Add new Looker client ID and client secret rules (gitleaks#1947)

Author: chris-is

cmd/generate/config/main.go

@@ -153,6 +153,8 @@ func main() {
 		rules.LinkedinClientSecret(),
 		rules.LobAPIToken(),
 		rules.LobPubAPIToken(),
+		rules.LookerClientID(),
+		rules.LookerClientSecret(),
 		rules.MailChimp(),
 		rules.MailGunPubAPIToken(),
 		rules.MailGunPrivateAPIToken(),

cmd/generate/config/rules/looker.go

@@ -0,0 +1,35 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func LookerClientID() *config.Rule {
+	// define rule
+	r := config.Rule{
+		Description: "Found a Looker Client ID, risking unauthorized access to a Looker account and exposing sensitive data.",
+		RuleID:      "looker-client-id",
+		Regex:       utils.GenerateSemiGenericRegex([]string{"looker"}, utils.AlphaNumeric("20"), true),
+		Keywords:    []string{"looker"},
+	}
+
+	// validate
+	tps := utils.GenerateSampleSecrets("looker", secrets.NewSecret(utils.AlphaNumeric("20")))
+	return utils.Validate(r, tps, nil)
+}
+
+func LookerClientSecret() *config.Rule {
+	// define rule
+	r := config.Rule{
+		Description: "Found a Looker Client Secret, risking unauthorized access to a Looker account and exposing sensitive data.",
+		RuleID:      "looker-client-secret",
+		Regex:       utils.GenerateSemiGenericRegex([]string{"looker"}, utils.AlphaNumeric("24"), true),
+		Keywords:    []string{"looker"},
+	}
+
+	// validate
+	tps := utils.GenerateSampleSecrets("looker", secrets.NewSecret(utils.AlphaNumeric("24")))
+	return utils.Validate(r, tps, nil)
+}

config/gitleaks.toml

@@ -2529,6 +2529,18 @@ keywords = [
     "_pub",
 ]
 
+[[rules]]
+id = "looker-client-id"
+description = "Found a Looker Client ID, risking unauthorized access to a Looker account and exposing sensitive data."
+regex = '''(?i)[\w.-]{0,50}?(?:looker)(?:[ \t\w.-]{0,20})[\s'"]{0,3}(?:=|>|:{1,3}=|\|\||:|=>|\?=|,)[\x60'"\s=]{0,5}([a-z0-9]{20})(?:[\x60'"\s;]|\\[nr]|$)'''
+keywords = ["looker"]
+
+[[rules]]
+id = "looker-client-secret"
+description = "Found a Looker Client Secret, risking unauthorized access to a Looker account and exposing sensitive data."
+regex = '''(?i)[\w.-]{0,50}?(?:looker)(?:[ \t\w.-]{0,20})[\s'"]{0,3}(?:=|>|:{1,3}=|\|\||:|=>|\?=|,)[\x60'"\s=]{0,5}([a-z0-9]{24})(?:[\x60'"\s;]|\\[nr]|$)'''
+keywords = ["looker"]
+
 [[rules]]
 id = "mailchimp-api-key"
 description = "Identified a Mailchimp API key, potentially compromising email marketing campaigns and subscriber data."