Fixed api validation error (#911)

shibayan · web-flow · commit cf88b79d0b02 · 2025-11-13T09:28:49.000+09:00
diff --git a/KeyVault.Acmebot/Internal/AcmeProtocolClientFactory.cs b/KeyVault.Acmebot/Internal/AcmeProtocolClientFactory.cs
@@ -66,7 +66,7 @@ public async Task<AcmeProtocolClient> CreateClientAsync()
                 throw new PreconditionException("This ACME endpoint requires External Account Binding.");
             }
 
-            account = await acmeProtocolClient.CreateAccountAsync(new[] { $"mailto:{_options.Contacts}" }, true, externalAccountBinding);
+            account = await acmeProtocolClient.CreateAccountAsync([$"mailto:{_options.Contacts}"], true, externalAccountBinding);
 
             accountKey = new AccountKey
             {
@@ -82,7 +82,7 @@ public async Task<AcmeProtocolClient> CreateClientAsync()
 
         if (acmeProtocolClient.Account.Payload.Contact is { Length: > 0 } && acmeProtocolClient.Account.Payload.Contact[0] != $"mailto:{_options.Contacts}")
         {
-            account = await acmeProtocolClient.UpdateAccountAsync(new[] { $"mailto:{_options.Contacts}" });
+            account = await acmeProtocolClient.UpdateAccountAsync([$"mailto:{_options.Contacts}"]);
 
             SaveState(account, "account.json");
 
diff --git a/KeyVault.Acmebot/Internal/CertificateExtensions.cs b/KeyVault.Acmebot/Internal/CertificateExtensions.cs
@@ -24,7 +24,7 @@ public static CertificateItem ToCertificateItem(this KeyVaultCertificateWithPoli
         {
             Id = certificate.Id,
             Name = certificate.Name,
-            DnsNames = dnsNames is { Length: > 0 } ? dnsNames : new[] { certificate.Policy.Subject[3..] },
+            DnsNames = dnsNames is { Length: > 0 } ? dnsNames : [certificate.Policy.Subject[3..]],
             DnsProviderName = certificate.Properties.Tags.TryGetDnsProvider(out var dnsProviderName) ? dnsProviderName : "",
             CreatedOn = certificate.Properties.CreatedOn.Value,
             ExpiresOn = certificate.Properties.ExpiresOn.Value,
@@ -46,7 +46,7 @@ public static CertificatePolicyItem ToCertificatePolicyItem(this KeyVaultCertifi
         return new CertificatePolicyItem
         {
             CertificateName = certificate.Name,
-            DnsNames = dnsNames.Length > 0 ? dnsNames : new[] { certificate.Policy.Subject[3..] },
+            DnsNames = dnsNames.Length > 0 ? dnsNames : [certificate.Policy.Subject[3..]],
             DnsProviderName = certificate.Properties.Tags.TryGetDnsProvider(out var dnsProviderName) ? dnsProviderName : "",
             KeyType = certificate.Policy.KeyType?.ToString(),
             KeySize = certificate.Policy.KeySize,
diff --git a/KeyVault.Acmebot/Internal/DnsProvidersExtensions.cs b/KeyVault.Acmebot/Internal/DnsProvidersExtensions.cs
@@ -31,7 +31,7 @@ public static async Task<IReadOnlyList<DnsZone>> ListZonesAsync(this IEnumerable
 
         if (dnsProvider is null)
         {
-            return Array.Empty<DnsZone>();
+            return [];
         }
 
         var dnsZones = await dnsProvider.ListZonesAsync();
diff --git a/KeyVault.Acmebot/Models/CertificatePolicyItem.cs b/KeyVault.Acmebot/Models/CertificatePolicyItem.cs
@@ -8,38 +8,53 @@ public class CertificatePolicyItem : IValidatableObject
 {
     [JsonProperty("certificateName")]
     [RegularExpression("^[0-9a-zA-Z-]+$")]
-    public string CertificateName { get; set; }
+    public string? CertificateName { get; set; }
 
     [JsonProperty("dnsNames")]
-    public string[] DnsNames { get; set; }
+    public required string[] DnsNames { get; set; }
 
     [JsonProperty("dnsProviderName")]
-    public string DnsProviderName { get; set; }
+    public string? DnsProviderName { get; set; }
 
     [JsonProperty("keyType")]
     [RegularExpression("^(RSA|EC)$")]
-    public string KeyType { get; set; }
+    public required string KeyType { get; set; }
 
     [JsonProperty("keySize")]
     public int? KeySize { get; set; }
 
     [JsonProperty("keyCurveName")]
     [RegularExpression(@"^P\-(256|384|521|256K)$")]
-    public string KeyCurveName { get; set; }
+    public string? KeyCurveName { get; set; }
 
     [JsonProperty("reuseKey")]
     public bool? ReuseKey { get; set; }
 
     [JsonProperty("dnsAlias")]
-    public string DnsAlias { get; set; }
+    public string? DnsAlias { get; set; }
 
