Fork me on GitHub
Produit par Maven

Rapport SpotBugs de détection des bugs

Le document suivant contient les résultats du SpotBugs

La version de SpotBugs est 4.5.3

La limite est medium

L'effort est default

Résumé

Classes Bugs Erreurs Classes Manquantes
30 75 0 0

Fichiers

Classe Bugs
fr.paris.lutece.plugins.oauth2.business.AuthServerConf 2
fr.paris.lutece.plugins.oauth2.business.IDToken 2
fr.paris.lutece.plugins.oauth2.business.OIDCAuthServerConf 1
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration 44
fr.paris.lutece.plugins.oauth2.business.RegisteredClient 4
fr.paris.lutece.plugins.oauth2.business.Token 2
fr.paris.lutece.plugins.oauth2.dataclient.AbstractDataClient 5
fr.paris.lutece.plugins.oauth2.dataclient.AbstractJWTDataClient 4
fr.paris.lutece.plugins.oauth2.jwt.JjwtJWTParser 1
fr.paris.lutece.plugins.oauth2.jwt.KeyLocator 1
fr.paris.lutece.plugins.oauth2.jwt.MitreJWTParser 1
fr.paris.lutece.plugins.oauth2.service.PkceUtil 1
fr.paris.lutece.plugins.oauth2.service.TokenService 2
fr.paris.lutece.plugins.oauth2.web.CallbackHandler 5

fr.paris.lutece.plugins.oauth2.business.AuthServerConf

Bug Catégorie Détails Ligne Priorité
fr.paris.lutece.plugins.oauth2.business.AuthServerConf.getIDTokenSignatureAlgorithmNames() may expose internal representation by returning AuthServerConf._idTokenSignatureAlgorithmNames MALICIOUS_CODE EI_EXPOSE_REP 185 Medium
fr.paris.lutece.plugins.oauth2.business.AuthServerConf.setIDTokenSignatureAlgorithmNames(Set) may expose internal representation by storing an externally mutable object into AuthServerConf._idTokenSignatureAlgorithmNames MALICIOUS_CODE EI_EXPOSE_REP2 199 Medium

fr.paris.lutece.plugins.oauth2.business.IDToken

Bug Catégorie Détails Ligne Priorité
fr.paris.lutece.plugins.oauth2.business.IDToken.getAudience() may expose internal representation by returning IDToken._strAudience MALICIOUS_CODE EI_EXPOSE_REP 59 Medium
fr.paris.lutece.plugins.oauth2.business.IDToken.setAudience(Set) may expose internal representation by storing an externally mutable object into IDToken._strAudience MALICIOUS_CODE EI_EXPOSE_REP2 70 Medium

fr.paris.lutece.plugins.oauth2.business.OIDCAuthServerConf

Bug Catégorie Détails Ligne Priorité
Class fr.paris.lutece.plugins.oauth2.business.OIDCAuthServerConf defines non-transient non-serializable instance field _httpAccess BAD_PRACTICE SE_BAD_FIELD Non disponible Medium

fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration

Bug Catégorie Détails Ligne Priorité
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getAcrValuesSupported() may expose internal representation by returning OpenIDConfiguration._acrValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 203 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getClaimTypesSupported() may expose internal representation by returning OpenIDConfiguration._claimTypesSupported MALICIOUS_CODE EI_EXPOSE_REP 357 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getClaimsLocalesSupported() may expose internal representation by returning OpenIDConfiguration._claimsLocalesSupported MALICIOUS_CODE EI_EXPOSE_REP 390 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getClaimsSupported() may expose internal representation by returning OpenIDConfiguration._claimsSupported MALICIOUS_CODE EI_EXPOSE_REP 368 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getDisplayValuesSupported() may expose internal representation by returning OpenIDConfiguration._displayValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 346 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getGrantTypesSupported() may expose internal representation by returning OpenIDConfiguration._grantTypesSupported MALICIOUS_CODE EI_EXPOSE_REP 192 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getIDTokenEncryptionAlgValuesSupported() may expose internal representation by returning OpenIDConfiguration._idTokenEncryptionAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 236 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getIDTokenEncryptionEncValuesSupported() may expose internal representation by returning OpenIDConfiguration._idTokenEncryptionEncValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 247 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getIDTokenSigningAlgValuesSupported() may expose internal representation by returning OpenIDConfiguration._idTokenSigningAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 225 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getRequestObjectEncryptionAlgValuesSupported() may expose internal representation by returning OpenIDConfiguration._requestObjectEncryptionAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 302 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getRequestObjectEncryptionEncValuesSupported() may expose internal representation by returning OpenIDConfiguration._requestObjectEncryptionEncValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 313 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getRequestObjectSigningAlgValuesSupported() may expose internal representation by returning OpenIDConfiguration._requestObjectSigningAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 291 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getResponseModesSupported() may expose internal representation by returning OpenIDConfiguration._responseModesSupported MALICIOUS_CODE EI_EXPOSE_REP 181 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getResponseTypesSupported() may expose internal representation by returning OpenIDConfiguration._responseTypesSupported MALICIOUS_CODE EI_EXPOSE_REP 170 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getScopesSupported() may expose internal representation by returning OpenIDConfiguration._scopesSupported MALICIOUS_CODE EI_EXPOSE_REP 159 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getSubjectTypesSupported() may expose internal representation by returning OpenIDConfiguration._subjectTypesSupported MALICIOUS_CODE EI_EXPOSE_REP 214 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getTokenEndpointAuthMethodsSupported() may expose internal representation by returning OpenIDConfiguration._tokenEndpointAuthMethodsSupported MALICIOUS_CODE EI_EXPOSE_REP 324 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getTokenEndpointAuthSigningAlgValuesSupported() may expose internal representation by returning OpenIDConfiguration._tokenEndpointAuthSigningAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 335 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getUILocalesSupported() may expose internal representation by returning OpenIDConfiguration._uiLocalesSupported MALICIOUS_CODE EI_EXPOSE_REP 401 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getUserinfoEncryptionAlgValuesSupported() may expose internal representation by returning OpenIDConfiguration._userinfoEncryptionAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 269 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getUserinfoEncryptionEncValuesSupported() may expose internal representation by returning OpenIDConfiguration._userinfoEncryptionEncValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 280 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.getUserinfoSigningAlgValuesSupported() may expose internal representation by returning OpenIDConfiguration._userinfoSigningAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP 258 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setAcrValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._acrValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 209 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setClaimTypesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._claimTypesSupported MALICIOUS_CODE EI_EXPOSE_REP2 363 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setClaimsLocalesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._claimsLocalesSupported MALICIOUS_CODE EI_EXPOSE_REP2 396 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setClaimsSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._claimsSupported MALICIOUS_CODE EI_EXPOSE_REP2 374 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setDisplayValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._displayValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 352 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setGrantTypesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._grantTypesSupported MALICIOUS_CODE EI_EXPOSE_REP2 198 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setIDTokenEncryptionAlgValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._idTokenEncryptionAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 242 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setIDTokenEncryptionEncValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._idTokenEncryptionEncValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 253 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setIDTokenSigningAlgValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._idTokenSigningAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 231 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setRequestObjectEncryptionAlgValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._requestObjectEncryptionAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 308 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setRequestObjectEncryptionEncValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._requestObjectEncryptionEncValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 319 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setRequestObjectSigningAlgValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._requestObjectSigningAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 297 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setResponseModesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._responseModesSupported MALICIOUS_CODE EI_EXPOSE_REP2 187 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setResponseTypesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._responseTypesSupported MALICIOUS_CODE EI_EXPOSE_REP2 176 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setScopesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._scopesSupported MALICIOUS_CODE EI_EXPOSE_REP2 165 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setSubjectTypesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._subjectTypesSupported MALICIOUS_CODE EI_EXPOSE_REP2 220 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setTokenEndpointAuthMethodsSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._tokenEndpointAuthMethodsSupported MALICIOUS_CODE EI_EXPOSE_REP2 330 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setTokenEndpointAuthSigningAlgValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._tokenEndpointAuthSigningAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 341 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setUILocalesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._uiLocalesSupported MALICIOUS_CODE EI_EXPOSE_REP2 407 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setUserinfoEncryptionAlgValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._userinfoEncryptionAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 275 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setUserinfoEncryptionEncValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._userinfoEncryptionEncValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 286 Medium
fr.paris.lutece.plugins.oauth2.business.OpenIDConfiguration.setUserinfoSigningAlgValuesSupported(String[]) may expose internal representation by storing an externally mutable object into OpenIDConfiguration._userinfoSigningAlgValuesSupported MALICIOUS_CODE EI_EXPOSE_REP2 264 Medium

