Add intra42 client secret (#1408)

intra42 is the intranet and API of "42 School", a CS school.
The API is open to all students in 57 campus around the world.
It is thus often subject to credentials leaks on GitHub
See https://42.fr and https://api.intra.42.fr/

cmd/generate/config/main.go

@@ -106,6 +106,7 @@ func main() {
 		rules.HuggingFaceAccessToken(),
 		rules.HuggingFaceOrganizationApiToken(),
 		rules.Intercom(),
+		rules.Intra42ClientSecret(),
 		rules.JFrogAPIKey(),
 		rules.JFrogIdentityToken(),
 		rules.JWT(),

cmd/generate/config/rules/intra42.go

@@ -0,0 +1,29 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func Intra42ClientSecret() *config.Rule {
+	// define rule
+	r := config.Rule{
+		Description: "Found a Intra42 client secret, which could lead to unauthorized access to the 42School API and sensitive data.",
+		RuleID:      "intra42-client-secret",
+		Regex:       generateUniqueTokenRegex(`s-s4t2(?:ud|af)-[abcdef0123456789]{64}`, true),
+		Keywords: []string{
+			"intra",
+			"s-s4t2ud-",
+			"s-s4t2af-",
+		},
+	}
+
+	// validate
+	tps := []string{
+		"clientSecret := \"s-s4t2ud-" + secrets.NewSecret(hex("64")) + "\"",
+		"clientSecret := \"s-s4t2af-" + secrets.NewSecret(hex("64")) + "\"",
+		"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", // gitleaks:allow
+		"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", // gitleaks:allow
+	}
+	return validate(r, tps, nil)
+}

config/gitleaks.toml

@@ -2159,6 +2159,14 @@ keywords = [
     "intercom",
 ]
 
+[[rules]]
+id = "intra42-client-secret"
+description = "Found a Intra42 client secret, which could lead to unauthorized access to the 42School API and sensitive data."
+regex = '''(?i)\b(s-s4t2(?:ud|af)-[abcdef0123456789]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
+keywords = [
+    "intra","s-s4t2ud-","s-s4t2af-",
+]
+
 [[rules]]
 id = "jfrog-api-key"
 description = "Found a JFrog API Key, posing a risk of unauthorized access to software artifact repositories and build pipelines."