feat: BCFIPS support (sub-part 01) (#5767)

* feat (jans-auth-server): bc-fips build has been added;

* feat (jans-bom): bc-fips modules have been added;

* feat (jans-config-api): bc-fips build has been added;

* feat (jans-config-api, jans-eleven, jans-fido2, jans-scim): bc-fips build has been added;
feat (jans-auth-server): client without provider dependencies (for bc-fips launching) has been added;

* feat (jans-link): bc-fips build has been added;

* feat: version has been updated: 1.0.16-SNAPSHOT -> 1.0.17-SNAPSHOT;

jans-auth-server/client/pom.xml

@@ -84,28 +84,80 @@
 				<artifactId>maven-source-plugin</artifactId>
 			</plugin>
 			<plugin>
-				<artifactId>maven-assembly-plugin</artifactId>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-shade-plugin</artifactId>
+				<version>3.4.1</version>
+				<configuration>
+					<shadedArtifactAttached>true</shadedArtifactAttached>
+					<shadedClassifierName>external</shadedClassifierName>
+					<createDependencyReducedPom>false</createDependencyReducedPom>
+					<createSourcesJar>false</createSourcesJar>
+				</configuration>
 				<executions>
 					<execution>
+						<id>uber-jar-with-all-dependencies</id>
 						<phase>package</phase>
 						<goals>
-							<goal>single</goal>
+							<goal>shade</goal>
 						</goals>
+						<configuration>
+							<finalName>jans-auth-client-jar-with-dependencies</finalName>
+							<shadedArtifactId>jans-auth-client-jar-with-dependencies</shadedArtifactId>
+							<transformers>
+								<transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
+									<manifestEntries>
+										<mainClass>io.jans.as.client.util.KeyGenerator</mainClass>
+									</manifestEntries>
+								</transformer>
+							</transformers>
+							<filters>
+								<filter>
+									<artifact>*:*</artifact>
+									<excludes>
+										<exclude>META-INF/*.SF</exclude>
+										<exclude>META-INF/*.DSA</exclude>
+										<exclude>META-INF/*.RSA</exclude>
+										<exclude>META-INF/LICENSE</exclude>
+									</excludes>
+								</filter>
+							</filters>
+						</configuration>
+					</execution>
+					<execution>
+						<id>uber-jar-without-crypto-provider</id>
+						<phase>package</phase>
+						<goals>
+							<goal>shade</goal>
+						</goals>
+						<configuration>
+							<finalName>jans-auth-client-jar-without-provider-dependencies</finalName>
+							<shadedArtifactId>jans-auth-client-jar-without-provider-dependencies</shadedArtifactId>
+							<artifactSet>
+								<excludes>
+									<exclude>org.bouncycastle:*</exclude>
+								</excludes>
+							</artifactSet>
+							<transformers>
+								<transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
+									<manifestEntries>
+										<mainClass>io.jans.as.client.util.KeyGenerator</mainClass>
+									</manifestEntries>
+								</transformer>
+							</transformers>
+							<filters>
+								<filter>
+									<artifact>*:*</artifact>
+									<excludes>
+										<exclude>META-INF/*.SF</exclude>
+										<exclude>META-INF/*.DSA</exclude>
+										<exclude>META-INF/*.RSA</exclude>
+										<exclude>META-INF/LICENSE</exclude>
+									</excludes>
+								</filter>
+							</filters>
+						</configuration>
 					</execution>
 				</executions>
-				<configuration>
-					<descriptorRefs>
-						<descriptorRef>jar-with-dependencies</descriptorRef>
-					</descriptorRefs>
-					<archive>
-						<manifest>
-							<mainClass>io.jans.as.client.util.KeyGenerator</mainClass>
-						</manifest>
-                        <manifestEntries>
-                            <Multi-Release>true</Multi-Release>
-                        </manifestEntries>
-					</archive>
-				</configuration>
 			</plugin>
 		</plugins>
 	</build>

jans-auth-server/pom.xml

@@ -116,6 +116,7 @@
         <module>agama/engine</module>
         <module>agama/inboundID</module>
         <module>server</module>
+        <module>server-fips</module>
     </modules>
 
 	<dependencyManagement>
@@ -531,6 +532,11 @@
 					<artifactId>buildnumber-maven-plugin</artifactId>
 					<version>3.0.0</version>
 				</plugin>
+				<plugin>
+					<groupId>org.apache.maven.plugins</groupId>
+					<artifactId>maven-antrun-plugin</artifactId>
+					<version>3.1.0</version>
+				</plugin>
 			</plugins>
 		</pluginManagement>
 	</build>

