feat(express): migrate unlocklightningwallet to typed routes

TICKET: WP-5446

Author: danielzhao122

modules/express/src/clientRoutes.ts

@@ -1566,6 +1566,10 @@ export function setupAPIRoutes(app: express.Application, config: Config): void {
   router.post('express.decrypt', [prepareBitGo(config), typedPromiseWrapper(handleDecrypt)]);
   router.post('express.encrypt', [prepareBitGo(config), typedPromiseWrapper(handleEncrypt)]);
   router.post('express.verifyaddress', [prepareBitGo(config), typedPromiseWrapper(handleVerifyAddress)]);
+  router.post('express.lightning.unlockWallet', [
+    prepareBitGo(config),
+    typedPromiseWrapper(handleUnlockLightningWallet),
+  ]);
   app.post(
     '/api/v[12]/calculateminerfeeinfo',
     parseBody,
@@ -1802,11 +1806,5 @@ export function setupLightningSignerNodeRoutes(app: express.Application, config:
     prepareBitGo(config),
     promiseWrapper(handleCreateSignerMacaroon)
   );
-  app.post(
-    '/api/v2/:coin/wallet/:id/unlockwallet',
-    parseBody,
-    prepareBitGo(config),
-    promiseWrapper(handleUnlockLightningWallet)
-  );
   app.get('/api/v2/:coin/wallet/:id/state', prepareBitGo(config), promiseWrapper(handleGetLightningWalletState));
 }

modules/express/src/lightning/lightningSignerRoutes.ts

@@ -13,13 +13,9 @@ import {
 } from '@bitgo/abstract-lightning';
 import * as utxolib from '@bitgo/utxo-lib';
 import { Buffer } from 'buffer';
+import { ExpressApiRouteRequest } from '../typedRoutes/api';
 
-import {
-  CreateSignerMacaroonRequest,
-  GetWalletStateResponse,
-  InitLightningWalletRequest,
-  UnlockLightningWalletRequest,
-} from './codecs';
+import { CreateSignerMacaroonRequest, GetWalletStateResponse, InitLightningWalletRequest } from './codecs';
 import { LndSignerClient } from './lndSignerClient';
 import { ApiResponseError } from '../errors';
 
@@ -204,25 +200,13 @@ export async function handleGetLightningWalletState(req: express.Request): Promi
 /**
  * Handle the request to unlock a wallet in the signer.
  */
-export async function handleUnlockLightningWallet(req: express.Request): Promise<{ message: string }> {
-  const coinName = req.params.coin;
+export async function handleUnlockLightningWallet(
+  req: ExpressApiRouteRequest<'express.lightning.unlockWallet', 'post'>
+): Promise<{ message: string }> {
+  const { coin: coinName, id: walletId, passphrase } = req.decoded;
   if (!isLightningCoinName(coinName)) {
     throw new ApiResponseError(`Invalid coin to unlock lightning wallet: ${coinName}`, 400);
   }
-  const walletId = req.params.id;
-  if (typeof walletId !== 'string') {
-    throw new ApiResponseError(`Invalid wallet id: ${walletId}`, 400);
-  }
-
-  const { passphrase } = decodeOrElse(
-    UnlockLightningWalletRequest.name,
-    UnlockLightningWalletRequest,
-    req.body,
-    (_) => {
-      // DON'T throw errors from decodeOrElse. It could leak sensitive information.
-      throw new ApiResponseError('Invalid request body to unlock lightning wallet', 400);
-    }
-  );
 
   const lndSignerClient = await LndSignerClient.create(walletId, req.config);
   // The passphrase at LND can only accommodate a base64 character set

modules/express/src/typedRoutes/api/index.ts

@@ -12,6 +12,7 @@ import { PostAcceptShare } from './v1/acceptShare';
 import { PostSimpleCreate } from './v1/simpleCreate';
 import { PutPendingApproval } from './v1/pendingApproval';
 import { PostSignTransaction } from './v1/signTransaction';
+import { PostUnlockLightningWallet } from './v2/unlockWallet';
 
