refactor: fix code duplication in myirmaserver request body parsing

server/api.go

@@ -530,3 +530,22 @@ func LogMiddleware(typ string, opts LogOptions) func(next http.Handler) http.Han
 		})
 	}
 }
+
+func ParseBody(w http.ResponseWriter, r *http.Request, input interface{}) error {
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		Logger.WithField("error", err).Info("Malformed request: could not read request body")
+		return err
+	}
+
+	switch i := input.(type) {
+	case *string:
+		*i = string(body)
+	default:
+		if err = json.Unmarshal(body, input); err != nil {
+			Logger.WithField("error", err).Info("Malformed request: could not parse request body")
+			return err
+		}
+	}
+	return nil
+}

server/keyshare/keyshareserver/server.go

@@ -3,9 +3,7 @@ package keyshareserver
 import (
 	"bytes"
 	"context"
-	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"net/http"
 	"strings"
 	"sync"
@@ -169,7 +167,7 @@ func (s *Server) handleCommitments(w http.ResponseWriter, r *http.Request) {
 
 	// Read keys
 	var keys []irma.PublicKeyIdentifier
-	if err := s.parseBody(w, r, &keys); err != nil {
+	if err := server.ParseBody(w, r, &keys); err != nil {
 		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
 		return
 	}
@@ -236,7 +234,7 @@ func (s *Server) handleResponse(w http.ResponseWriter, r *http.Request) {
 
 	// Read challenge
 	challenge := new(big.Int)
-	if err := s.parseBody(w, r, challenge); err != nil {
+	if err := server.ParseBody(w, r, challenge); err != nil {
 		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
 		return
 	}
@@ -310,7 +308,7 @@ func (s *Server) handleValidate(w http.ResponseWriter, r *http.Request) {
 func (s *Server) handleVerifyPin(w http.ResponseWriter, r *http.Request) {
 	// Extract request
 	var msg irma.KeysharePinMessage
-	if err := s.parseBody(w, r, &msg); err != nil {
+	if err := server.ParseBody(w, r, &msg); err != nil {
 		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
 		return
 	}
@@ -395,7 +393,7 @@ func (s *Server) doVerifyPin(user *KeyshareUser, username, pin string) (irma.Key
 func (s *Server) handleChangePin(w http.ResponseWriter, r *http.Request) {
 	// Extract request
 	var msg irma.KeyshareChangePin
-	if err := s.parseBody(w, r, &msg); err != nil {
+	if err := server.ParseBody(w, r, &msg); err != nil {
 		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
 		return
 	}
@@ -461,7 +459,7 @@ func (s *Server) doUpdatePin(user *KeyshareUser, oldPin, newPin string) (irma.Ke
 func (s *Server) handleRegister(w http.ResponseWriter, r *http.Request) {
 	// Extract request
 	var msg irma.KeyshareEnrollment
-	if err := s.parseBody(w, r, &msg); err != nil {
+	if err := server.ParseBody(w, r, &msg); err != nil {
 		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
 		return
 	}
@@ -602,20 +600,6 @@ func (s *Server) authorizationMiddleware(next http.Handler) http.Handler {
 	})
 }
 
-func (s *Server) parseBody(w http.ResponseWriter, r *http.Request, input interface{}) error {
-	body, err := ioutil.ReadAll(r.Body)
-	if err != nil {
-		s.conf.Logger.WithField("error", err).Info("Malformed request: could not read request body")
-		return err
-	}
-	err = json.Unmarshal(body, input)
-	if err != nil {
-		s.conf.Logger.WithField("error", err).Info("Malformed request: could not parse request body")
-		return err
-	}
-	return nil
-}
-
 func (s *Server) reservePinCheck(user *KeyshareUser, pin string) (bool, int, int64, error) {
 	ok, tries, wait, err := s.db.ReservePincheck(user)
 	if err != nil {

server/keyshare/myirmaserver/server.go

@@ -3,8 +3,6 @@ package myirmaserver
 import (
 	"bytes"
 	"context"
-	"encoding/json"
-	"io/ioutil"
 	"net/http"
 	"strconv"
 	"time"
@@ -237,22 +235,13 @@ func (s *Server) handleEmailLogin(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	requestData, err := ioutil.ReadAll(r.Body)
-	if err != nil {
-		s.conf.Logger.WithField("error", err).Info("Malformed request: could not read request body")
-		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
-		return
-	}
-
 	var request EmailLoginRequest
-	err = json.Unmarshal(requestData, &request)
-	if err != nil {
-		s.conf.Logger.WithField("error", err).Info("Malformed request: could not parse request body")
+	if err := server.ParseBody(w, r, &request); err != nil {
 		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
 		return
 	}
 