fr.paris.lutece.plugins.oauth2.business.RegisteredClient

Bug Catégorie Détails Ligne Priorité
fr.paris.lutece.plugins.oauth2.business.RegisteredClient.getRedirectUris() may expose internal representation by returning RegisteredClient._redirectUris MALICIOUS_CODE EI_EXPOSE_REP 168 Medium
fr.paris.lutece.plugins.oauth2.business.RegisteredClient.getScope() may expose internal representation by returning RegisteredClient._scope MALICIOUS_CODE EI_EXPOSE_REP 126 Medium
fr.paris.lutece.plugins.oauth2.business.RegisteredClient.setRedirectUris(Set) may expose internal representation by storing an externally mutable object into RegisteredClient._redirectUris MALICIOUS_CODE EI_EXPOSE_REP2 179 Medium
fr.paris.lutece.plugins.oauth2.business.RegisteredClient.setScope(Set) may expose internal representation by storing an externally mutable object into RegisteredClient._scope MALICIOUS_CODE EI_EXPOSE_REP2 137 Medium

fr.paris.lutece.plugins.oauth2.business.Token

Bug Catégorie Détails Ligne Priorité
fr.paris.lutece.plugins.oauth2.business.Token.getIdToken() may expose internal representation by returning Token._idToken MALICIOUS_CODE EI_EXPOSE_REP 170 Medium
fr.paris.lutece.plugins.oauth2.business.Token.setIdToken(IDToken) may expose internal representation by storing an externally mutable object into Token._idToken MALICIOUS_CODE EI_EXPOSE_REP2 181 Medium

fr.paris.lutece.plugins.oauth2.dataclient.AbstractDataClient

Bug Catégorie Détails Ligne Priorité
fr.paris.lutece.plugins.oauth2.dataclient.AbstractDataClient.getAcrValuesSet() may expose internal representation by returning AbstractDataClient._acrValues MALICIOUS_CODE EI_EXPOSE_REP 160 Medium
fr.paris.lutece.plugins.oauth2.dataclient.AbstractDataClient.getScope() may expose internal representation by returning AbstractDataClient._scope MALICIOUS_CODE EI_EXPOSE_REP 99 Medium
fr.paris.lutece.plugins.oauth2.dataclient.AbstractDataClient.setAcrValuesSet(Set) may expose internal representation by storing an externally mutable object into AbstractDataClient._acrValues MALICIOUS_CODE EI_EXPOSE_REP2 169 Medium
fr.paris.lutece.plugins.oauth2.dataclient.AbstractDataClient.setScope(Set) may expose internal representation by storing an externally mutable object into AbstractDataClient._scope MALICIOUS_CODE EI_EXPOSE_REP2 108 Medium
fr.paris.lutece.plugins.oauth2.dataclient.AbstractDataClient._logger isn't final but should be MALICIOUS_CODE MS_SHOULD_BE_FINAL 60 High

fr.paris.lutece.plugins.oauth2.dataclient.AbstractJWTDataClient

Bug Catégorie Détails Ligne Priorité
fr.paris.lutece.plugins.oauth2.dataclient.AbstractJWTDataClient.getAuthClientConf() may expose internal representation by returning AbstractJWTDataClient._authClientConf MALICIOUS_CODE EI_EXPOSE_REP 84 Medium
fr.paris.lutece.plugins.oauth2.dataclient.AbstractJWTDataClient.getAuthServerConf() may expose internal representation by returning AbstractJWTDataClient._authServerConf MALICIOUS_CODE EI_EXPOSE_REP 67 Medium
fr.paris.lutece.plugins.oauth2.dataclient.AbstractJWTDataClient.setAuthClientConf(AuthClientConf) may expose internal representation by storing an externally mutable object into AbstractJWTDataClient._authClientConf MALICIOUS_CODE EI_EXPOSE_REP2 93 Medium
fr.paris.lutece.plugins.oauth2.dataclient.AbstractJWTDataClient.setAuthServerConf(AuthServerConf) may expose internal representation by storing an externally mutable object into AbstractJWTDataClient._authServerConf MALICIOUS_CODE EI_EXPOSE_REP2 76 Medium

