Forem: Cláudio Filipe Lima Rapôso The latest articles on Forem by Cláudio Filipe Lima Rapôso (@sertaoseracloud). https://forem.com/sertaoseracloud https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2686804%2F21b0095d-7793-4b03-b894-5b639c6264c0.png Forem: Cláudio Filipe Lima Rapôso https://forem.com/sertaoseracloud en Road to Golden Jacket: My Journey and Tips for the New AWS SOA-C03 Exam 🚀 Cláudio Filipe Lima Rapôso Mon, 30 Mar 2026 16:15:52 +0000 https://forem.com/sertaoseracloud/road-to-golden-jacket-my-journey-and-tips-for-the-new-aws-soa-c03-exam-i4j https://forem.com/sertaoseracloud/road-to-golden-jacket-my-journey-and-tips-for-the-new-aws-soa-c03-exam-i4j <p>When I sat down to take my AWS Certified SysOps Administrator - Associate exam on <strong>March 23</strong>, I had prepared for a broad range of operational topics. But when the test began, one thing became immediately clear: <strong>Amazon CloudWatch was everywhere.</strong></p> <p>It felt like every other scenario revolved around monitoring, analyzing logs, or troubleshooting performance bottlenecks. Now that AWS has officially transitioned to the new <strong>AWS Certified CloudOps Engineer - Associate (SOA-C03)</strong> exam, I realize that my heavy CloudWatch experience was actually the best preparation I could have asked for.</p> <p>Here is a personal look at my exam experience, why CloudWatch is your best friend, and my top tips for anyone tackling the new CloudOps certification.</p> <h2> 📈 The CloudWatch Marathon </h2> <p>During my exam on March 23, the monitoring and logging domain was a massive part of the test. I had to know exactly how to trigger alarms, collect logs, and automate responses.</p> <p>If you are studying for the new SOA-C03 exam, this is even more critical. The domain has been expanded to <strong>"Monitoring, Logging, Analysis, Remediation, and Performance Optimization"</strong> and now carries the heaviest weight on the exam at <strong>22%</strong>,.</p> <p>To pass, you must understand how to:</p> <ul> <li> Configure and manage the CloudWatch agent to collect metrics and logs not just from EC2 instances, but also from <strong>Amazon ECS and Amazon EKS clusters</strong>,.</li> <li> Set up composite alarms and configure them to invoke AWS services directly or through <strong>Amazon EventBridge</strong>.</li> <li> Automate remediation tasks using <strong>AWS Systems Manager Automation runbooks</strong>.</li> </ul> <h2> 🔄 Bridging the Gap: SysOps to CloudOps </h2> <p>While my exam tested me heavily on traditional monitoring, the new "CloudOps" title reflects a modern shift in cloud operations. If I were taking the SOA-C03 today, here is what I would add to my study list to bridge the gap:</p> <ul> <li> <strong>The Container Ecosystem:</strong> Containers are now officially in-scope. You need to understand Amazon Elastic Container Registry (ECR), Elastic Container Service (ECS), and Elastic Kubernetes Service (EKS),.</li> <li> <strong>Infrastructure as Code (IaC):</strong> The new exam emphasizes creating and managing stacks using <strong>AWS CloudFormation</strong> and the <strong>AWS Cloud Development Kit (AWS CDK)</strong>,.</li> <li> <strong>Multi-Account Management:</strong> Operating in a single account is a thing of the past. You must know how to enforce compliance and manage security across multiple accounts using <strong>AWS Organizations</strong>, <strong>Service Control Policies (SCPs)</strong>, and <strong>AWS Control Tower</strong>,.</li> </ul> <h2> 💡 My Top Tips for Exam Day </h2> <p>Based on my experience in the hot seat, here are my top tips for crushing the exam:</p> <ol> <li> <strong>Build a Real Monitoring Lab:</strong> Don't just read the docs. Spin up an EC2 instance, install the CloudWatch agent, and create a custom dashboard,. Set up an alarm to trigger an SNS notification or an EventBridge rule, so you see the automated flow in action.</li> <li> <strong>Master Automation:</strong> Understand how to use AWS Systems Manager to automate operational processes and remediate issues,.</li> <li> <strong>Eliminate the Noise:</strong> AWS questions are famously wordy and the distractors are designed to look plausible. Find the core requirement like "most cost-effective" or "highly available" and eliminate the answers that don't fit.</li> <li> <strong>Embrace the AWS Well-Architected Framework:</strong> The exam tests your ability to support workloads according to these best practices,. Always think about how to optimize performance and reliability.</li> </ol> <p>Taking this exam validated my practical skills and proved that I could maintain and secure workloads in the cloud. If you are preparing for the SOA-C03, dive deep into CloudWatch and embrace automation!</p> <h1> 💡 Enjoyed it? </h1> <p>If you want to chat about AI, cloud, and architecture, follow me on my socials:</p> <p><a href="https://olink.ai/sertaoseracloud" rel="noopener noreferrer">Social Media</a></p> <p>I post technical content straight from the front lines. And whenever I discover a time-saving tool that gets the job done right, like this one, you'll hear about it too.</p> <p>Have you taken the exam yet? Let me know your experience in the comments below! 👇</p> aws career devops monitoring From Infrastructure to Product: Pipelines into a Profitable SaaS Cláudio Filipe Lima Rapôso Thu, 12 Mar 2026 19:12:31 +0000 https://forem.com/sertaoseracloud/from-infrastructure-to-product-pipelines-into-a-profitable-saas-44mc https://forem.com/sertaoseracloud/from-infrastructure-to-product-pipelines-into-a-profitable-saas-44mc <p><strong>Open Journal Systems (OJS)</strong> is the engine behind thousands of scientific publications worldwide. However, educational institutions, from high schools running literary magazines to universities managing peer-reviewed journals, share a massive pain point: they want to publish research, but they lack the internal IT resources to manage complex PHP monoliths, backups, and server security.</p> <p>Blending my experience in the classroom with software architecture, I realized this is a massive opportunity. We can move beyond just "hosting" OJS and transform it into a fully automated, <strong>Zero-Touch B2B SaaS platform</strong> targeted globally at the education sector.</p> <p>This article details the design, infrastructure, and product strategy to build a highly available, multi-tenant OJS SaaS on <strong>Amazon Web Services (AWS)</strong> using Terraform, Go, and GitHub Actions.</p> <h2> 🏗️ 1. The Reference Architecture on AWS </h2> <p>To sell this globally, we cannot afford manual interventions or local server disks. We must adopt a distributed, <em>stateless</em>, and 100% managed topology.</p> <h3> Core Components: </h3> <ul> <li> <strong>Compute:</strong> <strong>Amazon ECS with AWS Fargate</strong>. We run the OJS Docker image in a <em>serverless</em> manner. We pay only for the CPU/RAM consumed, which is crucial for maximizing profit margins.</li> <li> <strong>Database:</strong> <strong>Amazon RDS for MySQL</strong>. Fully managed, automated backups, and isolated data tiers.</li> <li> <strong>File Persistence:</strong> OJS requires a persistent directory (<code>files_dir</code>) for articles and PDFs. We mount <strong>Amazon EFS (Elastic File System)</strong> directly to the ECS Task via the NFS protocol.</li> </ul> <h2> ⚙️ 2. The "Zero-Touch" Provisioning Engine </h2> <p>To turn this infrastructure into a product, the entire customer lifecycle must be automated. Here is how the provisioning engine works:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftro7h6xlpywnjfbrj862.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftro7h6xlpywnjfbrj862.png" alt="Engine" width="800" height="672"></a></p> <ol> <li> <strong>The Storefront:</strong> A university administrator selects a plan on your landing page and checks out.</li> <li> <strong>The Orchestrator (Golang API):</strong> For high concurrency and low footprint, a lightweight backend API built in <strong>Go</strong> listens for the payment gateway webhook (e.g., Stripe).</li> <li> <strong>The Trigger:</strong> The Go API automatically calls the <strong>GitHub Actions API</strong>, passing the <code>tenant_name</code>, <code>region</code>, and <code>tier</code> as JSON payloads.</li> <li> <strong>The Magic:</strong> GitHub Actions runs the Terraform scripts. Within minutes, the isolated AWS infrastructure is provisioned, Route53 updates the DNS (<code>journal.university.edu</code>), and the client receives an automated email with their admin credentials. </li> </ol> <h3> 🌍 Level 1: The System Context Diagram (Business View) </h3> <p><strong>Who it's for:</strong> Executives, Investors, University Directors, and non-technical Stakeholders.<br> <strong>What it shows:</strong> The "Big Picture." It places our <strong>OJS SaaS Platform</strong> at the center of the universe and focuses exclusively on answering two questions: <em>Who uses the system?</em> and <em>What other systems do we talk to?</em></p> <ul> <li> <strong>The Actors:</strong> It makes it clear that we have different user profiles (the Admin who pays, the Author who publishes, the Reader who consumes).</li> <li> <strong>The External Boundaries:</strong> It shows that we didn't build a payment processor from scratch (we use <strong>Stripe</strong>), we didn't reinvent infrastructure pipelines (we use <strong>GitHub Actions</strong>), and we integrate with academic industry standards (<strong>Crossref</strong>).</li> <li> <strong>The Value:</strong> Here, technology doesn't matter. There is no AWS, Go, or PHP in this diagram. The focus is purely on the business value flow.</li> </ul> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fierybgtw58y6oubbfa0v.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fierybgtw58y6oubbfa0v.png" alt="Systems Context" width="800" height="565"></a></p> <h3> Level 2: The Container Diagram (Solution/Cloud View) </h3> <p><strong>Who it's for:</strong> Cloud Architects, DevOps Engineers, Tech Leads, and Security Teams.<br> <strong>What it shows:</strong> How the central system (the blue box from Level 1) is divided internally.<br> <em>(Architectural Note: In the C4 Model, a "Container" means an independently deployable/runnable unit, not necessarily a Docker container, although in our case, they coincide).</em></p> <ul> <li> <strong>Separation of Concerns:</strong> The division between the <strong>Storefront Web</strong> (React Front-end), the <strong>Provisioning API</strong> (our Go engine), and the <strong>Tenant Infrastructure</strong> (the client's OJS) is crystal clear.</li> <li> <strong>Technology Choices:</strong> This is where the cloud "magic" appears. We show that OJS runs on <strong>ECS Fargate</strong> (Compute), uses <strong>Amazon RDS</strong> (Relational Database), and <strong>Amazon EFS</strong> (Network persistence for PDFs).</li> <li> <strong>Communication Flow:</strong> It shows that the Admin doesn't access the database directly; the communication flows from the Browser to the Load Balancer, to the container, and only then to the database via port 3306.</li> </ul> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fud5pyvu4a8vh42skqk10.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fud5pyvu4a8vh42skqk10.png" alt="Container Context" width="800" height="713"></a></p> <h3> 🧩 Level 3: The Component Diagram (Engineering/Code View) </h3> <p><strong>Who it's for:</strong> Software Developers (Backend).<br> <strong>What it shows:</strong> We take just one of the containers from Level 2 (in this case, our <strong>Go Provisioning API</strong>) and open the hood to see how the code is structured internally.</p> <ul> <li> <strong>Domain Isolation:</strong> This is the perfect level to demonstrate <strong>Domain-Driven Design (DDD)</strong> principles. The <code>Tenant Manager</code> component represents the heart of our domain (where the business rules live).</li> <li> <strong>Dependency Inversion:</strong> The diagram shows components like the <code>GitHub API Client</code> and the <code>Metadata Repository</code>. As architects, we want our domain (<code>Tenant Manager</code>) to not depend on specific infrastructure implementations, but rather on interfaces (ports and adapters). The visual flow shows how the business rule delegates the heavy I/O lifting to external clients.</li> <li> <strong>The Webhook Lifecycle:</strong> It explains the exact path of the data: The request hits the <code>Router</code>, passes through validation in the <code>Payment Handler</code>, updates the database via the <code>Metadata Repo</code>, and finally triggers the infrastructure via the <code>GitHub Client</code>.</li> </ul> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fiqdgo3vaqy1dd2p65kyq.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fiqdgo3vaqy1dd2p65kyq.png" alt="Component Diagram" width="513" height="1080"></a></p> <p>Here is the GitHub Actions workflow that your Go API triggers:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s1">'</span><span class="s">Zero-Touch</span><span class="nv"> </span><span class="s">SaaS</span><span class="nv"> </span><span class="s">Provisioning'</span> <span class="na">on</span><span class="pi">:</span> <span class="na">workflow_dispatch</span><span class="pi">:</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">tenant_name</span><span class="pi">:</span> <span class="pi">{</span> <span class="nv">description</span><span class="pi">:</span> <span class="s1">'</span><span class="s">Tenant</span><span class="nv"> </span><span class="s">Name'</span><span class="pi">,</span> <span class="nv">required</span><span class="pi">:</span> <span class="nv">true</span> <span class="pi">}</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">{</span> <span class="nv">description</span><span class="pi">:</span> <span class="s1">'</span><span class="s">Tier</span><span class="nv"> </span><span class="s">(basic/premium)'</span><span class="pi">,</span> <span class="nv">required</span><span class="pi">:</span> <span class="nv">true</span> <span class="pi">}</span> <span class="na">aws_region</span><span class="pi">:</span> <span class="pi">{</span> <span class="nv">description</span><span class="pi">:</span> <span class="s1">'</span><span class="s">Target</span><span class="nv"> </span><span class="s">Region'</span><span class="pi">,</span> <span class="nv">required</span><span class="pi">:</span> <span class="nv">true</span> <span class="pi">}</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">deploy</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Configure AWS Credentials</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">aws-actions/configure-aws-credentials@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">aws-access-key-id</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_ACCESS_KEY_ID }}</span> <span class="na">aws-secret-access-key</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_SECRET_ACCESS_KEY }}</span> <span class="na">aws-region</span><span class="pi">:</span> <span class="s">${{ github.event.inputs.aws_region }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Terraform Init &amp; Apply</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">terraform init -backend-config="key=${{ github.event.inputs.tenant_name }}.tfstate"</span> <span class="s">terraform apply -var-file="envs/${{ github.event.inputs.environment }}.tfvars.json" -auto-approve</span> </code></pre> </div> <h2> 🌍 3. Global Scaling and Data Compliance </h2> <p>Selling to the global education market means navigating strict data privacy laws. Because our infrastructure is codified with Terraform, deploying a compliant environment is just a matter of dynamically injecting the <code>aws_region</code> variable:</p> <ul> <li> <strong>GDPR (Europe):</strong> If a German university signs up, the automation deploys to <code>eu-central-1</code> (Frankfurt). The data never leaves Europe.</li> <li> <strong>LGPD (Brazil):</strong> For Brazilian institutions, the automation targets <code>sa-east-1</code> (São Paulo).</li> <li> <strong>FERPA/HIPAA (USA):</strong> Medical universities publishing clinical trials can be hosted in isolated, dedicated environments in the US.</li> </ul> <h2> 💎 4. Tiered Product Strategy (FinOps) </h2> <p>We can structure the SaaS offerings to capture both ends of the academic spectrum, leveraging AWS FinOps strategies:</p> <h3> Tier 1: High School &amp; Small College Plan (High Volume) </h3> <ul> <li> <strong>Use Case:</strong> High school science fairs or small departmental newsletters.</li> <li> <strong>Architecture:</strong> Shared ECS resources and a single shared RDS instance with logical separation (different schemas per school).</li> <li> <strong>FinOps:</strong> We use <strong>Fargate Spot</strong> to utilize spare AWS compute capacity for up to a <strong>70% discount</strong>. We also use EventBridge to scale the environments down to zero during weekends and school holidays.</li> </ul> <h3> Tier 2: University &amp; Research Institute Plan (High Margin) </h3> <ul> <li> <strong>Use Case:</strong> Official university peer-reviewed journals indexing globally with Crossref and DOIs.</li> <li> <strong>Architecture:</strong> Dedicated ECS Tasks, isolated RDS instances powered by Graviton (ARM) processors for better price/performance, and custom domain mapping.</li> <li> <strong>Price Point:</strong> Premium recurring revenue with strict SLA guarantees and daily automated snapshots.