Make keypair format configurable

[patrickpichler]

This PR solves #4 by extending the credentials page with a combobox to select the desired algorithm to create the key pair.

The base functionality is implemented and I now want to get some feedback from the maintainers. Tests are currently missing and the existing tests still need some adaption.

It is now possible to choose between six different algorithms used for the keypair. Three of those are RSA based and the other three EC. I found no easy way to recreate the public key from the private EC key (I'm no expert on that matter, so if there is an easy way I missed in my research, please let me know :slightly_smiling_face: ), hence I introduced a new container object to store both private and public key as Jenkins secrets. The previous private key secret is still around in order to ensure backwards compatibility for java object serialization, but it is now marked transient.

As a base for creating key pairs for the different types, I leverage jjwt, since it already provides a nice enum (SignatureAlgorithm) wrapping this functionality.

• [x] Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
• [x] Ensure that the pull request title represents the desired changelog entry
• [x] Please describe what you did
• [x] Link to relevant issues in GitHub or Jira
• [ ] Link to relevant pull requests, esp. upstream and downstream changes
• [x] Ensure you have provided tests - that demonstrates feature works or fixes the issue

[patrickpichler]

@jglick I've now also added some tests :slightly_smiling_face:

[patrickpichler]

@jglick I think the PR is ready yet, could you have another look? :slightly_smiling_face: I would then proceed to make the git history nice and squash everything into a single commit :sweat_smile:

[jglick]

@patrickpichler do you still plan to work on this?

[patrickpichler]

Yes, I am still planning to implement this, but I need to first take a look at the changes in master.

[patrickpichler]

@jglick I've updated the branch. I am not 100% sure how I would go ahead and update all secrets once the global plugin config is updated though :thinking: Do you have an idea? https://github.com/jenkinsci/oidc-provider-plugin/pull/17/files#diff-8dfaabe0385e0b0a1de720d3227c8c8d0fdfd57d2f95426d2ea3eccc31984958R147

[jglick]

Just delete IdTokenCredentials.algorithm and retrieve the algorithm from global settings on demand. Then there is nothing to update.

[patrickpichler]

There is, as a update to the global algorithm should probably recreate the keypair used (if the algorithm changed). Otherwise the existing keypairs are out of sync with the global config .

[jglick]

Pending #3 you can simply resave existing credentials at any time.

[patrickpichler]

I've implemented the update version. Do you know of a better way of doing this? @jglick