server/rotation.go: avoid displaying the "keys already rotated" error

This commit is contained in:
rithu john 2017-04-11 10:48:08 -07:00
parent c3cafc8f39
commit dd1e901dd9

View File

@ -5,7 +5,6 @@ import (
"crypto/rand"
"crypto/rsa"
"encoding/hex"
"errors"
"fmt"
"io"
"time"
@ -125,8 +124,11 @@ func (k keyRotater) rotate() error {
var nextRotation time.Time
err = k.Storage.UpdateKeys(func(keys storage.Keys) (storage.Keys, error) {
tNow := k.now()
// if you are running multiple instances of dex, another instance
// could have already rotated the keys.
if tNow.Before(keys.NextRotation) {
return storage.Keys{}, errors.New("keys already rotated")
return storage.Keys{}, nil
}
expired := func(key storage.VerificationKey) bool {