core/api
8
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions
270 commits 3 branches 9 tags 1.2 MiB
Commit graph

38 commits

Author SHA1 Message Date
Snider
da1839f730 feat(api): webhooks + sunset headers + WithWebSocket + cmd/api migration 
- webhook.go: HMAC-SHA256 WebhookSigner matching PHP WebhookSignature —
  sign/verify, X-Webhook-Signature / X-Webhook-Timestamp headers,
  VerifyRequest middleware helper, 5-minute default tolerance,
  secret generator (RFC §6)
- sunset.go: ApiSunsetWith(date, replacement, opts...) + WithSunsetNoticeURL;
  ApiSunset now emits API-Suggested-Replacement when replacement set;
  RouteDescription.NoticeURL surfaces API-Deprecation-Notice-URL (RFC §8)
- options.go + api.go + transport.go: WithWebSocket(gin.HandlerFunc)
  alongside existing WithWSHandler(http.Handler); gin form wins when
  both supplied (RFC §2.2)
- openapi.go: apiSuggestedReplacement + apiDeprecationNoticeURL as
  reusable header components; NoticeURL on a RouteDescription flips
  operation deprecated flag and emits response header doc
- cmd/api/*.go: migrated from Cobra (cli.NewCommand, StringFlag) to
  new path-based CLI API (c.Command + core.Options.String/Int/Bool);
  replaces the 1,422-line Cobra test suite with _Good/_Bad/_Ugly
  triads on the new surface
- webhook_test.go + sunset_test.go + websocket_test.go: full coverage

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-14 14:51:04 +01:00
Snider
fbb58486c4 feat(api): WithChatCompletions option + bug fixes in chat_completions 
- options.go: new WithChatCompletions(resolver) and
  WithChatCompletionsPath(path); api.New(...) now auto-mounts at
  /v1/chat/completions when a resolver is configured (previously the
  resolver could be attached but never mounted, which would have
  panicked Gin)
- chat_completions.go: fixed missing net/http import, dropped
  ModelType during discovery, Retry-After header set after c.JSON
  silently lost, swapped OpenAI error type/code fields, swapped
  validate call site, redundant nil check, builder length read before
  nil-receiver check
- openapi.go: effective*Path helpers surface an explicit path even
  when the corresponding Enabled flag is false so CLI callers still
  get x-*-path extensions; /swagger always in authentik public paths
- chat_completions_test.go: Good/Bad/Ugly coverage for new options,
  validation, no-resolver behaviour
- openapi_test.go: fix stale assertion for CacheEnabled-gated X-Cache
- go.mod: bump dappco.re/go/core/cli to v0.5.2
- Removed local go-io / go-log stubs — replace points to outer
  modules for single source of truth
- Migrated forge.lthn.ai/core/cli imports to dappco.re/go/core/cli
  across cmd/api/*.go + docs

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-14 14:34:51 +01:00
Snider
d90a5be936 refactor: AX compliance sweep — replace banned stdlib imports with core primitives 
Replaced fmt, strings, sort, os, io, sync, encoding/json, path/filepath,
errors, log, reflect with core.Sprintf, core.E, core.Contains, core.Trim,
core.Split, core.Join, core.JoinPath, slices.Sort, c.Fs(), c.Lock(),
core.JSONMarshal, core.ReadAll and other CoreGO v0.8.0 primitives.

Framework boundary exceptions preserved where stdlib types are required
by external interfaces (Gin, net/http, CGo, Wails, bubbletea).

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-13 09:32:00 +01:00
Snider
7bcb6d469c fix(pr#2): address CodeRabbit round 4 — newCacheStore fail-closed for unbounded cache 
Prevent silent unbounded cache creation when both maxEntries and maxBytes
are non-positive: newCacheStore now returns nil, WithCacheLimits skips
middleware registration, and WithCache defaults to 1 000-entry LRU cap
when called with only a TTL argument.

