refactor: added unit tests that test encoding and decoding from end to end

also fixed other minor errors

TICKET: WP-5444

Author: danielzhao122

modules/express/src/typedRoutes/api/v2/lightningInitWallet.ts

@@ -4,13 +4,13 @@ import { BitgoExpressError } from '../../schemas/error';
 
 /**
  * Path parameters for initializing a Lightning wallet
- * @property {string} coin - A lightning coin name (e.g, lnbtc).
+ * @property {string} coin - A lightning coin name (e.g, lnbtc, tlnbtc).
  * @property {string} walletId - The ID of the wallet.
  */
 export const LightningInitWalletParams = {
   coin: t.string,
   walletId: t.string,
-};
+} as const;
 
 /**
  * Request body for initializing a Lightning wallet
@@ -19,7 +19,17 @@ export const LightningInitWalletParams = {
 export const LightningInitWalletBody = {
   passphrase: t.string,
   expressHost: optional(t.string),
-};
+} as const;
+
+/**
+ * Response
+ * - 200: Returns the updated wallet. On success, the wallet's `coinSpecific` will include the encrypted admin macaroon for the Lightning signer node.
+ * - 400: BitGo Express error payload when initialization cannot proceed (for example: invalid coin, unsupported environment, wallet not in an initializable state).
+ */
+export const LightningInitWalletResponse = {
+  200: t.unknown,
+  400: BitgoExpressError,
+} as const;
 
 /**
  * Lightning - This is only used for self-custody lightning. Initialize a newly created Lightning Network Daemon (LND) for the first time.
@@ -33,7 +43,7 @@ export const PostLightningInitWallet = httpRoute({
   path: '/api/v2/:coin/wallet/:walletId/initwallet',
   method: 'POST',
   request: httpRequest({ params: LightningInitWalletParams, body: LightningInitWalletBody }),
-  response: { 200: t.unknown, 400: BitgoExpressError },
+  response: LightningInitWalletResponse,
 });
 
 export type PostLightningInitWallet = typeof PostLightningInitWallet;

modules/express/test/unit/clientRoutes/lightning/lightningSignerRoutes.ts

@@ -80,7 +80,7 @@ describe('Lightning signer routes', () => {
           passphrase: apiData.initWalletRequestBody.passphrase,
           ...(includingOptionalFields ? { expressHost: apiData.initWalletRequestBody.expressHost } : {}),
         },
-      } as unknown as express.Request & { decoded: any };
+      } as unknown as ExpressApiRouteRequest<'express.lightning.initWallet'>;
 
       await handleInitLightningWallet(req);
 

modules/express/test/unit/typedRoutes/decode.ts

@@ -9,6 +9,12 @@ import {
   LightningInitWalletBody,
   LightningInitWalletParams,
 } from '../../../src/typedRoutes/api/v2/lightningInitWallet';
+import { agent as supertest } from 'supertest';
+import nock from 'nock';
+import { DefaultConfig } from '../../../src/config';
+import { app as expressApp } from '../../../src/expressApp';
+import * as sinon from 'sinon';
+import { BitGo } from 'bitgo';
 
