<?xml version="1.0" encoding="UTF-8"?>
<FindBugsFilter>
    <Match>
      <!-- Do not check code generated by Apache CXF framework -->
      <Class name="~szrservices.*"/>
      <Class name="~at.gv.e_government.reference.namespace.persondata.*" />
      <Class name="~org.w3._2000._09.xmldsig.*" />
    </Match>
    <Match>
      <!-- Logging of SAML2 responses in case of errors or for debugging is allowed -->
      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
      <Method name="getPendingRequestId" />
      <Bug pattern="CRLF_INJECTION_LOGS" />               
    </Match>
    <Match>
      <!-- CSFR protection is implemented by pendingRequestId that is an one-time token -->
      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.controller.IdAustriaClientAuthSignalController" />
      <Method name="performAuthentication" />
      <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />               
    </Match>
    <Match>
      <!-- CSFR protection is implemented by pendingRequestId that is an one-time token -->
      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
      <Method name="restoreEidasAuthProcess" />
      <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />               
    </Match>
    <Match>
      <!-- File path is only loaded from configuration -->
      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry" />
      <Method name="initialize" />
      <Bug pattern="PATH_TRAVERSAL_IN" />               
    </Match>
    <Match>
      <!-- Redirect URL is only loaded from configuration -->
      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" />
      <Method name="sendRedirect" />
      <Bug pattern="UNVALIDATED_REDIRECT" />               
    </Match>
  <Match>
    <!-- Builder pattern does not expose date elements -->
    <OR>
      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData" />
      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils$JwsResult"/>
    </OR>
    <OR>
      <Bug pattern="EI_EXPOSE_REP" />
      <Bug pattern="EI_EXPOSE_REP2" />
    </OR>
  </Match>        
</FindBugsFilter>