[WFCORE-6243] Upgrade WildFly Elytron to 2.1.0.Final

[fjuma]

https://issues.redhat.com/browse/WFCORE-6243

This PR also includes the changes from #5386 since this is needed to build successfully with Elytron 2.1.0.Final. See https://issues.redhat.com/browse/WFCORE-6239 for more details.

    Release Notes - WildFly Elytron - Version 2.1.0.Final

Sub-task

• [ELY-317] - OneTimePassword transformer

Bug

• [ELY-2313] - Update the OIDC tests to use the 19.0.1 version of quay.io/keycloak/keycloak
• [ELY-2383] - KeyStoreCredentialStoreTest fails in Windows without adminstrator privileges
• [ELY-2468] - Update getRealmIdentity so that it attempts to convert the given Principal to NamePrincipal if necessary
• [ELY-2469] - Update deprecated assertThat method in JACC and credential store test cases
• [ELY-2478] - WildFlyElytronClientDefaultSSLContextProvider configure method does not use constants
• [ELY-2502] - SASL authentication configured by the security command denies CLI connection

Task

• [ELY-2179] - Add logging to AggregateSecurityRealm
• [ELY-2182] - LogManager warning when using the credential-store command
• [ELY-2255] - Upgrade net.minidev:json-smart to 2.4.7
• [ELY-2317] - Add a test case for static registration of WildFlyElytronClientDefaultSSLContextProvider
• [ELY-2327] - Add gitleaks.toml file with allowlist
• [ELY-2366] - Add the missing @deprecated Javadoc tag to ElytronAuthenticator
• [ELY-2367] - DefaultSSLContextFromFileWorksAndHasPrecedenceTest, DefaultSSLContextProviderProgrammaticConfigurationTest.java has expected and actual value swaped
• [ELY-2368] - Add Override annotations to AggregateSecurityRealm
• [ELY-2369] - Add Override annotations to in DERDecoder
• [ELY-2370] - Move appropriate methods to the JaasRealmIdentity class from JaasSecurityRealm class
• [ELY-2382] - Update message description so no it no longer uses problematic language
• [ELY-2385] - RawSecretKeyFactoryTest uses deprecated Assert.assertThat method
• [ELY-2389] - Consistent expression resolution with WildFly
• [ELY-2392] - Fix invalid tags on the Elytron Blogs page
• [ELY-2395] - Add missing ranges for wildfly-elytron-auth-server to ELY_Messages.txt
• [ELY-2396] - Update string to int conversion in ModularCrypt
• [ELY-2397] - Update three test cases in DEREncoderTestCase to use a common helper method
• [ELY-2398] - Fix FileSystemEncryptRealmCommand.java so it uses logical OR instead of bitwise OR
• [ELY-2399] - Remove invalid assertion from SaslServerBuilder#setPlainText
• [ELY-2400] - Remove temporary variable assignment in Builder#addRealm
• [ELY-2401] - Make ENV_BINARY_ATTRIBUTES variable static
• [ELY-2402] - Make the NO_FILTER variable static
• [ELY-2403] - Declare "next" on a separate line in DERDecoder#decodeBitStringAsString
• [ELY-2404] - Update WildFlyElytronClientDefaultSSLContextProvider to use constants for the "SSLContext" and "Default" strings
• [ELY-2405] - Use already defined constant X509_FORMAT instead of duplicating its value in FileSystemSecurityRealm#parseCertificate
• [ELY-2406] - The error and status fields for the HttpFailure class should be declared as final
• [ELY-2407] - Use isEmpty method instead of size method in AcmeClientSpi
• [ELY-2408] - Redundant static qualifier in HttpClientBuilder
• [ELY-2409] - Redundant static qualifier in AuthenticationError
• [ELY-2410] - Remove unnecessary null check in ServerAuthenticationContext
• [ELY-2411] - Add a test case to MappedRegexRealmMapperTest
• [ELY-2414] - Add additional constructor to BearerMechanismFactory
• [ELY-2419] - Update GeneralName to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2420] - Update MaskedPasswordImpl to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2421] - Update DigestPasswordImpl to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2422] - Update SaltedSimpleDigestPasswordImpl to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2423] - Update SimpleDigestPasswordImpl to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2424] - Update ScramDigestPasswordImpl to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2425] - Update SunUnixMD5CryptPasswordImpl to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2426] - Update UnixMD5CryptPassworldImpl to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2427] - Update EncryptablePasswordSpec to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2428] - Update ClearPasswordImpl to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2429] - Update