Return-Path: 
 <commits-return-41113-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id E01C119D03
	for <apmail-cxf-commits-archive@www.apache.org>;
 Mon, 14 Mar 2016 10:09:07 +0000 (UTC)
Received: (qmail 94451 invoked by uid 500); 14 Mar 2016 10:09:07 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 94395 invoked by uid 500); 14 Mar 2016 10:09:07 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 94386 invoked by uid 99); 14 Mar 2016 10:09:06 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 14 Mar 2016 10:09:06 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id D25A1DFBC9; Mon, 14 Mar 2016 10:09:06 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: sergeyb@apache.org
To: commits@cxf.apache.org
Message-Id: <be7cc7cf86794bca8daa69233d6172ba@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: cxf git commit: Updating Oidc key service to get the keys from the
 external web service if required
Date: Mon, 14 Mar 2016 10:09:06 +0000 (UTC)

Repository: cxf
Updated Branches:
  refs/heads/master 4b37844e9 -> a44eb903a


Updating Oidc key service to get the keys from the external web service if required


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a44eb903
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a44eb903
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a44eb903

Branch: refs/heads/master
Commit: a44eb903afab8df212b48cb543c9c363c24ebd35
Parents: 4b37844
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Mon Mar 14 10:08:48 2016 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Mon Mar 14 10:08:48 2016 +0000

----------------------------------------------------------------------
 .../rs/security/oidc/idp/OidcKeysService.java    | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/a44eb903/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcKeysService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcKeysService.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcKeysService.java
index e2c140d..d312f9d 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcKeysService.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcKeysService.java
@@ -24,6 +24,7 @@ import javax.ws.rs.GET;
 import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
 
+import org.apache.cxf.jaxrs.client.WebClient;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
 import org.apache.cxf.rs.security.jose.jws.JwsUtils;
@@ -32,15 +33,29 @@ import org.apache.cxf.rs.security.jose.jws.JwsUtils;
 public class OidcKeysService {
 
     private volatile JsonWebKeys keySet;
+    private WebClient keySetClient;
     
     @GET
     @Produces("application/json")
     public JsonWebKeys getPublicVerificationKeys() {
         if (keySet == null) {
-            Properties props = JwsUtils.loadSignatureInProperties(true);
-            keySet = JwsUtils.loadPublicVerificationKeys(JAXRSUtils.getCurrentMessage(), props);
+            if (keySetClient == null) {
+                keySet = getFromLocalStore();
+            } else {
+                keySet = keySetClient.get(JsonWebKeys.class);
+            }
+            
         }
         return keySet;
     }
+
+    private static JsonWebKeys getFromLocalStore() {
+        Properties props = JwsUtils.loadSignatureInProperties(true);
+        return JwsUtils.loadPublicVerificationKeys(JAXRSUtils.getCurrentMessage(), props);
+    }
+
+    public void setKeySetClient(WebClient keySetClient) {
+        this.keySetClient = keySetClient;
+    }
     
 }