</li> </ul> <h2> 🐳 5. Dockerizing OJS </h2> <p>The Docker image remains very similar to any standard containerized environment, focusing heavily on the required PHP extensions:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight docker"><code><span class="k">FROM</span><span class="s"> php:8.2-apache</span> <span class="c"># System dependencies and PHP extensions required for OJS on AWS</span> <span class="k">RUN </span>apt-get update <span class="o">&amp;&amp;</span> apt-get <span class="nb">install</span> <span class="nt">-y</span> <span class="se">\ </span> libpng-dev libjpeg-dev libxml2-dev libzip-dev zlib1g-dev libicu-dev g++ <span class="se">\ </span> <span class="o">&amp;&amp;</span> docker-php-ext-configure gd <span class="nt">--with-jpeg</span> <span class="se">\ </span> <span class="o">&amp;&amp;</span> docker-php-ext-install gd mysqli opcache zip intl gettext <span class="c"># Upload Optimizations</span> <span class="k">RUN </span><span class="o">{</span> <span class="se">\ </span> <span class="nb">echo</span> <span class="s1">'opcache.memory_consumption=128'</span><span class="p">;</span> <span class="se">\ </span> <span class="nb">echo</span> <span class="s1">'upload_max_filesize=64M'</span><span class="p">;</span> <span class="se">\ </span> <span class="nb">echo</span> <span class="s1">'post_max_size=64M'</span><span class="p">;</span> <span class="se">\ </span> <span class="o">}</span> <span class="o">&gt;</span> /usr/local/etc/php/conf.d/ojs-optimization.ini <span class="k">COPY</span><span class="s"> . /var/www/html/</span> <span class="k">RUN </span><span class="nb">chown</span> <span class="nt">-R</span> www-data:www-data /var/www/html/ </code></pre> </div> <h2> 🛠️ 6. Infrastructure as Code (Terraform) </h2> <p>Governance across the AWS environment is managed via Terraform. The state (<code>.tfstate</code>) is securely stored in <strong>Amazon S3</strong> with State Locking handled by <strong>DynamoDB</strong>.</p> <p>Below is the critical snippet that connects ECS (Fargate) to EFS to persist the PDFs:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># 1. Amazon RDS MySQL</span> <span class="nx">resource</span> <span class="s2">"aws_db_instance"</span> <span class="s2">"ojs_db"</span> <span class="p">{</span> <span class="nx">identifier</span> <span class="p">=</span> <span class="s2">"ojs-db-${var.environment}"</span> <span class="nx">allocated_storage</span> <span class="p">=</span> <span class="mi">20</span> <span class="nx">engine</span> <span class="p">=</span> <span class="s2">"mysql"</span> <span class="nx">engine_version</span> <span class="p">=</span> <span class="s2">"8.0"</span> <span class="nx">instance_class</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">db_instance_class</span> <span class="nx">username</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">db_user</span> <span class="nx">password</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">db_password</span> <span class="nx">vpc_security_group_ids</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_security_group</span><span class="p">.</span><span class="nx">rds_sg</span><span class="p">.</span><span class="nx">id</span><span class="p">]</span> <span class="nx">db_subnet_group_name</span> <span class="p">=</span> <span class="nx">aws_db_subnet_group</span><span class="p">.</span><span class="nx">main</span><span class="p">.</span><span class="nx">name</span> <span class="nx">skip_final_snapshot</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="c1"># 2. Amazon EFS for the files directory</span> <span class="nx">resource</span> <span class="s2">"aws_efs_file_system"</span> <span class="s2">"ojs_files"</span> <span class="p">{</span> <span class="nx">creation_token</span> <span class="p">=</span> <span class="s2">"ojs-efs-${var.environment}"</span> <span class="nx">encrypted</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="c1"># 3. ECS Task Definition (Fargate) with EFS Volume</span> <span class="nx">resource</span> <span class="s2">"aws_ecs_task_definition"</span> <span class="s2">"ojs_task"</span> <span class="p">{</span> <span class="nx">family</span> <span class="p">=</span> <span class="s2">"ojs-app-${var.environment}"</span> <span class="nx">requires_compatibilities</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"FARGATE"</span><span class="p">]</span> <span class="nx">network_mode</span> <span class="p">=</span> <span class="s2">"awsvpc"</span> <span class="nx">cpu</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">fargate_cpu</span> <span class="nx">memory</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">fargate_memory</span> <span class="nx">container_definitions</span> <span class="p">=</span> <span class="nx">jsonencode</span><span class="p">([{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"ojs-container"</span> <span class="nx">image</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ecr_image_url</span> <span class="nx">mountPoints</span> <span class="p">=</span> <span class="p">[{</span> <span class="nx">sourceVolume</span> <span class="p">=</span> <span class="s2">"ojs-efs-volume"</span> <span class="nx">containerPath</span> <span class="p">=</span> <span class="s2">"/var/www/ojsdata"</span> <span class="p">}]</span> <span class="nx">environment</span> <span class="p">=</span> <span class="p">[</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"MYSQL_HOST"</span><span class="p">,</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_db_instance</span><span class="p">.</span><span class="nx">ojs_db</span><span class="p">.</span><span class="nx">address</span> <span class="p">}</span> <span class="p">]</span> <span class="p">}])</span> <span class="nx">volume</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"ojs-efs-volume"</span> <span class="nx">efs_volume_configuration</span> <span class="p">{</span> <span class="nx">file_system_id</span> <span class="p">=</span> <span class="nx">aws_efs_file_system</span><span class="p">.</span><span class="nx">ojs_files</span><span class="p">.</span><span class="nx">id</span> <span class="nx">transit_encryption</span> <span class="p">=</span> <span class="s2">"ENABLED"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Variable Injection (FinOps) </h3> <p>We define instance sizes via JSON (<code>prod.tfvars.json</code>) to control costs per environment:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"environment"</span><span class="p">:</span><span class="w"> </span><span class="s2">"prod"</span><span class="p">,</span><span class="w"> </span><span class="nl">"region"</span><span class="p">:</span><span class="w"> </span><span class="s2">"us-east-1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"fargate_cpu"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1024"</span><span class="p">,</span><span class="w"> </span><span class="nl">"fargate_memory"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2048"</span><span class="p">,</span><span class="w"> </span><span class="nl">"db_instance_class"</span><span class="p">:</span><span class="w"> </span><span class="s2">"db.t4g.medium"</span><span class="p">,</span><span class="w"> </span><span class="nl">"db_user"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ojsadmin"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> 🚀 7. CI/CD with GitHub Actions </h2> <p>The automated deployment pipeline checks out the code, configures AWS credentials, and updates the infrastructure via Terraform.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s1">'</span><span class="s">Deploy</span><span class="nv"> </span><span class="s">OJS</span><span class="nv"> </span><span class="s">AWS'</span> <span class="na">on</span><span class="pi">:</span> <span class="na">workflow_dispatch</span><span class="pi">:</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">tenant_name</span><span class="pi">:</span> <span class="pi">{</span> <span class="nv">description</span><span class="pi">:</span> <span class="s1">'</span><span class="s">Tenant</span><span class="nv"> </span><span class="s">Name'</span><span class="pi">,</span> <span class="nv">required</span><span class="pi">:</span> <span class="nv">true</span> <span class="pi">}</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">{</span> <span class="nv">description</span><span class="pi">:</span> <span class="s1">'</span><span class="s">Environment</span><span class="nv"> </span><span class="s">(dev/hom/prod)'</span><span class="pi">,</span> <span class="nv">required</span><span class="pi">:</span> <span class="nv">true</span> <span class="pi">}</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">deploy</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Configure AWS Credentials</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">aws-actions/configure-aws-credentials@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">aws-access-key-id</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_ACCESS_KEY_ID }}</span> <span class="na">aws-secret-access-key</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_SECRET_ACCESS_KEY }}</span> <span class="na">aws-region</span><span class="pi">:</span> <span class="s">us-east-1</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Terraform Init (S3 Backend)</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">terraform init \</span> <span class="s">-backend-config="bucket=ojs-terraform-state-central" \</span> <span class="s">-backend-config="key=${{ github.event.inputs.tenant_name }}.${{ github.event.inputs.environment }}.tfstate" \</span> <span class="s">-backend-config="dynamodb_table=terraform-lock"</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Terraform Apply</span> <span class="na">env</span><span class="pi">:</span> <span class="na">TF_VAR_db_password</span><span class="pi">:</span> <span class="s">${{ secrets.DB_PASSWORD }}</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">terraform apply \</span> <span class="s">-var-file="envs/${{ github.event.inputs.environment }}.tfvars.json" \</span> <span class="s">-auto-approve</span> </code></pre> </div> <h2> 💰 8. FinOps: Cost Optimization on AWS </h2> <p>AWS provides fantastic mechanisms to slash costs in non-production environments:</p> <ol> <li> <strong>Fargate Spot:</strong> In <strong>Dev/Hom</strong> environments, we configure the ECS <em>Capacity Provider</em> to use <strong>Fargate Spot</strong>, utilizing spare AWS compute capacity for up to a <strong>70% discount</strong>.</li> <li> <strong>Graviton (ARM):</strong> We use RDS instances powered by Graviton processors (<code>db.t4g</code>), which deliver better performance at a lower price point than the x86 architecture.</li> <li> <strong>Scheduling Automation:</strong> We leverage <strong>Amazon EventBridge</strong> to trigger an <strong>AWS Lambda</strong> function that stops the RDS instance and scales the ECS <em>Desired Count</em> to <code>0</code> outside of regular business hours.</li> </ol> <h2> 🎯 Conclusion </h2> <p>By bridging the gap between software architecture and the needs of the classroom, we can transform Open Journal Systems from a complex IT burden into a seamless, globally scalable SaaS product. The combination of AWS ECS Fargate for horizontal scalability, Go for rapid API orchestration, and Terraform for compliant IaC delivers a true, zero-touch EdTech platform.</p> <p>Have you ever thought about productizing open-source software into a niche B2B SaaS? Share your thoughts and architectural approaches in the comments! 👇</p> aws terraform devops architecture Reason Your Python Code is Hard to Test with Single Responsibility Principle, And How to Fix It! (Portuguese version) Cláudio Filipe Lima Rapôso Mon, 29 Dec 2025 19:43:37 +0000 https://forem.com/sertaoseracloud/reason-your-python-code-is-hard-to-test-with-single-responsibility-principle-and-how-to-fix-it-3no1 https://forem.com/sertaoseracloud/reason-your-python-code-is-hard-to-test-with-single-responsibility-principle-and-how-to-fix-it-3no1 <p>O Princípio da Responsabilidade Única (SRP - <em>Single Responsibility Principle</em>) é a base dos princípios SOLID. Ele estabelece que <strong>uma classe deve ter um, e apenas um, motivo para mudar.</strong></p> <p>Quando ignoramos esse princípio, criamos "God Classes" (Classes Deus) componentes que sabem demais e fazem demais. Essas classes são frágeis: uma mudança no banco de dados pode quebrar a lógica de validação, ou uma alteração nas regras de negócio pode quebrar o sistema de envio de e-mails.</p> <p>Neste guia, analisaremos um antipadrão comum em uma funcionalidade de Cadastro de Usuário e a refatoraremos para uma arquitetura limpa e desacoplada.</p> <h2> ❌ O "Antes": A Violação do SRP </h2> <p>Aqui está um exemplo típico de código legado. Temos uma classe chamada <code>UserService</code>, mas ela não está agindo como um serviço; ela age como um monolito.</p> <p><strong>Por que isso é ruim:</strong></p> <ul> <li> <strong>Alto Acoplamento:</strong> Ela está fortemente ligada a regras de validação específicas e instruções de banco de dados (<code>print</code>).</li> <li> <strong>Difícil de Testar:</strong> Você não consegue testar a lógica de registro sem acionar a lógica do banco de dados.</li> <li> <strong>Múltiplos Motivos para Mudar:</strong> Se as regras de senha mudarem, este arquivo é aberto. Se o banco de dados mudar, este arquivo também é aberto. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">class</span> <span class="nc">UserService</span><span class="p">:</span> <span class="k">def</span> <span class="nf">register</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">name</span><span class="p">,</span> <span class="n">email</span><span class="p">,</span> <span class="n">password</span><span class="p">):</span> <span class="c1"># Responsabilidade 1: Lógica de Validação </span> <span class="k">if</span> <span class="nf">len</span><span class="p">(</span><span class="n">name</span><span class="p">)</span> <span class="o">&lt;</span> <span class="mi">3</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">O nome é muito curto</span><span class="sh">"</span><span class="p">)</span> <span class="k">if</span> <span class="sh">"</span><span class="s">@</span><span class="sh">"</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">email</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">Email inválido</span><span class="sh">"</span><span class="p">)</span> <span class="k">if</span> <span class="nf">len</span><span class="p">(</span><span class="n">password</span><span class="p">)</span> <span class="o">&lt;</span> <span class="mi">6</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">A senha é muito fraca</span><span class="sh">"</span><span class="p">)</span> <span class="c1"># Responsabilidade 2: Lógica de Banco de Dados (Verificar existência) </span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">[DB] Verificando se </span><span class="si">{</span><span class="n">email</span><span class="si">}</span><span class="s"> existe...</span><span class="sh">"</span><span class="p">)</span> <span class="k">if</span> <span class="n">email</span> <span class="o">==</span> <span class="sh">"</span><span class="s">taken@example.com</span><span class="sh">"</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">Email já está em uso</span><span class="sh">"</span><span class="p">)</span> <span class="c1"># Responsabilidade 3: Lógica de Persistência (Salvar) </span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">[DB] INSERT INTO users (name, email) VALUES (</span><span class="sh">'</span><span class="si">{</span><span class="n">name</span><span class="si">}</span><span class="sh">'</span><span class="s">, </span><span class="sh">'</span><span class="si">{</span><span class="n">email</span><span class="si">}</span><span class="sh">'</span><span class="s">)</span><span class="sh">"</span><span class="p">)</span> <span class="c1"># Responsabilidade 4: Lógica de Notificação </span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">[MAIL] Enviando e-mail de boas-vindas para </span><span class="si">{</span><span class="n">email</span><span class="si">}</span><span class="s">...</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <p><strong>Uso</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>service = UserService() service.register("Alice", "alice@example.com", "123456") </code></pre> </div> <h2> ✅ A Refatoração: Separação de Preocupações </h2> <p>Para corrigir isso, devemos identificar as responsabilidades distintas e extraí-las para suas próprias classes.</p> <h3> 1. A Entidade (Estrutura de Dados) </h3> <p>Primeiro, criamos uma representação dos dados. Esta classe não tem lógica; ela apenas armazena estado.</p> <ul> <li> <strong>Motivo para mudar:</strong> Apenas se os atributos do usuário (como adicionar <code>telefone</code>) mudarem. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">dataclasses</span> <span class="kn">import</span> <span class="n">dataclass</span> <span class="nd">@dataclass</span> <span class="k">class</span> <span class="nc">User</span><span class="p">:</span> <span class="n">name</span><span class="p">:</span> <span class="nb">str</span> <span class="n">email</span><span class="p">:</span> <span class="nb">str</span> <span class="n">password</span><span class="p">:</span> <span class="nb">str</span> </code></pre> </div> <h3> 2. O Validador (Regras de Negócio) </h3> <p>Extraímos as regras de validação. Esta classe garante a integridade dos dados.</p> <ul> <li> <strong>Motivo para mudar:</strong> Apenas se as regras para dados válidos mudarem. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">class</span> <span class="nc">UserValidator</span><span class="p">:</span> <span class="k">def</span> <span class="nf">validate</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">user</span><span class="p">:</span> <span class="n">User</span><span class="p">):</span> <span class="k">if</span> <span class="nf">len</span><span class="p">(</span><span class="n">user</span><span class="p">.</span><span class="n">name</span><span class="p">)</span> <span class="o">&lt;</span> <span class="mi">3</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">O nome é muito curto</span><span class="sh">"</span><span class="p">)</span> <span class="k">if</span> <span class="sh">"</span><span class="s">@</span><span class="sh">"</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">user</span><span class="p">.</span><span class="n">email</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">Email inválido</span><span class="sh">"</span><span class="p">)</span> <span class="k">if</span> <span class="nf">len</span><span class="p">(</span><span class="n">user</span><span class="p">.</span><span class="n">password</span><span class="p">)</span> <span class="o">&lt;</span> <span class="mi">6</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">A senha é muito fraca</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h3> 3. O Repositório (Persistência) </h3> <p>Abstraímos as operações de banco de dados. Esta classe lida com o "Como" armazenar os dados.