chore(mbe): move ebe config checks to middleware

Ticket: WP-4724

Author: pranavjain97

src/__tests__/masterBitgoExpress/generateWallet.test.ts

@@ -41,10 +41,6 @@ describe('POST /api/:coin/wallet/generate', () => {
     nock.cleanAll();
   });
 
-  after(() => {
-    nock.restore();
-  });
-
   it('should generate a wallet by calling the enclaved express service', async () => {
     const userKeychainNock = nock(enclavedExpressUrl)
       .post(`/api/${coin}/key/independent`, {
@@ -142,4 +138,35 @@ describe('POST /api/:coin/wallet/generate', () => {
     bitgoAddBitGoKeyNock.done();
     bitgoAddWalletNock.done();
   });
+
+  it('should fail when enclaved express client is not configured', async () => {
+    // Create a config without enclaved express settings
+    const invalidConfig: Partial<MasterExpressConfig> = {
+      appMode: AppMode.MASTER_EXPRESS,
+      port: 0,
+      bind: 'localhost',
+      timeout: 60000,
+      logFile: '',
+      env: 'test',
+      disableEnvCheck: true,
+      authVersion: 2,
+      tlsMode: TlsMode.DISABLED,
+      mtlsRequestCert: false,
+      allowSelfSigned: true,
+    };
+
+    const app = expressApp(invalidConfig as MasterExpressConfig);
+    const testAgent = request.agent(app);
+
+    const response = await testAgent
+      .post(`/api/${coin}/wallet/generate`)
+      .set('Authorization', `Bearer ${accessToken}`)
+      .send({
+        label: 'test-wallet',
+      });
+
+    response.status.should.equal(500);
+    response.body.should.have.property('error');
+    response.body.error.should.equal('Please configure enclaved express configs.');
+  });
 });

src/__tests__/masterBitgoExpress/sendMany.test.ts

@@ -260,4 +260,42 @@ describe('POST /api/:coin/wallet/:walletId/sendmany', () => {
     walletGetNock.done();
     keychainGetNock.done();
   });
+
+  it('should fail when enclaved express client is not configured', async () => {
+    // Create a config without enclaved express settings
+    const invalidConfig: Partial<MasterExpressConfig> = {
+      appMode: AppMode.MASTER_EXPRESS,
+      port: 0,
+      bind: 'localhost',
+      timeout: 60000,
+      logFile: '',
+      env: 'test',
+      disableEnvCheck: true,
+      authVersion: 2,
+      tlsMode: TlsMode.DISABLED,
+      mtlsRequestCert: false,
+      allowSelfSigned: true,
+    };
+
+    const app = expressApp(invalidConfig as MasterExpressConfig);
+    const testAgent = request.agent(app);
+
+    const response = await testAgent
+      .post(`/api/${coin}/wallet/${walletId}/sendMany`)
+      .set('Authorization', `Bearer ${accessToken}`)
+      .send({
+        recipients: [
+          {
+            address: 'tb1qtest1',
+            amount: '100000',
+          },
+        ],
+        source: 'user',
+        pubkey: 'xpub_user',
+      });
+
+    response.status.should.equal(500);
+    response.body.should.have.property('error');
+    response.body.error.should.equal('Please configure enclaved express configs.');
+  });
 });

src/masterBitgoExpress/generateWallet.ts

@@ -8,11 +8,8 @@ import {
   WalletWithKeychains,
   AddKeychainOptions,
 } from '@bitgo/sdk-core';
-import { createEnclavedExpressClient } from './enclavedExpressClient';
 import _ from 'lodash';
 import { MasterApiSpecRouteRequest } from './routers/masterApiSpec';
-import { isMasterExpressConfig } from '../types';
-import assert from 'assert';
 
 /**
  * This route is used to generate a multisig wallet when enclaved express is enabled
@@ -23,17 +20,8 @@ export async function handleGenerateWalletOnPrem(
   const bitgo = req.bitgo;
   const baseCoin = bitgo.coin(req.params.coin);
 
