forked from mirrors/kingfisher
0f953f59a5
Why: Hyperscan doesn’t support lookaheads/behinds, so many “must contain X and Y” checks had to be baked into the regex (hurting readability) or were impossible. pattern_requirements applies lightweight, in-memory checks after a match is found, keeping patterns fast and clean.
34 lines
1.1 KiB
YAML
34 lines
1.1 KiB
YAML
rules:
|
|
- name: Authress Service Client Access Key
|
|
id: kingfisher.authress.1
|
|
pattern: |
|
|
(?xi)
|
|
(
|
|
(?:sc|ext|scauth|authress)_[a-z0-9]{5,30}\.[a-z0-9]{4,6}\.acc[_-][a-z0-9-]{10,32}\.[a-z0-9+/_=-]{30,120}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_lowercase: 1
|
|
confidence: medium
|
|
min_entropy: 4.0
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: "https://api.authress.io/v1/users/me"
|
|
headers:
|
|
Authorization: "Bearer {{TOKEN}}"
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: JsonValid
|
|
- type: WordMatch
|
|
words:
|
|
- '"Unauthorized"'
|
|
negative: true
|
|
references:
|
|
- https://authress.io/knowledge-base/docs/authorization/service-clients/access-keys/
|
|
- https://authress.io/knowledge-base/docs/usage-guides/api-keys-as-a-service-setup/
|
|
examples:
|
|
- "sc_a6DTktFwMEvh87xstYV1BXl.ihwj.acc-0xd1a47h1rr0f.MC4CAQAwBQYDKAVwBCIEIB1wYB62EK24FKxEPHbW0ishcstwp2qs30uLXdWgu4V0"
|