-	err = s.sendLoginEmail(request)
+	err := s.sendLoginEmail(request)
 	if err == ErrEmailNotFound {
 		server.WriteError(w, server.ErrorUserNotRegistered, "")
 		return
@@ -267,15 +256,12 @@ func (s *Server) handleEmailLogin(w http.ResponseWriter, r *http.Request) {
 }
 
 func (s *Server) handleGetCandidates(w http.ResponseWriter, r *http.Request) {
-	requestData, err := ioutil.ReadAll(r.Body)
-	if err != nil {
-		s.conf.Logger.WithField("error", err).Info("Malformed request: could not read body")
-		server.WriteError(w, server.ErrorInvalidRequest, "could not read request body")
+	var token string
+	if err := server.ParseBody(w, r, &token); err != nil {
+		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
 		return
 	}
 
-	token := string(requestData)
-
 	candidates, err := s.db.LoginTokenCandidates(token)
 	if err == keyshare.ErrUserNotFound {
 		server.WriteError(w, server.ErrorInvalidRequest, "token invalid")
@@ -323,17 +309,8 @@ func (s *Server) processTokenLogin(request TokenLoginRequest) (string, error) {
 }
 
 func (s *Server) handleTokenLogin(w http.ResponseWriter, r *http.Request) {
-	requestData, err := ioutil.ReadAll(r.Body)
-	if err != nil {
-		s.conf.Logger.WithField("error", err).Info("Malformed request: could not read body")
-		server.WriteError(w, server.ErrorInvalidRequest, "could not read request body")
-		return
-	}
-
 	var request TokenLoginRequest
-	err = json.Unmarshal(requestData, &request)
-	if err != nil {
-		s.conf.Logger.WithField("error", err).Info("Malformed request: could not parse request body")
+	if err := server.ParseBody(w, r, &request); err != nil {
 		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
 		return
 	}
@@ -425,15 +402,12 @@ func (s *Server) handleIrmaLogin(w http.ResponseWriter, r *http.Request) {
 }
 
 func (s *Server) handleVerifyEmail(w http.ResponseWriter, r *http.Request) {
-	requestData, err := ioutil.ReadAll(r.Body)
-	if err != nil {
-		s.conf.Logger.WithField("error", err).Info("Malformed request: could not read body")
-		server.WriteError(w, server.ErrorInvalidRequest, "could not read request body")
+	var token string
+	if err := server.ParseBody(w, r, &token); err != nil {
+		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
 		return
 	}
 
-	token := string(requestData)
-
 	id, err := s.db.VerifyEmailToken(token)
 	if err == keyshare.ErrUserNotFound {
 		s.conf.Logger.Info("Trying to reuse token")
@@ -576,15 +550,14 @@ func (s *Server) processRemoveEmail(session *Sessiondata, email string) error {
 }
 
 func (s *Server) handleRemoveEmail(w http.ResponseWriter, r *http.Request) {
-	email, err := ioutil.ReadAll(r.Body)
-	if err != nil {
-		s.conf.Logger.WithField("error", err).Info("Malformed request: could not read body")
-		server.WriteError(w, server.ErrorInvalidRequest, "Could not parse request body")
+	var email string
+	if err := server.ParseBody(w, r, &email); err != nil {
+		server.WriteError(w, server.ErrorInvalidRequest, err.Error())
 		return
 	}
 
 	session := r.Context().Value("session").(*Sessiondata)
-	err = s.processRemoveEmail(session, string(email))
+	err := s.processRemoveEmail(session, email)
 	if err == ErrInvalidEmail {
 		server.WriteError(w, server.ErrorInvalidRequest, "Not a valid email address for user")
 		return