-  assert(
-    isMasterExpressConfig(req.config),
-    'Expected req.config to be of type MasterExpressConfig',
-  );
-
-  const enclavedExpressClient = createEnclavedExpressClient(req.config, req.params.coin);
-  if (!enclavedExpressClient) {
-    throw new Error(
-      'Enclaved express client not configured - enclaved express features will be disabled',
-    );
-  }
+  // The enclavedExpressClient is now available from the request
+  const enclavedExpressClient = req.enclavedExpressClient;
 
   const reqId = new RequestTracer();
 

src/masterBitgoExpress/handleSendMany.ts

@@ -1,5 +1,4 @@
 import { RequestTracer, PrebuildTransactionOptions, Memo, KeyIndices } from '@bitgo/sdk-core';
-import { createEnclavedExpressClient } from './enclavedExpressClient';
 import logger from '../logger';
 import { MasterApiSpecRouteRequest } from './routers/masterApiSpec';
 import { isMasterExpressConfig } from '../initConfig';
@@ -21,10 +20,7 @@ export async function handleSendMany(req: MasterApiSpecRouteRequest<'v1.wallet.s
   if (!isMasterExpressConfig(req.config)) {
     throw new Error('Configuration must be in master express mode');
   }
-  const enclavedExpressClient = createEnclavedExpressClient(req.config, req.params.coin);
-  if (!enclavedExpressClient) {
-    throw new Error('Please configure enclaved express configs to sign the transactions.');
-  }
+  const enclavedExpressClient = req.enclavedExpressClient;
   const reqId = new RequestTracer();
   const bitgo = req.bitgo;
   const baseCoin = bitgo.coin(req.params.coin);
@@ -96,7 +92,7 @@ export async function handleSendMany(req: MasterApiSpecRouteRequest<'v1.wallet.s
       const err = e as Error;
       logger.error('transaction prebuild failed local validation:', err.message);
       logger.error('transaction prebuild:', JSON.stringify(txPrebuilt, null, 2));
-        throw new Error(`Transaction prebuild failed local validation: ${err.message}`);
+      throw new Error(`Transaction prebuild failed local validation: ${err.message}`);
     }
 
     logger.debug('Tx prebuild: %s', JSON.stringify(txPrebuilt, null, 2));

src/masterBitgoExpress/middleware.ts

@@ -0,0 +1,32 @@
+import { Request, Response, NextFunction } from 'express';
+import { isMasterExpressConfig } from '../types';
+import { createEnclavedExpressClient } from './enclavedExpressClient';
+import { BitGoRequest } from '../types/request';
+
+/**
+ * Middleware to validate master express configuration and enclaved express client
+ */
+export function validateMasterExpressConfig(req: Request, res: Response, next: NextFunction) {
+  const bitgoReq = req as BitGoRequest;
+
+  // Validate master express config
+  if (!isMasterExpressConfig(bitgoReq.config)) {
+    return res.status(500).json({
+      error: 'Invalid configuration',
+      details: 'Expected req.config to be of type MasterExpressConfig',
+    });
+  }
+
+  // Validate enclaved express client
+  const enclavedExpressClient = createEnclavedExpressClient(bitgoReq.config, bitgoReq.params?.coin);
+  if (!enclavedExpressClient) {
+    return res.status(500).json({
+      error: 'Please configure enclaved express configs.',
+      details: 'Enclaved express features will be disabled',
+    });
+  }
+
+  // Attach the client to the request for use in route handlers
+  bitgoReq.enclavedExpressClient = enclavedExpressClient;
+  next();
+}

src/masterBitgoExpress/routers/masterApiSpec.ts

@@ -18,6 +18,7 @@ import { MasterExpressConfig } from '../../initConfig';
 import { handleGenerateWalletOnPrem } from '../generateWallet';
 import { prepareBitGo, responseHandler } from '../../shared/middleware';
 import { handleSendMany } from '../handleSendMany';
+import { validateMasterExpressConfig } from '../middleware';
 
 // Middleware functions
 export function parseBody(req: express.Request, res: express.Response, next: express.NextFunction) {
@@ -141,6 +142,7 @@ export function createMasterApiRouter(
   // Add middleware to all routes
   router.use(parseBody);
   router.use(prepareBitGo(cfg));
+  router.use(validateMasterExpressConfig);
 
   // Generate wallet endpoint handler
   router.post('v1.wallet.generate', [

src/types/request.ts

@@ -1,11 +1,13 @@
 import express from 'express';
 import { type BitGo } from 'bitgo';
 import { Config } from '../types';
+import { EnclavedExpressClient } from '../masterBitgoExpress/enclavedExpressClient';
 
 // Extended request type for BitGo Express
 export interface BitGoRequest<T extends Config = Config> extends express.Request {
   bitgo: BitGo;
   config: T;
+  enclavedExpressClient: EnclavedExpressClient;
 }
 
 export function isBitGoRequest<T extends Config>(req: express.Request): req is BitGoRequest<T> {