Upgrade to .NET 10 RC 2 (#6)

Author: erwinkramer

.certs/AspNetDev.pfx

@@ -1,8 +1,8 @@
 // For format details, see https://aka.ms/devcontainer.json. For config options, see the
 // README at: https://github.com/devcontainers/templates/tree/main/src/dotnet
 {
-	"name": "Bank API dotnet9",
-	"image": "mcr.microsoft.com/devcontainers/dotnet:dev-9.0-bookworm", // bookworm is more up to date (with .NET SDK) than noble
+	"name": "Bank API dotnet10",
+	"image": "mcr.microsoft.com/devcontainers/dotnet:dev-10.0-noble", // https://mcr.microsoft.com/en-us/artifact/mar/devcontainers/dotnet/tags
 	"customizations": {
 		"vscode": {
 			"extensions": [
@@ -22,16 +22,18 @@
 	"containerEnv": {
 		"DOTNET_LAUNCH_PROFILE": "http",
 		// Zscaler proxy support when reading custom rulesets over https in Spectral
-		"NODE_EXTRA_CA_CERTS": "${containerWorkspaceFolder}/.certs/ZscalerRootCA.crt" 
+		"NODE_EXTRA_CA_CERTS": "${containerWorkspaceFolder}/.certs/ZscalerRootCA.crt"
 	},
 	// Features to add to the dev container. More info: https://containers.dev/features.
 	"features": {
 		"ghcr.io/devcontainers/features/dotnet:2": {
 			"version": "none", // already pre-installed with image
-			"aspNetCoreRuntimeVersions": "8.0" // for: https://github.com/microsoft/vscode-dotnettools/issues/1094
+			"aspNetCoreRuntimeVersions": "9.0" // for: https://github.com/microsoft/vscode-dotnettools/issues/1094
 		},
 		"ghcr.io/devcontainers/features/azure-cli:1": {}, // for using the host az cli credentials
-		"ghcr.io/devcontainers/features/docker-in-docker:2": {} // for .NET Aspire resource emulation
+		"ghcr.io/devcontainers/features/docker-in-docker:2": {
+			"moby": false
+		} // for .NET Aspire resource emulation
 	},
 	"mounts": [
 		// Bind the azure (credential) folder, requires an unencrypted token cache (assuming host is Windows).
@@ -40,10 +42,10 @@
 		"source=${localEnv:HOME}${localEnv:USERPROFILE}/.azure,target=/home/vscode/.azure,type=bind",
 		// Bind the Visual Studio Token provider folder
 		"source=${localEnv:HOME}${localEnv:LOCALAPPDATA}/.IdentityService,target=/home/vscode/.IdentityService,type=bind",
-		// Bind ASP.NET user secrets folder (please see https://learn.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-9.0&tabs=windows#how-the-secret-manager-tool-works)
+		// Bind ASP.NET user secrets folder (please see https://learn.microsoft.com/en-us/aspnet/core/security/app-secrets#how-the-secret-manager-tool-works)
 		"source=${localEnv:APPDATA}/Microsoft/UserSecrets,target=/home/vscode/.microsoft/usersecrets,type=bind"
 	],
 	// Remove absolutely every file on the .gitignore list, so we don't run into permission issues. 
 	// Also see https://github.com/microsoft/vscode-remote-release/issues/9099#issuecomment-2541564211
-	"postStartCommand": "git clean -xdf && dotnet dev-certs https --trust" 
+	"postStartCommand": "git clean -xdf && dotnet dev-certs https --clean --import ${containerWorkspaceFolder}/.certs/AspNetDev.pfx -p ''"
 }

.devcontainer/devcontainer.json

@@ -2,3 +2,6 @@ extends:
   - ruleset.bank.yml #Bank API project ruleset
   - https://unpkg.com/@stoplight/spectral-owasp-ruleset/dist/ruleset.mjs #OWASP API Security Top 10 - v2023
   - https://static.developer.overheid.nl/adr/ruleset.yaml #Dutch Public Sector (NLGov) REST API Design Rules, includes Spectral "oas" ruleset
+
+rules:
+  openapi3: "off" # NLGov rule to check for openapi version is too strict in the current version, already changed in a newer version of the ruleset, but not yet released