</p> <ul> <li> <strong>Motivo para mudar:</strong> Apenas se a tecnologia do banco de dados (SQL, NoSQL, Arquivo) mudar. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">class</span> <span class="nc">UserRepository</span><span class="p">:</span> <span class="k">def</span> <span class="nf">exists</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">email</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">bool</span><span class="p">:</span> <span class="c1"># Simula verificação no DB </span> <span class="k">return</span> <span class="n">email</span> <span class="o">==</span> <span class="sh">"</span><span class="s">taken@example.com</span><span class="sh">"</span> <span class="k">def</span> <span class="nf">save</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">user</span><span class="p">:</span> <span class="n">User</span><span class="p">):</span> <span class="c1"># Simula salvamento no DB </span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">[DB] INSERT INTO users VALUES (</span><span class="sh">'</span><span class="si">{</span><span class="n">user</span><span class="p">.</span><span class="n">name</span><span class="si">}</span><span class="sh">'</span><span class="s">, </span><span class="sh">'</span><span class="si">{</span><span class="n">user</span><span class="p">.</span><span class="n">email</span><span class="si">}</span><span class="sh">'</span><span class="s">)</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h3> 4. O Serviço (O Orquestrador) </h3> <p>Finalmente, reescrevemos o <code>UserService</code>. Note como ele ficou limpo. Ele não sabe <em>como</em> validar ou <em>como</em> salvar; ele simplesmente delega essas tarefas para os especialistas (as dependências injetadas).</p> <ul> <li> <strong>Motivo para mudar:</strong> Apenas se o <em>fluxo de trabalho</em> do cadastro mudar (ex: adicionar uma etapa para verificar o telefone via SMS). </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">class</span> <span class="nc">UserService</span><span class="p">:</span> <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">validator</span><span class="p">:</span> <span class="n">UserValidator</span><span class="p">,</span> <span class="n">repository</span><span class="p">:</span> <span class="n">UserRepository</span><span class="p">):</span> <span class="c1"># Injeção de Dependência: Pedimos as ferramentas que precisamos </span> <span class="n">self</span><span class="p">.</span><span class="n">validator</span> <span class="o">=</span> <span class="n">validator</span> <span class="n">self</span><span class="p">.</span><span class="n">repository</span> <span class="o">=</span> <span class="n">repository</span> <span class="k">def</span> <span class="nf">register</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">name</span><span class="p">,</span> <span class="n">email</span><span class="p">,</span> <span class="n">password</span><span class="p">):</span> <span class="n">user</span> <span class="o">=</span> <span class="nc">User</span><span class="p">(</span><span class="n">name</span><span class="p">,</span> <span class="n">email</span><span class="p">,</span> <span class="n">password</span><span class="p">)</span> <span class="c1"># Passo 1: Validar </span> <span class="n">self</span><span class="p">.</span><span class="n">validator</span><span class="p">.</span><span class="nf">validate</span><span class="p">(</span><span class="n">user</span><span class="p">)</span> <span class="c1"># Passo 2: Verificar Regras de Negócio </span> <span class="k">if</span> <span class="n">self</span><span class="p">.</span><span class="n">repository</span><span class="p">.</span><span class="nf">exists</span><span class="p">(</span><span class="n">email</span><span class="p">):</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">Email já está em uso</span><span class="sh">"</span><span class="p">)</span> <span class="c1"># Passo 3: Persistir </span> <span class="n">self</span><span class="p">.</span><span class="n">repository</span><span class="p">.</span><span class="nf">save</span><span class="p">(</span><span class="n">user</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sh">"</span><span class="s">&gt;&gt;&gt; Usuário registrado com sucesso.</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h2> Exemplo de Uso </h2> <p>Ao conectar os componentes ("wiring"), criamos um sistema flexível.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code> <span class="c1"># 1. Configurar as dependências </span> <span class="n">repo</span> <span class="o">=</span> <span class="nc">UserRepository</span><span class="p">()</span> <span class="n">val</span> <span class="o">=</span> <span class="nc">UserValidator</span><span class="p">()</span> <span class="c1"># 2. Injetar dependências no Serviço </span> <span class="n">service</span> <span class="o">=</span> <span class="nc">UserService</span><span class="p">(</span><span class="n">validator</span><span class="o">=</span><span class="n">val</span><span class="p">,</span> <span class="n">repository</span><span class="o">=</span><span class="n">repo</span><span class="p">)</span> <span class="c1"># 3. Executar a lógica </span> <span class="k">try</span><span class="p">:</span> <span class="n">service</span><span class="p">.</span><span class="nf">register</span><span class="p">(</span><span class="sh">"</span><span class="s">Bob</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">bob@example.com</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">senhaSegura123</span><span class="sh">"</span><span class="p">)</span> <span class="k">except</span> <span class="nb">ValueError</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">Erro: </span><span class="si">{</span><span class="n">e</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h2> Conclusão </h2> <p>Ao aplicar o Princípio da Responsabilidade Única, transformamos um script rígido em uma arquitetura de software profissional.</p> <p>Os benefícios dessa abordagem são claros:</p> <ol> <li> <strong>Testabilidade:</strong> Agora você pode criar testes unitários para o <code>UserValidator</code> isoladamente, sem precisar de um banco de dados falso.</li> <li> <strong>Manutenibilidade:</strong> Se o esquema do banco de dados mudar, você edita apenas o <code>UserRepository</code>. O <code>UserService</code> permanece intocado.</li> <li> <strong>Legibilidade:</strong> O <code>UserService</code> agora lê como uma história de alto nível sobre <em>o que</em> acontece, em vez de uma lista bagunçada de <em>como</em> acontece.</li> </ol> <p>Essa separação reduz a carga cognitiva sobre o desenvolvedor e garante que sua aplicação seja robusta o suficiente para lidar com mudanças futuras com risco mínimo.</p> phyton programming solidprinciples singleresponsibility Bot de Monitoramento para SushiSwap V3 em Go — Parte 1 Cláudio Filipe Lima Rapôso Tue, 30 Sep 2025 20:13:30 +0000 https://forem.com/sertaoseracloud/bot-de-monitoramento-para-sushiswap-v3-em-go-parte-1-4ge2 https://forem.com/sertaoseracloud/bot-de-monitoramento-para-sushiswap-v3-em-go-parte-1-4ge2 <p>Este guia descreve, de forma contínua e didática, como construir a primeira metade de um bot de trading em Go. Nesta etapa não há transações on-chain. O programa observa o preço em dólar de um token de referência, compara esse valor com limites configurados em um arquivo <code>.env</code> e decide, de maneira simulada, quando compraria e quando venderia. O objetivo é validar lógica e parâmetros sem risco financeiro, além de introduzir a persistência do estado em SQLite para que o bot possa ser interrompido e retomado sem perder contexto.</p> <h2> Conceito e fluxo </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffh11lwbi2dbje5bhm4zf.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffh11lwbi2dbje5bhm4zf.png" alt="Arquitetura de Referência" width="800" height="580"></a></p> <p>O comportamento é simples. O aplicativo carrega as configurações do <code>.env</code>, consulta periodicamente o preço em USD do token de referência por HTTP e imprime no console o valor atual. Se o preço observado estiver abaixo ou igual ao alvo de compra e ainda não houver posição aberta, considera-se uma entrada e o estado é salvo no banco com a informação do preço de entrada. Se, com posição aberta, o preço atingir o alvo de lucro, considera-se a saída e o estado é atualizado para indicar que não há mais posição. Em qualquer outro caso, o programa apenas aguarda. Como não há transações nesta fase, tratamos essas decisões como um simulador de gatilhos, útil para ajustar parâmetros e entender o ciclo de execução.</p> <h2> Preparação do ambiente </h2> <p>É necessário ter Go instalado em versão recente. Crie uma pasta para o projeto, inicialize um módulo e instale as dependências. O pacote <code>godotenv</code> carrega variáveis do arquivo <code>.env</code> e o driver <code>modernc.org/sqlite</code> possibilita usar SQLite sem CGO, o que simplifica a portabilidade.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">mkdir </span>sushiswap-v3-go <span class="o">&amp;&amp;</span> <span class="nb">cd </span>sushiswap-v3-go go mod init example.com/sushiswap-v3-go go get github.com/joho/godotenv go get modernc.org/sqlite </code></pre> </div> <h2> Configuração com <code>.env</code> </h2> <p>Crie um arquivo <code>.env</code> na raiz do projeto. Ele concentra variáveis de rede e parâmetros de estratégia. Também indicamos <code>DB_PATH</code>, o caminho do arquivo SQLite que manterá o estado.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>CHAIN_ID=11155111 NETWORK=sepolia INFURA_API_KEY=SUA_INFURA_KEY TOKEN0_ADDRESS=0xfFf9976782d46CC05630D1f6eBAb18b2324d6B14 TOKEN1_ADDRESS=0x1c7D4B196Cb0C7B01d743Fbc6116a902379C7238 QUOTE0_ADDRESS=0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2 WALLET=0xSUA_WALLET PRIVATE_KEY=0xSUA_PRIVATE_KEY ROUTER_ADDRESS=0x3b0aa7d38bf3c103bf02d1de2e37568cbed3d6e8 PRICE_TO_BUY=5000 AMOUNT_TO_BUY=0.1 PROFITABILITY=1.1 DB_PATH=./bot.db </code></pre> </div> <p>A variável <code>QUOTE0_ADDRESS</code> representa o token cujo preço em USD será observado; no exemplo, usa-se o WETH da mainnet por ser uma referência líquida e amplamente utilizada. As variáveis <code>PRICE_TO_BUY</code> e <code>PROFITABILITY</code> definem, respectivamente, o alvo de entrada e o multiplicador do alvo de lucro. As chaves de carteira e o endereço do router são armazenados desde já, embora só venham a ser utilizadas na fase seguinte, quando forem adicionadas transações reais. Recomenda-se manter o arquivo <code>.env</code> fora do controle de versão.</p> <h2> Implementação do código </h2> <p>A seguir estão os arquivos Go, organizados por responsabilidade. Basta criar cada arquivo com o conteúdo indicado.</p> <h3> <code>config.go</code> </h3> <p>Este módulo lê e valida o <code>.env</code>, convertendo valores numéricos e garantindo que os campos mínimos existam para a execução desta etapa. Se faltar algo essencial, a função sinaliza claramente o problema.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"fmt"</span> <span class="s">"os"</span> <span class="s">"strconv"</span> <span class="s">"github.com/joho/godotenv"</span> <span class="p">)</span> <span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">ChainID</span> <span class="kt">int</span> <span class="n">Network</span> <span class="kt">string</span> <span class="n">InfuraAPIKey</span> <span class="kt">string</span> <span class="n">Token0Address</span> <span class="kt">string</span> <span class="n">Token1Address</span> <span class="kt">string</span> <span class="n">Quote0Address</span> <span class="kt">string</span> <span class="n">Wallet</span> <span class="kt">string</span> <span class="n">PrivateKey</span> <span class="kt">string</span> <span class="n">RouterAddress</span> <span class="kt">string</span> <span class="n">PriceToBuy</span> <span class="kt">float64</span> <span class="n">AmountToBuy</span> <span class="kt">string</span> <span class="n">Profitability</span> <span class="kt">float64</span> <span class="n">DBPath</span> <span class="kt">string</span> <span class="p">}</span> <span class="k">func</span> <span class="n">LoadConfig</span><span class="p">()</span> <span class="p">(</span><span class="o">*</span><span class="n">Config</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">_</span> <span class="o">=</span> <span class="n">godotenv</span><span class="o">.</span><span class="n">Load</span><span class="p">()</span> <span class="k">var</span> <span class="n">err</span> <span class="kt">error</span> <span class="n">cfg</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="n">Config</span><span class="p">{}</span> <span class="k">if</span> <span class="n">v</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"CHAIN_ID"</span><span class="p">);</span> <span class="n">v</span> <span class="o">!=</span> <span class="s">""</span> <span class="p">{</span> <span class="k">if</span> <span class="n">cfg</span><span class="o">.</span><span class="n">ChainID</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">strconv</span><span class="o">.</span><span class="n">Atoi</span><span class="p">(</span><span class="n">v</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"CHAIN_ID inválido: %w"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="n">cfg</span><span class="o">.</span><span class="n">ChainID</span> <span class="o">=</span> <span class="m">11155111</span> <span class="p">}</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Network</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"NETWORK"</span><span class="p">)</span> <span class="n">cfg</span><span class="o">.</span><span class="n">InfuraAPIKey</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"INFURA_API_KEY"</span><span class="p">)</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Token0Address</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"TOKEN0_ADDRESS"</span><span class="p">)</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Token1Address</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"TOKEN1_ADDRESS"</span><span class="p">)</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Quote0Address</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"QUOTE0_ADDRESS"</span><span class="p">)</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Wallet</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"WALLET"</span><span class="p">)</span> <span class="n">cfg</span><span class="o">.</span><span class="n">PrivateKey</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"PRIVATE_KEY"</span><span class="p">)</span> <span class="n">cfg</span><span class="o">.</span><span class="n">RouterAddress</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"ROUTER_ADDRESS"</span><span class="p">)</span> <span class="n">cfg</span><span class="o">.</span><span class="n">AmountToBuy</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"AMOUNT_TO_BUY"</span><span class="p">)</span> <span class="k">if</span> <span class="n">v</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"PRICE_TO_BUY"</span><span class="p">);</span> <span class="n">v</span> <span class="o">!=</span> <span class="s">""</span> <span class="p">{</span> <span class="k">if</span> <span class="n">cfg</span><span class="o">.</span><span class="n">PriceToBuy</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">strconv</span><span class="o">.</span><span class="n">ParseFloat</span><span class="p">(</span><span class="n">v</span><span class="p">,</span> <span class="m">64</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"PRICE_TO_BUY inválido: %w"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"PRICE_TO_BUY ausente"</span><span class="p">)</span> <span class="p">}</span> <span class="k">if</span> <span class="n">v</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"PROFITABILITY"</span><span class="p">);</span> <span class="n">v</span> <span class="o">!=</span> <span class="s">""</span> <span class="p">{</span> <span class="k">if</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Profitability</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">strconv</span><span class="o">.</span><span class="n">ParseFloat</span><span class="p">(</span><span class="n">v</span><span class="p">,</span> <span class="m">64</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"PROFITABILITY inválido: %w"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"PROFITABILITY ausente"</span><span class="p">)</span> <span class="p">}</span> <span class="k">if</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Quote0Address</span> <span class="o">==</span> <span class="s">""</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"QUOTE0_ADDRESS ausente"</span><span class="p">)</span> <span class="p">}</span> <span class="k">if</span> <span class="n">v</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"DB_PATH"</span><span class="p">);</span> <span class="n">v</span> <span class="o">!=</span> <span class="s">""</span> <span class="p">{</span> <span class="n">cfg</span><span class="o">.</span><span class="n">DBPath</span> <span class="o">=</span> <span class="n">v</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="n">cfg</span><span class="o">.</span><span class="n">DBPath</span> <span class="o">=</span> <span class="s">"./bot.db"</span> <span class="p">}</span> <span class="k">return</span> <span class="n">cfg</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <h3> <code>database.go</code> </h3> <p>Este módulo cria e inicializa o banco SQLite, além de oferecer funções para ler e salvar o estado do bot. O estado se restringe a duas informações: se há ou não posição aberta e qual foi o preço de entrada, quando aplicável. Ao iniciar pela primeira vez, uma linha padrão é criada para garantir que o acesso seja simples e previsível nas execuções subsequentes.