From 2ca0d23c3c207c354dc92a0dae52842361fbb31e Mon Sep 17 00:00:00 2001
From: Mohammed Sohail <sohailsameja@gmail.com>
Date: Wed, 30 Nov 2022 15:18:01 +0000
Subject: [PATCH] feat: add transfer handler and input validation

* validate incoming api requests
* fix transfer ABI encoder
---
 cmd/init_api.go                  | 11 ++++-
 go.mod                           |  4 ++
 go.sum                           |  8 ++++
 internal/api/registration.go     | 16 ++++----
 internal/api/transfer.go         | 69 ++++++++++++++++++++++++++++++++
 internal/api/types.go            | 10 +++--
 internal/api/validator.go        | 24 +++++++++++
 internal/tasker/task/transfer.go |  2 +-
 8 files changed, 130 insertions(+), 14 deletions(-)
 create mode 100644 internal/api/transfer.go
 create mode 100644 internal/api/validator.go

diff --git a/cmd/init_api.go b/cmd/init_api.go
index 291ceaf..3bb8f62 100644
--- a/cmd/init_api.go
+++ b/cmd/init_api.go
@@ -4,6 +4,7 @@ import (
 	"net/http"
 
 	"github.com/arl/statsviz"
+	"github.com/go-playground/validator"
 	"github.com/grassrootseconomics/cic-custodial/internal/api"
 	"github.com/labstack/echo/v4"
 )
@@ -20,12 +21,20 @@ func initApiServer() *echo.Echo {
 		server.GET("/debug/statsviz/*", echo.WrapHandler(statsVizMux))
 	}
 
+	server.Validator = &api.CustomValidator{
+		Validator: validator.New(),
+	}
+
 	apiRoute := server.Group("/api")
 
-	apiRoute.GET("/register", api.RegistrationHandler(
+	apiRoute.POST("/register", api.RegistrationHandler(
 		taskerClient,
 		postgresKeystore,
 	))
 
+	apiRoute.POST("/transfer", api.TransferHandler(
+		taskerClient,
+	))
+
 	return server
 }
diff --git a/go.mod b/go.mod
index 9c39563..c38f150 100644
--- a/go.mod
+++ b/go.mod
@@ -33,6 +33,9 @@ require (
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 	github.com/fsnotify/fsnotify v1.4.9 // indirect
 	github.com/go-ole/go-ole v1.2.6 // indirect
+	github.com/go-playground/locales v0.14.0 // indirect
+	github.com/go-playground/universal-translator v0.18.0 // indirect
+	github.com/go-playground/validator v9.31.0+incompatible // indirect
 	github.com/go-stack/stack v1.8.1 // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
@@ -48,6 +51,7 @@ require (
 	github.com/jackc/puddle/v2 v2.1.2 // indirect
 	github.com/jackpal/go-nat-pmp v1.0.2 // indirect
 	github.com/labstack/gommon v0.4.0 // indirect
+	github.com/leodido/go-urn v1.2.1 // indirect
 	github.com/mattn/go-colorable v0.1.11 // indirect
 	github.com/mattn/go-isatty v0.0.14 // indirect
 	github.com/mattn/go-runewidth v0.0.14 // indirect
diff --git a/go.sum b/go.sum
index cbb62f7..24105ea 100644
--- a/go.sum
+++ b/go.sum
@@ -192,6 +192,12 @@ github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
 github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
+github.com/go-playground/locales v0.14.0 h1:u50s323jtVGugKlcYeyzC0etD1HifMjqmJqb8WugfUU=
+github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs=
+github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho=
+github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA=
+github.com/go-playground/validator v9.31.0+incompatible h1:UA72EPEogEnq76ehGdEDp4Mit+3FDh548oRqwVgNsHA=
+github.com/go-playground/validator v9.31.0+incompatible/go.mod h1:yrEkQXlcI+PugkyDjY2bRrL/UBU4f3rvrgkN3V8JEig=
 github.com/go-redis/redis/v8 v8.11.2/go.mod h1:DLomh7y2e3ggQXQLd1YgmvIfecPJoFl7WU5SOQ/r06M=
 github.com/go-redis/redis/v8 v8.11.4/go.mod h1:2Z2wHZXdQpCDXEGzqMockDpNyYvi2l4Pxt6RJr792+w=
 github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI=
@@ -403,6 +409,8 @@ github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL
 github.com/labstack/gommon v0.4.0 h1:y7cvthEAEbU0yHOf4axH8ZG2NH8knB9iNSoTO8dyIk8=
 github.com/labstack/gommon v0.4.0/go.mod h1:uW6kP17uPlLJsD3ijUYn3/M5bAxtlZhMI6m3MFxTMTM=
 github.com/leanovate/gopter v0.2.9/go.mod h1:U2L/78B+KVFIx2VmW6onHJQzXtFb+p5y3y2Sh+Jxxv8=
+github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w=
+github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
 github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/logrusorgru/aurora v2.0.3+incompatible/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4=
 github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
diff --git a/internal/api/registration.go b/internal/api/registration.go
index f203f55..bbab338 100644
--- a/internal/api/registration.go
+++ b/internal/api/registration.go
@@ -13,7 +13,7 @@ import (
 
