From d74ba2cd049c73b0c4e946010ef74b6ebb737e85 Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mit.edu>
Date: Mon, 21 Dec 2015 15:51:53 -0500
Subject: [PATCH] handled errors better in JWK Set cache

---
 .../service/impl/JWKSetCacheService.java      | 22 ++++++++++++-------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetCacheService.java b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetCacheService.java
index e8c224277..509621a43 100644
--- a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetCacheService.java
+++ b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetCacheService.java
@@ -32,12 +32,14 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
 import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestClientException;
 import org.springframework.web.client.RestTemplate;
 
 import com.google.common.cache.CacheBuilder;
 import com.google.common.cache.CacheLoader;
 import com.google.common.cache.LoadingCache;
 import com.google.common.util.concurrent.UncheckedExecutionException;
+import com.google.gson.JsonParseException;
 import com.nimbusds.jose.jwk.JWKSet;
 
 /**
@@ -136,14 +138,18 @@ public class JWKSetCacheService {
 		 */
 		@Override
 		public JWTEncryptionAndDecryptionService load(String key) throws Exception {
-			String jsonString = restTemplate.getForObject(key, String.class);
-			JWKSet jwkSet = JWKSet.parse(jsonString);
-
-			JWKSetKeyStore keyStore = new JWKSetKeyStore(jwkSet);
-
-			JWTEncryptionAndDecryptionService service = new DefaultJWTEncryptionAndDecryptionService(keyStore);
-
-			return service;
+			try {
+				String jsonString = restTemplate.getForObject(key, String.class);
+				JWKSet jwkSet = JWKSet.parse(jsonString);
+	
+				JWKSetKeyStore keyStore = new JWKSetKeyStore(jwkSet);
+	
+				JWTEncryptionAndDecryptionService service = new DefaultJWTEncryptionAndDecryptionService(keyStore);
+	
+				return service;
+			} catch (JsonParseException | RestClientException e) {
+				throw new IllegalArgumentException("Unable to load JWK Set");
+			}
 		}
 	}