forked from mirrors/kingfisher
44 lines
1.2 KiB
YAML
44 lines
1.2 KiB
YAML
rules:
|
|
- name: Strava Access Token
|
|
id: kingfisher.strava.1
|
|
pattern: |
|
|
(?x)
|
|
\b
|
|
(?i:strava)
|
|
(?:.|[\n\r]){0,32}?
|
|
(?i:ACCESS|AUTH)
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
[0-9a-f]{40}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 4
|
|
min_lowercase: 4
|
|
min_entropy: 3.5
|
|
confidence: medium
|
|
examples:
|
|
- 'STRAVA_ACCESS_TOKEN="83ebeabdec09f6670863766f792ead24d61fe3f9"'
|
|
- |
|
|
strava_auth_token: '1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b'
|
|
negative_examples:
|
|
- 'STRAVA_URL="https://www.strava.com/api/v3"'
|
|
- 'strava_client_id=12345'
|
|
- 'strava_refresh_token: "83ebeabdec09f6670863766f792ead24d61fe3f9"'
|
|
references:
|
|
- https://developers.strava.com/docs/authentication/
|
|
- https://developers.strava.com/docs/reference/#api-Athletes-getLoggedInAthlete
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: https://www.strava.com/api/v3/athlete
|
|
headers:
|
|
Authorization: 'Bearer {{ TOKEN }}'
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: JsonValid
|