diff options
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_sp')
4 files changed, 31 insertions, 15 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_sp/checks/spotbugs-exclude.xml b/eaaf_modules/eaaf_module_pvp2_sp/checks/spotbugs-exclude.xml new file mode 100644 index 00000000..ff7f96e0 --- /dev/null +++ b/eaaf_modules/eaaf_module_pvp2_sp/checks/spotbugs-exclude.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<FindBugsFilter> + <Match> + <OR> + <Class name="at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor" /> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP" /> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> +</FindBugsFilter> diff --git a/eaaf_modules/eaaf_module_pvp2_sp/pom.xml b/eaaf_modules/eaaf_module_pvp2_sp/pom.xml index ea7f29fe..90e4866f 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/pom.xml +++ b/eaaf_modules/eaaf_module_pvp2_sp/pom.xml @@ -52,6 +52,18 @@ <build> <finalName>eaaf_module_pvp2_sp</finalName> + <plugins> + <plugin> + <groupId>com.github.spotbugs</groupId> + <artifactId>spotbugs-maven-plugin</artifactId> + <version>${spotbugs-maven-plugin.version}</version> + <configuration> + <failOnError>true</failOnError> + <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile> + </configuration> + </plugin> + </plugins> + </build> </project> diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java index bac90451..13a9cc7a 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java @@ -23,8 +23,6 @@ import java.security.NoSuchAlgorithmException; import java.time.Instant; import java.util.List; -import javax.servlet.http.HttpServletResponse; - import org.apache.commons.lang3.StringUtils; import org.opensaml.messaging.encoder.MessageEncodingException; import org.opensaml.saml.common.xml.SAMLConstants; @@ -60,7 +58,8 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestExtensionBui import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.sp.api.IPvpAuthnRequestBuilderConfiguruation; import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnRequestBuildException; -import net.shibboleth.utilities.java.support.security.impl.SecureRandomIdentifierGenerationStrategy; +import jakarta.servlet.http.HttpServletResponse; +import net.shibboleth.shared.security.impl.SecureRandomIdentifierGenerationStrategy; /** * PVP2 S-Profil Authentication-Request builder-implementation. diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java index 4d8c8993..71421aae 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java @@ -316,13 +316,8 @@ public class AssertionAttributeExtractor { * @return Date, when the SAML2 assertion was issued, otherwise null */ public Instant getAssertionIssuingDate() { - try { - return getFullAssertion().getIssueInstant(); + return getFullAssertion() != null ? getFullAssertion().getIssueInstant() : null; - } catch (final NullPointerException e) { - return null; - - } } /** @@ -335,13 +330,11 @@ public class AssertionAttributeExtractor { * @return Date, after this SAML2 assertion is valid, otherwise null */ public Date getAssertionNotBefore() { - try { - return Date.from(getFullAssertion().getConditions().getNotBefore()); + return getFullAssertion() != null && getFullAssertion().getConditions() != null + && getFullAssertion().getConditions().getNotBefore() != null + ? Date.from(getFullAssertion().getConditions().getNotBefore()) + : null; - } catch (final NullPointerException e) { - return null; - - } } private AuthnStatement getAuthnStatement() throws AssertionAttributeExtractorExeption { |