 type registrationResponse struct {
 	PublicKey string `json:"publicKey"`
-	JobRef    string `json:"jobRef"`
+	TaskRef    string `json:"taskRef"`
 }
 
 func RegistrationHandler(
@@ -32,31 +32,31 @@ func RegistrationHandler(
 		if err := keystore.WriteKeyPair(c.Request().Context(), generatedKeyPair); err != nil {
 			return echo.NewHTTPError(http.StatusInternalServerError, errResp{
 				Ok:    false,
-				Error: INTERNAL,
+				Error: INTERNAL_ERROR,
 			})
 		}
 
-		jobPayload, err := json.Marshal(task.SystemPayload{
+		taskPayload, err := json.Marshal(task.SystemPayload{
 			PublicKey: generatedKeyPair.Public,
 		})
 		if err != nil {
 			return echo.NewHTTPError(http.StatusInternalServerError, errResp{
 				Ok:    false,
-				Error: JSON_MARSHAL,
+				Error: JSON_MARSHAL_ERROR,
 			})
 		}
 
-		job, err := taskerClient.CreateTask(
+		task, err := taskerClient.CreateTask(
 			tasker.PrepareAccountTask,
 			tasker.DefaultPriority,
 			&tasker.Task{
-				Payload: jobPayload,
+				Payload: taskPayload,
 			},
 		)
 		if err != nil {
 			return echo.NewHTTPError(http.StatusInternalServerError, errResp{
 				Ok:    false,
-				Error: TASK_CHAIN,
+				Error: TASK_CHAIN_ERROR,
 			})
 		}
 
