[ci skip] more codex 5.3 improvements

server/handler/encryptData.go

@@ -2,11 +2,18 @@ package handler
 
 import (
 	"encoding/json"
-	"fmt"
-	"io"
 	"net/http"
+	"strings"
 )
 
+const encryptedValuePrefixV1 = "enc:v1:"
+
+type encryptRequest struct {
+	Plaintext string `json:"plaintext"`
+	Value     string `json:"value"`
+	Message   string `json:"message"`
+}
+
 // EncryptData encrypts a plaintext value and returns the ciphertext.
 // @Summary Encrypt data
 // @Description Encrypts a plaintext value and returns the ciphertext.
@@ -15,57 +22,47 @@ import (
 // @Produce json
 // @Param payload body map[string]string true "Plaintext payload"
 // @Success 200 {object} models.StatusMessageResponse "Ciphertext response"
+// @Failure 400 {object} models.ErrorResponse "Invalid request"
 // @Failure 500 {object} models.ErrorResponse "Server error"
 // @Router /api/encrypt [post]
 func (h *Handler) EncryptData(w http.ResponseWriter, r *http.Request) {
-	//ctx := context.Background()
-	var cipherText string
+	if r.Method != http.MethodPost {
+		writeJSONError(w, http.StatusMethodNotAllowed, "method not allowed")
+		return
+	}
 
-	reqBody, err := io.ReadAll(r.Body)
+	var req encryptRequest
+	if err := json.NewDecoder(http.MaxBytesReader(w, r.Body, 4096)).Decode(&req); err != nil {
+		h.Logger.Error("unable to decode encrypt request", "error", err)
+		writeJSONError(w, http.StatusBadRequest, "invalid JSON body")
+		return
+	}
+	plaintext := strings.TrimSpace(req.Plaintext)
+	if plaintext == "" {
+		plaintext = strings.TrimSpace(req.Value)
+	}
+	if plaintext == "" {
+		plaintext = strings.TrimSpace(req.Message)
+	}
+	if plaintext == "" {
+		writeJSONError(w, http.StatusBadRequest, "plaintext is required (accepted keys: plaintext, value, message)")
+		return
+	}
+
+	cipherText, err := h.Secret.Encrypt([]byte(plaintext))
 	if err != nil {
-		h.Logger.Error("Invalid data received", "error", err)
-		fmt.Fprintf(w, "Invalid data received")
-		w.WriteHeader(http.StatusInternalServerError)
+		h.Logger.Error("unable to encrypt payload", "error", err)
+		writeJSONError(w, http.StatusInternalServerError, "encryption failed")
 		return
-	} else {
-		h.Logger.Debug("received input data", "length", len(reqBody))
 	}
 
-	// get the json input
-	var input map[string]string
-	if err := json.Unmarshal(reqBody, &input); err != nil {
-		h.Logger.Error("unable to unmarshal json", "error", err)
-		prettyPrint(reqBody)
-		w.Header().Set("Content-Type", "application/json")
-		w.WriteHeader(http.StatusInternalServerError)
-		json.NewEncoder(w).Encode(map[string]string{
-			"status":  "ERROR",
-			"message": fmt.Sprintf("Unable to unmarshal JSON in request body: '%s'", err),
-		})
-		return
-	} else {
-		h.Logger.Debug("successfully decoded JSON")
-		//prettyPrint(input)
-	}
-
-	//cipher, err := h.Secret.Encrypt()
-	for k := range input {
-		//h.Logger.Debug("foo", "key", k, "value", input[k])
-		cipherText, err = h.Secret.Encrypt([]byte(input[k]))
-		if err != nil {
-			h.Logger.Error("Unable to encrypt", "error", err)
-		} else {
-			h.Logger.Debug("Encrypted plaintext", "length", len(input[k]), "ciphertext", cipherText)
-			w.WriteHeader(http.StatusOK)
-			json.NewEncoder(w).Encode(map[string]string{
-				"status":  "OK",
-				"message": cipherText,
-			})
-			return
-		}
-
-	}
-
-	// return the result
-
+	h.Logger.Debug("encrypted plaintext payload", "input_length", len(plaintext))
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	_ = json.NewEncoder(w).Encode(map[string]string{
+		"status":     "OK",
+		"message":    cipherText,
+		"prefixed":   encryptedValuePrefixV1 + cipherText,
+		"ciphertext": cipherText,
+	})
 }