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"database/sql"</span> <span class="s">"fmt"</span> <span class="n">_</span> <span class="s">"modernc.org/sqlite"</span> <span class="p">)</span> <span class="k">type</span> <span class="n">BotState</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">IsOpened</span> <span class="kt">bool</span> <span class="n">EntryPrice</span> <span class="o">*</span><span class="kt">float64</span> <span class="p">}</span> <span class="k">func</span> <span class="n">InitDB</span><span class="p">(</span><span class="n">path</span> <span class="kt">string</span><span class="p">)</span> <span class="p">(</span><span class="o">*</span><span class="n">sql</span><span class="o">.</span><span class="n">DB</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">db</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">sql</span><span class="o">.</span><span class="n">Open</span><span class="p">(</span><span class="s">"sqlite"</span><span class="p">,</span> <span class="n">path</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"erro abrindo sqlite: %w"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">schema</span> <span class="o">:=</span> <span class="s">` CREATE TABLE IF NOT EXISTS bot_state ( id INTEGER PRIMARY KEY CHECK (id = 1), is_opened INTEGER NOT NULL, entry_price REAL ); INSERT INTO bot_state (id, is_opened, entry_price) SELECT 1, 0, NULL WHERE NOT EXISTS (SELECT 1 FROM bot_state WHERE id = 1); `</span> <span class="k">if</span> <span class="n">_</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">db</span><span class="o">.</span><span class="n">Exec</span><span class="p">(</span><span class="n">schema</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"erro criando schema: %w"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="k">return</span> <span class="n">db</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> <span class="k">func</span> <span class="n">LoadBotState</span><span class="p">(</span><span class="n">db</span> <span class="o">*</span><span class="n">sql</span><span class="o">.</span><span class="n">DB</span><span class="p">)</span> <span class="p">(</span><span class="o">*</span><span class="n">BotState</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">row</span> <span class="o">:=</span> <span class="n">db</span><span class="o">.</span><span class="n">QueryRow</span><span class="p">(</span><span class="s">`SELECT is_opened, entry_price FROM bot_state WHERE id = 1`</span><span class="p">)</span> <span class="k">var</span> <span class="n">isOpenedInt</span> <span class="kt">int</span> <span class="k">var</span> <span class="n">entryPrice</span> <span class="n">sql</span><span class="o">.</span><span class="n">NullFloat64</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">row</span><span class="o">.</span><span class="n">Scan</span><span class="p">(</span><span class="o">&amp;</span><span class="n">isOpenedInt</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">entryPrice</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"erro lendo estado: %w"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="k">var</span> <span class="n">ep</span> <span class="o">*</span><span class="kt">float64</span> <span class="k">if</span> <span class="n">entryPrice</span><span class="o">.</span><span class="n">Valid</span> <span class="p">{</span> <span class="n">v</span> <span class="o">:=</span> <span class="n">entryPrice</span><span class="o">.</span><span class="n">Float64</span> <span class="n">ep</span> <span class="o">=</span> <span class="o">&amp;</span><span class="n">v</span> <span class="p">}</span> <span class="k">return</span> <span class="o">&amp;</span><span class="n">BotState</span><span class="p">{</span> <span class="n">IsOpened</span><span class="o">:</span> <span class="n">isOpenedInt</span> <span class="o">==</span> <span class="m">1</span><span class="p">,</span> <span class="n">EntryPrice</span><span class="o">:</span> <span class="n">ep</span><span class="p">,</span> <span class="p">},</span> <span class="no">nil</span> <span class="p">}</span> <span class="k">func</span> <span class="n">SaveBotState</span><span class="p">(</span><span class="n">db</span> <span class="o">*</span><span class="n">sql</span><span class="o">.</span><span class="n">DB</span><span class="p">,</span> <span class="n">st</span> <span class="o">*</span><span class="n">BotState</span><span class="p">)</span> <span class="kt">error</span> <span class="p">{</span> <span class="k">var</span> <span class="n">isOpenedInt</span> <span class="kt">int</span> <span class="k">if</span> <span class="n">st</span><span class="o">.</span><span class="n">IsOpened</span> <span class="p">{</span> <span class="n">isOpenedInt</span> <span class="o">=</span> <span class="m">1</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="n">isOpenedInt</span> <span class="o">=</span> <span class="m">0</span> <span class="p">}</span> <span class="k">var</span> <span class="n">entry</span> <span class="k">interface</span><span class="p">{}</span> <span class="k">if</span> <span class="n">st</span><span class="o">.</span><span class="n">EntryPrice</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">entry</span> <span class="o">=</span> <span class="o">*</span><span class="n">st</span><span class="o">.</span><span class="n">EntryPrice</span> <span class="p">}</span> <span class="k">if</span> <span class="n">_</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">db</span><span class="o">.</span><span class="n">Exec</span><span class="p">(</span> <span class="s">`UPDATE bot_state SET is_opened = ?, entry_price = ? WHERE id = 1`</span><span class="p">,</span> <span class="n">isOpenedInt</span><span class="p">,</span> <span class="n">entry</span><span class="p">,</span> <span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"erro salvando estado: %w"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="k">return</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <h3> <code>prices.go</code> </h3> <p>Esta unidade contém a função que consulta a API pública de preços. O retorno esperado é um número de ponto flutuante representando o preço em USD do token indicado. A configuração de timeout e a verificação do status HTTP ajudam a tornar o comportamento previsível.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"encoding/json"</span> <span class="s">"fmt"</span> <span class="s">"io"</span> <span class="s">"net/http"</span> <span class="s">"time"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">fetchPriceUSD</span><span class="p">(</span><span class="n">tokenAddress</span> <span class="kt">string</span><span class="p">)</span> <span class="p">(</span><span class="kt">float64</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">url</span> <span class="o">:=</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span><span class="s">"https://api.sushi.com/price/v1/%d/%s"</span><span class="p">,</span> <span class="m">1</span><span class="p">,</span> <span class="n">tokenAddress</span><span class="p">)</span> <span class="n">req</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">NewRequest</span><span class="p">(</span><span class="n">http</span><span class="o">.</span><span class="n">MethodGet</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="no">nil</span><span class="p">)</span> <span class="n">req</span><span class="o">.</span><span class="n">Header</span><span class="o">.</span><span class="n">Set</span><span class="p">(</span><span class="s">"Accept"</span><span class="p">,</span> <span class="s">"application/json"</span><span class="p">)</span> <span class="n">client</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="n">http</span><span class="o">.</span><span class="n">Client</span><span class="p">{</span><span class="n">Timeout</span><span class="o">:</span> <span class="m">10</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Second</span><span class="p">}</span> <span class="n">res</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">client</span><span class="o">.</span><span class="n">Do</span><span class="p">(</span><span class="n">req</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="m">0</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">defer</span> <span class="n">res</span><span class="o">.</span><span class="n">Body</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="k">if</span> <span class="n">res</span><span class="o">.</span><span class="n">StatusCode</span> <span class="o">!=</span> <span class="n">http</span><span class="o">.</span><span class="n">StatusOK</span> <span class="p">{</span> <span class="n">body</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">io</span><span class="o">.</span><span class="n">ReadAll</span><span class="p">(</span><span class="n">res</span><span class="o">.</span><span class="n">Body</span><span class="p">)</span> <span class="k">return</span> <span class="m">0</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"pricing api status %d: %s"</span><span class="p">,</span> <span class="n">res</span><span class="o">.</span><span class="n">StatusCode</span><span class="p">,</span> <span class="kt">string</span><span class="p">(</span><span class="n">body</span><span class="p">))</span> <span class="p">}</span> <span class="k">var</span> <span class="n">price</span> <span class="kt">float64</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">NewDecoder</span><span class="p">(</span><span class="n">res</span><span class="o">.</span><span class="n">Body</span><span class="p">)</span><span class="o">.</span><span class="n">Decode</span><span class="p">(</span><span class="o">&amp;</span><span class="n">price</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="m">0</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"falha ao decodificar preço: %w"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="k">return</span> <span class="n">price</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <h3> <code>main.go</code> </h3> <p>O arquivo principal integra as partes. Ao iniciar, o programa carrega a configuração, prepara o banco, recupera o estado e entra em um ciclo que consulta o preço, imprime o valor e executa a lógica de decisão, atualizando o SQLite sempre que houver mudanças de estado. Um comando para limpar a tela mantém o console com aparência de painel.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"fmt"</span> <span class="s">"log"</span> <span class="s">"time"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">monitor</span><span class="p">(</span><span class="n">cfg</span> <span class="o">*</span><span class="n">Config</span><span class="p">)</span> <span class="p">(</span><span class="kt">float64</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">price</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">fetchPriceUSD</span><span class="p">(</span><span class="n">cfg</span><span class="o">.</span><span class="n">Quote0Address</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="m">0</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Print</span><span class="p">(</span><span class="s">"</span><span class="err">\0</span><span class="s">33[2J</span><span class="err">\0</span><span class="s">33[H"</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Println</span><span class="p">(</span><span class="s">"Price:"</span><span class="p">,</span> <span class="n">price</span><span class="p">)</span> <span class="k">return</span> <span class="n">price</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">cfg</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">LoadConfig</span><span class="p">()</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"config erro: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">db</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">InitDB</span><span class="p">(</span><span class="n">cfg</span><span class="o">.</span><span class="n">DBPath</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"db erro: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="k">defer</span> <span class="n">db</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="n">state</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">LoadBotState</span><span class="p">(</span><span class="n">db</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"erro carregando estado: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">cycle</span> <span class="o">:=</span> <span class="k">func</span><span class="p">()</span> <span class="p">{</span> <span class="n">price</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">monitor</span><span class="p">(</span><span class="n">cfg</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"erro monitorando preço: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="k">if</span> <span class="o">!</span><span class="n">state</span><span class="o">.</span><span class="n">IsOpened</span> <span class="o">&amp;&amp;</span> <span class="n">price</span> <span class="o">&lt;=</span> <span class="n">cfg</span><span class="o">.</span><span class="n">PriceToBuy</span> <span class="p">{</span> <span class="n">state</span><span class="o">.</span><span class="n">IsOpened</span> <span class="o">=</span> <span class="no">true</span> <span class="n">state</span><span class="o">.</span><span class="n">EntryPrice</span> <span class="o">=</span> <span class="o">&amp;</span><span class="n">price</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">SaveBotState</span><span class="p">(</span><span class="n">db</span><span class="p">,</span> <span class="n">state</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"erro salvando estado (swap in): %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Swap in (entry=%.6f)</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">price</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">target</span> <span class="o">:=</span> <span class="n">cfg</span><span class="o">.</span><span class="n">PriceToBuy</span> <span class="o">*</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Profitability</span> <span class="k">if</span> <span class="n">state</span><span class="o">.</span><span class="n">IsOpened</span> <span class="o">&amp;&amp;</span> <span class="n">price</span> <span class="o">&gt;=</span> <span class="n">target</span> <span class="p">{</span> <span class="n">state</span><span class="o">.</span><span class="n">IsOpened</span> <span class="o">=</span> <span class="no">false</span> <span class="n">state</span><span class="o">.</span><span class="n">EntryPrice</span> <span class="o">=</span> <span class="no">nil</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">SaveBotState</span><span class="p">(</span><span class="n">db</span><span class="p">,</span> <span class="n">state</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"erro salvando estado (swap out): %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Swap out (target=%.6f)</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">target</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="k">if</span> <span class="n">state</span><span class="o">.</span><span class="n">IsOpened</span> <span class="o">&amp;&amp;</span> <span class="n">state</span><span class="o">.</span><span class="n">EntryPrice</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Wait... (opened at %.6f, target %.6f)</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="o">*</span><span class="n">state</span><span class="o">.</span><span class="n">EntryPrice</span><span class="p">,</span> <span class="n">target</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Println</span><span class="p">(</span><span class="s">"Wait..."</span><span class="p">)</span> <span class="p">}</span> <span class="n">cycle</span><span class="p">()</span> <span class="n">ticker</span> <span class="o">:=</span> <span class="n">time</span><span class="o">.</span><span class="n">NewTicker</span><span class="p">(</span><span class="m">10</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Second</span><span class="p">)</span> <span class="k">defer</span> <span class="n">ticker</span><span class="o">.</span><span class="n">Stop</span><span class="p">()</span> <span class="k">for</span> <span class="k">range</span> <span class="n">ticker</span><span class="o">.</span><span class="n">C</span> <span class="p">{</span> <span class="n">cycle</span><span class="p">()</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h2> Execução </h2> <p>Com os arquivos criados e o <code>.env</code> preenchido, execute o projeto a partir da raiz. O console exibirá o preço e a decisão correspondente do ciclo. Quando o preço atingir o alvo de compra, aparecerá a indicação de entrada e o estado será salvo. Quando alcançar o alvo de lucro com posição aberta, a saída será registrada. Se o programa for encerrado e reiniciado, a leitura do banco restaurará a situação anterior.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>go run <span class="nb">.</span> </code></pre> </div> <h2> Encerramento </h2> <p>Com esta base consolidada, você tem um esqueleto funcional capaz de observar preço, tomar decisões simuladas e manter consistência entre execuções por meio de SQLite. Na <strong>Parte 2</strong>, em vez de montar e enviar a transação on-chain localmente, o fluxo de <strong>swap será executado via gRPC</strong>: o cliente em <strong>Go</strong> fará chamadas a um serviço gRPC responsável por cotar e processar a operação de compra e venda. Esse serviço receberá parâmetros como <code>chain_id</code>, <code>token_in</code>, <code>token_out</code>, <code>amount</code>, <code>max_slippage</code> e <code>wallet</code>, retornará métricas de pré-troca (por exemplo, o <em>assumedAmountOut</em>) e cuidará da preparação/execução da transação, incluindo roteamento, montagem do payload, assinatura e envio, além do retorno do hash e do recibo quando confirmada.</p> <p>Do ponto de vista de arquitetura, o cliente Go apenas <strong>disciplina a orquestração</strong>: abre o canal gRPC, envia a requisição de <code>Quote/Execute</code>, aguarda a resposta (com sucesso ou erro tratado) e registra estado/telemetria. O serviço gRPC concentra a <strong>lógica sensível</strong>: integração com o roteador (para encontrar a melhor rota), aplicação de <em>slippage</em> máxima, políticas de <em>deadline</em> e <em>retries</em>, idempotência por chave, auditoria, observabilidade e segurança de chaves (sem trafegar <code>PRIVATE_KEY</code> pelo cliente). A assinatura pode ficar no servidor (HSM, KMS ou cofre) ou ser separada em um <em>signer</em> dedicado, mantendo o cliente leve e sem material sensível.