From bcdbf0301d4bc2228d8423bc5ad4e68277b78a73 Mon Sep 17 00:00:00 2001
From: Jimmy Zelinskie <jimmy.zelinskie@coreos.com>
Date: Tue, 12 Jan 2016 17:58:21 -0500
Subject: [PATCH] add cache-control headers to /keys

---
 endpoints/web.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/endpoints/web.py b/endpoints/web.py
index 8c293d6b4..036c5187a 100644
--- a/endpoints/web.py
+++ b/endpoints/web.py
@@ -29,7 +29,7 @@ from endpoints.common import common_login, render_page_template, route_show_if,
 from endpoints.csrf import csrf_protect, generate_csrf_token, verify_csrf
 from endpoints.decorators import anon_protect, anon_allowed
 from health.healthcheck import get_healthchecker
-from util.cache import no_cache
+from util.cache import no_cache, cache_control
 from util.headers import parse_basic_auth
 from util.invoice import renderInvoiceToPdf
 from util.names import parse_repository_name, parse_repository_name_and_tag
@@ -692,6 +692,7 @@ def _load_certificate_bytes(certificate_file_path):
     return load_pem_x509_certificate(cert_file.read(), default_backend()).public_key()
 
 @route_show_if(features.BITTORRENT)
+@cache_control(max_age=300)
 @web.route('/keys', methods=['GET'])
 def jwk_set_uri():
   certificate = _load_certificate_bytes(app.config['JWT_AUTH_CERTIFICATE_PATH'])