Hash escape hatch password in configuration - fix CVE-2023-50770

[michael-doubez]

Store hashed password with salt in configuration to avoid recoverable format (see SECURITY-3168 / CVE-2023-50770).
The hashing uses BCrypt as indicated in SECURITY-3168.

Resolve open vulnerability as requested in #259.

Testing done

Testing of in unit test for JasC configuration. Secret migration perfomed by hand by checking the configuration has changed after reload.

Submitter checklist

Preview Give feedback

1. Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
2. Ensure that the pull request title represents the desired changelog entry
3. Please describe what you did
4. Link to relevant issues in GitHub or Jira
5. Link to relevant pull requests, esp. upstream and downstream changes
6. Ensure you have provided tests - that demonstrates feature works or fixes the issue

[codecov]

Codecov Report

Attention: Patch coverage is 76.92308% with 3 lines in your changes are missing coverage. Please review.

Project coverage is 72.77%. Comparing base (22331f0) to head (76b0260).
Report is 8 commits behind head on master.

Files	Patch %	Lines
...va/org/jenkinsci/plugins/oic/OicSecurityRealm.java	76.92%	2 Missing and 1 partial ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##             master     #287      +/-   ##
============================================
+ Coverage     71.90%   72.77%   +0.86%     
+ Complexity      194      189       -5     
============================================
  Files             9        9              
  Lines           744      753       +9     
  Branches        124      116       -8     
============================================
+ Hits            535      548      +13     
+ Misses          150      146       -4     
  Partials         59       59              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.