</p> <p>Finalmente, a evolução natural é: o bot em Go continua decidindo <strong>quando</strong> agir, persiste o estado no SQLite, e a <strong>execução do swap</strong> passa a ser um <strong>contrato gRPC</strong> bem definido com <em>protobufs</em> para <strong>cotação e execução</strong>, entregando robustez operacional, isolamento de segredos e padronização de erros/logs para produção.</p> <h2> Referências </h2> <p>Go. (2025, 25 fevereiro). <em>The Go programming language specification</em>. go.dev. <a href="https://go.dev/ref/spec" rel="noopener noreferrer">https://go.dev/ref/spec</a> (<a href="https://go.dev/ref/spec?utm_source=chatgpt.com" rel="noopener noreferrer">Go</a>)</p> <p>Go. (n.d.). <em>Documentation</em>. go.dev. <a href="https://go.dev/doc/" rel="noopener noreferrer">https://go.dev/doc/</a> (<a href="https://go.dev/doc/?utm_source=chatgpt.com" rel="noopener noreferrer">Go</a>)</p> <p>gRPC. (2024, 25 novembro). <em>Basics tutorial | Go</em>. grpc.io. <a href="https://grpc.io/docs/languages/go/basics/" rel="noopener noreferrer">https://grpc.io/docs/languages/go/basics/</a> (<a href="https://grpc.io/docs/languages/go/basics/?utm_source=chatgpt.com" rel="noopener noreferrer">gRPC</a>)</p> <p>gRPC. (2024, 25 novembro). <em>Quick start | Go</em>. grpc.io. <a href="https://grpc.io/docs/languages/go/quickstart/" rel="noopener noreferrer">https://grpc.io/docs/languages/go/quickstart/</a> (<a href="https://grpc.io/docs/languages/go/quickstart/?utm_source=chatgpt.com" rel="noopener noreferrer">gRPC</a>)</p> <p>Protocol Buffers. (n.d.). <em>Protocol buffer basics: Go</em>. protobuf.dev. <a href="https://protobuf.dev/getting-started/gotutorial/" rel="noopener noreferrer">https://protobuf.dev/getting-started/gotutorial/</a> (<a href="https://protobuf.dev/getting-started/gotutorial/?utm_source=chatgpt.com" rel="noopener noreferrer">protobuf.dev</a>)</p> <p>Equipe go-ethereum (Geth). (2024, 24 maio). <em>Getting started with Geth</em>. geth.ethereum.org. <a href="https://geth.ethereum.org/docs/getting-started" rel="noopener noreferrer">https://geth.ethereum.org/docs/getting-started</a> (<a href="https://geth.ethereum.org/docs/getting-started?utm_source=chatgpt.com" rel="noopener noreferrer">go-ethereum</a>)</p> <p>Go Ethereum. (n.d.). <em>github.com/ethereum/go-ethereum</em> (API em Go). pkg.go.dev. <a href="https://pkg.go.dev/github.com/ethereum/go-ethereum" rel="noopener noreferrer">https://pkg.go.dev/github.com/ethereum/go-ethereum</a> (<a href="https://pkg.go.dev/github.com/ethereum/go-ethereum?utm_source=chatgpt.com" rel="noopener noreferrer">Go Packages</a>)</p> <p>modernc.org. (2025, 11 agosto). <em>sqlite package</em> (driver SQLite sem CGO). pkg.go.dev. <a href="https://pkg.go.dev/modernc.org/sqlite" rel="noopener noreferrer">https://pkg.go.dev/modernc.org/sqlite</a> (<a href="https://pkg.go.dev/modernc.org/sqlite?utm_source=chatgpt.com" rel="noopener noreferrer">Go Packages</a>)</p> <p>Joho. (n.d.). <em>joho/godotenv</em> [Repositório]. GitHub. <a href="https://github.com/joho/godotenv" rel="noopener noreferrer">https://github.com/joho/godotenv</a> (<a href="https://github.com/joho/godotenv?utm_source=chatgpt.com" rel="noopener noreferrer">GitHub</a>)</p> <p>Sushi. (2025, 13 setembro). <em>Pricing API documentation</em>. docs.sushi.com. <a href="https://docs.sushi.com/api/examples/pricing" rel="noopener noreferrer">https://docs.sushi.com/api/examples/pricing</a> (<a href="https://docs.sushi.com/api/examples/pricing?utm_source=chatgpt.com" rel="noopener noreferrer">docs.sushi.com</a>)</p> <p>gRPC-Go. (n.d.). <em>google.golang.org/grpc</em> (pacote em Go). pkg.go.dev. <a href="https://pkg.go.dev/google.golang.org/grpc" rel="noopener noreferrer">https://pkg.go.dev/google.golang.org/grpc</a> (<a href="https://pkg.go.dev/google.golang.org/grpc?utm_source=chatgpt.com" rel="noopener noreferrer">Go Packages</a>)</p> <h2> 💡Curtiu? </h2> <p>Se quiser trocar ideia sobre IA, cloud e arquitetura, me segue nas redes:</p> <ul> <li><a href="https://olink.ai/sertaoseracloud" rel="noopener noreferrer">Redes Sociais</a></li> </ul> <p>Publico conteúdos técnicos direto do campo de batalha. E quando descubro uma ferramenta que economiza tempo e resolve bem, como essa, você fica sabendo também.</p> web3 go programming blockchain Autenticação Segura com Microsoft Entra ID para desenvolvedores Typescript Cláudio Filipe Lima Rapôso Tue, 23 Sep 2025 18:32:42 +0000 https://forem.com/sertaoseracloud/autenticacao-segura-com-microsoft-entra-id-para-desenvolvedores-typescript-2c1b https://forem.com/sertaoseracloud/autenticacao-segura-com-microsoft-entra-id-para-desenvolvedores-typescript-2c1b <p>Aplicações modernas funcionam raramente isoladas. Muitas vezes temos um <strong>frontend</strong> que lida com a experiência do usuário, e um <strong>backend</strong> que concentra as regras de negócio e o acesso a dados sensíveis.<br> Garantir que apenas usuários autenticados consigam acessar esses recursos é fundamental.</p> <p>Neste artigo, vamos construir uma solução que utiliza <strong>Next.js</strong> como frontend, integrando a autenticação com o <strong>Microsoft Entra ID</strong> (antigo Azure Active Directory), e um <strong>backend em Node/TypeScript</strong> que valida tokens JWT emitidos pelo Entra ID antes de liberar o acesso a rotas protegidas.</p> <h2> Arquitetura Geral </h2> <p>A solução pode ser entendida em cinco passos principais:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi7xs8s06xm0c6vouyytx.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi7xs8s06xm0c6vouyytx.png" alt="Diagrama de Sequência" width="723" height="541"></a></p> <ol> <li>O usuário acessa a aplicação em <strong>Next.js</strong> e inicia o login.</li> <li>O <strong>NextAuth.js</strong> redireciona o usuário para o Microsoft Entra ID.</li> <li>Após a autenticação, o Entra ID retorna um <strong>ID Token</strong> e um <strong>Access Token</strong> para o Next.js.</li> <li>O frontend envia o <strong>Access Token</strong> ao backend, no header <code>Authorization: Bearer &lt;token&gt;</code>.</li> <li>O backend valida o token contra o serviço de chaves públicas (JWKS) do Entra ID.</li> </ol> <ul> <li>Se válido → rota protegida é acessada.</li> <li>Se inválido/expirado → resposta <code>401 Unauthorized</code>.</li> </ul> <h2> 1. Configuração no Entra ID </h2> <p>No <strong>Azure Portal</strong>:</p> <ul> <li>Vá em <strong>Microsoft Entra ID → App registrations → New registration</strong>.</li> <li> <p>Preencha os campos:</p> <ul> <li> <strong>Name</strong>: <code>nextjs-auth-app</code> </li> <li> <strong>Redirect URI</strong>: <code>http://localhost:3000/api/auth/callback</code> </li> <li>Ative <strong>ID tokens</strong> e <strong>Access tokens</strong>.</li> </ul> </li> <li> <p>Salve as credenciais:</p> <ul> <li><strong>Application (client) ID</strong></li> <li><strong>Directory (tenant) ID</strong></li> <li> <strong>Client Secret</strong> (criado manualmente em <em>Certificates &amp; secrets</em>).</li> </ul> </li> </ul> <h2> 2. Frontend Next.js com NextAuth </h2> <h3> Instalação </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>next-auth @azure/msal-node </code></pre> </div> <h3> Variáveis de ambiente </h3> <p>Arquivo <code>.env.local</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">AZURE_AD_CLIENT_ID</span><span class="o">=</span>&lt;Application ID&gt; <span class="c"># ID da aplicação registrada no Entra ID</span> <span class="nv">AZURE_AD_CLIENT_SECRET</span><span class="o">=</span>&lt;Client Secret&gt; <span class="c"># Segredo do app (não expor no frontend)</span> <span class="nv">AZURE_AD_TENANT_ID</span><span class="o">=</span>&lt;Directory ID&gt; <span class="c"># Tenant (diretório da organização)</span> <span class="nv">NEXTAUTH_URL</span><span class="o">=</span>http://localhost:3000 <span class="c"># URL da aplicação Next.js</span> <span class="nv">NEXTAUTH_SECRET</span><span class="o">=</span>&lt;chave-aleatória&gt; <span class="c"># Chave para assinar JWT de sessão</span> </code></pre> </div> <h3> Configuração do NextAuth </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">NextAuth</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next-auth</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">AzureADProvider</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next-auth/providers/azure-ad</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Configuração principal do NextAuth</span> <span class="k">export</span> <span class="k">default</span> <span class="nc">NextAuth</span><span class="p">({</span> <span class="na">providers</span><span class="p">:</span> <span class="p">[</span> <span class="c1">// Habilita login com Microsoft Entra ID (Azure AD)</span> <span class="nc">AzureADProvider</span><span class="p">({</span> <span class="na">clientId</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">AZURE_AD_CLIENT_ID</span><span class="o">!</span><span class="p">,</span> <span class="c1">// ID do app registrado no Entra ID</span> <span class="na">clientSecret</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">AZURE_AD_CLIENT_SECRET</span><span class="o">!</span><span class="p">,</span><span class="c1">// Segredo do cliente (guardado no backend)</span> <span class="na">tenantId</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">AZURE_AD_TENANT_ID</span><span class="o">!</span><span class="p">,</span> <span class="c1">// ID do diretório (tenant)</span> <span class="p">}),</span> <span class="p">],</span> <span class="na">session</span><span class="p">:</span> <span class="p">{</span> <span class="na">strategy</span><span class="p">:</span> <span class="dl">"</span><span class="s2">jwt</span><span class="dl">"</span> <span class="p">},</span> <span class="c1">// Sessões baseadas em JWT (sem persistência no BD)</span> <span class="na">callbacks</span><span class="p">:</span> <span class="p">{</span> <span class="c1">// Callback executado ao criar/atualizar JWT</span> <span class="k">async</span> <span class="nf">jwt</span><span class="p">({</span> <span class="nx">token</span><span class="p">,</span> <span class="nx">account</span> <span class="p">})</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">account</span><span class="p">)</span> <span class="nx">token</span><span class="p">.</span><span class="nx">accessToken</span> <span class="o">=</span> <span class="nx">account</span><span class="p">.</span><span class="nx">access_token</span><span class="p">;</span> <span class="c1">// Armazena o accessToken no token</span> <span class="k">return</span> <span class="nx">token</span><span class="p">;</span> <span class="p">},</span> <span class="c1">// Callback executado ao montar a sessão</span> <span class="k">async</span> <span class="nf">session</span><span class="p">({</span> <span class="nx">session</span><span class="p">,</span> <span class="nx">token</span> <span class="p">})</span> <span class="p">{</span> <span class="nx">session</span><span class="p">.</span><span class="nx">accessToken</span> <span class="o">=</span> <span class="nx">token</span><span class="p">.</span><span class="nx">accessToken</span> <span class="k">as</span> <span class="kr">string</span><span class="p">;</span> <span class="c1">// Inclui o accessToken na sessão</span> <span class="k">return</span> <span class="nx">session</span><span class="p">;</span> <span class="p">},</span> <span class="p">},</span> <span class="p">});</span> </code></pre> </div> <h3> Componente de Login/Logout (<code>AuthButton.tsx</code>) </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="dl">"</span><span class="s2">use client</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Necessário porque usamos interações de browser (signIn/signOut)</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">signIn</span><span class="p">,</span> <span class="nx">signOut</span><span class="p">,</span> <span class="nx">useSession</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next-auth/react</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">default</span> <span class="kd">function</span> <span class="nf">AuthButton</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="na">data</span><span class="p">:</span> <span class="nx">session</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">useSession</span><span class="p">();</span> <span class="c1">// Hook que recupera a sessão atual</span> <span class="k">if </span><span class="p">(</span><span class="nx">session</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Caso o usuário esteja logado</span> <span class="k">return </span><span class="p">(</span> <span class="p">&lt;</span><span class="nt">button</span> <span class="na">onClick</span><span class="p">=</span><span class="si">{</span><span class="p">()</span> <span class="o">=&gt;</span> <span class="nf">signOut</span><span class="p">()</span><span class="si">}</span><span class="p">&gt;</span> Sair (<span class="si">{</span><span class="nx">session</span><span class="p">.</span><span class="nx">user</span><span class="p">?.</span><span class="nx">name</span><span class="si">}</span>) <span class="si">{</span><span class="cm">/* Mostra o nome do usuário logado */</span><span class="si">}</span> <span class="p">&lt;/</span><span class="nt">button</span><span class="p">&gt;</span> <span class="p">);</span> <span class="p">}</span> <span class="c1">// Caso não esteja logado</span> <span class="k">return </span><span class="p">(</span> <span class="p">&lt;</span><span class="nt">button</span> <span class="na">onClick</span><span class="p">=</span><span class="si">{</span><span class="p">()</span> <span class="o">=&gt;</span> <span class="nf">signIn</span><span class="p">(</span><span class="dl">"</span><span class="s2">azure-ad</span><span class="dl">"</span><span class="p">)</span><span class="si">}</span><span class="p">&gt;</span> Entrar com Entra ID <span class="si">{</span><span class="cm">/* Chama fluxo de login no Entra ID */</span><span class="si">}</span> <span class="p">&lt;/</span><span class="nt">button</span><span class="p">&gt;</span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <h3> Tela Principal (<code>page.tsx</code>) </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">import</span> <span class="nx">AuthButton</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./components/AuthButton</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Importa o botão de login/logout</span> <span class="k">import</span> <span class="nx">Link</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/link</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">default</span> <span class="kd">function</span> <span class="nf">Home</span><span class="p">()</span> <span class="p">{</span> <span class="k">return </span><span class="p">(</span> <span class="p">&lt;</span><span class="nt">main</span> <span class="na">style</span><span class="p">=</span><span class="si">{</span><span class="p">{</span> <span class="na">padding</span><span class="p">:</span> <span class="dl">"</span><span class="s2">2rem</span><span class="dl">"</span> <span class="p">}</span><span class="si">}</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">h1</span><span class="p">&gt;</span>🔐 Demo de Autenticação com Entra ID<span class="p">&lt;/</span><span class="nt">h1</span><span class="p">&gt;</span> <span class="si">{</span><span class="cm">/* Botão que mostra "Entrar" ou "Sair", dependendo da sessão */</span><span class="si">}</span> <span class="p">&lt;</span><span class="nc">AuthButton</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="nt">hr</span> <span class="na">style</span><span class="p">=</span><span class="si">{</span><span class="p">{</span> <span class="na">margin</span><span class="p">:</span> <span class="dl">"</span><span class="s2">2rem 0</span><span class="dl">"</span> <span class="p">}</span><span class="si">}</span> <span class="p">/&gt;</span> <span class="si">{</span><span class="cm">/* Link para acessar página protegida */</span><span class="si">}</span> <span class="p">&lt;</span><span class="nc">Link</span> <span class="na">href</span><span class="p">=</span><span class="s">"/protected"</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">button</span><span class="p">&gt;</span>Acessar página protegida<span class="p">&lt;/</span><span class="nt">button</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nc">Link</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nt">main</span><span class="p">&gt;</span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <h2> 3. Server Component: Página Protegida </h2> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">authOptions</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../api/auth/[...nextauth]/route</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">getServerSession</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next-auth</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">default</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">ProtectedPage</span><span class="p">()</span> <span class="p">{</span> <span class="c1">// Recupera a sessão no lado do servidor</span> <span class="kd">const</span> <span class="nx">session</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">getServerSession</span><span class="p">(</span><span class="nx">authOptions</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">session</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Caso o usuário não esteja autenticado</span> <span class="k">return</span> <span class="p">&lt;</span><span class="nt">p</span><span class="p">&gt;</span>Você precisa estar logado.<span class="p">&lt;/</span><span class="nt">p</span><span class="p">&gt;;</span> <span class="p">}</span> <span class="c1">// Faz requisição ao backend protegido enviando o accessToken no header</span> <span class="kd">const</span> <span class="nx">res</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">"</span><span class="s2">http://localhost:4000/api/secure-data</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="na">Authorization</span><span class="p">:</span> <span class="s2">`Bearer </span><span class="p">${</span><span class="nx">session</span><span class="p">.