Merge pull request #7084 from BitGo/WP-5443-express-migrate-api-v2-ofc-signPayload-to-typed-routes

feature(express): migrated ofcSignPayload to typed routes

Author: danielzhao122

modules/express/package.json

@@ -50,6 +50,7 @@
     "dotenv": "^16.0.0",
     "express": "4.21.2",
     "io-ts": "npm:@bitgo-forks/[email protected]",
+    "io-ts-types": "^0.5.19",
     "lodash": "^4.17.20",
     "morgan": "^1.9.1",
     "proxy-agent": "6.4.0",

modules/express/src/clientRoutes.ts

@@ -62,7 +62,6 @@ import { handleLightningWithdraw } from './lightning/lightningWithdrawRoutes';
 import createExpressRouter from './typedRoutes';
 import { ExpressApiRouteRequest } from './typedRoutes/api';
 import { TypedRequestHandler, WrappedRequest, WrappedResponse } from '@api-ts/typed-express-router';
-import { isJsonString } from './utils';
 
 const { version } = require('bitgo/package.json');
 const pjson = require('../package.json');
@@ -590,10 +589,10 @@ export async function handleV2OFCSignPayloadInExtSigningMode(
   }
 }
 
-export async function handleV2OFCSignPayload(req: express.Request): Promise<{ payload: string; signature: string }> {
-  const walletId = req.body.walletId;
-  const payload = req.body.payload;
-  const bodyWalletPassphrase = req.body.walletPassphrase;
+export async function handleV2OFCSignPayload(
+  req: ExpressApiRouteRequest<'express.ofc.signPayload', 'post'>
+): Promise<{ payload: string; signature: string }> {
+  const { walletId, payload, walletPassphrase: bodyWalletPassphrase } = req.decoded;
   const ofcCoinName = 'ofc';
 
   // If the externalSignerUrl is set, forward the request to the express server hosted on the externalSignerUrl
@@ -612,14 +611,6 @@ export async function handleV2OFCSignPayload(req: express.Request): Promise<{ pa
     return payloadWithSignature;
   }
 
-  if (!payload) {
-    throw new ApiResponseError('Missing required field: payload', 400);
-  }
-
-  if (!walletId) {
-    throw new ApiResponseError('Missing required field: walletId', 400);
-  }
-
   const bitgo = req.bitgo;
 
   // This is to set us up for multiple trading accounts per enterprise
@@ -631,7 +622,7 @@ export async function handleV2OFCSignPayload(req: express.Request): Promise<{ pa
 
   const walletPassphrase = bodyWalletPassphrase || getWalletPwFromEnv(wallet.id());
   const tradingAccount = wallet.toTradingAccount();
-  const stringifiedPayload = isJsonString(req.body.payload) ? req.body.payload : JSON.stringify(req.body.payload);
+  const stringifiedPayload = JSON.stringify(payload);
   const signature = await tradingAccount.signPayload({
     payload: stringifiedPayload,
     walletPassphrase,
@@ -1639,7 +1630,7 @@ export function setupAPIRoutes(app: express.Application, config: Config): void {
   );
 
   // sign arbitrary payloads w/ trading account key
-  app.post(`/api/v2/ofc/signPayload`, parseBody, prepareBitGo(config), promiseWrapper(handleV2OFCSignPayload));
+  router.post('express.ofc.signPayload', [prepareBitGo(config), typedPromiseWrapper(handleV2OFCSignPayload)]);
 
   // sign transaction
   app.post('/api/v2/:coin/signtx', parseBody, prepareBitGo(config), promiseWrapper(handleV2SignTx));

modules/express/src/typedRoutes/api/index.ts

@@ -23,6 +23,7 @@ import { PostCreateLocalKeyChain } from './v1/createLocalKeyChain';
 import { PutConstructPendingApprovalTx } from './v1/constructPendingApprovalTx';
 import { PutConsolidateUnspents } from './v1/consolidateUnspents';
 import { PutFanoutUnspents } from './v1/fanoutUnspents';
+import { PostOfcSignPayload } from './v2/ofcSignPayload';
 
 export const ExpressApi = apiSpec({
   'express.ping': {
@@ -88,6 +89,9 @@ export const ExpressApi = apiSpec({
   'express.v1.wallet.fanoutunspents': {
     put: PutFanoutUnspents,
   },
+  'express.ofc.signPayload': {
+    post: PostOfcSignPayload,
+  },
 });
 
 export type ExpressApi = typeof ExpressApi;

modules/express/src/typedRoutes/api/v2/ofcSignPayload.ts

@@ -0,0 +1,46 @@
+import * as t from 'io-ts';
+import { Json, NonEmptyString, JsonFromString } from 'io-ts-types';
+import { httpRoute, httpRequest, optional } from '@api-ts/io-ts-http';
+import { BitgoExpressError } from '../../schemas/error';
+
+/**
+ * Sign an arbitrary payload using an OFC trading account key.
+ */
+export const OfcSignPayloadBody = {
+  /** The ID of the OFC wallet to sign the payload with. */
+  walletId: NonEmptyString,
+  /** The payload to sign. The input can either be a stringified JSON, or a JSON object. */
+  payload: t.union([Json, t.string.pipe(JsonFromString)]),
+  /** The passphrase to decrypt the user key. */
+  walletPassphrase: optional(t.string),
+} as const;
+
+export const OfcSignPayloadResponse200 = t.type({
+  /** The string form of the JSON payload that was signed. */
+  payload: t.string,
+  /** Hex-encoded signature generated by the trading account key. */
+  signature: t.string,
+});
+
+/**
+ * Response for signing an arbitrary payload with an OFC wallet key.
+ */
+export const OfcSignPayloadResponse = {
+  /** Signed payload and signature */
+  200: OfcSignPayloadResponse200,
+  /** BitGo Express error payload. */
+  400: BitgoExpressError,
+} as const;
+
+/** Sign payload with an OFC wallet key.
+ * Signs an arbitrary payload with an OFC wallet key.
+ *
+ * @tag express
+ * @operationId express.ofc.signPayload
+ */
+export const PostOfcSignPayload = httpRoute({
+  path: '/api/v2/ofc/signPayload',
+  method: 'POST',
+  request: httpRequest({ body: OfcSignPayloadBody }),
+  response: OfcSignPayloadResponse,
+});

