kingfisher/data/rules/zuplo.yml

rules:
  - name: Zuplo API Key
    id: kingfisher.zuplo.1
    pattern: |
      (?xi)
      \b
      (
        zpka_(?P<body>[a-z0-9]{32})_(?P<checksum>[0-9a-f]{8})
      )
    pattern_requirements:
      checksum:
        actual:
          template: "{{ CHECKSUM | downcase }}"
          requires_capture: checksum
        expected: "{{ BODY | crc32_hex }}"
    min_entropy: 3.3
    confidence: medium
    examples:
      - zpka_3e6c4f7d39954ca29353b7ab88589b64_de26cd55
      - zpka_b3f94d8d3d4d4a6ea5c5b20d0a5bb407_18eb262b
    references:
      - https://zuplo.com/blog/api-key-authentication
    validation:
      type: Http
      content:
        request:
          headers:
            authorization: "Bearer {{ TOKEN }}"
            x-api-key: "{{ TOKEN }}"
          method: GET
          response_matcher:
            - report_response: true
            - status:
                - 200
              type: StatusMatch
          url: https://dev.zuplo.com/v1/who-am-i