Update inspection to 2024-05-24 (#63)

consts.go

@@ -8,3 +8,9 @@ const (
 	SyncKindInBand    = "in_band"
 	SyncKindOutOfBand = "out_of_band"
 )
+
+const (
+	defaultAPIOrigin      = "https://api.inngest.com"
+	defaultEventAPIOrigin = "https://inn.gs"
+	devServerOrigin       = "http://127.0.0.1:8288"
+)

env.go

@@ -7,8 +7,6 @@ import (
 )
 
 const (
-	devServerURL = "http://127.0.0.1:8288"
-
 	envKeyAllowInBandSync = "INNGEST_ALLOW_IN_BAND_SYNC"
 )
 
@@ -33,7 +31,7 @@ func DevServerURL() string {
 			return dev
 		}
 	}
-	return devServerURL
+	return devServerOrigin
 }
 
 func isTrue(val string) bool {

handler.go

@@ -47,10 +47,6 @@ var (
 	}
 )
 
-const (
-	defaultRegisterURL = "https://api.inngest.com/fn/register"
-)
-
 // Register adds the given functions to the default handler for serving.  You must register all
 // functions with a handler prior to serving the handler for them to be enabled.
 func Register(funcs ...ServableFunction) {
@@ -253,7 +249,7 @@ func (h *handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 	switch r.Method {
 	case http.MethodGet:
-		if err := h.introspect(w, r); err != nil {
+		if err := h.inspect(w, r); err != nil {
 			_ = publicerr.WriteHTTP(w, err)
 		}
 		return
@@ -495,7 +491,7 @@ func (h *handler) outOfBandSync(w http.ResponseWriter, r *http.Request) error {
 	}
 	config.Functions = fns
 
-	registerURL := defaultRegisterURL
+	registerURL := fmt.Sprintf("%s/fn/register", defaultAPIOrigin)
 	if IsDev() {
 		// TODO: Check if dev server is up.  If not, error.  We can't deploy to production.
 		registerURL = fmt.Sprintf("%s/fn/register", DevServerURL())
@@ -856,26 +852,68 @@ func (h *handler) invoke(w http.ResponseWriter, r *http.Request) error {
 	return json.NewEncoder(w).Encode(resp)
 }
 
-type insecureIntrospection struct {
-	FunctionCount int    `json:"function_count"`
-	HasEventKey   bool   `json:"has_event_key"`
-	HasSigningKey bool   `json:"has_signing_key"`
-	Mode          string `json:"mode"`
+type insecureInspection struct {
+	SchemaVersion string `json:"schema_version"`
+
+	AuthenticationSucceeded *bool  `json:"authentication_succeeded"`
+	FunctionCount           int    `json:"function_count"`
+	HasEventKey             bool   `json:"has_event_key"`
+	HasSigningKey           bool   `json:"has_signing_key"`
+	HasSigningKeyFallback   bool   `json:"has_signing_key_fallback"`
+	Mode                    string `json:"mode"`
 }
 
-type secureIntrospection struct {
-	insecureIntrospection
+type secureInspection struct {
+	insecureInspection
+
+	APIOrigin              string           `json:"api_origin"`
+	AppID                  string           `json:"app_id"`
 	Capabilities           sdk.Capabilities `json:"capabilities"`
+	Env                    *string          `json:"env"`
+	EventAPIOrigin         string           `json:"event_api_origin"`
+	EventKeyHash           *string          `json:"event_key_hash"`
+	Framework              string           `json:"framework"`
+	SDKLanguage            string           `json:"sdk_language"`
+	SDKVersion             string           `json:"sdk_version"`
+	ServeOrigin            *string          `json:"serve_origin"`
+	ServePath              *string          `json:"serve_path"`
 	SigningKeyFallbackHash *string          `json:"signing_key_fallback_hash"`
 	SigningKeyHash         *string          `json:"signing_key_hash"`
 }
 
-func (h *handler) createSecureInspection() (*secureIntrospection, error) {
+func (h *handler) createInsecureInspection(
+	authenticationSucceeded *bool,
+) (*insecureInspection, error) {
 	mode := "cloud"
 	if IsDev() {
 		mode = "dev"
 	}
 
+	return &insecureInspection{
+		AuthenticationSucceeded: authenticationSucceeded,
+		FunctionCount:           len(h.funcs),
+		HasEventKey:             os.Getenv("INNGEST_EVENT_KEY") != "",
+		HasSigningKey:           h.GetSigningKey() != "",
+		HasSigningKeyFallback:   h.GetSigningKeyFallback() != "",
+		Mode:                    mode,
+		SchemaVersion:           "2024-05-24",
+	}, nil
+}
+
+func (h *handler) createSecureInspection() (*secureInspection, error) {
+	apiOrigin := defaultAPIOrigin
+	eventAPIOrigin := defaultEventAPIOrigin
+	if IsDev() {
+		apiOrigin = DevServerURL()
+		eventAPIOrigin = DevServerURL()
+	}
+
+	var eventKeyHash *string
+	if os.Getenv("INNGEST_EVENT_KEY") != "" {
+		hash := hashEventKey(os.Getenv("INNGEST_EVENT_KEY"))
+		eventKeyHash = &hash
+	}
+
 	var signingKeyHash *string
 	if h.GetSigningKey() != "" {
 		key, err := hashedSigningKey([]byte(h.GetSigningKey()))
@@ -896,54 +934,81 @@ func (h *handler) createSecureInspection() (*secureIntrospection, error) {
 		signingKeyFallbackHash = &hash
 	}
 