jans-auth-server/server-fips/pom.xml

@@ -0,0 +1,160 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+	<modelVersion>4.0.0</modelVersion>
+	<artifactId>jans-auth-server-fips</artifactId>
+	<name>Jans authentication server (FIPS)</name>
+	<packaging>war</packaging>
+
+	<parent>
+		<groupId>io.jans</groupId>
+		<artifactId>jans-auth-server-parent</artifactId>
+		<version>1.0.16-SNAPSHOT</version>
+	</parent>
+
+	<prerequisites>
+		<maven>${maven.min-version}</maven>
+	</prerequisites>
+
+	<build>
+		<finalName>${project.artifactId}</finalName>
+
+		<resources>
+			<resource>
+				<directory>${project.basedir}/../server/src/main/resources</directory>
+				<filtering>true</filtering>
+				<includes>
+					<include>**/*.xml</include>
+					<include>**/*.properties</include>
+					<include>META-INF/services/*.*</include>
+				</includes>
+			</resource>
+		</resources>
+
+		<testResources>
+			<testResource>
+				<directory>${project.basedir}/../server/src/main/webapp</directory>
+				<includes>
+					<include>WEB-INF/**</include>
+				</includes>
+				<filtering>true</filtering>
+			</testResource>
+			<testResource>
+				<directory>src/test/resources</directory>
+				<filtering>true</filtering>
+			</testResource>
+		</testResources>
+
+		<plugins>
+
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-antrun-plugin</artifactId>
+				<executions>
+					<execution>
+						<id>build-oxauth-fips-war</id>
+						<phase>process-sources</phase>
+						<configuration>
+							<target>
+								<property name="server.webapp.dir" value="${project.basedir}/../server/target/jans-auth-server" />
+								<property name="dest.webapp.dir" value="${project.build.directory}/${project.artifactId}" />
+								<delete dir="${dest.webapp.dir}" />
+								<mkdir dir="${dest.webapp.dir}" />
+								<copy todir="${dest.webapp.dir}" preservelastmodified="true" overwrite="true">
+									<fileset dir="${server.webapp.dir}" includes="**/*" />
+								</copy>
+							</target>
+						</configuration>
+						<goals>
+							<goal>run</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-war-plugin</artifactId>
+				<configuration>
+					<failOnMissingWebXml>false</failOnMissingWebXml>
+					<outdatedCheckPath>tmp</outdatedCheckPath>
+					<archive>
+						<manifest>
+							<addDefaultImplementationEntries>true</addDefaultImplementationEntries>
+						</manifest>
+						<manifestEntries>
+							<Implementation-Build>${buildNumber}</Implementation-Build>
+						</manifestEntries>
+					</archive>
+					<packagingExcludes>
+						WEB-INF/lib/bcpkix-jdk15on-*.jar,
+						WEB-INF/lib/bcprov-jdk15on-*.jar,
+						WEB-INF/lib/bcutil-jdk15on-*.jar,
+						WEB-INF/lib/bcmail-jdk15on-*.jar
+					</packagingExcludes>
+				</configuration>
+			</plugin>
+
+			<!-- Build number plugin -->
+			<plugin>
+				<groupId>org.codehaus.mojo</groupId>
+				<artifactId>buildnumber-maven-plugin</artifactId>
+				<executions>
+					<execution>
+						<phase>validate</phase>
+						<goals>
+							<goal>create</goal>
+						</goals>
+					</execution>
+				</executions>
+				<configuration>
+					<doCheck>false</doCheck>
+					<doUpdate>false</doUpdate>
+				</configuration>
+			</plugin>
+
+			<plugin>
+				<groupId>pl.project13.maven</groupId>
+				<artifactId>git-commit-id-plugin</artifactId>
+				<executions>
+					<execution>
+						<id>get-the-git-infos</id>
+						<goals>
+							<goal>revision</goal>
+						</goals>
+					</execution>
+				</executions>
+				<configuration>
+					<generateGitPropertiesFile>true</generateGitPropertiesFile>
+					<failOnNoGitDirectory>false</failOnNoGitDirectory>
+				</configuration>
+			</plugin>
+
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-surefire-plugin</artifactId>
+				<configuration>
+					<skipTests>true</skipTests>
+				</configuration>
+			</plugin>
+		</plugins>
+
+	</build>
+
+	<dependencies>
+		<!-- Bouncycastle Fips -->
+		<dependency>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bc-fips</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bcpkix-fips</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bcmail-fips</artifactId>
+		</dependency>
+	</dependencies>
+
+</project>

jans-bom/pom.xml

@@ -284,6 +284,21 @@
 				<artifactId>bcmail-jdk15on</artifactId>
 				<version>${bc.version}</version>
 			</dependency>
+			<dependency>
+				<groupId>org.bouncycastle</groupId>
+				<artifactId>bc-fips</artifactId>
+				<version>1.0.2.3</version>
+			</dependency>
+			<dependency>
+				<groupId>org.bouncycastle</groupId>
+				<artifactId>bcpkix-fips</artifactId>
+				<version>1.0.6</version>
+			</dependency>
+			<dependency>
+				<groupId>org.bouncycastle</groupId>
+				<artifactId>bcmail-fips</artifactId>
+				<version>1.0.4</version>
+			</dependency>
 			<dependency>
 				<groupId>com.nimbusds</groupId>
 				<artifactId>nimbus-jose-jwt</artifactId>

jans-config-api/pom.xml

@@ -65,6 +65,7 @@
 		<module>common</module>
 		<module>shared</module>
 		<module>server</module>
+		<module>server-fips</module>
 		<module>plugins</module>
 	</modules>
 
@@ -599,6 +600,11 @@
 					<artifactId>buildnumber-maven-plugin</artifactId>
 					<version>3.0.0</version>
 				</plugin>
+				<plugin>
+					<groupId>org.apache.maven.plugins</groupId>
+					<artifactId>maven-antrun-plugin</artifactId>
+					<version>3.1.0</version>
+				</plugin>
 			</plugins>
 
 		</pluginManagement>