modules/express/test/unit/clientRoutes/signPayload.ts

@@ -5,9 +5,11 @@ import 'should';
 import * as fs from 'fs';
 import { Request } from 'express';
 import { BitGo, Coin, BaseCoin, Wallet, Wallets } from 'bitgo';
-
 import '../../lib/asserts';
 import { handleV2OFCSignPayload, handleV2OFCSignPayloadInExtSigningMode } from '../../../src/clientRoutes';
+import { ExpressApiRouteRequest } from '../../../src/typedRoutes/api';
+import { OfcSignPayloadResponse } from '../../../src/typedRoutes/api/v2/ofcSignPayload';
+import { decodeOrElse } from '@bitgo/sdk-core';
 
 describe('Sign an arbitrary payload with trading account key', function () {
   const coin = 'ofc';
@@ -53,9 +55,16 @@ describe('Sign an arbitrary payload with trading account key', function () {
         payload,
         walletId,
       },
+      decoded: {
+        walletId,
+        payload,
+      },
       query: {},
-    } as unknown as Request;
-    await handleV2OFCSignPayload(req).should.be.resolvedWith(expectedResponse);
+    } as unknown as ExpressApiRouteRequest<'express.ofc.signPayload', 'post'>;
+    const result = await handleV2OFCSignPayload(req).should.be.resolvedWith(expectedResponse);
+    decodeOrElse('OfcSignPayloadResponse200', OfcSignPayloadResponse[200], result, (_) => {
+      throw new Error(`Response did not match expected codec`);
+    });
   });
   it('should return a signed payload with type as json string', async function () {
     const expectedResponse = {
@@ -68,9 +77,40 @@ describe('Sign an arbitrary payload with trading account key', function () {
         payload: stringifiedPayload,
         walletId,
       },
+      decoded: {
+        walletId,
+        payload,
+      },
       query: {},
-    } as unknown as Request;
-    await handleV2OFCSignPayload(req).should.be.resolvedWith(expectedResponse);
+    } as unknown as ExpressApiRouteRequest<'express.ofc.signPayload', 'post'>;
+    const result = await handleV2OFCSignPayload(req).should.be.resolvedWith(expectedResponse);
+    decodeOrElse('OfcSignPayloadResponse200', OfcSignPayloadResponse[200], result, (_) => {
+      throw new Error(`Response did not match expected codec`);
+    });
+  });
+  it('should decode handler response with OfcSignPayloadResponse codec', async function () {
+    const expected = {
+      payload: JSON.stringify(payload),
+      signature,
+    };
+    const req = {
+      bitgo: bitGoStub,
+      body: {
+        walletId,
+        payload,
+      },
+      decoded: {
+        walletId,
+        payload,
+      },
+    } as unknown as ExpressApiRouteRequest<'express.ofc.signPayload', 'post'>;
+
+    const result = await handleV2OFCSignPayload(req);
+    decodeOrElse('OfcSignPayloadResponse200', OfcSignPayloadResponse[200], result, (_) => {
+      throw new Error(`Response did not match expected codec`);
+    });
+    result.should.eql(expected);
+    OfcSignPayloadResponse[200].is(result).should.be.true();
   });
 });
 

modules/express/test/unit/typedRoutes/decode.ts

@@ -13,6 +13,7 @@ import {
   LightningInitWalletParams,
 } from '../../../src/typedRoutes/api/v2/lightningInitWallet';
 import { UnlockLightningWalletBody, UnlockLightningWalletParams } from '../../../src/typedRoutes/api/v2/unlockWallet';
+import { OfcSignPayloadBody } from '../../../src/typedRoutes/api/v2/ofcSignPayload';
 
 export function assertDecode<T>(codec: t.Type<T, unknown>, input: unknown): T {
   const result = codec.decode(input);
@@ -190,4 +191,36 @@ describe('io-ts decode tests', function () {
     // valid body
     assertDecode(t.type(UnlockLightningWalletBody), { passphrase: 'secret' });
   });
+  it('express.ofc.signPayload', function () {
+    // missing walletId
+    assert.throws(() =>
+      assertDecode(t.type(OfcSignPayloadBody), {
+        payload: { a: 1 },
+      })
+    );
+    // empty walletId
+    assert.throws(() =>
+      assertDecode(t.type(OfcSignPayloadBody), {
+        walletId: '',
+        payload: { a: 1 },
+      })
+    );
+    // missing payload
+    assert.throws(() =>
+      assertDecode(t.type(OfcSignPayloadBody), {
+        walletId: 'w1',
+      })
+    );
+    // valid minimal
+    assertDecode(t.type(OfcSignPayloadBody), {
+      walletId: 'w1',
+      payload: { a: 1 },
+    });
+    // valid with nested and optional passphrase
+    assertDecode(t.type(OfcSignPayloadBody), {
+      walletId: 'w1',
+      payload: { nested: ['x', { y: true }] },
+      walletPassphrase: 'secret',
+    });
+  });
 });