Ensure double-checked locking when loading Jwk definitions

[cgaskill]

https://github.com/spring-projects/spring-security-oauth/blob/cc4c0a52086309a6eed3fd8a2304b31055e7c9d7/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/token/store/jwk/JwkDefinitionSource.java#L89

JwkDefinitionSource.getDefinitionLoadIfNecessary should check if the definition has been loaded in the synchronized before clearing and loading definitions. The current implementation has the side effect of a second thread waiting for the lock will attempt to also reload the definitions.

The following code should prevent this duplicate work.

JwkDefinitionHolder getDefinitionLoadIfNecessary(String keyId) {
	JwkDefinitionHolder result = this.getDefinition(keyId);
	if (result != null) {
		return result;
	}
	synchronized (this.jwkDefinitions) {
		result = this.getDefinition(keyId);
		if(result != null) {
			return result;
		}
		this.jwkDefinitions.clear();
		for (URL jwkSetUrl : jwkSetUrls) {
			this.jwkDefinitions.putAll(loadJwkDefinitions(jwkSetUrl));
		}
		return this.getDefinition(keyId);
	}
}

[leomillon]

I faced the problem with performance tests :
When a bulk of users are requesting the API (on a fresh instance started from auto-scaling strategy), they all come with a token and the given jwk definitions are cleared for each user waiting in this synchronized section...
Here is the quick fix suggested by @cgaskill : #1443