</span><span class="nx">accessToken</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="c1">// Token nunca vai para o client</span> <span class="p">},</span> <span class="na">cache</span><span class="p">:</span> <span class="dl">"</span><span class="s2">no-store</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Garante que não será cacheado</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">();</span> <span class="k">return </span><span class="p">(</span> <span class="p">&lt;</span><span class="nt">div</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">h2</span><span class="p">&gt;</span>Olá, <span class="si">{</span><span class="nx">session</span><span class="p">.</span><span class="nx">user</span><span class="p">?.</span><span class="nx">name</span><span class="si">}</span><span class="p">&lt;/</span><span class="nt">h2</span><span class="p">&gt;</span> <span class="si">{</span><span class="cm">/* Nome do usuário logado */</span><span class="si">}</span> <span class="p">&lt;</span><span class="nt">pre</span><span class="p">&gt;</span><span class="si">{</span><span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">data</span><span class="p">,</span> <span class="kc">null</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span><span class="si">}</span><span class="p">&lt;/</span><span class="nt">pre</span><span class="p">&gt;</span> <span class="si">{</span><span class="cm">/* Dados retornados da API */</span><span class="si">}</span> <span class="p">&lt;/</span><span class="nt">div</span><span class="p">&gt;</span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <h2> 4. Backend Node/TypeScript </h2> <h3> Dependências </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>express jwks-rsa express-jwt </code></pre> </div> <h3> Código (<code>src/index.ts</code>) </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">expressjwt</span> <span class="k">as</span> <span class="nx">jwt</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">express-jwt</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">jwksRsa</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">jwks-rsa</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">port</span> <span class="o">=</span> <span class="mi">4000</span><span class="p">;</span> <span class="c1">// Middleware que valida o JWT recebido</span> <span class="kd">const</span> <span class="nx">checkJwt</span> <span class="o">=</span> <span class="nf">jwt</span><span class="p">({</span> <span class="c1">// Define a forma de obter as chaves públicas do Entra ID</span> <span class="na">secret</span><span class="p">:</span> <span class="nx">jwksRsa</span><span class="p">.</span><span class="nf">expressJwtSecret</span><span class="p">({</span> <span class="na">cache</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="c1">// Cache para não buscar chave toda vez</span> <span class="na">rateLimit</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="c1">// Limite de requisições para JWKS</span> <span class="na">jwksRequestsPerMinute</span><span class="p">:</span> <span class="mi">10</span><span class="p">,</span> <span class="c1">// Máx. 10 req/min</span> <span class="na">jwksUri</span><span class="p">:</span> <span class="s2">`https://login.microsoftonline.com/</span><span class="p">${</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">AZURE_AD_TENANT_ID</span><span class="p">}</span><span class="s2">/discovery/v2.0/keys`</span><span class="p">,</span> <span class="p">})</span> <span class="k">as</span> <span class="kr">any</span><span class="p">,</span> <span class="na">audience</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">AZURE_AD_CLIENT_ID</span><span class="p">,</span> <span class="c1">// Valida se o token é para este app</span> <span class="na">issuer</span><span class="p">:</span> <span class="s2">`https://login.microsoftonline.com/</span><span class="p">${</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">AZURE_AD_TENANT_ID</span><span class="p">}</span><span class="s2">/v2.0`</span><span class="p">,</span> <span class="c1">// Origem do token</span> <span class="na">algorithms</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">RS256</span><span class="dl">"</span><span class="p">],</span> <span class="c1">// Algoritmo esperado</span> <span class="p">});</span> <span class="c1">// Rota protegida: só acessa se o JWT for válido</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api/secure-data</span><span class="dl">"</span><span class="p">,</span> <span class="nx">checkJwt</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Autenticado ✅</span><span class="dl">"</span><span class="p">,</span> <span class="na">claims</span><span class="p">:</span> <span class="p">(</span><span class="nx">req</span> <span class="k">as</span> <span class="kr">any</span><span class="p">).</span><span class="nx">auth</span><span class="p">,</span> <span class="c1">// Retorna as claims do token decodificado</span> <span class="p">});</span> <span class="p">});</span> <span class="c1">// Inicializa o servidor</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="nx">port</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`🚀 Backend rodando em http://localhost:</span><span class="p">${</span><span class="nx">port</span><span class="p">}</span><span class="s2">`</span><span class="p">)</span> <span class="p">);</span> </code></pre> </div> <h2> Boas Práticas </h2> <ul> <li> <strong>Proteção de secrets</strong>: nunca exponha <code>clientSecret</code> no frontend.</li> <li> <strong>Sessões seguras</strong>: use cookies <code>httpOnly</code> ou JWT fornecidos pelo NextAuth.</li> <li> <strong>Validação rigorosa</strong>: configure corretamente <code>audience</code> e <code>issuer</code>.</li> <li> <strong>Observabilidade</strong>: registre logs de falhas de autenticação.</li> <li> <strong>Escalabilidade</strong>: esse padrão permite múltiplos serviços validando tokens sem depender do frontend.</li> </ul> <h2> Conclusão </h2> <p>Com essa arquitetura, garantimos um fluxo seguro de ponta a ponta:</p> <ul> <li>O <strong>Next.js</strong> gerencia autenticação e sessão do usuário.</li> <li>O <strong>backend Node/TS</strong> valida tokens antes de liberar dados sensíveis.</li> <li>O <strong>Microsoft Entra ID</strong> centraliza a identidade, oferecendo segurança corporativa.</li> </ul> <p>Esse modelo é flexível e pode ser expandido para <strong>microsserviços</strong> ou <strong>integração com APIs da Microsoft (Graph API)</strong>.</p> <h2> Referências </h2> <ul> <li><p>Microsoft Corporation. (2024a). <em>Microsoft identity platform documentation</em>. Microsoft Learn.<br> <a href="https://learn.microsoft.com/en-us/azure/active-directory/develop/?wt.mc_id=MVP_324660" rel="noopener noreferrer">https://learn.microsoft.com/en-us/azure/active-directory/develop/</a></p></li> <li><p>Microsoft Corporation. (2024b). <em>Microsoft Entra ID: Overview</em>. Microsoft Learn.<br> <a href="https://learn.microsoft.com/en-us/entra/identity/?wt.mc_id=MVP_324660" rel="noopener noreferrer">https://learn.microsoft.com/en-us/entra/identity/</a></p></li> <li><p>Microsoft Corporation. (2024c). <em>Configure NextAuth.js with Azure AD</em>. Microsoft Learn.<br> <a href="https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-javascript-spa?wt.mc_id=MVP_324660" rel="noopener noreferrer">https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-javascript-spa</a></p></li> <li><p>NextAuth.js. (2024). <em>NextAuth.js Documentation</em>.<br> <a href="https://next-auth.js.org/" rel="noopener noreferrer">https://next-auth.js.org/</a></p></li> <li><p>Auth0 Inc. (2024). <em>Introduction to JWTs</em>.<br> <a href="https://auth0.com/intro-to-jwt" rel="noopener noreferrer">https://auth0.com/intro-to-jwt</a></p></li> </ul> webdev programming nextjs azure Criando um Sidecar em Go para acessar o Microsoft Graph via gRPC Cláudio Filipe Lima Rapôso Thu, 18 Sep 2025 11:20:29 +0000 https://forem.com/sertaoseracloud/criando-um-sidecar-em-go-para-acessar-o-microsoft-graph-via-grpc-2ghb https://forem.com/sertaoseracloud/criando-um-sidecar-em-go-para-acessar-o-microsoft-graph-via-grpc-2ghb <p>O <strong>Microsoft Graph</strong> é a porta de entrada para os serviços da Microsoft 365. Ele permite acessar informações como:</p> <ul> <li>Dados de <strong>usuários</strong> e <strong>grupos</strong>.</li> <li> <strong>Emails</strong> e <strong>calendários</strong> do Outlook.</li> <li> <strong>Arquivos</strong> no OneDrive.</li> <li> <strong>Mensagens</strong> no Teams.</li> </ul> <p>Mas para chamar o Graph, não basta fazer um <code>GET</code> com <code>http.Client</code>.<br> É necessário <strong>autenticar</strong> via <strong>Microsoft Entra ID</strong> (antigo Azure Active Directory), obter um <strong>Access Token OAuth2</strong>, e então usá-lo em cada requisição.</p> <p>👉 Isso pode complicar a aplicação principal, que precisa conhecer detalhes de autenticação.<br> Uma solução elegante é usar o <strong>padrão Sidecar</strong>: um serviço auxiliar, rodando ao lado da aplicação, que cuida dessa complexidade.</p> <h2> 1. O que é um Sidecar? </h2> <p>Imagine que você tem uma aplicação (em Go, .NET, Python, etc) que precisa acessar o Graph.</p> <p>Você pode embutir a lógica de autenticação dentro dela. Mas, se várias aplicações precisarem fazer isso, você terá código duplicado em todos os lugares.</p> <p>O <strong>sidecar</strong> resolve esse problema:</p> <ul> <li>É um pequeno serviço separado (nesse caso em Go) que fica rodando ao lado da aplicação.</li> <li>Ele <strong>fala com o Microsoft Entra ID</strong> para buscar tokens.</li> <li>Ele <strong>chama o Microsoft Graph</strong>.</li> <li>Ele expõe uma API simples (via gRPC) para que a aplicação principal possa apenas pedir:</li> </ul> <blockquote> <p>"Me dê os dados do usuário X"<br> E o sidecar cuida do resto.</p> </blockquote> <p>📌 Em arquiteturas <strong>Kubernetes</strong>, o sidecar roda no mesmo pod da aplicação principal.</p> <p>Isso significa que a aplicação acessa o sidecar por <code>localhost</code>, sem depender da rede externa.</p> <h2> 2. Arquitetura </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1b40giqk7wh6b2orclic.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1b40giqk7wh6b2orclic.png" alt="Diagrama de Sequência" width="800" height="518"></a></p> <p>📌 O que acontece:</p> <ol> <li>A aplicação chama <code>GetUser</code> no sidecar.</li> <li>O sidecar verifica se já tem um <strong>Access Token válido em cache</strong>.</li> </ol> <ul> <li>Se não tiver, pede um novo ao <strong>Microsoft Entra ID</strong>. <ol> <li>O sidecar chama o <strong>Microsoft Graph</strong> passando o token no header.</li> <li>O Graph devolve os dados do usuário.</li> <li>O sidecar converte para <code>UserResponse</code> e devolve para a aplicação via gRPC.</li> </ol> </li> </ul> <h2> 3. Definindo o contrato gRPC </h2> <p>Antes do código Go, precisamos definir o <strong>contrato de comunicação</strong>.</p> <p>Crie o arquivo <code>graph.proto</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight protobuf"><code><span class="na">syntax</span> <span class="o">=</span> <span class="s">"proto3"</span><span class="p">;</span> <span class="kn">package</span> <span class="nn">graph</span><span class="p">;</span> <span class="c1">// Serviço que o sidecar vai expor</span> <span class="kd">service</span> <span class="n">GraphService</span> <span class="p">{</span> <span class="k">rpc</span> <span class="n">GetUser</span> <span class="p">(</span><span class="n">UserRequest</span><span class="p">)</span> <span class="k">returns</span> <span class="p">(</span><span class="n">UserResponse</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Requisição: o cliente pode passar um user_id</span> <span class="c1">// Se vazio, o sidecar consulta o "me" (usuário atual)</span> <span class="kd">message</span> <span class="nc">UserRequest</span> <span class="p">{</span> <span class="kt">string</span> <span class="na">user_id</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// Resposta: dados básicos do usuário no Graph</span> <span class="kd">message</span> <span class="nc">UserResponse</span> <span class="p">{</span> <span class="kt">string</span> <span class="na">id</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span> <span class="kt">string</span> <span class="na">display_name</span> <span class="o">=</span> <span class="mi">2</span><span class="p">;</span> <span class="kt">string</span> <span class="na">given_name</span> <span class="o">=</span> <span class="mi">3</span><span class="p">;</span> <span class="kt">string</span> <span class="na">surname</span> <span class="o">=</span> <span class="mi">4</span><span class="p">;</span> <span class="kt">string</span> <span class="na">user_principal_name</span> <span class="o">=</span> <span class="mi">5</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <h3> Explicando </h3> <ul> <li>O serviço <code>GraphService</code> expõe o método <code>GetUser</code>.</li> <li> <code>UserRequest</code> permite consultar um usuário específico (<code>users/{id}</code>) ou o próprio usuário (<code>me</code>).</li> <li> <code>UserResponse</code> retorna alguns campos comuns do Graph.</li> </ul> <h3> Gerando código Go </h3> <p>Com o <code>protoc</code> instalado, rode:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>protoc <span class="nt">--go_out</span><span class="o">=</span><span class="nb">.</span> <span class="nt">--go-grpc_out</span><span class="o">=</span><span class="nb">.</span> graph.proto </code></pre> </div> <p>Isso gera os arquivos <code>.pb.go</code>, que contêm as interfaces gRPC que implementaremos.</p> <h2> 4. Implementando o sidecar em Go </h2> <h3> 4.1 Estrutura base </h3> <p>Crie um arquivo <code>sidecar.go</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"bytes"</span> <span class="s">"context"</span> <span class="s">"encoding/json"</span> <span class="s">"fmt"</span> <span class="s">"io"</span> <span class="s">"net"</span> <span class="s">"net/http"</span> <span class="s">"os"</span> <span class="s">"sync"</span> <span class="s">"time"</span> <span class="n">pb</span> <span class="s">"example.com/graph/proto"</span> <span class="c">// ajuste para o caminho correto</span> <span class="s">"google.golang.org/grpc"</span> <span class="p">)</span> <span class="k">const</span> <span class="p">(</span> <span class="n">tokenURL</span> <span class="o">=</span> <span class="s">"https://login.microsoftonline.com/%s/oauth2/v2.0/token"</span> <span class="n">graphURL</span> <span class="o">=</span> <span class="s">"https://graph.microsoft.com/v1.0/%s"</span> <span class="p">)</span> <span class="c">// Servidor gRPC que vai rodar como sidecar</span> <span class="k">type</span> <span class="n">server</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">pb</span><span class="o">.</span><span class="n">UnimplementedGraphServiceServer</span> <span class="n">mu</span> <span class="n">sync</span><span class="o">.</span><span class="n">Mutex</span> <span class="n">accessToken</span> <span class="kt">string</span> <span class="n">expiration</span> <span class="n">time</span><span class="o">.</span><span class="n">Time</span> <span class="p">}</span> </code></pre> </div> <p>📌 Aqui definimos:</p> <ul> <li>As constantes com os endpoints de autenticação (Entra ID) e do Graph.</li> <li> <p>Uma struct <code>server</code> que:</p> <ul> <li>Implementa nosso serviço gRPC.</li> <li>Guarda em memória (<code>accessToken</code>, <code>expiration</code>) o último token obtido.</li> </ul> </li> </ul> <h3> 4.2 Gerenciamento de Token </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="p">(</span><span class="n">s</span> <span class="o">*</span><span class="n">server</span><span class="p">)</span> <span class="n">getToken</span><span class="p">(</span><span class="n">ctx</span> <span class="n">context</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">(</span><span class="kt">string</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">s</span><span class="o">.</span><span class="n">mu</span><span class="o">.</span><span class="n">Lock</span><span class="p">()</span> <span class="k">defer</span> <span class="n">s</span><span class="o">.</span><span class="n">mu</span><span class="o">.</span><span class="n">Unlock</span><span class="p">()</span> <span class="c">// Se já temos token válido, reutiliza</span> <span class="k">if</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span><span class="o">.</span><span class="n">Before</span><span class="p">(</span><span class="n">s</span><span class="o">.</span><span class="n">expiration</span><span class="p">)</span> <span class="o">&amp;&amp;</span> <span class="n">s</span><span class="o">.</span><span class="n">accessToken</span> <span class="o">!=</span> <span class="s">""</span> <span class="p">{</span> <span class="k">return</span> <span class="n">s</span><span class="o">.</span><span class="n">accessToken</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> <span class="c">// Senão, pede um novo token ao Entra ID</span> <span class="n">tenantID</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"ENTRA_TENANT_ID"</span><span class="p">)</span> <span class="n">clientID</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"ENTRA_CLIENT_ID"</span><span class="p">)</span> <span class="n">clientSecret</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"ENTRA_CLIENT_SECRET"</span><span class="p">)</span> <span class="n">url</span> <span class="o">:=</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span><span class="n">tokenURL</span><span class="p">,</span> <span class="n">tenantID</span><span class="p">)</span> <span class="n">data</span> <span class="o">:=</span> <span class="p">[]</span><span class="kt">byte</span><span class="p">(</span><span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span> <span class="s">"client_id=%s&amp;scope=https%%3A%%2F%%2Fgraph.microsoft.com%%2F.default&amp;client_secret=%s&amp;grant_type=client_credentials"</span><span class="p">,</span> <span class="n">clientID</span><span class="p">,</span> <span class="n">clientSecret</span><span class="p">,</span> <span class="p">))</span> <span class="n">req</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">NewRequestWithContext</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span> <span class="s">"POST"</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="n">bytes</span><span class="o">.