-	return &secureIntrospection{
-		insecureIntrospection: insecureIntrospection{
-			FunctionCount: len(h.funcs),
-			HasEventKey:   os.Getenv("INNGEST_EVENT_KEY") != "",
-			HasSigningKey: h.GetSigningKey() != "",
-			Mode:          mode,
-		},
+	authenticationSucceeded := true
+
+	var env *string
+	if h.GetEnv() != "" {
+		val := h.GetEnv()
+		env = &val
+	}
+
+	var serveOrigin, servePath *string
+	if h.URL != nil {
+		serveOriginStr := h.URL.Scheme + "://" + h.URL.Host
+		serveOrigin = &serveOriginStr
+
+		servePath = &h.URL.Path
+	}
+
+	authenticationSucceeded = true
+	insecureInspection, err := h.createInsecureInspection(&authenticationSucceeded)
+	if err != nil {
+		return nil, fmt.Errorf("error creating inspection: %w", err)
+	}
+
+	return &secureInspection{
+		insecureInspection:     *insecureInspection,
+		APIOrigin:              apiOrigin,
+		AppID:                  h.appName,
 		Capabilities:           capabilities,
+		Env:                    env,
+		EventAPIOrigin:         eventAPIOrigin,
+		EventKeyHash:           eventKeyHash,
+		SDKLanguage:            SDKLanguage,
+		SDKVersion:             SDKVersion,
 		SigningKeyFallbackHash: signingKeyFallbackHash,
 		SigningKeyHash:         signingKeyHash,
+		ServeOrigin:            serveOrigin,
+		ServePath:              servePath,
 	}, nil
 }
 
-func (h *handler) introspect(w http.ResponseWriter, r *http.Request) error {
+func (h *handler) inspect(w http.ResponseWriter, r *http.Request) error {
 	defer r.Body.Close()
 
-	mode := "cloud"
-	if IsDev() {
-		mode = "dev"
-	}
-
 	sig := r.Header.Get(HeaderKeySignature)
-	valid, _, _ := ValidateRequestSignature(
-		r.Context(),
-		sig,
-		h.GetSigningKey(),
-		h.GetSigningKeyFallback(),
-		[]byte{},
-	)
-	if valid {
-		introspection, err := h.createSecureInspection()
-		if err != nil {
-			return err
+	if sig != "" {
+		valid, _, _ := ValidateRequestSignature(
+			r.Context(),
+			sig,
+			h.GetSigningKey(),
+			h.GetSigningKeyFallback(),
+			[]byte{},
+		)
+		if valid {
+			inspection, err := h.createSecureInspection()
+			if err != nil {
+				return err
+			}
+
+			w.Header().Set(HeaderKeyContentType, "application/json")
+			return json.NewEncoder(w).Encode(inspection)
 		}
+	}
 
-		w.Header().Set(HeaderKeyContentType, "application/json")
-		return json.NewEncoder(w).Encode(introspection)
+	var authenticationSucceeded *bool
+	if sig != "" {
+		val := false
+		authenticationSucceeded = &val
 	}
 
-	introspection := insecureIntrospection{
-		FunctionCount: len(h.funcs),
-		HasEventKey:   os.Getenv("INNGEST_EVENT_KEY") != "",
-		HasSigningKey: h.GetSigningKey() != "",
-		Mode:          mode,
+	inspection, err := h.createInsecureInspection(authenticationSucceeded)
+	if err != nil {
+		return fmt.Errorf("error creating inspection: %w", err)
 	}
 
 	w.Header().Set(HeaderKeyContentType, "application/json")
-	return json.NewEncoder(w).Encode(introspection)
+	return json.NewEncoder(w).Encode(inspection)
 
 }
 

handler_test.go

@@ -25,6 +25,7 @@ import (
 )
 
 func init() {
+	os.Setenv("INNGEST_EVENT_KEY", "abc123")
 	os.Setenv("INNGEST_SIGNING_KEY", string(testKey))
 	os.Setenv("INNGEST_SIGNING_KEY_FALLBACK", string(testKeyFallback))
 }
@@ -479,22 +480,22 @@ func TestSteps(t *testing.T) {
 
