RFC - API side utilities to help work with functions

In recent projects, I have been repeating code to do some common tasks related to api side functions and it could be helpful to add this utilities to the RedwoodJS api package:

1. Get the Netlify functions endpoint regardless of branch.

You will need to know the function endpoint url when invoking a background function from a RW api service – especially when you have multiple environments or deploy previews.

Something like:

export const siteUrl = () => {
  const defaultUrl = `http://localhost:8910`

  try {
    const netlifySignature = context.clientContext?.custom?.netlify

    if (netlifySignature === undefined) {
      throw new Error('Undefined signature')
    }

    const signature = Buffer.from(netlifySignature, 'base64').toString('ascii')
    const decoded = JSON.parse(signature)

    if (decoded['site_url']) {
      return decoded['site_url']
    } else {
      throw new Error('Could not find site_url in jwt')
    }
  } catch (error) {
    console.error(`Unable to decode Netlify token from context: ${error}`)
    return defaultUrl
  }
}

const functionsUrl = ({ url }) => {
  return `${url}/.netlify/functions`
}

1. Sign function/background functions like webhooks to ensure these are not 100% open to execution by verifying the signature.

See https://github.com/quirrel-dev/secure-webhooks for some examples to sign a payload and verify it.

One might use JWS instead to sign the payload (the above uses a different technique).

1. A utility to wrap signing and sending in a single method