RawClearPassword to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2430] - Update AbstractX509CertificateChainCredential to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2431] - Update X509EvidenceVerifier to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2432] - Update RawSaltedSimpleDigestPassword to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2433] - Update RawScramDigestPassword to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2434] - Update UnixSHACryptPasswordImpl to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2435] - Update RawDigestPassword to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2436] - Update HashPasswordSpec to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2437] - Update DigestPasswordSpec to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2438] - Update RawSimpleDigestPassword to make use of MessageDigest#isEqual to avoid a potential timing attack
• [ELY-2439] - Add a test class for RegexNameValidatingRewriter
• [ELY-2440] - Move JaasSecurityRealmTest and its test resources to the same module that JaasSecurityRealm resides in
• [ELY-2441] - Move the expected exception assertion from an annotation to the test body in DefaultSSLContextEmptyPathTest
• [ELY-2442] - Move the expected exception assertion from an annotation to the test body in DefaultSSLContextNonexistentConfigFileTest
• [ELY-2443] - Extract the assignment from the return statement in AuthenticationConfiguration#toString to make it more readable
• [ELY-2444] - Immediately return the value in SNISSLExplorer instead of assigning it to a temporary variable
• [ELY-2446] - Add a test class for RegexNameRewriter
• [ELY-2447] - Add missing throw in Oidc#sendJsonHttpRequest
• [ELY-2448] - Return false in OidcAccount#tryRefresh when securityContext is null
• [ELY-2449] - Remove unneeded null check in OidcCookieTokenStore#logout
• [ELY-2450] - Assign value to path in OidcCookieTokenStore#getContextPath
• [ELY-2451] - Correct a typo in ServerAuthenticationContext.
• [ELY-2453] - Small updates in RegexNameRewriterTest
• [ELY-2458] - Use already defined constant HttpConstants.DIGEST_NAME instead of hardcoding DIGEST multiple times in HttpAuthenticationFactory
• [ELY-2459] - Add Override annotation to DigestPassword#getParameterSpec
• [ELY-2460] - Add Override annotation to BCryptPassword#getParameterSpec
• [ELY-2461] - Add Override annotation to BSDUnixDESCryptPassword#getParameterSpec
• [ELY-2463] - Add Override annotation to OneTimePassword#getParameterSpec
• [ELY-2464] - RSAPublicJWK#setX509CertificateChain should throw its exception using ElytronMessages
• [ELY-2465] - JsonSerialization#createObjectNode should throw its exception using ElytronMessages
• [ELY-2466] - Replace Collections.EMPTY_MAP with Collections.emptyMap()
• [ELY-2467] - Update test cases in CipherSuiteSelectorTest to use a common helper method where appropriate
• [ELY-2470] - Extract the assignemt out of this expression
• [ELY-2471] - Make public static fields in Command class final
• [ELY-2472] - Add Override annotation to FileSystemSecurityRealm.Identity methods
• [ELY-2473] - Move method getEntry from KeyStoreBackedSecurityRealm to its inner class KeyStoreRealmIdentity
• [ELY-2474] - Remove unnecessary boolean literal in LegacyPropertiesSecurityRealm
• [ELY-2481] - Use assertNotEquals instead of using equals method in AcmeClientSpiTest
• [ELY-2482] - Update LICENSE.txt file
• [ELY-2483] - Add CODE_OF_CONDUCT.md
• [ELY-2484] - Add SECURITY.md file
• [ELY-2485] - Add a CODEOWNERS file to GitHub repository
• [ELY-2506] - Provide a utility method to create a SSLContext from a pem file
• [ELY-2509] - Move HttpAuthenticator#isAuthenticated method to AuthenticationExchange class
• [ELY-2520] - Fix system property resolution in JSON files

Release

• [ELY-2526] - Release WildFly Elytron 1.20.3.Final
• [ELY-2527] - Release WildFly Elytron 2.1.0.Final

Component Upgrade

• [ELY-2492] - Upgrade sshd-common from 2.7.0 to 2.9.2
• [ELY-2493] - Upgrade jackson-databind to 2.13.4 to address CVE-2022-42004
• [ELY-2505] - Upgrade xnio to 3.8.8.Final

[github-actions]

Dependency Tree Analyzer Output:

New Dependencies:

• org.wildfly.security:wildfly-elytron-ssh-util:jar:2.1.0.Final:compile

CC @wildfly/prod

[wildfly-ci]

Core -> Full Integration Build 12221 outcome was FAILURE using a merge of c856283
Summary: Tests failed: 1 (1 new), passed: 7244, ignored: 131 Build time: 03:48:07

