Carbon registry usage removal from the Keystore - Phase I

[mpmadhavig]

Describe

This issue will track the progress of the registry usage removal from the keystore functionality. The following will be the milestones of this effort.

Additional context Registry removal parent issue: Remove carbon registry usages in IS

Milestones:

Milestone 1:

• [x] New repository to maintain security-mgt components

  Move the keystore implementation from framework to an independent repo as the kernel will be depedending on the security-mgt component. (Hence the dependency should be removed.)

  • https://github.com/wso2/carbon-security-mgt/pull/3

Milestone 2:

• [x] Migrate security-mgt group id from framwork to its own in the dependent components.
  1. https://github.com/wso2-extensions/identity-metadata-saml2/pull/86
  2. https://github.com/wso2-extensions/identity-tool-samlsso-validator/pull/43
  3. https://github.com/wso2/carbon-multitenancy/pull/241
  4. https://github.com/wso2-extensions/identity-inbound-auth-saml/pull/401
  5. https://github.com/wso2-extensions/identity-inbound-auth-sts/pull/140
  6. https://github.com/wso2-extensions/identity-inbound-auth-oauth/pull/2137
  7. https://github.com/wso2-extensions/identity-user-account-association/pull/49
  8. https://github.com/wso2-extensions/identity-inbound-auth-openid/pull/95
  9. https://github.com/wso2/carbon-identity-framework/pull/4856
  10. https://github.com/wso2/identity-api-server/pull/477
  11. https://github.com/wso2/product-is/pull/16487

Milestone 3:

• [x] Introduce new table structure to store the keystore related data.

  • https://docs.google.com/document/d/1HhMJNde0I5zxM9drU4tI4yevEkitBxLj2xTU9fIko9s/edit?usp=sharing

• [ ] Create a DAO layer to access data.

  • https://github.com/wso2/carbon-identity-framework/pull/4895

  • https://github.com/wso2/carbon-kernel/pull/3659

  • https://github.com/wso2/carbon-multitenancy/pull/245

  • https://github.com/wso2-extensions/identity-inbound-auth-sts/pull/142

  • https://github.com/wso2-extensions/identity-inbound-auth-saml/pull/405

  • https://github.com/wso2/identity-api-server/pull/484

  • https://github.com/wso2-extensions/identity-metadata-saml2/pull/88

  • Identity-tool-samlsso-validator

    • https://github.com/wso2-extensions/identity-tool-samlsso-validator/pull/45

  • Inbound-openid

    • No changes. No use of keystore changes.

  • Identity-user-account-association

    • No changes. No use of keystore changes.

  • Identity-inbound-auth-oauth

    • No changes. No use of keystore changes.

Milestone 4:

• [ ] Change usages of old registry.
  • TODO: Link to the changes.

Milestone 5 (Optional):

• [ ] Create a caching layer.

Milestone 6:

• [ ] Add the feature to the product.

[mpmadhavig]

Update:

During the development phase, as we found a cyclic dependency between the security-mgt module and the kernel, the decision is taken to move the security-mgt module back to where is was. The keystore DAO layer related logic will be moved to kernel core to avoid the cyclic dependency.

The following set of PRs will revert changes did to move the security-mgt to the new repository.

1. https://github.com/wso2/carbon-identity-framework/pull/4887
2. https://github.com/wso2-extensions/identity-inbound-auth-sts/pull/141
3. https://github.com/wso2/carbon-multitenancy/pull/244
4. https://github.com/wso2-extensions/identity-inbound-auth-saml/pull/404
5. https://github.com/wso2-extensions/identity-inbound-auth-openid/pull/96
6. https://github.com/wso2-extensions/identity-user-account-association/pull/50
7. https://github.com/wso2-extensions/identity-inbound-auth-oauth/pull/2153
8. https://github.com/wso2-extensions/identity-tool-samlsso-validator/pull/44
9. https://github.com/wso2-extensions/identity-metadata-saml2/pull/87
10. https://github.com/wso2/identity-api-server/pull/481
11. https://github.com/wso2/product-is/pull/16563

[UdeshAthukorala]

This effort will be continued through the following task https://github.com/wso2/product-is/issues/21206