Merge branch 'feature/ms_proxy_service' into 'nightlybuild'

add basic implementation of eIDAS-Node Proxy-Service request-controller

See merge request egiz/eidas_at_proxy!20

1 files changed, 31 insertions, 0 deletions

diff --git a/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml b/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
new file mode 100644
index 00000000..22dbaa13
--- /dev/null
+++ b/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+    <Match>
+      <!-- CSRF protection is implicit available by request token from eIDAS Node and tokens only be logged on trace level -->
+      <Class name="at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController" />
+      <Method name="receiveEidasAuthnRequest" />
+      <OR>
+        <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />
+        <Bug pattern="CRLF_INJECTION_LOGS" />                       
+      </OR>
+    </Match>
+    <Match>
+      <!-- Redirect-URL is set by configuration only. Therefore it's trusted -->
+      <Class name="at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServiceAuthenticationAction" />
+      <Method name="forwardToEidasProxy" />
+      <OR>
+        <Bug pattern="UNVALIDATED_REDIRECT" />                
+      </OR>
+    </Match>
+    <Match>
+      <!-- That elements are accessible by design -->
+      <OR>
+        <Class name="at.asitplus.eidas.specific.modules.msproxyservice.dto.attributes.AttrMappingElement" />
+        <Class name="at.asitplus.eidas.specific.modules.msproxyservice.service.ProxyEidasAttributeRegistry" />
+      </OR>
+      <OR>
+        <Bug pattern="EI_EXPOSE_REP" />
+        <Bug pattern="EI_EXPOSE_REP2" />
+      </OR>
+    </Match>    
+</FindBugsFilter>