forked from mirrors/kingfisher
42 lines
1.4 KiB
YAML
42 lines
1.4 KiB
YAML
rules:
|
|
- name: Azure Maps Subscription Key
|
|
id: kingfisher.azuremaps.1
|
|
pattern: |
|
|
(?x)
|
|
\b
|
|
(?i:azure[_\s-]*maps[_\s-]*(?:key|subscription[_\s-]*key|api[_\s-]*key|secret))
|
|
(?:.|[\n\r]){0,16}?
|
|
(
|
|
[a-zA-Z0-9_-]{32,44}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_entropy: 3.5
|
|
confidence: medium
|
|
categories: [api, key]
|
|
examples:
|
|
- AZURE_MAPS_KEY=AbCdEfGhIjKlMnOpQrStUvWxYz123456
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: https://atlas.microsoft.com/geocode?api-version=2025-01-01&addressLine=15127%20NE%2024th%20Street%20Redmond%20WA&countryRegion=US&subscription-key={{ TOKEN }}
|
|
headers:
|
|
Accept: application/geo+json, application/json
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: JsonValid
|
|
- type: WordMatch
|
|
match_all_words: true
|
|
words:
|
|
- '"FeatureCollection"'
|
|
- '"features"'
|
|
# Revocation not added: Azure Maps shared-key docs cover rotation and
|
|
# authentication, but I did not find a token self-revoke API.
|
|
references:
|
|
- https://learn.microsoft.com/en-us/azure/azure-maps/how-to-manage-authentication
|
|
- https://learn.microsoft.com/en-us/rest/api/maps/search/get-geocoding
|