TOKEN)
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
cs[a-f0-9]{32}
|
|
)
|
|
\b
|
|
min_entropy: 3.5
|
|
confidence: medium
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
examples:
|
|
- CONTENTSTACK_MANAGEMENT_TOKEN=cs1234567890abcdef1234567890abcdef
|
|
- contentstack_token = "csa1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4"
|
|
references:
|
|
- https://www.contentstack.com/docs/developers/create-tokens/overview-of-tokens
|
|
- https://www.contentstack.com/docs/developers/apis/content-management-api
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: "https://api.contentstack.io/v3/stacks"
|
|
headers:
|
|
api_key: "{{ APIKEY }}"
|
|
authorization: "Bearer {{ TOKEN }}"
|
|
Content-Type: application/json
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: JsonValid
|
|
depends_on_rule:
|
|
- rule_id: kingfisher.contentstack.2
|
|
variable: APIKEY
|