Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[VAS]:bug-11607: remove sanitize check on provider dtos #1459

Merged
merged 1 commit into from
Sep 12, 2023
Merged

[VAS]:bug-11607: remove sanitize check on provider dtos #1459

merged 1 commit into from
Sep 12, 2023

Conversation

bbenaissa
Copy link
Collaborator

@bbenaissa bbenaissa commented Sep 11, 2023
edited
Loading

Description

L'objectif de cette PR est de supprimer un sanity check ajouté à tort dans la création des providers.

Contributeur

VAS (Vitam Accessible en Service)

@bbenaissa bbenaissa self-assigned this Sep 11, 2023
@bbenaissa bbenaissa added bug Something isn't working small pr embarquant peu de changements et à review rapide, ne nécessitant qu'un reviewer VAS VAS contribution labels Sep 11, 2023
@bbenaissa bbenaissa added this to the IT 124 milestone Sep 11, 2023
@vitam-devops
Copy link
Collaborator

Logo
Checkmarx One – Scan Summary & Details156b4fec-8e32-4980-bbef-d9b6218e1176

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 162 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 115 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 161 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 114 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 98 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 116 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 162 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 99 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 161 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 98 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 162 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/IdentityProviderInternalController.java: 99 Attack Vector

Fixed Issues

Severity Issue Source File / Package
HIGH Missing User Instruction /Dockerfile: 10
HIGH Missing User Instruction /Dockerfile: 10
HIGH Missing User Instruction /Dockerfile: 11
HIGH Missing User Instruction /Dockerfile: 10
HIGH No New Privileges Not Set /vitam-recette.yml: 54
HIGH No New Privileges Not Set /vitam-dev.yml: 19
HIGH No New Privileges Not Set /vitam-recette.yml: 17
HIGH No New Privileges Not Set /docker-compose.yml: 10
HIGH Passwords And Secrets - Generic Password /application.yml: 40
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 21
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 62
HIGH Passwords And Secrets - Generic Password /application.yml: 77
HIGH Passwords And Secrets - Generic Password /application.yml: 27
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 128
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 77
HIGH Passwords And Secrets - Generic Password /application.yml: 33
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 62
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 46
HIGH Passwords And Secrets - Generic Password /application.yml: 47
HIGH Passwords And Secrets - Generic Password /cas-server-application-recette.yml: 37
HIGH Passwords And Secrets - Generic Password /cas-server-application-recette.yml: 33
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 119
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 64
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 32
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 23
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 78
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 48
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 57
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 71
HIGH Passwords And Secrets - Generic Password /cas-server-application-recette.yml: 101
HIGH Passwords And Secrets - Generic Password /cas-server-application-dev.yml: 14
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 115
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 59
HIGH Passwords And Secrets - Generic Password /application.yml: 40
HIGH Passwords And Secrets - Generic Password /application.yml: 76
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 22
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 75
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 141
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 91
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 132
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 74
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 52
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 91
HIGH Passwords And Secrets - Generic Password /cas-server-application-recette.yml: 13
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 33
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 30
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 101
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 52
HIGH Passwords And Secrets - Generic Password /logstash.yml: 238
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 35
HIGH Passwords And Secrets - Generic Password /application.yml: 75
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 62
HIGH Passwords And Secrets - Generic Password /application.yml: 42
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 99
HIGH Passwords And Secrets - Generic Password /application-integration.yml: 50
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 49
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 30
HIGH Passwords And Secrets - Generic Password /application.yml: 75
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 58
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 91
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 72
HIGH Passwords And Secrets - Generic Password /application.yml: 31
HIGH Passwords And Secrets - Generic Password /application.yml: 40
HIGH Passwords And Secrets - Generic Password /application.yml: 76
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 149
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 131
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 12
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 32
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 66
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 80
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 34
HIGH Passwords And Secrets - Generic Password /application.yml: 57
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 21
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 25
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 50