 export const ExpressApi = apiSpec({
   'express.ping': {
@@ -44,6 +45,9 @@ export const ExpressApi = apiSpec({
   'express.v1.wallet.signTransaction': {
     post: PostSignTransaction,
   },
+  'express.lightning.unlockWallet': {
+    post: PostUnlockLightningWallet,
+  },
 });
 
 export type ExpressApi = typeof ExpressApi;

modules/express/src/typedRoutes/api/v2/unlockWallet.ts

@@ -0,0 +1,43 @@
+import * as t from 'io-ts';
+import { httpRoute, httpRequest } from '@api-ts/io-ts-http';
+import { BitgoExpressError } from '../../schemas/error';
+
+/**
+ * Path parameters for unlocking a lightning wallet
+ * @property {string} coin - A lightning coin name (e.g, lnbtc).
+ * @property {string} id - The ID of the wallet.
+ */
+export const UnlockLightningWalletParams = {
+  coin: t.string,
+  id: t.string,
+};
+
+/**
+ * Request body for unlocking a lightning wallet
+ * @property {string} passphrase - Passphrase to unlock the lightning wallet.
+ */
+export const UnlockLightningWalletBody = {
+  passphrase: t.string,
+};
+
+/**
+ * Lightning - Unlock node
+ *
+ * This is only used for self-custody lightning. Unlock the Lightning Network Daemon (LND) node with the given wallet password.
+ *
+ * @operationId express.lightning.unlockWallet
+ */
+export const PostUnlockLightningWallet = httpRoute({
+  method: 'POST',
+  path: '/api/v2/{coin}/wallet/{id}/unlockwallet',
+  request: httpRequest({
+    params: UnlockLightningWalletParams,
+    body: UnlockLightningWalletBody,
+  }),
+  response: {
+    200: t.type({
+      message: t.string, // currently returns { message: 'ok' }
+    }),
+    400: BitgoExpressError,
+  },
+});

modules/express/test/unit/clientRoutes/lightning/lightningSignerRoutes.ts

@@ -173,15 +173,9 @@ describe('Lightning signer routes', () => {
 
     const req = {
       bitgo: bitgo,
-      body: apiData.unlockWalletRequestBody,
-      params: {
-        coin: 'tlnbtc',
-        id: 'fakeid',
-      },
-      config: {
-        lightningSignerFileSystemPath: 'lightningSignerFileSystemPath',
-      },
-    } as unknown as express.Request;
+      config: { lightningSignerFileSystemPath: 'lightningSignerFileSystemPath' },
+      decoded: { coin: 'tlnbtc', id: 'fakeid', passphrase: apiData.unlockWalletRequestBody.passphrase },
+    } as any;
 
     await handleUnlockLightningWallet(req);
 

modules/express/test/unit/typedRoutes/decode.ts

@@ -5,6 +5,7 @@ import { EncryptRequestBody } from '../../../src/typedRoutes/api/common/encrypt'
 import { LoginRequest } from '../../../src/typedRoutes/api/common/login';
 import { VerifyAddressBody } from '../../../src/typedRoutes/api/common/verifyAddress';
 import { SimpleCreateRequestBody } from '../../../src/typedRoutes/api/v1/simpleCreate';
+import { UnlockLightningWalletBody, UnlockLightningWalletParams } from '../../../src/typedRoutes/api/v2/unlockWallet';
 
 export function assertDecode<T>(codec: t.Type<T, unknown>, input: unknown): T {
   const result = codec.decode(input);
@@ -100,4 +101,12 @@ describe('io-ts decode tests', function () {
       passphrase: 'pass',
     });
   });
+  it('express.lightning.unlockWallet', function () {
+    // params require coin and id
+    assertDecode(t.type(UnlockLightningWalletParams), { coin: 'tlnbtc', id: 'wallet123' });
+    // missing passphrase
+    assert.throws(() => assertDecode(t.type(UnlockLightningWalletBody), {}));
+    // valid body
+    assertDecode(t.type(UnlockLightningWalletBody), { passphrase: 'secret' });
+  });
 });