Archived

REST framework + OpenAPI SDK generation for the Lethean Go ecosystem

This repository has been archived on 2026-03-14. You can view files and clone it, but you cannot make any changes to its state, such as pushing and creating new issues, pull requests or comments.

Go 100%

Find a file

Snider 41f48f4345 Some checks failed Security Scan / security (push) Successful in 7s Details Test / test (push) Failing after 33s Details feat(provider): add service provider framework interfaces and registry Introduces pkg/provider/ with Provider, Streamable, Describable, and Renderable interfaces that extend api.RouteGroup. The Registry type collects providers and mounts them on an api.Engine via Register(), inheriting middleware, CORS, Swagger, and OpenAPI for free. Includes capability query methods and ProviderInfo serialisation. Phase 3 ProxyProvider stub for polyglot providers. Co-Authored-By: Virgil <virgil@lethean.io>		2026-03-14 09:47:04 +00:00
.core	chore: add .core/ build and release configs	2026-03-06 18:52:36 +00:00
.forgejo/workflows	ci: add Forgejo Actions test and security scan workflows	2026-02-23 03:28:02 +00:00
.idea	refactor: apply go fix modernizers for Go 1.26	2026-02-22 21:00:16 +00:00
cmd/api	feat: modernise to Go 1.26 iterators and stdlib helpers	2026-02-23 05:47:16 +00:00
docs	docs: remove completed plan files	2026-03-14 08:22:07 +00:00
pkg/provider	feat(provider): add service provider framework interfaces and registry	2026-03-14 09:47:04 +00:00
.editorconfig	chore: add Go repo norms (badges, contributing, lint, taskfile, editorconfig)	2026-02-23 06:45:32 +00:00
.golangci.yml	chore: add Go repo norms (badges, contributing, lint, taskfile, editorconfig)	2026-02-23 06:45:32 +00:00
api.go	feat: modernise to Go 1.26 iterators and stdlib helpers	2026-02-23 05:47:16 +00:00
api_test.go	feat: add Engine with Register, Handler, Serve, and graceful shutdown	2026-02-20 15:46:11 +00:00
authentik.go	refactor: apply go fix modernizers for Go 1.26	2026-02-22 21:00:16 +00:00
authentik_integration_test.go	test: add live Authentik integration tests	2026-02-20 19:29:20 +00:00
authentik_test.go	feat(authentik): add RequireAuth and RequireGroup middleware	2026-02-20 16:43:55 +00:00
authz_test.go	feat: add WithAuthz Casbin authorisation middleware	2026-02-20 23:49:02 +00:00
bridge.go	feat: modernise to Go 1.26 iterators and stdlib helpers	2026-02-23 05:47:16 +00:00
bridge_test.go	feat: add ToolBridge for tool-to-REST endpoint conversion	2026-02-21 00:44:49 +00:00
brotli.go	feat: add WithBrotli response compression middleware	2026-02-20 23:37:46 +00:00
brotli_test.go	feat: add WithBrotli response compression middleware	2026-02-20 23:37:46 +00:00
cache.go	refactor: apply go fix modernizers for Go 1.26	2026-02-22 21:00:16 +00:00
cache_test.go	feat: add WithCache response caching middleware	2026-02-20 23:41:48 +00:00
CLAUDE.md	docs: add CLAUDE.md project instructions	2026-03-13 13:38:01 +00:00
codegen.go	feat: modernise to Go 1.26 iterators and stdlib helpers	2026-02-23 05:47:16 +00:00
codegen_test.go	feat: add SDK codegen wrapper for openapi-generator-cli	2026-02-21 01:08:39 +00:00
CONTRIBUTING.md	chore: add Go repo norms (badges, contributing, lint, taskfile, editorconfig)	2026-02-23 06:45:32 +00:00
export.go	feat: add spec export helpers for JSON and YAML output	2026-02-21 00:51:58 +00:00
export_test.go	feat: add spec export helpers for JSON and YAML output	2026-02-21 00:51:58 +00:00
expvar_test.go	feat: add WithExpvar runtime metrics endpoint	2026-02-21 00:20:31 +00:00
go.mod	chore: bump forge.lthn.ai dep versions to latest tags	2026-02-26 05:34:22 +00:00
go.sum	chore: bump forge.lthn.ai dep versions to latest tags	2026-02-26 05:34:22 +00:00
graphql.go	feat: add WithGraphQL endpoint and playground support	2026-02-21 00:12:25 +00:00
graphql_test.go	feat: add WithGraphQL endpoint and playground support	2026-02-21 00:12:25 +00:00
group.go	feat: add DescribableGroup interface for OpenAPI metadata	2026-02-21 00:42:13 +00:00
group_test.go	feat: add DescribableGroup interface for OpenAPI metadata	2026-02-21 00:42:13 +00:00
gzip_test.go	feat: add WithGzip response compression middleware	2026-02-20 23:20:46 +00:00
httpsign_test.go	feat: add WithHTTPSign HTTP signature verification middleware	2026-02-20 23:57:30 +00:00
i18n.go	feat: add WithI18n locale detection middleware	2026-02-21 00:08:17 +00:00
i18n_test.go	feat: add WithI18n locale detection middleware	2026-02-21 00:08:17 +00:00
LICENCE	chore: scaffold go-api module	2026-02-20 15:42:16 +00:00
location_test.go	feat: add WithLocation reverse proxy header detection middleware	2026-02-21 00:04:28 +00:00
middleware.go	feat: add bearer auth, request ID, and CORS middleware	2026-02-20 15:49:35 +00:00
middleware_test.go	feat: add bearer auth, request ID, and CORS middleware	2026-02-20 15:49:35 +00:00
modernization_test.go	feat: modernise to Go 1.26 iterators and stdlib helpers	2026-02-23 05:47:16 +00:00
norace_test.go	fix: skip timeout tests under race detector (upstream gin-contrib/timeout data race)	2026-02-23 08:05:16 +00:00
openapi.go	feat: add SpecBuilder for runtime OpenAPI 3.1 generation	2026-02-21 00:48:28 +00:00
openapi_test.go	feat: modernise to Go 1.26 iterators and stdlib helpers	2026-02-23 05:47:16 +00:00
options.go	refactor: apply go fix modernizers for Go 1.26	2026-02-22 21:00:16 +00:00
pprof_test.go	feat: add WithPprof runtime profiling endpoints	2026-02-21 00:18:05 +00:00
race_test.go	fix: skip timeout tests under race detector (upstream gin-contrib/timeout data race)	2026-02-23 08:05:16 +00:00
README.md	chore: add Go repo norms (badges, contributing, lint, taskfile, editorconfig)	2026-02-23 06:45:32 +00:00
response.go	feat: add response envelope with OK, Fail, Paginated helpers	2026-02-20 15:44:17 +00:00
response_test.go	feat: add response envelope with OK, Fail, Paginated helpers	2026-02-20 15:44:17 +00:00
secure_test.go	feat: modernise to Go 1.26 iterators and stdlib helpers	2026-02-23 05:47:16 +00:00
sessions_test.go	feat: add WithSessions server-side session middleware	2026-02-20 23:44:46 +00:00
slog_test.go	feat: add WithSlog structured request logging middleware	2026-02-20 23:14:15 +00:00
sse.go	feat: modernise to Go 1.26 iterators and stdlib helpers	2026-02-23 05:47:16 +00:00
sse_test.go	refactor: apply go fix modernizers for Go 1.26	2026-02-22 21:00:16 +00:00
static_test.go	feat: add WithStatic static file serving middleware	2026-02-20 23:23:17 +00:00
swagger.go	feat: refactor swagger to use SpecBuilder for runtime OpenAPI generation	2026-02-21 00:53:37 +00:00
swagger_test.go	feat: refactor swagger to use SpecBuilder for runtime OpenAPI generation	2026-02-21 00:53:37 +00:00
timeout_test.go	fix: skip timeout tests under race detector (upstream gin-contrib/timeout data race)	2026-02-23 08:05:16 +00:00
tracing.go	feat: add WithTracing OpenTelemetry distributed tracing middleware	2026-02-21 00:24:46 +00:00
tracing_test.go	feat: add WithTracing OpenTelemetry distributed tracing middleware	2026-02-21 00:24:46 +00:00
websocket.go	feat: add WebSocket endpoint and channel listing from StreamGroups	2026-02-20 15:53:10 +00:00
websocket_test.go	feat: add WebSocket endpoint and channel listing from StreamGroups	2026-02-20 15:53:10 +00:00