.spectral/main.yml

@@ -25,8 +25,8 @@ rules:
           - Administrative
 
   bank:header-requires-hyphenated-pascal-case:
-    description: HTTP headers must be in Hyphenated-Pascal-Case, exceptions are API-Version and WWW-Authenticate.
-    message: HTTP header is not in Hyphenated-Pascal-Case, exceptions are API-Version and WWW-Authenticate.
+    description: HTTP headers must be in Hyphenated-Pascal-Case, exceptions are API-Version, WWW-Authenticate and X-JWS-Signature.
+    message: HTTP header is not in Hyphenated-Pascal-Case, exceptions are API-Version, WWW-Authenticate and X-JWS-Signature.
     severity: warn
     given:
       - "$..responses..headers"
@@ -36,7 +36,7 @@ rules:
       field: "@key"
       function: pattern
       functionOptions:
-        match: "^(API-Version|WWW-Authenticate|([A-Z][a-z0-9]*)(-[A-Z][a-z0-9]*)*)$"
+        match: "^(API-Version|WWW-Authenticate|X-JWS-Signature|([A-Z][a-z0-9]*)(-[A-Z][a-z0-9]*)*)$"
 
   bank:property-requires-camel-case:
     description: Property names, acronyms, path parameters and query parameters must be in camelCase.

.spectral/ruleset.bank.yml

@@ -1,31 +1,32 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
     <OutputType>Library</OutputType>
   </PropertyGroup>
 
   <ItemGroup>
     <PackageReference Include="Aspire.Azure.Storage.Blobs" Version="9.*" />
-    <PackageReference Include="AspNetCore.Authentication.ApiKey" Version="8.*" />
+    <PackageReference Include="AspNetCore.Authentication.ApiKey" Version="9.*" />
     <PackageReference Include="Gridify" Version="2.*" />
     <PackageReference Include="Gridify.EntityFramework" Version="2.*" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="9.*" />
-    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="9.*" />
-    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.*" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="9.*" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.*-*" />
+    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="10.*-*" />
+    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.*-*" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.*-*" />
     <PackageReference Include="Microsoft.Extensions.Caching.Hybrid" Version="9.*" />
     <PackageReference Include="Microsoft.Extensions.Compliance.Redaction" Version="9.*" />
     <PackageReference Include="Microsoft.Extensions.Http.Resilience" Version="9.*" />
     <PackageReference Include="Microsoft.Extensions.ServiceDiscovery" Version="9.*" />
     <PackageReference Include="Microsoft.Kiota.Bundle" Version="1.*" />
-    <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.11.*" />
-    <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.11.*" />
-    <PackageReference Include="OpenTelemetry.Instrumentation.EntityFrameworkCore" Version="1.*-*" />
-    <PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.11.*" />
-    <PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.11.*" />
+    <PackageReference Include="Microsoft.OpenApi" Version="2.*" />
+    <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.13.*" />
+    <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.13.*" />
+    <PackageReference Include="OpenTelemetry.Instrumentation.EntityFrameworkCore" Version="1.12.*-*" />
+    <PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.12.*" />
+    <PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.12.*" />
     <PackageReference Include="Scalar.AspNetCore" Version="2.*" />
     <PackageReference Include="jose-jwt" Version="5.*" />
   </ItemGroup>

BankApi.Core/BankApi.Core.csproj

@@ -1,14 +1,4 @@
 using System.ComponentModel;
-using System.ComponentModel.DataAnnotations;
-
-/// <summary>
-/// Attribute used to enforce a maximum length of 36 for GUIDs.
-/// Inherits from MaxLengthAttribute to set the maximum length for GUIDs to 36 characters.
-/// </summary>
-public class IdAttribute : MaxLengthAttribute
-{
-    public IdAttribute() : base(36) { }
-}
 
 /// <summary>
 /// Attribute used to describe the ID of a bank.

