aboutsummaryrefslogtreecommitdiff
path: root/modules/eidas_proxy-sevice/checks
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2022-08-17 10:51:54 +0000
committerThomas Lenz <thomas.lenz@egiz.gv.at>2022-08-17 10:51:54 +0000
commitd83cf36c1454a10f5a46d677b5f0f30e0cbe7e95 (patch)
tree1cf2bf2853d604d8579cc3f5bf411d10f80c0207 /modules/eidas_proxy-sevice/checks
parent48f19dc45cec670fe62399d09fb34732fb4eeedc (diff)
parent920d33465e5ab1a71d81cc280e41de10cd8b5247 (diff)
downloadNational_eIDAS_Gateway-d83cf36c1454a10f5a46d677b5f0f30e0cbe7e95.tar.gz
National_eIDAS_Gateway-d83cf36c1454a10f5a46d677b5f0f30e0cbe7e95.tar.bz2
National_eIDAS_Gateway-d83cf36c1454a10f5a46d677b5f0f30e0cbe7e95.zip
Merge branch 'feature/ms_proxy_service' into 'nightlybuild'
add basic implementation of eIDAS-Node Proxy-Service request-controller See merge request egiz/eidas_at_proxy!20
Diffstat (limited to 'modules/eidas_proxy-sevice/checks')
-rw-r--r--modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml31
1 files changed, 31 insertions, 0 deletions
diff --git a/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml b/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
new file mode 100644
index 00000000..22dbaa13
--- /dev/null
+++ b/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+ <Match>
+ <!-- CSRF protection is implicit available by request token from eIDAS Node and tokens only be logged on trace level -->
+ <Class name="at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController" />
+ <Method name="receiveEidasAuthnRequest" />
+ <OR>
+ <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />
+ <Bug pattern="CRLF_INJECTION_LOGS" />
+ </OR>
+ </Match>
+ <Match>
+ <!-- Redirect-URL is set by configuration only. Therefore it's trusted -->
+ <Class name="at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServiceAuthenticationAction" />
+ <Method name="forwardToEidasProxy" />
+ <OR>
+ <Bug pattern="UNVALIDATED_REDIRECT" />
+ </OR>
+ </Match>
+ <Match>
+ <!-- That elements are accessible by design -->
+ <OR>
+ <Class name="at.asitplus.eidas.specific.modules.msproxyservice.dto.attributes.AttrMappingElement" />
+ <Class name="at.asitplus.eidas.specific.modules.msproxyservice.service.ProxyEidasAttributeRegistry" />
+ </OR>
+ <OR>
+ <Bug pattern="EI_EXPOSE_REP" />
+ <Bug pattern="EI_EXPOSE_REP2" />
+ </OR>
+ </Match>
+</FindBugsFilter>