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-07 11:32:28 +01:00
Virgil
1491e16f9e fix(api): normalise runtime metadata snapshots 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 16:48:37 +00:00
Virgil
eb18611dc1 feat(api): snapshot authentik runtime config 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 13:17:08 +00:00
Virgil
f760ab6c72 feat(api): expose cache config snapshot 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 09:23:02 +00:00
Virgil
5e4cf1fde8 refactor(api): clarify cache limits api 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 08:34:09 +00:00
Virgil
d225fd3178 feat(api): add openapi info summary support 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 08:16:56 +00:00
Virgil
ec945970ee docs(api): add AX usage examples 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 07:51:21 +00:00
Virgil
b0549dc14e fix(api): deep-clone swagger security schemes 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 07:19:32 +00:00
Virgil
fb7702df67 feat(api): expose swagger security schemes 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 07:06:09 +00:00
Virgil
dd834211d8 fix(auth): exempt swagger ui path in authentik middleware 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 06:29:34 +00:00
Virgil
e47b010194 feat(api): add configurable websocket path 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 03:21:28 +00:00
Virgil
ef641c7547 feat(api): add configurable Swagger path 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 02:06:45 +00:00
Virgil
39bf094b51 feat(api): add configurable SSE path 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 02:01:43 +00:00
Virgil
085c57a06d feat(cache): add byte-bounded eviction 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 01:49:36 +00:00
Virgil
9b5477c051 fix(api): ignore blank swagger metadata overrides 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 00:12:13 +00:00
Virgil
68edd770d8 docs(api): add ax usage examples 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-02 00:03:10 +00:00
Virgil
0f20eaa7b8 fix(api): preserve sunset response headers 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 23:33:52 +00:00
Virgil
0984c2f48a docs(api): add AX usage examples 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 23:25:54 +00:00
Virgil
06f2263b73 fix(api): disable cache middleware for non-positive ttl 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 23:09:12 +00:00
Virgil
29324b0a0b feat(api): add sunset deprecation middleware 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 23:02:52 +00:00
Virgil
b64c8d3271 docs(api): add AX usage examples 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 22:55:39 +00:00
Virgil
bb7d88f3ce feat(openapi): add external docs metadata 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 20:47:38 +00:00
Virgil
4d7f3a9f99 feat(openapi): add terms of service metadata 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 20:44:01 +00:00
Virgil
a589d3bac6 feat(api): add OpenAPI contact metadata 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 20:35:08 +00:00
Virgil
b2d3c96ed7 feat(api): expose swagger licence metadata 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 20:26:55 +00:00
Virgil
2f8f8f805e fix(api): scope rate limiting by key 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 18:22:17 +00:00
Virgil
aff54403c6 fix(api): compose swagger server metadata 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 17:57:16 +00:00
Virgil
c48effb6b7 feat(api): normalise OpenAPI server metadata 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 17:31:45 +00:00
Virgil
90600aa434 feat(api): expose swagger server metadata 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 16:07:16 +00:00
Virgil
e713fb9f56 feat(api): emit rate limit headers on success and reject 
Adds X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset to successful responses and 429 rejections, and documents the headers in OpenAPI.

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 16:01:09 +00:00
Virgil
c4cbd018ac feat(api): auto-attach request metadata 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 14:00:04 +00:00
Virgil
9aa7c644ef fix(api): disable non-positive timeouts 
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 13:12:51 +00:00
Virgil
837a910148 feat(cache): add LRU eviction limit 
Add an optional maxEntries cap to WithCache so the in-memory cache can evict old entries instead of growing without bound.\n\nCo-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 09:27:22 +00:00
Virgil
6fdd769212 feat(api): add per-IP rate limiting middleware 
Adds a token-bucket WithRateLimit option that rejects excess requests with 429 Too Many Requests and a standard error envelope.

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-04-01 06:54:58 +00:00
Snider
753812ad57 feat(api): merge go-api + php-api into polyglot repo 
Go source at root level (Option B), PHP under src/php/.
Module path: forge.lthn.ai/core/api
Package name: lthn/api

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-03-14 10:03:29 +00:00