REST framework + OpenAPI SDK generation for the Lethean Go ecosystem
Find a file
Snider 303779f527 feat: refactor swagger to use SpecBuilder for runtime OpenAPI generation
Replace the hardcoded Swagger 2.0 JSON template with SpecBuilder-backed
OpenAPI 3.1 generation. The swagger spec is now built lazily from
registered RouteGroups (including DescribableGroup and ToolBridge
endpoints) and cached via sync.Once. Uses unique swag instance names
to avoid global registry collisions in tests.

Co-Authored-By: Virgil <virgil@lethean.io>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-21 00:53:37 +00:00
api.go feat: refactor swagger to use SpecBuilder for runtime OpenAPI generation 2026-02-21 00:53:37 +00:00
api_test.go feat: add Engine with Register, Handler, Serve, and graceful shutdown 2026-02-20 15:46:11 +00:00
authentik.go feat(authentik): add RequireAuth and RequireGroup middleware 2026-02-20 16:43:55 +00:00
authentik_integration_test.go test: add live Authentik integration tests 2026-02-20 19:29:20 +00:00
authentik_test.go feat(authentik): add RequireAuth and RequireGroup middleware 2026-02-20 16:43:55 +00:00
authz_test.go feat: add WithAuthz Casbin authorisation middleware 2026-02-20 23:49:02 +00:00
bridge.go feat: add ToolBridge for tool-to-REST endpoint conversion 2026-02-21 00:44:49 +00:00
bridge_test.go feat: add ToolBridge for tool-to-REST endpoint conversion 2026-02-21 00:44:49 +00:00
brotli.go feat: add WithBrotli response compression middleware 2026-02-20 23:37:46 +00:00
brotli_test.go feat: add WithBrotli response compression middleware 2026-02-20 23:37:46 +00:00
cache.go feat: add WithCache response caching middleware 2026-02-20 23:41:48 +00:00
cache_test.go feat: add WithCache response caching middleware 2026-02-20 23:41:48 +00:00
CLAUDE.md docs: add Authentik integration guide to CLAUDE.md and README 2026-02-20 16:45:26 +00:00
export.go feat: add spec export helpers for JSON and YAML output 2026-02-21 00:51:58 +00:00
export_test.go feat: add spec export helpers for JSON and YAML output 2026-02-21 00:51:58 +00:00
expvar_test.go feat: add WithExpvar runtime metrics endpoint 2026-02-21 00:20:31 +00:00
go.mod feat: add spec export helpers for JSON and YAML output 2026-02-21 00:51:58 +00:00
go.sum feat: add WithTracing OpenTelemetry distributed tracing middleware 2026-02-21 00:24:46 +00:00
graphql.go feat: add WithGraphQL endpoint and playground support 2026-02-21 00:12:25 +00:00
graphql_test.go feat: add WithGraphQL endpoint and playground support 2026-02-21 00:12:25 +00:00
group.go feat: add DescribableGroup interface for OpenAPI metadata 2026-02-21 00:42:13 +00:00
group_test.go feat: add DescribableGroup interface for OpenAPI metadata 2026-02-21 00:42:13 +00:00
gzip_test.go feat: add WithGzip response compression middleware 2026-02-20 23:20:46 +00:00
httpsign_test.go feat: add WithHTTPSign HTTP signature verification middleware 2026-02-20 23:57:30 +00:00
i18n.go feat: add WithI18n locale detection middleware 2026-02-21 00:08:17 +00:00
i18n_test.go feat: add WithI18n locale detection middleware 2026-02-21 00:08:17 +00:00
LICENCE chore: scaffold go-api module 2026-02-20 15:42:16 +00:00
location_test.go feat: add WithLocation reverse proxy header detection middleware 2026-02-21 00:04:28 +00:00
middleware.go feat: add bearer auth, request ID, and CORS middleware 2026-02-20 15:49:35 +00:00
middleware_test.go feat: add bearer auth, request ID, and CORS middleware 2026-02-20 15:49:35 +00:00
openapi.go feat: add SpecBuilder for runtime OpenAPI 3.1 generation 2026-02-21 00:48:28 +00:00
openapi_test.go feat: add SpecBuilder for runtime OpenAPI 3.1 generation 2026-02-21 00:48:28 +00:00
options.go feat: add WithExpvar runtime metrics endpoint 2026-02-21 00:20:31 +00:00
pprof_test.go feat: add WithPprof runtime profiling endpoints 2026-02-21 00:18:05 +00:00
README.md test: add live Authentik integration tests 2026-02-20 19:29:20 +00:00
response.go feat: add response envelope with OK, Fail, Paginated helpers 2026-02-20 15:44:17 +00:00
response_test.go feat: add response envelope with OK, Fail, Paginated helpers 2026-02-20 15:44:17 +00:00
secure_test.go fix: correct misleading IsDevelopment comments in WithSecure 2026-02-20 23:15:29 +00:00
sessions_test.go feat: add WithSessions server-side session middleware 2026-02-20 23:44:46 +00:00
slog_test.go feat: add WithSlog structured request logging middleware 2026-02-20 23:14:15 +00:00
sse.go feat: add WithSSE server-sent events support 2026-02-21 00:01:04 +00:00
sse_test.go feat: add WithSSE server-sent events support 2026-02-21 00:01:04 +00:00
static_test.go feat: add WithStatic static file serving middleware 2026-02-20 23:23:17 +00:00
swagger.go feat: refactor swagger to use SpecBuilder for runtime OpenAPI generation 2026-02-21 00:53:37 +00:00
swagger_test.go feat: refactor swagger to use SpecBuilder for runtime OpenAPI generation 2026-02-21 00:53:37 +00:00
timeout_test.go feat: add WithTimeout per-request timeout middleware 2026-02-20 23:18:24 +00:00
tracing.go feat: add WithTracing OpenTelemetry distributed tracing middleware 2026-02-21 00:24:46 +00:00
tracing_test.go feat: add WithTracing OpenTelemetry distributed tracing middleware 2026-02-21 00:24:46 +00:00
websocket.go feat: add WebSocket endpoint and channel listing from StreamGroups 2026-02-20 15:53:10 +00:00
websocket_test.go feat: add WebSocket endpoint and channel listing from StreamGroups 2026-02-20 15:53:10 +00:00

