kingfisher/crates/kingfisher-rules/data/rules/configcat.yml

rules:
  - name: ConfigCat SDK Key
    id: kingfisher.configcat.1
    pattern: |
      (?xi)
      \b
      configcat
      (?:.|[\n\r]){0,32}?
      (?:API[_-]?KEY|SECRET|TOKEN|KEY)
      [\s:=}"']{1,16}
      (
        [A-Za-z0-9_-]{22}/[A-Za-z0-9_-]{22}
      )
      \b
    pattern_requirements:
      min_digits: 2
      min_uppercase: 2
      min_lowercase: 2
    min_entropy: 3.5
    confidence: medium
    examples:
      - 'CONFIGCAT_SDK_KEY=Aa1Bb2Cc3Dd4Ee5Ff6Gg7H/aA1bB2cC3dD4eE5fF6gG7h'
      - 'configcat_key: "Aa1Bb2Cc3Dd4Ee5Ff6Gg7H/aA1bB2cC3dD4eE5fF6gG7h"'
    references:
      - https://configcat.com/docs/sdk-reference/overview/
    validation:
      type: Http
      content:
        request:
          method: GET
          url: "https://cdn-global.configcat.com/configuration-files/{{ TOKEN }}/config_v6.json"
          headers:
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: JsonValid

  - name: ConfigCat SDK Key (Extended)
    id: kingfisher.configcat.2
    pattern: |
      (?xi)
      \b
      (
        configcat-sdk-1/[A-Za-z0-9_-]{22}/[A-Za-z0-9_-]{22}
      )
      \b
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.5
    confidence: medium
    examples:
      - 'CONFIGCAT_SDK_KEY=configcat-sdk-1/Aa1Bb2Cc3Dd4Ee5Ff6Gg7H/aA1bB2cC3dD4eE5fF6gG7h'
    references:
      - https://configcat.com/docs/sdk-reference/overview/
    validation:
      type: Http
      content:
        request:
          method: GET
          url: "https://cdn-global.configcat.com/configuration-files/{{ TOKEN }}/config_v6.json"
          headers:
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: JsonValid