</span><span class="n">NewBuffer</span><span class="p">(</span><span class="n">data</span><span class="p">))</span> <span class="n">req</span><span class="o">.</span><span class="n">Header</span><span class="o">.</span><span class="n">Set</span><span class="p">(</span><span class="s">"Content-Type"</span><span class="p">,</span> <span class="s">"application/x-www-form-urlencoded"</span><span class="p">)</span> <span class="n">resp</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">DefaultClient</span><span class="o">.</span><span class="n">Do</span><span class="p">(</span><span class="n">req</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">defer</span> <span class="n">resp</span><span class="o">.</span><span class="n">Body</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="n">body</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">io</span><span class="o">.</span><span class="n">ReadAll</span><span class="p">(</span><span class="n">resp</span><span class="o">.</span><span class="n">Body</span><span class="p">)</span> <span class="k">if</span> <span class="n">resp</span><span class="o">.</span><span class="n">StatusCode</span> <span class="o">!=</span> <span class="n">http</span><span class="o">.</span><span class="n">StatusOK</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"erro ao obter token: %s"</span><span class="p">,</span> <span class="kt">string</span><span class="p">(</span><span class="n">body</span><span class="p">))</span> <span class="p">}</span> <span class="k">var</span> <span class="n">token</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">AccessToken</span> <span class="kt">string</span> <span class="s">`json:"access_token"`</span> <span class="n">ExpiresIn</span> <span class="kt">int</span> <span class="s">`json:"expires_in"`</span> <span class="p">}</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">Unmarshal</span><span class="p">(</span><span class="n">body</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">token</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="c">// Atualiza cache (renova 1 min antes do vencimento)</span> <span class="n">s</span><span class="o">.</span><span class="n">accessToken</span> <span class="o">=</span> <span class="n">token</span><span class="o">.</span><span class="n">AccessToken</span> <span class="n">s</span><span class="o">.</span><span class="n">expiration</span> <span class="o">=</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span><span class="o">.</span><span class="n">Add</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Duration</span><span class="p">(</span><span class="n">token</span><span class="o">.</span><span class="n">ExpiresIn</span><span class="o">-</span><span class="m">60</span><span class="p">)</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Second</span><span class="p">)</span> <span class="k">return</span> <span class="n">s</span><span class="o">.</span><span class="n">accessToken</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <h3> Explicando </h3> <ul> <li> <strong>Cache de token</strong>: o sidecar não pede token toda hora → economiza requisições.</li> <li> <strong>Mutex (<code>mu</code>)</strong>: garante que múltiplas chamadas concorrentes não façam <code>POST</code> ao mesmo tempo.</li> <li> <strong>Renovação antecipada</strong>: 1 minuto antes de expirar, o sidecar já pede um novo.</li> </ul> <h3> 4.3 Implementando <code>GetUser</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="p">(</span><span class="n">s</span> <span class="o">*</span><span class="n">server</span><span class="p">)</span> <span class="n">GetUser</span><span class="p">(</span><span class="n">ctx</span> <span class="n">context</span><span class="o">.</span><span class="n">Context</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">pb</span><span class="o">.</span><span class="n">UserRequest</span><span class="p">)</span> <span class="p">(</span><span class="o">*</span><span class="n">pb</span><span class="o">.</span><span class="n">UserResponse</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="c">// 1. Garantir token válido</span> <span class="n">token</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">s</span><span class="o">.</span><span class="n">getToken</span><span class="p">(</span><span class="n">ctx</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="c">// 2. Montar endpoint</span> <span class="n">userEndpoint</span> <span class="o">:=</span> <span class="s">"me"</span> <span class="k">if</span> <span class="n">req</span><span class="o">.</span><span class="n">UserId</span> <span class="o">!=</span> <span class="s">""</span> <span class="p">{</span> <span class="n">userEndpoint</span> <span class="o">=</span> <span class="s">"users/"</span> <span class="o">+</span> <span class="n">req</span><span class="o">.</span><span class="n">UserId</span> <span class="p">}</span> <span class="n">url</span> <span class="o">:=</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span><span class="n">graphURL</span><span class="p">,</span> <span class="n">userEndpoint</span><span class="p">)</span> <span class="n">httpReq</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">NewRequestWithContext</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span> <span class="s">"GET"</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="no">nil</span><span class="p">)</span> <span class="n">httpReq</span><span class="o">.</span><span class="n">Header</span><span class="o">.</span><span class="n">Set</span><span class="p">(</span><span class="s">"Authorization"</span><span class="p">,</span> <span class="s">"Bearer "</span><span class="o">+</span><span class="n">token</span><span class="p">)</span> <span class="c">// 3. Fazer requisição ao Microsoft Graph</span> <span class="n">resp</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">DefaultClient</span><span class="o">.</span><span class="n">Do</span><span class="p">(</span><span class="n">httpReq</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">defer</span> <span class="n">resp</span><span class="o">.</span><span class="n">Body</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="n">body</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">io</span><span class="o">.</span><span class="n">ReadAll</span><span class="p">(</span><span class="n">resp</span><span class="o">.</span><span class="n">Body</span><span class="p">)</span> <span class="k">if</span> <span class="n">resp</span><span class="o">.</span><span class="n">StatusCode</span> <span class="o">!=</span> <span class="n">http</span><span class="o">.</span><span class="n">StatusOK</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"erro ao buscar usuário: %s"</span><span class="p">,</span> <span class="kt">string</span><span class="p">(</span><span class="n">body</span><span class="p">))</span> <span class="p">}</span> <span class="c">// 4. Mapear resposta para nosso UserResponse</span> <span class="k">var</span> <span class="n">user</span> <span class="k">map</span><span class="p">[</span><span class="kt">string</span><span class="p">]</span><span class="k">interface</span><span class="p">{}</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">Unmarshal</span><span class="p">(</span><span class="n">body</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">user</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">return</span> <span class="o">&amp;</span><span class="n">pb</span><span class="o">.</span><span class="n">UserResponse</span><span class="p">{</span> <span class="n">Id</span><span class="o">:</span> <span class="n">user</span><span class="p">[</span><span class="s">"id"</span><span class="p">]</span><span class="o">.</span><span class="p">(</span><span class="kt">string</span><span class="p">),</span> <span class="n">DisplayName</span><span class="o">:</span> <span class="n">user</span><span class="p">[</span><span class="s">"displayName"</span><span class="p">]</span><span class="o">.</span><span class="p">(</span><span class="kt">string</span><span class="p">),</span> <span class="n">GivenName</span><span class="o">:</span> <span class="n">user</span><span class="p">[</span><span class="s">"givenName"</span><span class="p">]</span><span class="o">.</span><span class="p">(</span><span class="kt">string</span><span class="p">),</span> <span class="n">Surname</span><span class="o">:</span> <span class="n">user</span><span class="p">[</span><span class="s">"surname"</span><span class="p">]</span><span class="o">.</span><span class="p">(</span><span class="kt">string</span><span class="p">),</span> <span class="n">UserPrincipalName</span><span class="o">:</span> <span class="n">user</span><span class="p">[</span><span class="s">"userPrincipalName"</span><span class="p">]</span><span class="o">.</span><span class="p">(</span><span class="kt">string</span><span class="p">),</span> <span class="p">},</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <h3> Explicando </h3> <ol> <li>Pega o token em cache (ou renova).</li> <li>Define o endpoint (<code>/me</code> ou <code>/users/{id}</code>).</li> <li>Faz um <code>GET</code> no Microsoft Graph.</li> <li>Converte a resposta JSON para a struct <code>UserResponse</code>.</li> </ol> <h3> 4.4 Subindo o servidor gRPC </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">lis</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">net</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">"tcp"</span><span class="p">,</span> <span class="s">":50051"</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="nb">panic</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">grpcServer</span> <span class="o">:=</span> <span class="n">grpc</span><span class="o">.</span><span class="n">NewServer</span><span class="p">()</span> <span class="n">pb</span><span class="o">.</span><span class="n">RegisterGraphServiceServer</span><span class="p">(</span><span class="n">grpcServer</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">server</span><span class="p">{})</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Println</span><span class="p">(</span><span class="s">"Sidecar Microsoft Graph rodando em :50051"</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">grpcServer</span><span class="o">.</span><span class="n">Serve</span><span class="p">(</span><span class="n">lis</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="nb">panic</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Explicando </h3> <ul> <li>O sidecar ouve na porta <code>50051</code>.</li> <li>Ele registra o serviço <code>GraphService</code>.</li> <li>Ele fica rodando, pronto para responder às chamadas gRPC da aplicação principal.</li> </ul> <h2> 5. Executando </h2> <ol> <li>Configure variáveis de ambiente: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="nb">export </span><span class="nv">ENTRA_CLIENT_ID</span><span class="o">=</span><span class="s2">"seu-client-id"</span> <span class="nb">export </span><span class="nv">ENTRA_CLIENT_SECRET</span><span class="o">=</span><span class="s2">"seu-client-secret"</span> <span class="nb">export </span><span class="nv">ENTRA_TENANT_ID</span><span class="o">=</span><span class="s2">"seu-tenant-id"</span> </code></pre> </div> <ol> <li>Rode o sidecar: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> go run sidecar.go </code></pre> </div> <ol> <li>Teste com <code>grpcurl</code>: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> grpcurl <span class="nt">-plaintext</span> <span class="nt">-d</span> <span class="s1">'{}'</span> localhost:50051 graph.GraphService/GetUser </code></pre> </div> <h2> 6. Exemplo de resposta </h2> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1234abcd-..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"display_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"João Silva"</span><span class="p">,</span><span class="w"> </span><span class="nl">"given_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"João"</span><span class="p">,</span><span class="w"> </span><span class="nl">"surname"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Silva"</span><span class="p">,</span><span class="w"> </span><span class="nl">"user_principal_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"joao@empresa.com"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> 7. Por que usar Sidecar? </h2> <ul> <li> <strong>Simplicidade</strong>: a aplicação só chama gRPC, sem se preocupar com OAuth2.</li> <li> <strong>Reuso</strong>: múltiplos serviços podem compartilhar o mesmo sidecar.</li> <li> <strong>Segurança</strong>: credenciais ficam apenas no sidecar.</li> <li> <strong>Escalabilidade</strong>: sidecars podem ser replicados em pods diferentes.</li> <li> <strong>Observabilidade</strong>: métricas e logs podem ser centralizados no sidecar.</li> </ul> <h2> Conclusão </h2> <p>Criamos um <strong>sidecar em Go</strong> que:</p> <ol> <li>Autentica no <strong>Microsoft Entra ID</strong> via <strong>Client Credentials Flow</strong>.</li> <li>Usa o <strong>Microsoft Graph</strong> para consultar usuários.</li> <li>Exponde um serviço gRPC simples para a aplicação principal.</li> </ol> <p>Com isso, conseguimos um <strong>design mais limpo, seguro e escalável</strong>, separando responsabilidades e aproveitando os benefícios do padrão Sidecar.</p> <h2> 💡Curtiu? </h2> <p>Se quiser trocar ideia sobre IA, cloud e arquitetura, me segue nas redes:</p> <ul> <li><a href="https://olink.ai/sertaoseracloud" rel="noopener noreferrer">Redes Sociais</a></li> </ul> <p>Publico conteúdos técnicos direto do campo de batalha. E quando descubro uma ferramenta que economiza tempo e resolve bem, como essa, você fica sabendo também.</p> go programming microsoftgraph grpc [Boost] Cláudio Filipe Lima Rapôso Thu, 11 Sep 2025 19:35:04 +0000 https://forem.com/sertaoseracloud/-1k67 https://forem.com/sertaoseracloud/-1k67 <div class="ltag__link--embedded"> <div class="crayons-story "> <a href="https://dev.to/edesantomaz/from-a-roundtable-chat-to-an-mvp-journey-insights-and-community-spirit-1icg" class="crayons-story__hidden-navigation-link">From a Roundtable Chat to an MVP Journey: Insights and Community Spirit</a> <div class="crayons-story__body crayons-story__body-full_post"> <div class="crayons-story__top"> <div class="crayons-story__meta"> <div class="crayons-story__author-pic"> <a href="/edesantomaz" class="crayons-avatar crayons-avatar--l "> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3180593%2F78b640fa-9b83-4e55-96a3-1e4e3bd26f03.jpg" alt="edesantomaz profile" class="crayons-avatar__image"> </a> </div> <div> <div> <a href="/edesantomaz" class="crayons-story__secondary fw-medium m:hidden"> Edesan Tomaz </a> <div class="profile-preview-card relative mb-4 s:mb-0 fw-medium hidden m:inline-block"> Edesan Tomaz <div id="story-author-preview-content-2839769" class="profile-preview-card__content crayons-dropdown branded-7 p-4 pt-0"> <div class="gap-4 grid"> <div class="-mt-4"> <a href="/edesantomaz" class="flex"> <span class="crayons-avatar crayons-avatar--xl mr-2 shrink-0"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3180593%2F78b640fa-9b83-4e55-96a3-1e4e3bd26f03.jpg" class="crayons-avatar__image" alt=""> </span> <span class="crayons-link crayons-subtitle-2 mt-5">Edesan Tomaz</span> </a> </div> <div class="print-hidden"> Follow </div> <div class="author-preview-metadata-container"></div> </div> </div> </div> </div> <a href="https://dev.to/edesantomaz/from-a-roundtable-chat-to-an-mvp-journey-insights-and-community-spirit-1icg" class="crayons-story__tertiary fs-xs"><time>Sep 11 '25</time><span class="time-ago-indicator-initial-placeholder"></span></a> </div> </div> </div> <div class="crayons-story__indention"> <h2 class="crayons-story__title crayons-story__title-full_post"> <a href="https://dev.to/edesantomaz/from-a-roundtable-chat-to-an-mvp-journey-insights-and-community-spirit-1icg" id="article-link-2839769"> From a Roundtable Chat to an MVP Journey: Insights and Community Spirit </a> </h2> <div class="crayons-story__tags"> </div> <div class="crayons-story__bottom"> <div class="crayons-story__details"> <a href="https://dev.to/edesantomaz/from-a-roundtable-chat-to-an-mvp-journey-insights-and-community-spirit-1icg" class="crayons-btn crayons-btn--s crayons-btn--ghost crayons-btn--icon-left"> <div class="multiple_reactions_aggregate"> <span class="multiple_reactions_icons_container"> <span class="crayons_icon_container"> <img src="https://assets.dev.to/assets/multi-unicorn-b44d6f8c23cdd00964192bedc38af3e82463978aa611b4365bd33a0f1f4f3e97.svg" width="18" height="18"> </span> <span class="crayons_icon_container"> <img src="https://assets.dev.to/assets/sparkle-heart-5f9bee3767e18deb1bb725290cb151c25234768a0e9a2bd39370c382d02920cf.svg" width="18" height="18"> </span> </span> <span class="aggregate_reactions_counter">2<span class="hidden s:inline"> reactions</span></span> </div> </a> <a href="https://dev.to/edesantomaz/from-a-roundtable-chat-to-an-mvp-journey-insights-and-community-spirit-1icg#comments" class="crayons-btn crayons-btn--s crayons-btn--ghost crayons-btn--icon-left flex items-center"> Comments <span class="hidden s:inline">Add Comment</span> </a> </div> <div class="crayons-story__save"> <small class="crayons-story__tertiary fs-xs mr-2"> 1 min read </small> <span class="bm-initial"> </span> <span class="bm-success"> </span> </div> </div> </div> </div> </div> </div> 🚀 Renovação Concluída! Cláudio Filipe Lima Rapôso Fri, 29 Aug 2025 21:53:54 +0000 https://forem.com/sertaoseracloud/renovacao-concluida-280n https://forem.com/sertaoseracloud/renovacao-concluida-280n <p>Acabei de renovar minha certificação Microsoft Certified: Especialista em Arquiteto de Soluções do Azure (AZ-305) com 92% de acerto ✅</p> <p>Essa renovação reforça meu compromisso contínuo em projetar soluções modernas e escaláveis na nuvem, dominando temas fundamentais que foram avaliados, como:</p> <p>Design de infraestrutura: VNets, sub-redes, conectividade híbrida e alta disponibilidade.