Persistent DNS bugfixes

[sciros]

This pull request introduces several improvements and bug fixes to the DCV (Domain Control Validation) parameter validation, error handling, and DNS persistent record evaluation logic. The changes enhance input validation, improve error reporting, and make the DNS persistent record evaluation more robust against malformed records. Additionally, the tests have been updated to cover new validation logic and edge cases.

Validation and Error Handling Improvements:

• Added stricter validation for expected_account_uri and issuer_domain_names in DcvDnsPersistentValidationParameters, ensuring expected_account_uri is a valid URI with scheme and host, and issuer_domain_names is a non-empty list of non-empty strings.
• Updated the DCV_PARAMETER_ERROR message to be more general and include both the parameter name and value, improving error clarity.
• Adjusted error creation in TLS-ALPN validation to use the new error message format with parameter name and value.

DNS Persistent Record Evaluation Enhancements:

• Improved evaluate_persistent_dns_response to detect and reject records with malformed parameters, duplicate accounturi or persistuntil parameters, and to only accept well-formed records. [1] [2]

Testing Enhancements:

• Added new unit tests for invalid expected_account_uri and issuer_domain_names values, and for malformed DNS persistent records (e.g., duplicate parameters, missing names/values, etc.). [1] [2]
• Updated existing tests to match new error message formats and to ensure case insensitivity and correct parameter validation. [1] [2]

Code Quality and Consistency:

• Improved code formatting and consistency, such as updating string quotes and line breaks, and simplifying some test helper functions. [1] [2] [3] [4] [5] [6] [7] [8]

Version Bump:

• Bumped the package version from 6.3.0 to 6.3.1 to reflect these changes.

[Copilot]

Pull request overview

This PR tightens DCV (Domain Control Validation) parameter validation and improves robustness of DNS persistent record parsing, with accompanying test updates and a patch version bump.

Changes:

• Add stricter validation for DNS-persistent parameters (expected_account_uri, issuer_domain_names).
• Harden DNS persistent TXT record evaluation against malformed/duplicate parameters.
• Update TLS-ALPN error creation and tests to match the new parameter-error message format; bump version to 6.3.1.

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
src/open_mpic_core/common_domain/check_parameters.py	Adds Pydantic validators for DNS-persistent check parameters.
src/open_mpic_core/mpic_dcv_checker/mpic_dcv_checker.py	Makes persistent DNS TXT parsing stricter (malformed/duplicate params).
src/open_mpic_core/common_domain/messages/ErrorMessages.py	Generalizes DCV_PARAMETER_ERROR key/message format.
src/open_mpic_core/mpic_dcv_checker/dcv_tls_alpn_validator.py	Uses the new parameter-error formatting; minor formatting changes.
src/open_mpic_core/__about__.py	Bumps package version to 6.3.1.
tests/unit/open_mpic_core/test_check_request_parameters.py	Adds negative cases for new DNS-persistent parameter validation.
tests/unit/open_mpic_core/test_mpic_dcv_checker.py	Expands test coverage for malformed/duplicate DNS persistent records.
tests/unit/open_mpic_core/test_dcv_tls_alpn_validator.py	Updates expected error messages for the new parameter-error format.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[birgelee]

Nice work.

[birgelee]

great, probably good to always have cleanup.