kingfisher/crates/kingfisher-rules/data/rules/squarespace.yml

rules:
  - name: Squarespace API Key
    id: kingfisher.squarespace.1
    pattern: |
      (?x)
      \b
      (?i:squarespace)
      (?:.|[\n\r]){0,32}?
      (?i:KEY|TOKEN|API)
      (?:.|[\n\r]){0,32}?
      \b
      (
        [0-9a-f]{8}
        -
        [0-9a-f]{4}
        -
        [0-9a-f]{4}
        -
        [0-9a-f]{4}
        -
        [0-9a-f]{12}
      )
      \b
    pattern_requirements:
      min_digits: 4
    min_entropy: 3.0
    confidence: medium
    examples:
      - 'SQUARESPACE_API_KEY="a1b2c3d4-e5f6-7890-abcd-ef1234567890"'
      - |
        squarespace_token: '62dc7d80-9a1b-4c3d-8e5f-6a7b8c9d0e1f'
    negative_examples:
      - 'SQUARESPACE_URL="https://www.squarespace.com"'
    references:
      - https://developers.squarespace.com/commerce-apis/overview
      - https://developers.squarespace.com/commerce-apis/authentication-and-permissions
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://api.squarespace.com/1.0/authorization/website
          headers:
            Authorization: 'Bearer {{ TOKEN }}'
            User-Agent: kingfisher
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: JsonValid