Make robust error handling (#65)

KeyVault.Acmebot/AddCertificateFunctions.cs

@@ -1,5 +1,4 @@
-using System;
-using System.Threading.Tasks;
+using System.Threading.Tasks;
 
 using KeyVault.Acmebot.Models;
 
@@ -39,7 +38,7 @@ public async Task<IActionResult> AddCertificate_HttpStart(
 
             log.LogInformation($"Started orchestration with ID = '{instanceId}'.");
 
-            return await starter.WaitForCompletionOrCreateCheckStatusResponseAsync(req, instanceId, TimeSpan.FromMinutes(5));
+            return starter.CreateCheckStatusResponse(req, instanceId, true);
         }
     }
 }

KeyVault.Acmebot/Contracts/ISharedFunctions.cs

@@ -23,15 +23,15 @@ public interface ISharedFunctions
 
         Task Dns01Precondition(string[] hostNames);
 
-        Task<ChallengeResult> Dns01Authorization((string, string) input);
+        Task<AcmeChallengeResult> Dns01Authorization((string, string) input);
 
         [RetryOptions("00:00:10", 6, HandlerType = typeof(RetryStrategy), HandlerMethodName = nameof(RetryStrategy.RetriableException))]
-        Task CheckDnsChallenge(ChallengeResult challenge);
+        Task CheckDnsChallenge(AcmeChallengeResult challenge);
 
         [RetryOptions("00:00:05", 12, HandlerType = typeof(RetryStrategy), HandlerMethodName = nameof(RetryStrategy.RetriableException))]
         Task CheckIsReady(OrderDetails orderDetails);
 
-        Task AnswerChallenges(IList<ChallengeResult> challenges);
+        Task AnswerChallenges(IList<AcmeChallengeResult> challenges);
 
         Task FinalizeOrder((string[], OrderDetails) input);
     }

KeyVault.Acmebot/KeyVault.Acmebot.csproj

@@ -12,7 +12,7 @@
     <PackageReference Include="Microsoft.Azure.Management.Dns" Version="3.0.1" />
     <PackageReference Include="Microsoft.Azure.Services.AppAuthentication" Version="1.3.1" />
     <PackageReference Include="Microsoft.Azure.WebJobs.Extensions.DurableTask" Version="2.1.1" />
-    <PackageReference Include="Microsoft.Extensions.Http" Version="3.1.0" />
+    <PackageReference Include="Microsoft.Extensions.Http" Version="3.1.1" />
     <PackageReference Include="Microsoft.NET.Sdk.Functions" Version="3.0.2" />
   </ItemGroup>
   <ItemGroup>

KeyVault.Acmebot/Models/ChallengeResult.cs → KeyVault.Acmebot/Models/AcmeChallengeResult.cs

@@ -1,6 +1,6 @@
 namespace KeyVault.Acmebot.Models
 {
-    public class ChallengeResult
+    public class AcmeChallengeResult
     {
         public string Url { get; set; }
         public string DnsRecordName { get; set; }

KeyVault.Acmebot/SharedFunctions.cs

@@ -64,7 +64,7 @@ public async Task IssueCertificate([OrchestrationTrigger] IDurableOrchestrationC
             var orderDetails = await activity.Order(dnsNames);
 
             // 複数の Authorizations を処理する
-            var challenges = new List<ChallengeResult>();
+            var challenges = new List<AcmeChallengeResult>();
 
             foreach (var authorization in orderDetails.Payload.Authorizations)
             {
@@ -135,7 +135,7 @@ public async Task Dns01Precondition([ActivityTrigger] string[] hostNames)
         }
 
         [FunctionName(nameof(Dns01Authorization))]
-        public async Task<ChallengeResult> Dns01Authorization([ActivityTrigger] (string, string) input)
+        public async Task<AcmeChallengeResult> Dns01Authorization([ActivityTrigger] (string, string) input)
         {
             var (authzUrl, instanceId) = input;
 
@@ -207,7 +207,7 @@ public async Task<ChallengeResult> Dns01Authorization([ActivityTrigger] (string,
 
             await _dnsManagementClient.RecordSets.CreateOrUpdateAsync(resourceGroup, zone.Name, acmeDnsRecordName, RecordType.TXT, recordSet);
 
-            return new ChallengeResult
+            return new AcmeChallengeResult
             {
                 Url = challenge.Url,
                 DnsRecordName = challengeValidationDetails.DnsRecordName,
@@ -216,7 +216,7 @@ public async Task<ChallengeResult> Dns01Authorization([ActivityTrigger] (string,
         }
 
         [FunctionName(nameof(CheckDnsChallenge))]
-        public async Task CheckDnsChallenge([ActivityTrigger] ChallengeResult challenge)
+        public async Task CheckDnsChallenge([ActivityTrigger] AcmeChallengeResult challenge)
         {
             // 実際に ACME の TXT レコードを引いて確認する
             var queryResult = await _lookupClient.QueryAsync(challenge.DnsRecordName, QueryType.TXT);
@@ -259,7 +259,7 @@ public async Task CheckIsReady([ActivityTrigger] OrderDetails orderDetails)
         }
 
         [FunctionName(nameof(AnswerChallenges))]
-        public async Task AnswerChallenges([ActivityTrigger] IList<ChallengeResult> challenges)
+        public async Task AnswerChallenges([ActivityTrigger] IList<AcmeChallengeResult> challenges)
         {
             var acmeProtocolClient = await _acmeProtocolClientFactory.CreateClientAsync();
 

KeyVault.Acmebot/proxies.json

@@ -5,7 +5,7 @@
       "matchCondition": {
         "route": "add-certificate"
       },
-      "backendUri": "https://shibayan.blob.core.windows.net/azure-keyvault-letsencrypt/index.html"
+      "backendUri": "https://shibayan.blob.core.windows.net/azure-keyvault-letsencrypt/index.v2.html"
     }
   }
 }