kingfisher/data/rules/hereapi.yml

rules:
  - name: HERE API Key
    id: kingfisher.hereapi.1
    pattern: |
      (?xi)
      \b
      hereapi
      (?:.|[\n\r]){0,32}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN|APIKEY)
      (?:.|[\n\r]){0,32}?
      \b
      (
        [A-Z0-9_-]{43}
      )
      \b
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.5
    confidence: medium
    examples:
      - "hereapi_key=XxK6G3m_pQ8nR2vT4wY9jL5bN7cA1dF3hJ0iM4eP9su"
      - "HEREAPI_SECRET=ZzY8xW6vU4tS2qP0nM5kJ9hF7dC1bA3gL8iK4eR9wQm"
    references:
      - https://stackoverflow.com/questions/65610274/here-geocoding-api-not-working-inside-my-react-app
      - https://github.com/spara/geocoding_tutorial
    validation:
      type: Http
      content:
        request:
          method: GET
          url: "https://geocode.search.hereapi.com/v1/geocode?q=Berlin&apiKey={{ TOKEN }}"
          headers:
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            # Successful geocode responses include an "items" array.
            - type: WordMatch
              words: ['"items"']