HIGH Passwords And Secrets - Generic Password /application.yml: 44
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 75
HIGH Passwords And Secrets - Generic Password /cas-server-application-dev.yml: 110
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 60
HIGH Passwords And Secrets - Generic Password /application.yml: 31
HIGH Passwords And Secrets - Generic Password /logstash.yml: 227
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 40
HIGH Passwords And Secrets - Generic Password /application.yml: 53
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 104
HIGH Passwords And Secrets - Generic Password /logstash.yml: 221
HIGH Passwords And Secrets - Generic Password /application.yml: 27
HIGH Passwords And Secrets - Generic Password /application.yml: 77
HIGH Passwords And Secrets - Generic Password /application.yml: 57
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 91
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 36
HIGH Passwords And Secrets - Generic Password /cas-server-application-recette.yml: 14
HIGH Passwords And Secrets - Generic Password /application.yml: 30
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 31
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 46
HIGH Passwords And Secrets - Generic Password /application.yml: 85
HIGH Passwords And Secrets - Generic Password /application.yml: 40
HIGH Passwords And Secrets - Generic Password /application.yml: 42
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 68
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 35
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 54
HIGH Passwords And Secrets - Generic Password /application.yml: 39
HIGH Passwords And Secrets - Generic Password /logstash.yml: 225
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 33
HIGH Passwords And Secrets - Generic Password /application.yml: 30
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 22
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 71
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 32
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 23
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 27
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 20
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 108
HIGH Passwords And Secrets - Generic Password /application.yml: 95
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 87
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 31
HIGH Passwords And Secrets - Generic Password /application.yml: 97
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 36
HIGH Passwords And Secrets - Generic Password /application.yml: 31
HIGH Passwords And Secrets - Generic Password /application.yml: 76
HIGH Passwords And Secrets - Generic Password /logstash.yml: 244
HIGH Passwords And Secrets - Generic Password /cas-server-application-dev.yml: 41
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 22
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 24
HIGH Passwords And Secrets - Generic Password /application.yml: 44
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 21
HIGH Passwords And Secrets - Generic Password /application.yml: 53
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 105
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 38
HIGH Passwords And Secrets - Generic Password /application.yml: 51
HIGH Passwords And Secrets - Generic Password /application.yml: 27
HIGH Passwords And Secrets - Generic Password /application.yml: 28
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 19
HIGH Passwords And Secrets - Generic Password /application.yml: 37
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 29
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 64
HIGH Passwords And Secrets - Generic Password /application.yml: 27
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 96
HIGH Passwords And Secrets - Generic Password /application.yml: 39
HIGH Passwords And Secrets - Generic Password /application.yml: 54
HIGH Passwords And Secrets - Generic Password /application.yml: 74
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 22
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 22
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 47
HIGH Passwords And Secrets - Generic Password /application.yml: 81
HIGH Passwords And Secrets - Generic Password /application.yml: 44
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 129
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 55
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 113
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 114
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 52
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 87
HIGH Passwords And Secrets - Generic Password /cas-server-application-dev.yml: 13
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 118
HIGH Passwords And Secrets - Generic Password /application.yml: 29
HIGH Passwords And Secrets - Generic Password /cas-server-application-dev.yml: 45
HIGH Passwords And Secrets - Generic Password /application.yml: 65
HIGH Passwords And Secrets - Generic Password /application.yml: 46
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 89
HIGH Passwords And Secrets - Generic Password /application-integration.yml: 66
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 23
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 47
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 26
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 41
HIGH Passwords And Secrets - Generic Password

More results are available on AST platform

@GiooDev GiooDev merged commit dd16dff into develop Sep 12, 2023
@GiooDev GiooDev deleted the bug/vas-11607-fix-saml-provider-creation-bug-v7 branch September 12, 2023 13:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Regzox Regzox Regzox approved these changes

@laedanrex laedanrex laedanrex approved these changes

@abdelmoez-guetat abdelmoez-guetat Awaiting requested review from abdelmoez-guetat

Assignees

@bbenaissa bbenaissa

Labels
bug Something isn't working small pr embarquant peu de changements et à review rapide, ne nécessitant qu'un reviewer VAS VAS contribution
Projects
None yet
Milestone
IT 124
Development

Successfully merging this pull request may close these issues.
5 participants
@bbenaissa @vitam-devops @laedanrex @Regzox @GiooDev