forked from mirrors/kingfisher
63 lines
1.8 KiB
YAML
63 lines
1.8 KiB
YAML
rules:
|
|
- name: Intra42 Client ID
|
|
id: kingfisher.intra42.1
|
|
visible: false
|
|
pattern: |
|
|
(?x)
|
|
\b
|
|
(
|
|
u-s4t2(?:ud|af)-[a-fA-F0-9]{64}
|
|
)
|
|
\b
|
|
min_entropy: 3.0
|
|
confidence: medium
|
|
examples:
|
|
- 'INTRA42_CLIENT_ID="u-s4t2ud-33ad3d923534cae0bf765b20ac23831a4e35937298f21062a72db03e99de65b7"'
|
|
references:
|
|
- https://api.intra.42.fr/apidoc/guides/getting_started
|
|
|
|
- name: Intra42 Client Secret (s-s4t2ud/af)
|
|
id: kingfisher.intra42.2
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
(
|
|
s-s4t2(?:ud|af)-[a-f0-9]{64}
|
|
)
|
|
\b
|
|
min_entropy: 3.6
|
|
confidence: medium
|
|
pattern_requirements:
|
|
min_digits: 3
|
|
min_lowercase: 2
|
|
examples:
|
|
- 'INTRA42_CLIENT_SECRET="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"'
|
|
references:
|
|
- https://api.intra.42.fr/apidoc/guides/getting_started
|
|
- https://api.intra.42.fr/apidoc/guides/web_application_flow
|
|
- https://api.intra.42.fr/apidoc/guides/specification
|
|
|
|
depends_on_rule:
|
|
- rule_id: kingfisher.intra42.1
|
|
variable: CLIENT_ID
|
|
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: POST
|
|
url: https://api.intra.42.fr/oauth/token
|
|
headers:
|
|
Accept: application/json
|
|
Content-Type: application/x-www-form-urlencoded
|
|
body: >
|
|
grant_type=client_credentials&client_id={{ CLIENT_ID | url_encode }}&client_secret={{ TOKEN | url_encode }}
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: JsonValid
|
|
- type: WordMatch
|
|
match_all_words: false
|
|
words:
|
|
- '"access_token"'
|