kingfisher/crates/kingfisher-rules/data/rules/storyblok.yml

rules:
  - name: Storyblok API Token
    id: kingfisher.storyblok.1
    pattern: |
      (?xi)
      \b
      storyblok
      (?:.|[\n\r]){0,32}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN|API)
      (?:.|[\n\r]){0,32}?
      \b
      (
        [A-Za-z0-9]{22}tt
      )
      \b
    min_entropy: 3.5
    confidence: medium
    pattern_requirements:
      min_digits: 2
    examples:
      - STORYBLOK_ACCESS_TOKEN=wANpEQEsMYGOwLxwXQ76Ggtt
      - storyblok_token = "13Kft3335iwbBOI333wawOtt"
    references:
      - https://www.storyblok.com/docs/api/content-delivery/v2/getting-started/authentication
      - https://www.storyblok.com/docs/concepts/access-tokens
    validation:
      type: Http
      content:
        request:
          method: GET
          url: "https://api.storyblok.com/v2/cdn/stories?token={{ TOKEN }}&version=published&per_page=1"
          headers:
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: JsonValid