README.md

go-api

REST framework + OpenAPI SDK generation for the Lethean Go ecosystem.

Overview

go-api provides a Gin-based HTTP engine that subsystems plug into via the RouteGroup interface. Each ecosystem package (go-ml, go-rag, go-agentic, etc.) registers its own route group, and go-api handles the HTTP plumbing, middleware, response envelopes, WebSocket integration, and OpenAPI spec generation.

Quick Start

import api "forge.lthn.ai/core/go-api"

engine, _ := api.New(
    api.WithAddr(":8080"),
    api.WithBearerAuth("my-token"),
    api.WithCORS("*"),
    api.WithRequestID(),
    api.WithSwagger("My API", "Description", "0.1.0"),
)

engine.Register(myRoutes)
engine.Serve(ctx)

Implementing a RouteGroup

type Routes struct{ service *mypackage.Service }

func (r *Routes) Name() string     { return "mypackage" }
func (r *Routes) BasePath() string { return "/v1/mypackage" }

func (r *Routes) RegisterRoutes(rg *gin.RouterGroup) {
    rg.GET("/items", r.ListItems)
    rg.POST("/items", r.CreateItem)
}

func (r *Routes) ListItems(c *gin.Context) {
    items, _ := r.service.List(c.Request.Context())
    c.JSON(200, api.OK(items))
}

Authentik Integration

engine, _ := api.New(
    api.WithAuthentik(api.AuthentikConfig{
        Issuer:       "https://auth.lthn.io/application/o/core-api/",
        ClientID:     "core-api",
        TrustedProxy: true,  // Read X-authentik-* headers from Traefik
    }),
)

In handlers, use GetUser() to access the authenticated user:

func (r *Routes) ListItems(c *gin.Context) {
    user := api.GetUser(c)  // nil if unauthenticated
    if user != nil {
        // user.Username, user.Email, user.Groups, user.UID
    }
}

For protected routes, use RequireAuth() or RequireGroup():

func (r *Routes) RegisterRoutes(rg *gin.RouterGroup) {
    rg.GET("/public", r.PublicEndpoint)
    rg.GET("/private", api.RequireAuth(), r.PrivateEndpoint)
    rg.GET("/admin", api.RequireGroup("admins"), r.AdminEndpoint)
}

Features

Response envelope — api.OK(), api.Fail(), api.Paginated() for consistent JSON responses
Middleware — Bearer auth, CORS, request ID generation, panic recovery
Authentik — Forward auth headers + OIDC JWT validation, RequireAuth() and RequireGroup() guards
WebSocket — WithWSHandler() mounts any http.Handler at /ws
Swagger UI — WithSwagger() serves interactive API docs at /swagger/
Health check — Built-in GET /health endpoint

Licence

EUPL-1.2