go-api

REST framework + OpenAPI SDK generation for the Lethean Go ecosystem.

Overview

go-api provides a Gin-based HTTP engine that subsystems plug into via the RouteGroup interface. Each ecosystem package (go-ml, go-rag, go-agentic, etc.) registers its own route group, and go-api handles the HTTP plumbing, middleware, response envelopes, WebSocket integration, and OpenAPI spec generation.

Quick Start

import api "forge.lthn.ai/core/go-api"

engine, _ := api.New(
    api.WithAddr(":8080"),
    api.WithBearerAuth("my-token"),
    api.WithCORS("*"),
    api.WithRequestID(),
    api.WithSwagger("My API", "Description", "0.1.0"),
)

engine.Register(myRoutes)
engine.Serve(ctx)

Implementing a RouteGroup

type Routes struct{ service *mypackage.Service }

func (r *Routes) Name() string     { return "mypackage" }
func (r *Routes) BasePath() string { return "/v1/mypackage" }

func (r *Routes) RegisterRoutes(rg *gin.RouterGroup) {
    rg.GET("/items", r.ListItems)
    rg.POST("/items", r.CreateItem)
}

func (r *Routes) ListItems(c *gin.Context) {
    items, _ := r.service.List(c.Request.Context())
    c.JSON(200, api.OK(items))
}

Authentik Integration

engine, _ := api.New(
    api.WithAuthentik(api.AuthentikConfig{
        Issuer:       "https://auth.lthn.io/application/o/core-api/",
        ClientID:     "core-api",
        TrustedProxy: true,  // Read X-authentik-* headers from Traefik
    }),
)

In handlers, use GetUser() to access the authenticated user:

func (r *Routes) ListItems(c *gin.Context) {
    user := api.GetUser(c)  // nil if unauthenticated
    if user != nil {
        // user.Username, user.Email, user.Groups, user.UID
    }
}

For protected routes, use RequireAuth() or RequireGroup():

func (r *Routes) RegisterRoutes(rg *gin.RouterGroup) {
    rg.GET("/public", r.PublicEndpoint)
    rg.GET("/private", api.RequireAuth(), r.PrivateEndpoint)
    rg.GET("/admin", api.RequireGroup("admins"), r.AdminEndpoint)
}

Features

  • Response envelopeapi.OK(), api.Fail(), api.Paginated() for consistent JSON responses
  • Middleware — Bearer auth, CORS, request ID generation, panic recovery
  • Authentik — Forward auth headers + OIDC JWT validation, RequireAuth() and RequireGroup() guards
  • WebSocketWithWSHandler() mounts any http.Handler at /ws
  • Swagger UIWithSwagger() serves interactive API docs at /swagger/
  • Health check — Built-in GET /health endpoint

Licence

EUPL-1.2