Add certificate-mgt component to manage trusted certificates in IAM

[ashanthamara]

Proposed changes in this pull request

This PR will add the certificate-mgt component which will act as a central component for certificate handling.
Resolves: wso2/product-is#21377

Changes:

1. Added new column(UUID) to the IDN_CERTIFICATE table.

CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE (
            ID INTEGER NOT NULL AUTO_INCREMENT,
            UUID CHAR(36) NOT NULL,
            NAME VARCHAR(100),
            CERTIFICATE_IN_PEM BLOB,
            TENANT_ID INTEGER DEFAULT 0,
            PRIMARY KEY(ID),
            CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)
);

2. Add a new CertificateManagementService for the certificate related operations
3. Currently the in the SP_META_DATA table it uses the Integer ID of the IDN_CERTIFICATE table entry to have the certificate reference. Hence implemented methods to perform operations with the integer id in order to preserve previous behaviour. But made them deprecated since we are recommending the operations with the UUID.
   Hence added a separate service(ApplicationCertificateManagementService) and DAO(ApplicationCertificateManagementDAO) for the deprecated methods for more clarity.
4. Not adding audit logs since this will not be consumed as a first class component yet and only used by other components for their sub operations.

[codecov]

Codecov Report

Attention: Patch coverage is 87.11944% with 55 lines in your changes missing coverage. Please review.

Project coverage is 40.64%. Comparing base (9501a31) to head (a44e16c).
Report is 102 commits behind head on master.

Files with missing lines	Patch %	Lines
...ement/internal/CertificateMgtServiceComponent.java	0.00%	20 Missing ⚠️
.../impl/ApplicationCertificateManagementDAOImpl.java	85.85%	13 Missing and 1 partial ⚠️
...agement/dao/impl/CertificateManagementDAOImpl.java	89.33%	7 Missing and 1 partial ⚠️
...tificate/management/util/CertificateValidator.java	77.27%	5 Missing ⚠️
...ficate/management/cache/CertificateCacheEntry.java	66.66%	2 Missing ⚠️
...ficate/management/cache/CertificateIdCacheKey.java	75.00%	1 Missing and 1 partial ⚠️
...service/impl/CertificateManagementServiceImpl.java	94.44%	2 Missing ⚠️
...l/ApplicationCertificateManagementServiceImpl.java	97.72%	1 Missing ⚠️
...anagement/util/CertificateMgtExceptionHandler.java	87.50%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##             master    #6043      +/-   ##
============================================
+ Coverage     40.07%   40.64%   +0.57%     
- Complexity    14324    14459     +135     
============================================
  Files          1746     1763      +17     
  Lines        118531   117790     -741     
  Branches      20474    19084    -1390     
============================================
+ Hits          47501    47881     +380     
+ Misses        63727    62618    -1109     
+ Partials       7303     7291      -12     

Flag	Coverage Δ
unit	24.85% <87.11%> (+0.37%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[sonarqubecloud]

Quality Gate passed

Issues
37 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
1.0% Duplication on New Code

See analysis details on SonarCloud

[madurangasiriwardena]

Why do we add a new class as deprecated?

[ashanthamara]

To facilitate certificate management within the application-mgt component, a new certificate-mgt central component has been introduced. This design ensures that only the certificate-mgt component accesses the IDN_CERTIFICATE table, as discussed with @malithie , @darshanasbg , and @omindu. Separate classes were added for operations using integer IDs to avoid immediate data migration for existing entries in both the IDN_CERTIFICATE and SP_META_DATA tables (where certificate IDs are referenced).

These new classes have also been marked as deprecated to streamline their removal in the future. Additionally, there is a requirement to provide a REST API for certificate management where it gives a broader context to decide on the migration approach, allowing the deprecated classes to be phased out without doing data migration at this stage.