aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2/checks
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-12-11 16:33:00 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-12-11 16:33:00 +0100
commit26e422ff90f2a4fb9d2d25c0b2328b365fe5f0d7 (patch)
tree2bf10a997dd1c5239d70fae4a77f4d56b9bd7e44 /eidas_modules/authmodule-eIDAS-v2/checks
parent230e6c3890c7e63b286e9a08001e5ffd63743d2c (diff)
downloadNational_eIDAS_Gateway-26e422ff90f2a4fb9d2d25c0b2328b365fe5f0d7.tar.gz
National_eIDAS_Gateway-26e422ff90f2a4fb9d2d25c0b2328b365fe5f0d7.tar.bz2
National_eIDAS_Gateway-26e422ff90f2a4fb9d2d25c0b2328b365fe5f0d7.zip
add 'findSecBugs' plug-in into 'spotBugs' module and solve bugs or exclude false-positive
update gitlab-ci configuration to display jUnit test-coverage
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/checks')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml31
1 files changed, 31 insertions, 0 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml b/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
new file mode 100644
index 00000000..375f73f4
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+ <Match>
+ <!-- Do not check code generated by Apache CXF framework -->
+ <Class name="~szrservices.SZRException"/>
+ </Match>
+ <Match>
+ <!-- Logging of SAML2 responses in case of errors or for debugging is allowed -->
+ <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
+ <Method name="getPendingRequestId" />
+ <Bug pattern="CRLF_INJECTION_LOGS" />
+ </Match>
+ <Match>
+ <!-- CSFR protection is implemented by pendingRequestId that is an one-time token -->
+ <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
+ <Method name="restoreEidasAuthProcess" />
+ <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />
+ </Match>
+ <Match>
+ <!-- File path is only loaded from configuration -->
+ <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry" />
+ <Method name="initialize" />
+ <Bug pattern="PATH_TRAVERSAL_IN" />
+ </Match>
+ <Match>
+ <!-- Redirect URL is only loaded from configuration -->
+ <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" />
+ <Method name="execute" />
+ <Bug pattern="UNVALIDATED_REDIRECT" />
+ </Match>
+</FindBugsFilter>