fr.paris.lutece.plugins.oauth2.jwt.JjwtJWTParser

Bug Catégorie Détails Ligne Priorité
Nullcheck of serverConfig at line 236 of value previously dereferenced in fr.paris.lutece.plugins.oauth2.jwt.JjwtJWTParser.getClaims(String, AuthClientConf, AuthServerConf) CORRECTNESS RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE 225 Medium

fr.paris.lutece.plugins.oauth2.jwt.KeyLocator

Bug Catégorie Détails Ligne Priorité
new fr.paris.lutece.plugins.oauth2.jwt.KeyLocator(String, HttpAccess) may expose internal representation by storing an externally mutable object into KeyLocator._httpAccess MALICIOUS_CODE EI_EXPOSE_REP2 65 Medium

fr.paris.lutece.plugins.oauth2.jwt.MitreJWTParser

Bug Catégorie Détails Ligne Priorité
Result of integer multiplication cast to long in fr.paris.lutece.plugins.oauth2.jwt.MitreJWTParser.parseJWT(Token, AuthClientConf, AuthServerConf, String, Logger) STYLE ICAST_INTEGER_MULTIPLY_CAST_TO_LONG 168 Medium

fr.paris.lutece.plugins.oauth2.service.PkceUtil

Bug Catégorie Détails Ligne Priorité
Random object created and used only once in fr.paris.lutece.plugins.oauth2.service.PkceUtil.generateCodeVerifier() BAD_PRACTICE DMI_RANDOM_USED_ONLY_ONCE 14 High

fr.paris.lutece.plugins.oauth2.service.TokenService

Bug Catégorie Détails Ligne Priorité
new fr.paris.lutece.plugins.oauth2.service.TokenService(AuthClientConf, AuthServerConf) may expose internal representation by storing an externally mutable object into TokenService._defaultClientConfig MALICIOUS_CODE EI_EXPOSE_REP2 83 Medium
new fr.paris.lutece.plugins.oauth2.service.TokenService(AuthClientConf, AuthServerConf) may expose internal representation by storing an externally mutable object into TokenService._defaultauthServerConfig MALICIOUS_CODE EI_EXPOSE_REP2 84 Medium

fr.paris.lutece.plugins.oauth2.web.CallbackHandler

Bug Catégorie Détails Ligne Priorité
fr.paris.lutece.plugins.oauth2.web.CallbackHandler.getAuthClientConf() may expose internal representation by returning CallbackHandler._authClientConf MALICIOUS_CODE EI_EXPOSE_REP 102 Medium
fr.paris.lutece.plugins.oauth2.web.CallbackHandler.getAuthServerConf() may expose internal representation by returning CallbackHandler._authServerConf MALICIOUS_CODE EI_EXPOSE_REP 85 Medium
fr.paris.lutece.plugins.oauth2.web.CallbackHandler.setAuthClientConf(AuthClientConf) may expose internal representation by storing an externally mutable object into CallbackHandler._authClientConf MALICIOUS_CODE EI_EXPOSE_REP2 111 Medium
fr.paris.lutece.plugins.oauth2.web.CallbackHandler.setAuthServerConf(AuthServerConf) may expose internal representation by storing an externally mutable object into CallbackHandler._authServerConf MALICIOUS_CODE EI_EXPOSE_REP2 94 Medium
Class fr.paris.lutece.plugins.oauth2.web.CallbackHandler defines non-transient non-serializable instance field _jWTParser BAD_PRACTICE SE_BAD_FIELD Non disponible Medium