 }
 
-func TestIntrospection(t *testing.T) {
+func TestInspection(t *testing.T) {
 	fn := CreateFunction(
 		FunctionOpts{Name: "My servable function!"},
 		EventTrigger("test/event.a", nil),
 		func(ctx context.Context, input Input[any]) (any, error) {
 			return nil, nil
 		},
 	)
-	h := NewHandler("introspection", HandlerOpts{})
+	h := NewHandler("inspection", HandlerOpts{})
 	h.Register(fn)
 	server := httptest.NewServer(h)
 	defer server.Close()
 
 	t.Run("no signature", func(t *testing.T) {
 		// When the request has no signature, respond with the insecure
-		// introspection body
+		// inspection body
 
 		r := require.New(t)
 
@@ -510,16 +511,19 @@ func TestIntrospection(t *testing.T) {
 		r.NoError(err)
 
 		r.Equal(map[string]any{
-			"function_count":  float64(1),
-			"has_event_key":   false,
-			"has_signing_key": true,
-			"mode":            "cloud",
+			"authentication_succeeded": nil,
+			"function_count":           float64(1),
+			"has_event_key":            true,
+			"has_signing_key":          true,
+			"has_signing_key_fallback": true,
+			"mode":                     "cloud",
+			"schema_version":           "2024-05-24",
 		}, respBody)
 	})
 
 	t.Run("valid signature", func(t *testing.T) {
 		// When the request has a valid signature, respond with the secure
-		// introspection body
+		// inspection body
 
 		r := require.New(t)
 
@@ -541,22 +545,35 @@ func TestIntrospection(t *testing.T) {
 		signingKeyFallbackHash, err := hashedSigningKey([]byte(testKeyFallback))
 		r.NoError(err)
 		r.Equal(map[string]any{
+			"api_origin":               "https://api.inngest.com",
+			"app_id":                   "inspection",
+			"authentication_succeeded": true,
 			"capabilities": map[string]any{
 				"in_band_sync": "v1",
 				"trust_probe":  "v1",
 			},
+			"env":                       nil,
+			"event_api_origin":          "https://inn.gs",
+			"event_key_hash":            "6ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090",
+			"framework":                 "",
 			"function_count":            float64(1),
-			"has_event_key":             false,
+			"has_event_key":             true,
 			"has_signing_key":           true,
+			"has_signing_key_fallback":  true,
 			"mode":                      "cloud",
+			"schema_version":            "2024-05-24",
+			"sdk_language":              "go",
+			"sdk_version":               SDKVersion,
+			"serve_origin":              nil,
+			"serve_path":                nil,
 			"signing_key_fallback_hash": string(signingKeyFallbackHash),
 			"signing_key_hash":          string(signingKeyHash),
 		}, respBody)
 	})
 
 	t.Run("invalid signature", func(t *testing.T) {
 		// When the request has an invalid signature, respond with the insecure
-		// introspection body
+		// inspection body
 
 		r := require.New(t)
 
@@ -575,10 +592,13 @@ func TestIntrospection(t *testing.T) {
 		r.NoError(err)
 
 		r.Equal(map[string]any{
-			"function_count":  float64(1),
-			"has_event_key":   false,
-			"has_signing_key": true,
-			"mode":            "cloud",
+			"authentication_succeeded": false,
+			"function_count":           float64(1),
+			"has_event_key":            true,
+			"has_signing_key":          true,
+			"has_signing_key_fallback": true,
+			"mode":                     "cloud",
+			"schema_version":           "2024-05-24",
 		}, respBody)
 	})
 }
@@ -649,14 +669,27 @@ func TestInBandSync(t *testing.T) {
 					Triggers: []inngest.Trigger{EventTrigger("my-event", nil)},
 				}},
 				Inspection: map[string]any{
+					"api_origin":               "https://api.inngest.com",
+					"app_id":                   "test-in-band-sync",
+					"authentication_succeeded": true,
 					"capabilities": map[string]any{
 						"in_band_sync": "v1",
 						"trust_probe":  "v1",
 					},
+					"env":                       "my-env",
+					"event_api_origin":          "https://inn.gs",
+					"event_key_hash":            "6ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090",
+					"framework":                 "",
 					"function_count":            float64(1),
-					"has_event_key":             false,
+					"has_event_key":             true,
 					"has_signing_key":           true,
+					"has_signing_key_fallback":  true,
 					"mode":                      "cloud",
+					"schema_version":            "2024-05-24",
+					"sdk_language":              "go",
+					"sdk_version":               SDKVersion,
+					"serve_origin":              nil,
+					"serve_path":                nil,
 					"signing_key_fallback_hash": "signkey-test-df3f619804a92fdb4057192dc43dd748ea778adc52bc498ce80524c014b81119",
 					"signing_key_hash":          "signkey-test-b2ed992186a5cb19f6668aade821f502c1d00970dfd0e35128d51bac4649916c",
 				},