eidas proxy, create oidc-rp.jks if set in hiera

global/overlay/etc/puppet/manifests/cosmos-site.pp

@@ -637,8 +637,10 @@ class eidas_proxy($version='1.0.0',$country='se',$hostname='localhost', $spring_
    $_hostname = safe_hiera('eidas_proxy_hostname',$hostname);
    $_country = safe_hiera('eidas_proxy_country',$country);
    $_pkcs11pin = safe_hiera('pkcs11_pin');
+   $_eidas_proxy_oidc_rp_jks = safe_hiera('eidas_proxy_oidc_rp_jks','');
    $proxy_service_cookie_encrypt_pw = safe_hiera('proxy_service_cookie_encrypt_pw');
    file {['/etc/eidas-proxy/',"/etc/eidas-proxy/$_country"]: ensure => directory } ->
+   file {["/etc/eidas-proxy/$_country/keystore"]: ensure => directory } ->
    sunet::snippets::secret_file {"/etc/eidas-proxy/$_country/metadata.p12":
       hiera_key => 'eidas_metadata_key',
       base64    => true
@@ -669,6 +671,13 @@ class eidas_proxy($version='1.0.0',$country='se',$hostname='localhost', $spring_
    }
    ensure_resource('class','webserver',{})
    ensure_resource('class','https_server',{})
+
+   if $_eidas_proxy_oidc_rp_jks != '' {
+      sunet::snippets::secret_file {"/etc/eidas-proxy/$_country/keystore/oidc-rp.jks":
+         hiera_key => 'eidas_proxy_oidc_rp_jks',
+         base64    => true
+      }
+   }
 }
 
 class prid($version="1.0.0",$clients="",$mdsl="") {