BankApi.Core/Defaults/Attribute.Identity.cs

@@ -1,12 +1,15 @@
+using Azure.Identity;
 using Azure.Storage.Blobs;
 
 public static partial class ApiBuilder
 {
     public static IHostApplicationBuilder AddAzureClients(this IHostApplicationBuilder builder)
     {
-        builder.AddAzureBlobClient("BankStorage", options =>
+        var credential = new DefaultAzureCredential();
+
+        builder.AddAzureBlobServiceClient("BankStorage", options =>
         {
-            options.DisableHealthChecks = false;
+            options.Credential = credential;
         });
 
         return builder;

BankApi.Core/Defaults/Builder.AzureClients.cs

@@ -0,0 +1,14 @@
+using System.Text.Json.Serialization;
+
+public static partial class ApiBuilder
+{
+    public static IServiceCollection ConfigureJson(this IServiceCollection services)
+    {
+        services.Configure<Microsoft.AspNetCore.Http.Json.JsonOptions>(options =>
+        {
+            options.SerializerOptions.UnmappedMemberHandling = JsonUnmappedMemberHandling.Disallow;
+            options.SerializerOptions.NumberHandling = JsonNumberHandling.Strict;
+        });
+        return services;
+    }
+}

BankApi.Core/Defaults/Builder.Json.cs

@@ -1,17 +1,19 @@
+using AspNetCore.Authentication.ApiKey;
 using Scalar.AspNetCore;
 
 public static partial class ApiBuilder
 {
     public static IServiceCollection AddOpenApiServices(this IServiceCollection services)
     {
-        services.AddOpenApi(GlobalConfiguration.ApiDocument!.Info.Version, options =>
+        services.AddOpenApi(GlobalConfiguration.ApiDocument!.Info.Version!, options =>
         {
             options.AddDocumentTransformer<TransformerDocInfo>();
             options.AddDocumentTransformer<TransformerComponentSchemas>();
             options.AddDocumentTransformer<TransformerComponentHeaders>();
             options.AddDocumentTransformer<TransformerComponentResponses>();
             options.AddDocumentTransformer<TransformerSecurityScheme>();
             options.AddSchemaTransformer<TransformerExampleSchema>();
+            options.AddSchemaTransformer<TransformerGuidSchema>();
             options.AddOperationTransformer<TransformerOperation>();
         });
 
@@ -23,9 +25,10 @@ public static void AddOpenApiScalarReference(this IEndpointRouteBuilder app)
         app.MapScalarApiReference(options =>
         {
             options.Theme = ScalarTheme.DeepSpace;
-            options.WithApiKeyAuthentication(options =>
+            options.ForceDarkMode();
+            options.AddApiKeyAuthentication($"{ApiKeyDefaults.AuthenticationScheme}-Header", options =>
             {
-                options.Token = "Lifetime Subscription";
+                options.Value = "Lifetime Subscription";
             });
             options.Title = $"{GlobalConfiguration.ApiDocument!.Info.Title} docs | {GlobalConfiguration.ApiDocument.Info.Version}";
         });

BankApi.Core/Defaults/Builder.OpenApi.cs

@@ -1,14 +1,14 @@
 using Microsoft.Extensions.Caching.Hybrid;
 using Microsoft.IdentityModel.Tokens;
-using Microsoft.OpenApi.Any;
-using Microsoft.OpenApi.Models;
+using Microsoft.OpenApi;
+using System.Text.Json.Nodes;
 using System.Threading.RateLimiting;
 
 public static class GlobalConfiguration
 {
    public static OpenApiDocument? ApiDocument { get; set; }
 
-   public static IOpenApiAny? ApiExamples { get; set; }
+   public static JsonObject? ApiExamples { get; set; }
 
    public static SettingsModel? ApiSettings { get; set; }