aboutsummaryrefslogtreecommitdiff
path: root/modules/authmodule_id-austria/checks
diff options
context:
space:
mode:
Diffstat (limited to 'modules/authmodule_id-austria/checks')
-rw-r--r--modules/authmodule_id-austria/checks/spotbugs-exclude.xml29
1 files changed, 29 insertions, 0 deletions
diff --git a/modules/authmodule_id-austria/checks/spotbugs-exclude.xml b/modules/authmodule_id-austria/checks/spotbugs-exclude.xml
new file mode 100644
index 00000000..366c7aca
--- /dev/null
+++ b/modules/authmodule_id-austria/checks/spotbugs-exclude.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+ <Match>
+ <!-- CSRF protection is implicit available by request token -->
+ <Class name="at.asitplus.eidas.specific.modules.auth.idaustria.controller.IdAustriaAuthSignalController" />
+ <Method name="performEidasAuthentication" />
+ <OR>
+ <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />
+ </OR>
+ </Match>
+ <!-- Logging of invalid SAML2 responses are allowed on debug level -->
+ <Match>
+ <Class name="at.asitplus.eidas.specific.modules.auth.idaustria.tasks.ReceiveFromIdAustriaSystemTask"/>
+ <Method name="execute" />
+ <OR>
+ <Bug pattern="CRLF_INJECTION_LOGS" />
+ </OR>
+ </Match>
+ <Match>
+ <!-- Builder pattern does not expose date elements -->
+ <OR>
+ <Class name="at.asitplus.eidas.specific.modules.auth.idaustria.config.IdAustriaAuthRequestBuilderConfiguration" />
+ </OR>
+ <OR>
+ <Bug pattern="EI_EXPOSE_REP" />
+ <Bug pattern="EI_EXPOSE_REP2" />
+ </OR>
+ </Match>
+</FindBugsFilter>