-    public IEnumerable<string> AliasedDnsNames => string.IsNullOrEmpty(DnsAlias) ? DnsNames : new[] { DnsAlias };
+    public IEnumerable<string> AliasedDnsNames => string.IsNullOrEmpty(DnsAlias) ? DnsNames : [DnsAlias];
 
     public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
     {
-        if (DnsNames is null || DnsNames.Length == 0)
+        if (DnsNames.Length == 0)
         {
-            yield return new ValidationResult($"The {nameof(DnsNames)} is required.", new[] { nameof(DnsNames) });
+            yield return new ValidationResult($"The {nameof(DnsNames)} is required.", [nameof(DnsNames)]);
+        }
+
+        if (KeyType == "RSA")
+        {
+            if (KeySize is not (2048 or 3072 or 4096))
+            {
+                yield return new ValidationResult($"The {nameof(KeySize)} must be 2048, 3072, or 4096 when {nameof(KeyType)} is RSA.", [nameof(KeySize)]);
+            }
+        }
+        else if (KeyType == "EC")
+        {
+            if (KeyCurveName is not ("P-256" or "P-384" or "P-521" or "P-256K"))
+            {
+                yield return new ValidationResult($"The {nameof(KeyCurveName)} must be P-256, P-384, P-521, or P-256K when {nameof(KeyType)} is EC.", [nameof(KeyCurveName)]);
+            }
         }
     }
 }
diff --git a/KeyVault.Acmebot/Providers/GoogleDnsProvider.cs b/KeyVault.Acmebot/Providers/GoogleDnsProvider.cs
@@ -57,16 +57,16 @@ public Task CreateTxtRecordAsync(DnsZone zone, string relativeRecordName, IEnume
 
         var change = new Change
         {
-            Additions = new[]
-            {
+            Additions =
+            [
                 new ResourceRecordSet
                 {
                     Name = recordName,
                     Type = "TXT",
                     Ttl = 60,
                     Rrdatas = values.ToArray()
                 }
-            }
+            ]
         };
 
         return _dnsService.Changes.Create(change, _credsParameters.ProjectId, zone.Id).ExecuteAsync();
diff --git a/KeyVault.Acmebot/Providers/Route53Provider.cs b/KeyVault.Acmebot/Providers/Route53Provider.cs
@@ -58,7 +58,7 @@ public Task CreateTxtRecordAsync(DnsZone zone, string relativeRecordName, IEnume
             }
         };
 
-        var request = new ChangeResourceRecordSetsRequest(zone.Id, new ChangeBatch(new List<Change> { change }));
+        var request = new ChangeResourceRecordSetsRequest(zone.Id, new ChangeBatch([change]));
 
         return _amazonRoute53Client.ChangeResourceRecordSetsAsync(request);
     }

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ public async Task<AcmeProtocolClient> CreateClientAsync()`
`66`	`66`	`throw new PreconditionException("This ACME endpoint requires External Account Binding.");`
`67`	`67`	`}`
`68`	`68`
`69`		`- account = await acmeProtocolClient.CreateAccountAsync(new[] { $"mailto:{_options.Contacts}" }, true, externalAccountBinding);`
	`69`	`+ account = await acmeProtocolClient.CreateAccountAsync([$"mailto:{_options.Contacts}"], true, externalAccountBinding);`
`70`	`70`
`71`	`71`	`accountKey = new AccountKey`
`72`	`72`	`{`
`@@ -82,7 +82,7 @@ public async Task<AcmeProtocolClient> CreateClientAsync()`
`82`	`82`
`83`	`83`	`if (acmeProtocolClient.Account.Payload.Contact is { Length: > 0 } && acmeProtocolClient.Account.Payload.Contact[0] != $"mailto:{_options.Contacts}")`
`84`	`84`	`{`
`85`		`- account = await acmeProtocolClient.UpdateAccountAsync(new[] { $"mailto:{_options.Contacts}" });`
	`85`	`+ account = await acmeProtocolClient.UpdateAccountAsync([$"mailto:{_options.Contacts}"]);`
`86`	`86`
`87`	`87`	`SaveState(account, "account.json");`
`88`	`88`
Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,7 @@ public static async Task<IReadOnlyList<DnsZone>> ListZonesAsync(this IEnumerable`
`31`	`31`
`32`	`32`	`if (dnsProvider is null)`
`33`	`33`	`{`
`34`		`- return Array.Empty<DnsZone>();`
	`34`	`+ return [];`
`35`	`35`	`}`
`36`	`36`
`37`	`37`	`var dnsZones = await dnsProvider.ListZonesAsync();`
Original file line number	Diff line number	Diff line change
`@@ -57,16 +57,16 @@ public Task CreateTxtRecordAsync(DnsZone zone, string relativeRecordName, IEnume`
`57`	`57`
`58`	`58`	`var change = new Change`
`59`	`59`	`{`
`60`		`- Additions = new[]`
`61`		`- {`
	`60`	`+ Additions =`
	`61`	`+ [`
`62`	`62`	`new ResourceRecordSet`
`63`	`63`	`{`
`64`	`64`	`Name = recordName,`
`65`	`65`	`Type = "TXT",`
`66`	`66`	`Ttl = 60,`
`67`	`67`	`Rrdatas = values.ToArray()`
`68`	`68`	`}`
`69`		`- }`
	`69`	`+ ]`
`70`	`70`	`};`
`71`	`71`
`72`	`72`	`return _dnsService.Changes.Create(change, _credsParameters.ProjectId, zone.Id).ExecuteAsync();`
Original file line number	Diff line number	Diff line change
`@@ -58,7 +58,7 @@ public Task CreateTxtRecordAsync(DnsZone zone, string relativeRecordName, IEnume`
`58`	`58`	`}`
`59`	`59`	`};`
`60`	`60`
`61`		`- var request = new ChangeResourceRecordSetsRequest(zone.Id, new ChangeBatch(new List<Change> { change }));`
	`61`	`+ var request = new ChangeResourceRecordSetsRequest(zone.Id, new ChangeBatch([change]));`
`62`	`62`
`63`	`63`	`return _amazonRoute53Client.ChangeResourceRecordSetsAsync(request);`
`64`	`64`	`}`