 export function assertDecode<T>(codec: t.Type<T, unknown>, input: unknown): T {
   const result = codec.decode(input);
@@ -123,3 +129,131 @@ describe('io-ts decode tests', function () {
     assertDecode(t.type(LightningInitWalletBody), { passphrase: 'p', expressHost: 'host.example' });
   });
 });
+
+describe('e2e tests for io-ts routes', function () {
+  let agent;
+  let authenticateStub: sinon.SinonStub;
+  let walletsStub: sinon.SinonStub;
+  let decryptStub: sinon.SinonStub;
+  let encryptStub: sinon.SinonStub;
+  let verifyAddressStub: sinon.SinonStub;
+  before(function () {
+    nock.restore();
+
+    const args = {
+      ...DefaultConfig,
+      debug: false,
+      env: 'test' as const,
+      logfile: '/dev/null',
+    };
+
+    const app = expressApp(args);
+    agent = supertest(app);
+
+    authenticateStub = sinon.stub(BitGo.prototype, 'authenticate').callsFake(async (body: any) => {
+      return {
+        email: `${body.username}@example.com`,
+        password: body.password,
+        forceSMS: false,
+      } as any;
+    });
+    encryptStub = sinon.stub(BitGo.prototype, 'encrypt').callsFake((params: any) => `enc:${params.input}`);
+    decryptStub = sinon.stub(BitGo.prototype, 'decrypt').callsFake((params: any) => {
+      const inputStr = String(params.input);
+      return inputStr.startsWith('enc:') ? inputStr.substring(4) : inputStr;
+    });
+    verifyAddressStub = sinon.stub(BitGo.prototype, 'verifyAddress').callsFake((_params: any) => true);
+    walletsStub = sinon.stub(BitGo.prototype, 'wallets').callsFake(() => {
+      return {
+        createWalletWithKeychains: async () => ({
+          wallet: 'wallet-id-123',
+          userKeychain: 'user-keychain',
+          backupKeychain: 'backup-keychain',
+        }),
+      };
+    });
+  });
+  beforeEach(function () {
+    authenticateStub.resetHistory();
+    walletsStub.resetHistory();
+    decryptStub.resetHistory();
+    encryptStub.resetHistory();
+    verifyAddressStub.resetHistory();
+  });
+  after(function () {
+    authenticateStub.restore();
+    walletsStub.restore();
+    decryptStub.restore();
+    encryptStub.restore();
+    verifyAddressStub.restore();
+  });
+
+  it('POST /api/v2/user/login success', async function () {
+    const res = await agent.post('/api/v2/user/login').send({ username: 'alice', password: 'pw' });
+    res.status.should.equal(200);
+    res.body.email.should.equal('[email protected]');
+    res.body.password.should.equal('pw');
+    sinon.assert.calledOnce(authenticateStub);
+    sinon.assert.calledWithMatch(authenticateStub, { username: 'alice', password: 'pw' });
+  });
+
+  it('POST /api/v2/user/login decode failure', async function () {
+    const res = await agent.post('/api/v2/user/login').send({ username: 'alice' });
+    res.status.should.equal(400);
+    sinon.assert.notCalled(authenticateStub);
+  });
+
+  it('POST /api/v2/encrypt success', async function () {
+    const res = await agent.post('/api/v2/encrypt').send({ input: 'hello' });
+    res.status.should.equal(200);
+    res.body.encrypted.should.equal('enc:hello');
+    sinon.assert.calledOnce(encryptStub);
+    sinon.assert.calledWithMatch(encryptStub, { input: 'hello' });
+  });
+
+  it('POST /api/v2/encrypt decode failure', async function () {
+    const res = await agent.post('/api/v2/encrypt').send({ input: 123 });
+    res.status.should.equal(400);
+    sinon.assert.notCalled(encryptStub);
+  });
+
+  it('POST /api/v2/decrypt success', async function () {
+    const res = await agent.post('/api/v2/decrypt').send({ input: 'enc:secret', password: 'pw' });
+    res.status.should.equal(200);
+    res.body.decrypted.should.equal('secret');
+    sinon.assert.calledOnce(decryptStub);
+    sinon.assert.calledWithMatch(decryptStub, { input: 'enc:secret', password: 'pw' });
+  });
+
+  it('POST /api/v2/decrypt decode failure', async function () {
+    const res = await agent.post('/api/v2/decrypt').send({ password: 'pw' });
+    res.status.should.equal(400);
+    sinon.assert.notCalled(decryptStub);
+  });
+
+  it('POST /api/v2/verifyaddress success', async function () {
+    const res = await agent.post('/api/v2/verifyaddress').send({ address: 'addr1' });
+    res.status.should.equal(200);
+    res.body.should.have.property('verified', true);
+    sinon.assert.calledOnce(verifyAddressStub);
+  });
+
+  it('POST /api/v2/verifyaddress decode failure - invalid address', async function () {
+    const res = await agent.post('/api/v2/verifyaddress').send({ address: 42 });
+    res.status.should.equal(400);
+    sinon.assert.notCalled(verifyAddressStub);
+  });
+
+  it('POST /api/v1/wallets/simplecreate success', async function () {
+    const res = await agent.post('/api/v1/wallets/simplecreate').send({ passphrase: 'pass' });
+    res.status.should.equal(200);
+    res.body.wallet.should.equal('wallet-id-123');
+    sinon.assert.calledOnce(walletsStub);
+  });
+
+  it('POST /api/v1/wallets/simplecreate decode - missing passphrase', async function () {
+    const res = await agent.post('/api/v1/wallets/simplecreate').send({});
+    res.status.should.equal(400);
+    sinon.assert.notCalled(walletsStub);
+  });
+});