Merge pull request #5938 from BitGo/FR-460-express-change-wallet-pw

feat(express): add support to change keychain password

Author: joeybaibg

commitlint.config.js

@@ -20,6 +20,7 @@ module.exports = {
         'BOS-',
         'BT-',
         'BTC-',
+        'CAAS-',
         'CE-',
         'CEN-',
         'CLEX-',

modules/express/src/clientRoutes.ts

@@ -2,33 +2,33 @@
  * @prettier
  */
 import {
-  EddsaUtils,
-  EcdsaUtils,
-  EcdsaMPCv2Utils,
-  CustomGShareGeneratingFunction,
-  CustomRShareGeneratingFunction,
-  UnsupportedCoinError,
-  GShare,
-  SignShare,
-  CustomCommitmentGeneratingFunction,
   CommitmentShareRecord,
-  EncryptedSignerShareRecord,
-  CustomPaillierModulusGetterFunction,
+  CreateNetworkConnectionParams,
+  CustomCommitmentGeneratingFunction,
+  CustomGShareGeneratingFunction,
   CustomKShareGeneratingFunction,
+  CustomMPCv2SigningRound1GeneratingFunction,
+  CustomMPCv2SigningRound2GeneratingFunction,
+  CustomMPCv2SigningRound3GeneratingFunction,
   CustomMuDeltaShareGeneratingFunction,
+  CustomPaillierModulusGetterFunction,
+  CustomRShareGeneratingFunction,
   CustomSShareGeneratingFunction,
+  EcdsaMPCv2Utils,
+  EcdsaUtils,
+  EddsaUtils,
+  EncryptedSignerShareRecord,
+  encryptRsaWithAesGcm,
+  GetNetworkPartnersResponse,
+  GShare,
+  MPCType,
+  ShareType,
+  SignShare,
+  SShare,
   TssEcdsaStep1ReturnMessage,
   TssEcdsaStep2ReturnMessage,
-  SShare,
-  ShareType,
-  MPCType,
-  CreateNetworkConnectionParams,
-  GetNetworkPartnersResponse,
-  encryptRsaWithAesGcm,
+  UnsupportedCoinError,
   Wallet,
-  CustomMPCv2SigningRound1GeneratingFunction,
-  CustomMPCv2SigningRound2GeneratingFunction,
-  CustomMPCv2SigningRound3GeneratingFunction,
 } from '@bitgo/sdk-core';
 import { BitGo, BitGoOptions, Coin, CustomSigningFunction, SignedTransaction, SignedTransactionRequest } from 'bitgo';
 import * as bodyParser from 'body-parser';
@@ -965,7 +965,7 @@ async function handleV2SendMany(req: express.Request) {
 }
 
 /**
- * Routes payload meant for prebuildAndSignTransaction() in sdk-core which
+ *  payload meant for prebuildAndSignTransaction() in sdk-core which
  * validates the payload and makes the appropriate request to WP to
  * build, sign, and send a tx.
  * - sends request to Platform to build the transaction
@@ -1025,6 +1025,43 @@ async function handleWalletUpdate(req: express.Request): Promise<unknown> {
   return await bitgo.put(wallet.url()).send(req.body).result();
 }
 
+/**
+ * Changes a keychain's passphrase, re-encrypting the key to a new password
+ * @param req
+ */
+export async function handleKeychainChangePassword(req: express.Request): Promise<unknown> {
+  const { oldPassword, newPassword, otp } = req.body;
+  if (!oldPassword || !newPassword) {
+    throw new ApiResponseError('Missing 1 or more required fields: [oldPassword, newPassword]', 400);
+  }
+  const reqId = new RequestTracer();
+
+  const bitgo = req.bitgo;
+  const coin = bitgo.coin(req.params.coin);
+
+  if (otp) {
+    await bitgo.unlock({ otp });
+  }
+
+  const keychain = await coin.keychains().get({
+    id: req.params.id,
+    reqId,
+  });
+  if (!keychain) {
+    throw new ApiResponseError(`Keychain ${req.params.id} not found`, 404);
+  }
+
+  const updatedKeychain = coin.keychains().updateSingleKeychainPassword({
+    keychain,
+    oldPassword,
+    newPassword,
+  });
+
+  return bitgo.put(coin.url(`/key/${updatedKeychain.id}`)).send({
+    encryptedPrv: updatedKeychain.encryptedPrv,
+  });
+}
+
 /**
  * handle any other API call
  * @param req
@@ -1577,6 +1614,14 @@ export function setupAPIRoutes(app: express.Application, config: Config): void {
 
   app.put('/express/api/v2/:coin/wallet/:id', parseBody, prepareBitGo(config), promiseWrapper(handleWalletUpdate));
 
+  // change wallet passphrase
+  app.post(
+    '/api/v2/:coin/keychain/:id/changepassword',
+    parseBody,
+    prepareBitGo(config),
+    promiseWrapper(handleKeychainChangePassword)
+  );
+
   // create address
   app.post('/api/v2/:coin/wallet/:id/address', parseBody, prepareBitGo(config), promiseWrapper(handleV2CreateAddress));
 

modules/express/test/unit/clientRoutes/changeKeychainPassword.ts

@@ -0,0 +1,54 @@
+import * as sinon from 'sinon';
+
+import 'should-http';
+import 'should-sinon';
+import '../../lib/asserts';
+
+import * as express from 'express';
+
+import { handleKeychainChangePassword } from '../../../src/clientRoutes';
+
+import { BitGo } from 'bitgo';
+
+describe('Change Wallet Password', function () {
+  it('should change wallet password', async function () {
+    const keychainBaseCoinStub = {
+      keychains: () => ({ updateSingleKeychainPassword: () => Promise.resolve({ result: 'stubbed' }) }),
+    };
+    const keychainStub = {
+      baseCoin: keychainBaseCoinStub,
+    };
+
+    const coinStub = {
+      keychains: () => ({
+        get: () => Promise.resolve(keychainStub),
+        updateSingleKeychainPassword: () => ({ result: 'stubbed' }),
+      }),
+      url: () => 'url',
+    };
+
+    const stubBitgo = sinon.createStubInstance(BitGo as any, {
+      coin: coinStub,
+    });
+    stubBitgo['put'] = sinon.stub().returns({
+      send: () => ({
+        result: '200 OK',
+      }),
+    });
+
+    const mockRequest = {
+      bitgo: stubBitgo,
+      params: {
+        coin: 'talgo',
+        id: '23423423423423',
+      },
+      body: {
+        oldPassword: 'oldPasswordString',
+        newPassword: 'newPasswordString',
+      },
+    };
+
+    const result = await handleKeychainChangePassword(mockRequest as express.Request & typeof mockRequest);
+    ({ result: '200 OK' }).should.be.eql(result);
+  });
+});