Failed tests

org.jboss.as.test.multinode.ejb.timer.database.DatabaseTimerServiceMultiNodeExecutionDisabledTestCase.testEjbTimeoutOnOtherNode: java.lang.AssertionError: expected:<1> but was:<0>
	at org.jboss.as.test.multinode.ejb.timer.database.DatabaseTimerServiceMultiNodeExecutionDisabledTestCase.testEjbTimeoutOnOtherNode(DatabaseTimerServiceMultiNodeExecutionDisabledTestCase.java:202)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at jdk.internal.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at jdk.internal.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at jdk.internal.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at jdk.internal.reflect.GeneratedMethodAccessor7.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at jdk.internal.reflect.GeneratedMethodAccessor6.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at jdk.internal.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at jdk.internal.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at jdk.internal.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
------- Stdout: -------
 [0m19:23:06,407 INFO  [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-5) WFLYJCA0001: Bound data source [java:jboss/datasources/TimeDs_disabled]
 [0m [0m19:23:06,452 INFO  [org.jboss.as.repository] (management-handler-thread - 2) WFLYDR0001: Content added at location /opt/buildAgent/work/37b47ae8b9c60325/full/testsuite/integration/multinode/target/jbossas-multinode-client/standalone/data/content/d5/3b7786f52a9228ca932d7a6580da7048ffb87c/content
 [0m [0m19:23:06,455 INFO  [org.jboss.as.server.deployment] (MSC service thread 1-2) WFLYSRV0027: Starting deployment of "testTimerServiceSimple.war" (runtime-name: "testTimerServiceSimple.war")
 [0m [33m19:23:06,478 WARN  [org.jboss.as.ejb3] (MSC service thread 1-3) WFLYEJB0167: The <timer xmlns="urn:timer-service:1.0"/> element will be ignored.
 [0m [33m19:23:06,516 WARN  [org.jboss.as.dependency.private] (MSC service thread 1-1) WFLYSRV0018: Deployment "deployment.testTimerServiceSimple.war" is using a private module ("org.wildfly.security.manager") which may be changed or removed in future versions without notice.
 [0m [0m19:23:06,519 INFO  [org.jboss.weld.deployer] (MSC service thread 1-1) WFLYWELD0003: Processing weld deployment testTimerServiceSimple.war
 [0m [0m19:23:06,546 INFO  [org.jboss.as.ejb3.deployment] (MSC service thread 1-1) WFLYEJB0473: JNDI bindings for session bean named 'TimedObjectTimerServiceBean' in deployment unit 'deployment "testTimerServiceSimple.war"' are as follows:

	java:global/testTimerServiceSimple/TimedObjectTimerServiceBean!org.jboss.as.test.multinode.ejb.timer.database.RemoteTimedBean
	java:app/testTimerServiceSimple/TimedObjectTimerServiceBean!org.jboss.as.test.multinode.ejb.timer.database.RemoteTimedBean
	java:module/TimedObjectTimerServiceBean!org.jboss.as.test.multinode.ejb.timer.database.RemoteTimedBean
	java:jboss/exported/testTimerServiceSimple/TimedObjectTimerServiceBean!org.jboss.as.test.multinode.ejb.timer.database.RemoteTimedBean
	ejb:/testTimerServiceSimple/TimedObjectTimerServiceBean!org.jboss.as.test.multinode.ejb.timer.database.RemoteTimedBean
	java:global/testTimerServiceSimple/TimedObjectTimerServiceBean
	java:app/testTimerServiceSimple/TimedObjectTimerServiceBean
	java:module/TimedObjectTimerServiceBean

 [0m [33m19:23:06,578 WARN  [org.wildfly.extension.microprofile.opentracing] (MSC service thread 1-1) WFLYTRACEXT0012: No Jaeger endpoint or sender-binding configured. Installing a no-op sender
 [0m [0m19:23:06,580 INFO  [io.jaegertracing.internal.JaegerTracer] (MSC service thread 1-1) No shutdown hook registered: Please call close() manually on application shutdown.
 [0m [0m19:23:06,580 INFO  [org.wildfly.microprofile.opentracing.smallrye] (MSC service thread 1-1) WFLYTRAC0001: Tracer initialized: JaegerTracer(version=Java-1.6.0, serviceName=testTimerServiceSimple.war, reporter=RemoteReporter(sender=NoopSender(), closeEnqueueTimeout=1000), sampler=ConstSampler(decision=true, tags={sampler.type=const, sampler.param=true}), tags={hostname=build204-centos, jaeger.version=Java-1.6.0, ip=192.168.1.154}, zipkinSharedRpcSpan=false, expandExceptionLogs=false, useTraceId128Bit=false)