feat: add ability to post identity key via admin API (#628)

* feat: add ability to post identity key via admin API

* fix: lint

* fix: use optional type instead of undefined and remove unnecessary uppercase function

Author: Austin King

src/data-access/users.ts

@@ -33,6 +33,7 @@ export async function checkUserExistence(payId: string): Promise<boolean> {
  *
  * @param payId - The PayID to insert in the account table.
  * @param addresses - The payment addresses for that PayID to insert into the database.
+ * @param identityKey - Base64 encoded public key of user for signing addresses.
  *
  * @returns The addresses inserted for this user.
  */
@@ -41,11 +42,13 @@ export async function checkUserExistence(payId: string): Promise<boolean> {
 export async function insertUser(
   payId: string,
   addresses: readonly AddressInformation[],
+  identityKey?: string,
 ): Promise<readonly AddressInformation[]> {
   return knex.transaction(async (transaction: Transaction) => {
     const insertedAddresses = await knex
       .insert({
         payId,
+        identityKey,
       })
       .into<Account>('account')
       .transacting(transaction)

src/middlewares/users.ts

@@ -98,7 +98,7 @@ export async function postUser(
   // TODO:(hbergren) Need to test here and in `putUser()` that `req.body.addresses` is well formed.
   // This includes making sure that everything that is not ACH or ILP is in a CryptoAddressDetails format.
   // And that we `toUpperCase()` paymentNetwork and environment as part of parsing the addresses.
-  await insertUser(payId, req.body.addresses)
+  await insertUser(payId, req.body.addresses, req.body.identityKey)
 
   // Set HTTP status and save the PayID to generate the Location header in later middleware
   res.locals.status = HttpStatus.Created
@@ -125,6 +125,7 @@ export async function putUser(
   const rawPayId = req.params.payId
   const rawNewPayId = req.body?.payId
   const addresses = req.body?.addresses
+  const identityKey = req.body?.identityKey
 
   // TODO:(hbergren) More validation? Assert that the PayID is `$` and of a certain form?
   // Do that using a regex route param in Express?
@@ -171,7 +172,7 @@ export async function putUser(
 
   updatedAddresses = await replaceUser(payId, newPayId, addresses)
   if (updatedAddresses === null) {
-    updatedAddresses = await insertUser(newPayId, addresses)
+    updatedAddresses = await insertUser(newPayId, addresses, identityKey)
     statusCode = HttpStatus.Created
   }
 

test/integration/e2e/admin-api/postUsers.test.ts

@@ -48,6 +48,37 @@ describe('E2E - adminApiRouter - POST /users', function (): void {
       .expect(HttpStatus.Created, done)
   })
 
+  it('Returns a 201 when creating a new user with an identity key', function (done): void {
+    const payId = 'jacksmith$xpring.money'
+    const identityKey = `Imp3ayI6IHsKICAia3R5IjogIkVDIiwgCiAgInVzZSI6ICJzaWciL`
+
+    // GIVEN a user with a PayID known to not exist on the PayID service
+    const userInformation = {
+      payId,
+      identityKey,
+      addresses: [
+        {
+          paymentNetwork: 'XRPL',
+          environment: 'TESTNET',
+          details: {
+            address: 'TVQWr6BhgBLW2jbFyqqufgq8T9eN7KresB684ZSHKQ3oDth',
+          },
+        },
+      ],
+    }
+
+    // WHEN we make a POST request to /users with that user information
+    request(app.adminApiExpress)
+      .post(`/users`)
+      .set('PayID-API-Version', payIdApiVersion)
+      .send(userInformation)
+      .expect('Content-Type', /text\/plain/u)
+      // THEN we expect the Location header to be set to the path of the created user resource
+      .expect('Location', `/users/${payId}`)
+      // AND we expect back a 201 - CREATED
+      .expect(HttpStatus.Created, done)
+  })
+
   it('Returns a 201 when creating a new user, without an Accept-Patch header in the response', function (done): void {
     // GIVEN a user with a PayID known to not exist on the PayID service
     const userInformation = {