@@ -64,7 +64,7 @@ func RegistrationHandler(
 			Ok: true,
 			Data: registrationResponse{
 				PublicKey: generatedKeyPair.Public,
-				JobRef:    job.ID,
+				TaskRef:    task.ID,
 			},
 		})
 	}
diff --git a/internal/api/transfer.go b/internal/api/transfer.go
new file mode 100644
index 0000000..e5c856c
--- /dev/null
+++ b/internal/api/transfer.go
@@ -0,0 +1,69 @@
+package api
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"github.com/grassrootseconomics/cic-custodial/internal/tasker"
+	"github.com/labstack/echo/v4"
+)
+
+type (
+	transferRequest struct {
+		From           string `json:"from" validate:"required,eth_addr"`
+		To             string `json:"to" validate:"required,eth_addr"`
+		VoucherAddress string `json:"voucherAddress" validate:"required,eth_addr"`
+		Amount         string `json:"amount" validate:"required,numeric"`
+	}
+
+	transferResponse struct {
+		TaskRef string `json:"taskRef"`
+	}
+)
+
+func TransferHandler(
+	taskerClient *tasker.TaskerClient,
+) func(echo.Context) error {
+	return func(c echo.Context) error {
+		transferPayload := new(transferRequest)
+
+		if err := c.Bind(transferPayload); err != nil {
+			return echo.NewHTTPError(http.StatusBadRequest, errResp{
+				Ok:    false,
+				Error: BIND_ERROR,
+			})
+		}
+		if err := c.Validate(transferPayload); err != nil {
+			return err
+		}
+
+		taskPayload, err := json.Marshal(transferPayload)
+		if err != nil {
+			return echo.NewHTTPError(http.StatusInternalServerError, errResp{
+				Ok:    false,
+				Error: JSON_MARSHAL_ERROR,
+			})
+		}
+
+		task, err := taskerClient.CreateTask(
+			tasker.TransferTokenTask,
+			tasker.DefaultPriority,
+			&tasker.Task{
+				Payload: taskPayload,
+			},
+		)
+		if err != nil {
+			return echo.NewHTTPError(http.StatusInternalServerError, errResp{
+				Ok:    false,
+				Error: TASK_CHAIN_ERROR,
+			})
+		}
+
+		return c.JSON(http.StatusOK, okResp{
+			Ok: true,
+			Data: transferResponse{
+				TaskRef: task.ID,
+			},
+		})
+	}
+}
diff --git a/internal/api/types.go b/internal/api/types.go
index 9cb4f62..9e03edd 100644
--- a/internal/api/types.go
+++ b/internal/api/types.go
@@ -1,10 +1,12 @@
 package api
 
 const (
-	INTERNAL      = "ERR_INTERNAL"
-	KEYPAIR_ERROR = "ERR_GEN_KEYPAIR"
-	JSON_MARSHAL  = "ERR_PAYLOAD_SERIALIZATION"
-	TASK_CHAIN    = "ERR_START_TASK_CHAIN"
+	INTERNAL_ERROR     = "ERR_INTERNAL"
+	KEYPAIR_ERROR      = "ERR_GEN_KEYPAIR"
+	JSON_MARSHAL_ERROR = "ERR_PAYLOAD_SERIALIZATION"
+	TASK_CHAIN_ERROR   = "ERR_START_TASK_CHAIN"
+	VALIDATION_ERROR   = "ERR_VALIDATE"
+	BIND_ERROR         = "ERR_BIND"
 )
 
 type okResp struct {
diff --git a/internal/api/validator.go b/internal/api/validator.go
new file mode 100644
index 0000000..3de7cda
--- /dev/null
+++ b/internal/api/validator.go
@@ -0,0 +1,24 @@
+package api
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/go-playground/validator"
+	"github.com/labstack/echo/v4"
+)
+
+type CustomValidator struct {
+	Validator *validator.Validate
+}
+
+func (cv *CustomValidator) Validate(i interface{}) error {
+	if err := cv.Validator.Struct(i); err != nil {
+		fmt.Println(err)
+		return echo.NewHTTPError(http.StatusBadRequest, errResp{
+			Ok:    false,
+			Error: VALIDATION_ERROR,
+		})
+	}
+	return nil
+}
diff --git a/internal/tasker/task/transfer.go b/internal/tasker/task/transfer.go
index 6516f11..799dc7c 100644
--- a/internal/tasker/task/transfer.go
+++ b/internal/tasker/task/transfer.go
@@ -60,7 +60,7 @@ func TransferToken(
 			return err
 		}
 
-		input, err := abi.EncodeArgs(p.To, parseTransferValue(p.Amount, system.TokenDecimals))
+		input, err := abi.EncodeArgs(w3.A(p.To), parseTransferValue(p.Amount, system.TokenDecimals))
 		if err != nil {
 			return fmt.Errorf("ABI encode failed %v: %w", err, asynq.SkipRetry)
 		}