fix(runtime): rename debug token to develop token

cli/src/api/debug.ts

@@ -8,7 +8,7 @@ export async function invokeFunction(
   data: any,
 ): Promise<{ res: any; requestId: string }> {
   const header: AxiosRequestHeaders | any = {
-    'x-laf-debug-token': token,
+    'x-laf-develop-token': token,
     'x-laf-func-data': urlencode(JSON.stringify(data)),
   }
   const res = await request({ url: invokeUrl + '/' + funcName, method: 'GET', headers: header })

cli/src/config/secret.ts

@@ -43,7 +43,7 @@ export async function refreshSecretConfig() {
   let timestamp = Date.parse(new Date().toString()) / 1000
   const secretConfig = {
     functionSecretConfig: {
-      debugToken: app.function_debug_token,
+      debugToken: app.develop_token,
       debugTokenExpire: timestamp + DEBUG_TOKEN_EXPIRE,
     },
     storageSecretConfig: {

runtimes/nodejs/src/handler/debug-func.ts

@@ -18,9 +18,9 @@ import { ICloudFunctionData } from '@lafjs/cloud'
  */
 export async function handleDebugFunction(req: IRequest, res: Response) {
   // verify the debug token
-  const token = req.get('x-laf-debug-token')
+  const token = req.get('x-laf-develop-token')
   if (!token) {
-    return res.status(400).send('x-laf-debug-token is required')
+    return res.status(400).send('x-laf-develop-token is required')
   }
   const auth = parseToken(token) || null
   if (auth?.type !== 'debug') {

runtimes/nodejs/src/handler/invoke-func.ts

@@ -27,7 +27,7 @@ export async function handleInvokeFunction(req: IRequest, res: Response) {
   }
 
   // debug mode
-  if (req.get('x-laf-debug-token')) {
+  if (req.get('x-laf-develop-token')) {
     return await handleDebugFunction(req, res)
   }
 

server/src/application/application.controller.ts

@@ -91,7 +91,7 @@ export class ApplicationController {
       domain: true,
     })
 
-    // Security Warning: Do not response this region object to client since it contains sensitive information
+    // [SECURITY ALERT] Do NOT response this region object to client since it contains sensitive information
     const region = await this.regionService.findOne(data.regionName)
 
     // TODO: remove these storage related code to standalone api
@@ -117,14 +117,25 @@ export class ApplicationController {
       }
     }
 
-    const debug_token = await this.funcService.getDebugFunctionToken(appid)
+    // Generate the develop token, it's provided to the client when debugging function
+    const expires = 60 * 60 * 24 * 7
+    const develop_token = await this.funcService.generateRuntimeToken(
+      appid,
+      'develop',
+      expires,
+    )
 
     const res = {
       ...data,
       storage: storage,
-      tls: region.tls,
       port: region.gatewayConf.port,
-      function_debug_token: debug_token,
+      develop_token: develop_token,
+
+      /** This is the redundant field of Region */
+      tls: region.tls,
+
+      /** @deprecated alias of develop token, will be remove in future  */
+      function_debug_token: develop_token,
     }
 
     return ResponseUtil.ok(res)

server/src/function/function.service.ts

@@ -13,6 +13,7 @@ import * as assert from 'node:assert'
 import { JwtService } from '@nestjs/jwt'
 import { CompileFunctionDto } from './dto/compile-function.dto'
 import { DatabaseService } from 'src/database/database.service'
+import { GetApplicationNamespaceByAppId } from 'src/utils/getter'
 
 @Injectable()
 export class FunctionService {
@@ -130,7 +131,14 @@ export class FunctionService {
     return data
   }
 
-  async getDebugFunctionToken(appid: string) {
+  async generateRuntimeToken(
+    appid: string,
+    type: 'trigger' | 'develop',
+    expireSeconds = 60,
+  ) {
+    assert(appid, 'appid is required')
+    assert(type, 'type is required')
+
     const conf = await this.prisma.applicationConfiguration.findUnique({
       where: { appid },
     })
@@ -142,15 +150,28 @@ export class FunctionService {
     assert(secret?.value, 'application secret not found')
 
     // generate token
-    const exp = Math.floor(Date.now() / 1000) + 60 * 60 * 24 * 7 // 7 days
+    const exp = Math.floor(Date.now() / 1000) + expireSeconds
 
     const token = this.jwtService.sign(
-      { appid, type: 'debug', exp },
+      { appid, type, exp },
       { secret: secret.value },
     )
     return token
   }
 
+  /**
+   * Get the in-cluster url of runtime
+   * @param appid
+   * @returns
+   */
+  getInClusterRuntimeUrl(appid: string) {
+    const serviceName = appid
+    const namespace = GetApplicationNamespaceByAppId(appid)
+    const appAddress = `${serviceName}.${namespace}:8000`
+    const url = `http://${appAddress}`
+    return url
+  }
+
   async getLogs(
     appid: string,
     params: {

web/src/apis/typing.d.ts

@@ -16,7 +16,7 @@ export interface TApplication {
   configuration: Configuration;
   domain: Domain;
   storage: Storage;
-  function_debug_token: string;
+  develop_token: string;
 }
 
 export interface Bundle {

web/src/pages/app/functions/mods/DebugPanel/index.tsx

@@ -85,7 +85,7 @@ export default function DebugPanel() {
           params: mapValues(keyBy(queryParams, "name"), "value"),
           data: bodyParams?.data,
           headers: Object.assign(mapValues(keyBy(headerParams, "name"), "value"), {
-            "x-laf-debug-token": `${globalStore.currentApp?.function_debug_token}`,
+            "x-laf-develop-token": `${globalStore.currentApp?.develop_token}`,
             "x-laf-func-data": encodeURIComponent(_funcData),
             "Content-Type": bodyParams?.contentType || "application/json",
           }),