2 năm trước cách đây · 9c6650d14a
--- a/cmd/generate/config/main.go
+++ b/cmd/generate/config/main.go
@@ -27,6 +27,7 @@ func main() {
 
															 	configRules = append(configRules, rules.AsanaClientID())
														
 
															 	configRules = append(configRules, rules.AsanaClientSecret())
														
 
															 	configRules = append(configRules, rules.Atlassian())
														
 
															+	configRules = append(configRules, rules.Authress())
														
 
															 	configRules = append(configRules, rules.AWS())
														
 
															 	configRules = append(configRules, rules.BitBucketClientID())
														
 
															 	configRules = append(configRules, rules.BitBucketClientSecret())
														
--- a/cmd/generate/config/rules/authress.go
+++ b/cmd/generate/config/rules/authress.go
@@ -0,0 +1,31 @@
 
															+package rules
														
 
															+
														
 
															+import (
														
 
															+	"fmt"
														
 
															+
														
 
															+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
														
 
															+	"github.com/zricethezav/gitleaks/v8/config"
														
 
															+)
														
 
															+
														
 
															+func Authress() *config.Rule {
														
 
															+	// define rule
														
 
															+	r := config.Rule{
														
 
															+		Description: "Authress Service Client Access Key",
														
 
															+		RuleID:      "authress-service-client-access-key",
														
 
															+		SecretGroup: 1,
														
 
															+		Regex: generateUniqueTokenRegex(`(?:sc|ext|scauth|authress)_[a-z0-9]{5,30}\.[a-z0-9]{4,6}\.acc_[a-z0-9-]{10,32}\.[a-z0-9+/_=-]{30,120}`),
														
 
															+		Keywords:    []string{"sc_", "ext_", "scauth_", "authress_"},
														
 
															+	}
														
 
															+
														
 
															+	// validate
														
 
															+	// https://authress.io/knowledge-base/docs/authorization/service-clients/secrets-scanning/#1-detection
														
 
															+	service_client_id := "sc_" + alphaNumeric("10")
														
 
															+	access_key_id := alphaNumeric("4")
														
 
															+	account_id := "acc_" + alphaNumeric("10")
														
 
															+	signature_key := alphaNumericExtendedShort("40")
														
 
															+
														
 
															+	tps := []string{
														
 
															+		generateSampleSecret("authress", secrets.NewSecret(fmt.Sprintf(`%s\.%s\.%s\.%s`, service_client_id, access_key_id, account_id, signature_key))),
														
 
															+	}
														
 
															+	return validate(r, tps, nil)
														
 
															+}
														
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -119,6 +119,15 @@ keywords = [
 
															     "atlassian","confluence","jira",
														
 
															 ]
														
 
															+[[rules]]
														
 
															+description = "Authress Service Client Access Key"
														
 
															+id = "authress-service-client-access-key"
														
 
															+regex = '''(?i)\b((?:sc|ext|scauth|authress)_[a-z0-9]{5,30}\.[a-z0-9]{4,6}\.acc_[a-z0-9-]{10,32}\.[a-z0-9+/_=-]{30,120})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
														
 
															+secretGroup = 1
														
 
															+keywords = [
														
 
															+    "sc_","ext_","scauth_","authress_",
														
 
															+]
														
 
															+
														
 
															 [[rules]]
														
 
															 description = "AWS"
														
 
															 id = "aws-access-token"