eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
kingfisher/crates/kingfisher-rules/data/rules/sendgrid.yml

76 lines
No EOL
2.5 KiB
YAML
Raw Permalink Blame History

rules:
- name: Sendgrid API token
id: kingfisher.sendgrid.1
pattern: |
(?xi)
\b
(
SG
\.
[0-9A-Z_-]{20,24}
\.
[0-9A-Z_-]{39,47}
)
\b
pattern_requirements:
min_digits: 2
min_entropy: 3.5
confidence: medium
examples:
- " 'SENDGRID_API_KEYSID': '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'"
- "var sendgrid = require('sendgrid')('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');"
- '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'
references:
- https://docs.sendgrid.com/ui/account-and-settings/api-keys
validation:
type: Http
content:
request:
method: GET
url: https://api.sendgrid.com/v3/user/account
headers:
Authorization: "Bearer {{ TOKEN }}"
Accept: application/json
response_matcher:
- report_response: true
- type: StatusMatch
status: [200]
- type: WordMatch
match_all_words: true
words: ['"reputation"', '"type"']
revocation:
type: HttpMultiStep
content:
steps:
# Step 1: List all API keys to find the current key's ID
- name: lookup_api_key_id
request:
method: GET
url: https://api.sendgrid.com/v3/api_keys
headers:
Authorization: "Bearer {{ TOKEN }}"
Accept: application/json
response_matcher:
- type: StatusMatch
status: [200]
- type: JsonValid
extract:
# Extract the first API key ID from the list
# Note: SendGrid only shows partial keys, so we extract the first one
# which should be the current token if there's only one active key
API_KEY_ID:
type: JsonPath
path: "$.result[0].api_key_id"
# Step 2: Delete the API key using its ID
- name: delete_api_key
request:
method: DELETE
url: https://api.sendgrid.com/v3/api_keys/{{ API_KEY_ID }}
headers:
Authorization: "Bearer {{ TOKEN }}"
response_matcher:
- report_response: true
- type: StatusMatch
status: [204]
View git blame Copy permalink