[WFCORE-6755] Move the org.wildfly.security:wildfly-elytron-dynamic-s…

…sl artifact into its own module

core-feature-pack/common/src/main/resources/modules/system/layers/base/org/wildfly/security/elytron-base/main/module.xml

@@ -34,7 +34,6 @@
         <artifact name="${org.wildfly.security:wildfly-elytron-credential-source-impl}"/>
         <artifact name="${org.wildfly.security:wildfly-elytron-credential-store}"/>
         <artifact name="${org.wildfly.security:wildfly-elytron-digest}"/>
-        <artifact name="${org.wildfly.security:wildfly-elytron-dynamic-ssl}"/>
         <artifact name="${org.wildfly.security:wildfly-elytron-encryption}"/>
         <artifact name="${org.wildfly.security:wildfly-elytron-http}"/>
         <artifact name="${org.wildfly.security:wildfly-elytron-http-basic}"/>
@@ -112,5 +111,6 @@
         modules use the parser, they need to have visibility to this module.
         -->
         <module name="org.wildfly.client.config" export="true"/>
+        <module name="org.wildfly.security.elytron-dynamic-ssl" export="true" optional="true"/>
     </dependencies>
 </module>

core-feature-pack/common/src/main/resources/modules/system/layers/base/org/wildfly/security/elytron-dynamic-ssl/main/module.xml

@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+  ~ Copyright The WildFly Authors
+  ~ SPDX-License-Identifier: Apache-2.0
+  -->
+<module xmlns="urn:jboss:module:1.9" name="org.wildfly.security.elytron-dynamic-ssl">
+
+    <properties>
+        <property name="jboss.api" value="private"/>
+        <property name="jboss.stability" value="community"/>
+    </properties>
+
+    <resources>
+        <artifact name="${org.wildfly.security:wildfly-elytron-dynamic-ssl}"/>
+    </resources>
+
+    <dependencies>
+        <module name="java.logging"/>
+        <module name="org.jboss.logging" />
+        <module name="org.jboss.logmanager" />
+        <module name="org.wildfly.security.elytron-base"/>
+        <module name="org.wildfly.common"/>
+        <module name="org.wildfly.client.config"/>
+    </dependencies>
+</module>

elytron/src/main/java/org/wildfly/extension/elytron/DynamicSSLContextHelper.java

@@ -0,0 +1,34 @@
+/*
+ * Copyright The WildFly Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.wildfly.extension.elytron;
+
+import org.wildfly.security.auth.client.AuthenticationContext;
+import org.wildfly.security.dynamic.ssl.DynamicSSLContext;
+import org.wildfly.security.dynamic.ssl.DynamicSSLContextImpl;
+import org.wildfly.security.dynamic.ssl.DynamicSSLContextException;
+
+import javax.net.ssl.SSLContext;
+import java.security.GeneralSecurityException;
+import static org.wildfly.extension.elytron._private.ElytronSubsystemMessages.ROOT_LOGGER;
+
+/**
+ * Helper class for obtaining an instance of DynamicSSLContext created from the provided AuthenticationContext
+ */
+class DynamicSSLContextHelper {
+
+    /**
+     * Get DynamicSSLContext instance from the provided authentication context
+     * @param authenticationContext authentication context to use with the DynamicSSLContext
+     * @return DynamicSSLContext instance
+     */
+    static SSLContext getDynamicSSLContextInstance(AuthenticationContext authenticationContext) {
+        try {
+            return new DynamicSSLContext(new DynamicSSLContextImpl(authenticationContext));
+        } catch (DynamicSSLContextException |  GeneralSecurityException e) {
+            throw ROOT_LOGGER.unableToObtainDynamicSSLContext();
+        }
+    }
+}

elytron/src/main/java/org/wildfly/extension/elytron/ElytronDefinition.java

@@ -363,7 +363,7 @@ protected void revertUpdateToRuntime(OperationContext context, ModelNode operati
 
     @Override
     public void registerAdditionalRuntimePackages(ManagementResourceRegistration resourceRegistration) {
-        resourceRegistration.registerAdditionalRuntimePackages(RuntimePackageDependency.required("org.wildfly.security.elytron"));
+        resourceRegistration.registerAdditionalRuntimePackages(RuntimePackageDependency.required("org.wildfly.security.elytron"), RuntimePackageDependency.required("org.wildfly.security.elytron-dynamic-ssl"));
     }
 
     @Deprecated

elytron/src/main/java/org/wildfly/extension/elytron/SSLDefinitions.java

@@ -116,15 +116,12 @@
 import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;
 import org.wildfly.extension.elytron.capabilities.PrincipalTransformer;
 import org.wildfly.security.auth.client.AuthenticationContext;
-import org.wildfly.security.dynamic.ssl.DynamicSSLContextImpl;
 import org.wildfly.security.auth.server.MechanismConfiguration;
 import org.wildfly.security.auth.server.MechanismConfigurationSelector;
 import org.wildfly.security.auth.server.RealmMapper;
 import org.wildfly.security.auth.server.SecurityDomain;
 import org.wildfly.security.credential.PasswordCredential;
 import org.wildfly.security.credential.source.CredentialSource;
-import org.wildfly.security.dynamic.ssl.DynamicSSLContext;
-import org.wildfly.security.dynamic.ssl.DynamicSSLContextException;
 import org.wildfly.security.keystore.AliasFilter;
 import org.wildfly.security.keystore.FilteringKeyStore;
 import org.wildfly.security.password.interfaces.ClearPassword;
@@ -1542,13 +1539,7 @@ protected ValueSupplier<SSLContext> getValueSupplier(ServiceBuilder<SSLContext>
                 ServiceName acServiceName = context.getCapabilityServiceName(authenticationContextCapability, AuthenticationContext.class);
                 Supplier<AuthenticationContext> authenticationContextSupplier = serviceBuilder.requires(acServiceName);
 
-                return () -> {
-                    try {
-                        return new DynamicSSLContext(new DynamicSSLContextImpl(authenticationContextSupplier.get()));
-                    } catch (DynamicSSLContextException | GeneralSecurityException e) {
-                        throw new RuntimeException(e);
-                    }
-                };
+                return () -> DynamicSSLContextHelper.getDynamicSSLContextInstance(authenticationContextSupplier.get());
             }
 
             @Override

elytron/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java

@@ -723,6 +723,8 @@ public interface ElytronSubsystemMessages extends BasicLogger {
             "use Elytron Tool command `filesystem-realm-encrypt`")
     OperationFailedException addSecretKeyToInitializedFilesystemRealm();
 
+    @Message(id = 1221, value = "Unable to obtain DynamicSSLContext from the provided authentication context")
+    RuntimeException unableToObtainDynamicSSLContext();
     /*
      * Don't just add new errors to the end of the file, there may be an appropriate section above for the resource.
      *