</p> <p>Armazenamento e dados: escolha de camadas de Blob, Data Lake, SQL Database, Cosmos DB e estratégias de segurança.</p> <p>Identidade e segurança: Key Vault, RBAC, autenticação e criptografia.</p> <p>Escalabilidade e resiliência: App Services, Kubernetes, Load Balancer, Front Door, Traffic Manager e estratégias multirregião.</p> <p>Integração e mensageria: Service Bus, Event Grid, Event Hubs e filas para aplicações distribuídas.</p> <p>🎯 Essa jornada não é apenas sobre certificação, mas sobre ajudar empresas e equipes a tirar o máximo do Azure, unindo performance, segurança e governança.</p> <p>🔗 Mais um passo rumo à evolução contínua na arquitetura de soluções em nuvem! ☁️</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frvbgave181r7jyhry4kv.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frvbgave181r7jyhry4kv.png" alt="certificação" width="800" height="567"></a></p> azure certification architecture cloud Break News! Cláudio Filipe Lima Rapôso Wed, 27 Aug 2025 11:18:20 +0000 https://forem.com/sertaoseracloud/break-news-3nlb https://forem.com/sertaoseracloud/break-news-3nlb <p>🚀Microsoft Acabou de disponibilizar o GPT-5 no Azure OpenAI Service via Azure AI Foundry.<br> As possibilidades para criar soluções mais inteligentes, rápidas e context-aware subiram de nível.</p> <p>Por que isso importa?</p> <p>Integração simples com serviços Azure</p> <p>Segurança e governança em escala empresarial</p> <p>Observabilidade e ciclo de vida de prompts/modelos num só lugar</p> <p>Bora explorar juntos? 💡🤖</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnx7dc5z5qk563isqj1jn.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnx7dc5z5qk563isqj1jn.png" alt="GPT 5.0" width="581" height="809"></a></p> azure openai ai programming Construindo um Bot de Trailing Stop com Go, RabbitMQ e Bounded Contexts Cláudio Filipe Lima Rapôso Mon, 25 Aug 2025 12:16:01 +0000 https://forem.com/sertaoseracloud/construindo-um-bot-de-trailing-stop-com-go-rabbitmq-e-bounded-contexts-108h https://forem.com/sertaoseracloud/construindo-um-bot-de-trailing-stop-com-go-rabbitmq-e-bounded-contexts-108h <p>Você quer proteger seus lucros sem vigiar o gráfico o dia todo. Um <strong>Trailing Stop</strong> faz exatamente isso: acompanha o movimento favorável do preço e, ao detectar uma reversão além de um percentual configurado, <strong>fecha a posição automaticamente</strong>. Mas depender de uma ordem nativa da corretora pode ser limitante (parâmetros, disponibilidade, validações). E um monólito que faz de tudo fica difícil de escalar e observar.</p> <p><strong>Nossa proposta:</strong> um sistema <strong>distribuído</strong> e <strong>desacoplado</strong>, onde cada parte cuida de uma responsabilidade única, comunicando-se <strong>por mensagens</strong>. Assim, trocamos rigidez por flexibilidade e evolutividade.</p> <h2> O que vamos construir (foto geral) </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgso24wtm6xr3m05h1cnt.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgso24wtm6xr3m05h1cnt.png" alt="Diagrama de Sequência" width="800" height="328"></a></p> <ul> <li> <strong>MarketData</strong>: um serviço que ouve o WebSocket da Binance e publica preços em tempo real.</li> <li> <strong>Orchestrator</strong>: o cérebro da estratégia. Mantém topo/fundo, calcula a variação e decide quando enviar uma ordem.</li> <li> <strong>Orders</strong>: recebe comandos do orquestrador, envia a ordem à corretora (ou simula) e publica o resultado.</li> <li> <strong>RabbitMQ</strong>: nosso barramento, com três exchanges: <code>marketdata.events</code> (fanout), <code>order.commands</code> (direct) e <code>order.events</code> (fanout).</li> <li> <strong>OpenTelemetry</strong>: pronto para instrumentação e tracing (arquivo <code>internal/tracing/otel.go</code>).</li> </ul> <p><strong>Decisões arquiteturais-chave</strong></p> <ol> <li> <strong>Bounded contexts</strong> para <strong>separação de responsabilidades</strong> e <strong>escala independente</strong>.</li> <li> <strong>Mensageria</strong> para <strong>desacoplamento</strong> (produtores não sabem quem consome e vice-versa).</li> <li> <strong>Contratos de mensagens</strong> estáveis entre serviços (<code>PriceTick</code>, <code>PlaceOrder</code>, <code>OrderResult</code>).</li> <li> <strong>Execução simulável</strong>: sem credenciais, ainda validamos o fluxo com segurança.</li> </ol> <h2> Pré-requisitos </h2> <ul> <li>Go 1.22+</li> <li>Docker e Docker Compose</li> <li>Conta na <strong>Binance Spot Testnet</strong> (opcional para simulação; obrigatório para ordens reais)</li> </ul> <h2> 1. Iniciando o projeto </h2> <p>Estrutura do repositório:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>trailingstop-bc/ ├─ .env.example ├─ docker-compose.yml ├─ go.mod / go.sum ├─ cmd/ │ ├─ marketdata/ │ ├─ orchestrator/ │ └─ order/ └─ internal/ ├─ messaging/ ├─ tracing/ └─ types/ </code></pre> </div> <h3> <code>go.mod</code> </h3> <blockquote> <p>Define módulo e dependências. O nome do módulo acompanha o repositório.<br> </p> </blockquote> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">module</span> <span class="n">github</span><span class="o">.</span><span class="n">com</span><span class="o">/</span><span class="n">sertaoseracloud</span><span class="o">/</span><span class="n">trailingstop</span><span class="o">-</span><span class="n">bc</span> <span class="k">go</span> <span class="m">1.22</span> <span class="n">require</span> <span class="p">(</span> <span class="n">github</span><span class="o">.</span><span class="n">com</span><span class="o">/</span><span class="n">adshao</span><span class="o">/</span><span class="k">go</span><span class="o">-</span><span class="n">binance</span><span class="o">/</span><span class="n">v2</span> <span class="n">v2</span><span class="m">.8.5</span> <span class="n">github</span><span class="o">.</span><span class="n">com</span><span class="o">/</span><span class="n">rabbitmq</span><span class="o">/</span><span class="n">amqp091</span><span class="o">-</span><span class="k">go</span> <span class="n">v1</span><span class="m">.10.0</span> <span class="p">)</span> </code></pre> </div> <p><strong>Por quê?</strong></p> <ul> <li> <code>go-binance</code> dá acesso a REST/WS da Binance.</li> <li> <code>amqp091-go</code> é o cliente AMQP para o RabbitMQ.</li> </ul> <h2> 2. Contratos de mensagens (fontes da verdade entre serviços) </h2> <h3> <code>internal/types/messages.go</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">types</span> <span class="k">import</span> <span class="s">"time"</span> <span class="c">// PriceTick é publicado pelo MarketData.</span> <span class="k">type</span> <span class="n">PriceTick</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Symbol</span> <span class="kt">string</span> <span class="s">`json:"symbol"`</span> <span class="n">Price</span> <span class="kt">float64</span> <span class="s">`json:"price"`</span> <span class="n">Ts</span> <span class="kt">int64</span> <span class="s">`json:"ts"`</span> <span class="p">}</span> <span class="c">// PlaceOrder é comando do Orchestrator para Orders.</span> <span class="k">type</span> <span class="n">PlaceOrder</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Symbol</span> <span class="kt">string</span> <span class="s">`json:"symbol"`</span> <span class="n">Side</span> <span class="kt">string</span> <span class="s">`json:"side"`</span> <span class="c">// "BUY" | "SELL"</span> <span class="n">Qty</span> <span class="kt">float64</span> <span class="s">`json:"qty"`</span> <span class="n">Type</span> <span class="kt">string</span> <span class="s">`json:"type"`</span> <span class="c">// "MARKET" | "LIMIT"</span> <span class="n">ClientID</span> <span class="kt">string</span> <span class="s">`json:"clientId,omitempty"`</span> <span class="p">}</span> <span class="c">// OrderResult é evento de confirmação/erro do Orders.</span> <span class="k">type</span> <span class="n">OrderResult</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Symbol</span> <span class="kt">string</span> <span class="s">`json:"symbol"`</span> <span class="n">Side</span> <span class="kt">string</span> <span class="s">`json:"side"`</span> <span class="n">Status</span> <span class="kt">string</span> <span class="s">`json:"status"`</span> <span class="n">OrderID</span> <span class="kt">int64</span> <span class="s">`json:"orderId"`</span> <span class="n">FilledQty</span> <span class="kt">float64</span> <span class="s">`json:"filledQty"`</span> <span class="n">Price</span> <span class="kt">float64</span> <span class="s">`json:"price"`</span> <span class="n">Ts</span> <span class="kt">int64</span> <span class="s">`json:"ts"`</span> <span class="n">Error</span> <span class="kt">string</span> <span class="s">`json:"error,omitempty"`</span> <span class="p">}</span> <span class="k">func</span> <span class="n">NowMs</span><span class="p">()</span> <span class="kt">int64</span> <span class="p">{</span> <span class="k">return</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span><span class="o">.</span><span class="n">UnixMilli</span><span class="p">()</span> <span class="p">}</span> </code></pre> </div> <p><strong>Decisão</strong>: mensagens simples em JSON. Isso facilita observabilidade, reprocessamento e compatibilidade com outras linguagens.</p> <h2> 3. Camada de mensageria (encapsulando RabbitMQ) </h2> <h3> <code>internal/messaging/rabbitmq.go</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">messaging</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"context"</span> <span class="s">"encoding/json"</span> <span class="s">"log"</span> <span class="s">"os"</span> <span class="s">"time"</span> <span class="n">amqp</span> <span class="s">"github.com/rabbitmq/amqp091-go"</span> <span class="p">)</span> <span class="k">const</span> <span class="p">(</span> <span class="n">ExMarketData</span> <span class="o">=</span> <span class="s">"marketdata.events"</span> <span class="c">// fanout</span> <span class="n">ExOrderCmds</span> <span class="o">=</span> <span class="s">"order.commands"</span> <span class="c">// direct</span> <span class="n">ExOrderEvts</span> <span class="o">=</span> <span class="s">"order.events"</span> <span class="c">// fanout</span> <span class="p">)</span> <span class="k">type</span> <span class="n">Bus</span> <span class="k">struct</span><span class="p">{</span> <span class="n">Conn</span> <span class="o">*</span><span class="n">amqp</span><span class="o">.</span><span class="n">Connection</span> <span class="n">Ch</span> <span class="o">*</span><span class="n">amqp</span><span class="o">.</span><span class="n">Channel</span> <span class="p">}</span> <span class="k">func</span> <span class="n">MustBus</span><span class="p">()</span> <span class="o">*</span><span class="n">Bus</span> <span class="p">{</span> <span class="n">url</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"AMQP_URL"</span><span class="p">)</span> <span class="k">if</span> <span class="n">url</span> <span class="o">==</span> <span class="s">""</span> <span class="p">{</span> <span class="n">url</span> <span class="o">=</span> <span class="s">"amqp://guest:guest@localhost:5672/"</span> <span class="p">}</span> <span class="n">conn</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">amqp</span><span class="o">.</span><span class="n">Dial</span><span class="p">(</span><span class="n">url</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"amqp dial: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">ch</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">conn</span><span class="o">.</span><span class="n">Channel</span><span class="p">()</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"amqp channel: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">must</span><span class="p">(</span><span class="n">ch</span><span class="o">.</span><span class="n">ExchangeDeclare</span><span class="p">(</span><span class="n">ExMarketData</span><span class="p">,</span> <span class="s">"fanout"</span><span class="p">,</span> <span class="no">true</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">nil</span><span class="p">))</span> <span class="n">must</span><span class="p">(</span><span class="n">ch</span><span class="o">.</span><span class="n">ExchangeDeclare</span><span class="p">(</span><span class="n">ExOrderCmds</span><span class="p">,</span> <span class="s">"direct"</span><span class="p">,</span> <span class="no">true</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">nil</span><span class="p">))</span> <span class="n">must</span><span class="p">(</span><span class="n">ch</span><span class="o">.</span><span class="n">ExchangeDeclare</span><span class="p">(</span><span class="n">ExOrderEvts</span><span class="p">,</span> <span class="s">"fanout"</span><span class="p">,</span> <span class="no">true</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">nil</span><span class="p">))</span> <span class="k">return</span> <span class="o">&amp;</span><span class="n">Bus</span><span class="p">{</span><span class="n">Conn</span><span class="o">:</span> <span class="n">conn</span><span class="p">,</span> <span class="n">Ch</span><span class="o">:</span> <span class="n">ch</span><span class="p">}</span> <span class="p">}</span> <span class="k">func</span> <span class="n">must</span><span class="p">(</span><span class="n">err</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="k">func</span> <span class="p">(</span><span class="n">b</span> <span class="o">*</span><span class="n">Bus</span><span class="p">)</span> <span class="n">Close</span><span class="p">()</span> <span class="p">{</span> <span class="n">_</span> <span class="o">=</span> <span class="n">b</span><span class="o">.</span><span class="n">Ch</span><span class="o">.</span><span class="n">Close</span><span class="p">();</span> <span class="n">_</span> <span class="o">=</span> <span class="n">b</span><span class="o">.</span><span class="n">Conn</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="p">}</span> <span class="k">func</span> <span class="p">(</span><span class="n">b</span> <span class="o">*</span><span class="n">Bus</span><span class="p">)</span> <span class="n">PublishJSON</span><span class="p">(</span><span class="n">ex</span><span class="p">,</span> <span class="n">key</span> <span class="kt">string</span><span class="p">,</span> <span class="n">v</span> <span class="n">any</span><span class="p">)</span> <span class="kt">error</span> <span class="p">{</span> <span class="n">body</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">Marshal</span><span class="p">(</span><span class="n">v</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">err</span> <span class="p">}</span> <span class="n">ctx</span><span class="p">,</span> <span class="n">cancel</span> <span class="o">:=</span> <span class="n">context</span><span class="o">.</span><span class="n">WithTimeout</span><span class="p">(</span><span class="n">context</span><span class="o">.</span><span class="n">Background</span><span class="p">(),</span> <span class="m">5</span><span class="o">*</span><span class="n">time</span><span class="o">.</span><span class="n">Second</span><span class="p">)</span> <span class="k">defer</span> <span class="n">cancel</span><span class="p">()</span> <span class="k">return</span> <span class="n">b</span><span class="o">.</span><span class="n">Ch</span><span class="o">.</span><span class="n">PublishWithContext</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span> <span class="n">ex</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="n">amqp</span><span class="o">.</span><span class="n">Publishing</span><span class="p">{</span> <span class="n">ContentType</span><span class="o">:</span> <span class="s">"application/json"</span><span class="p">,</span> <span class="n">DeliveryMode</span><span class="o">:</span> <span class="n">amqp</span><span class="o">.</span><span class="n">Persistent</span><span class="p">,</span> <span class="n">Body</span><span class="o">:</span> <span class="n">body</span><span class="p">,</span> <span class="n">Timestamp</span><span class="o">:</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">(),</span> <span class="p">})</span> <span class="p">}</span> <span class="c">// Consumo fanout: fila efêmera/exclusiva para broadcast (ideal para market data).</span> <span class="k">func</span> <span class="p">(</span><span class="n">b</span> <span class="o">*</span><span class="n">Bus</span><span class="p">)</span> <span class="n">ConsumeFanout</span><span class="p">(</span><span class="n">ex</span> <span class="kt">string</span><span class="p">)</span> <span class="p">(</span><span class="o">&lt;-</span><span class="k">chan</span> <span class="n">amqp</span><span class="o">.</span><span class="n">Delivery</span><span class="p">,</span> <span class="k">func</span><span class="p">())</span> <span class="p">{</span> <span class="n">q</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">b</span><span class="o">.</span><span class="n">Ch</span><span class="o">.</span><span class="n">QueueDeclare</span><span class="p">(</span><span class="s">""</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">true</span><span class="p">,</span> <span class="no">true</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">nil</span><span class="p">)</span> <span class="n">must</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="n">must</span><span class="p">(</span><span class="n">b</span><span class="o">.</span><span class="n">Ch</span><span class="o">.</span><span class="n">QueueBind</span><span class="p">(</span><span class="n">q</span><span class="o">.</span><span class="n">Name</span><span class="p">,</span> <span class="s">""</span><span class="p">,</span> <span class="n">ex</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">nil</span><span class="p">))</span> <span class="n">msgs</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">b</span><span class="o">.</span><span class="n">Ch</span><span class="o">.</span><span class="n">Consume</span><span class="p">(</span><span class="n">q</span><span class="o">.</span><span class="n">Name</span><span class="p">,</span> <span class="s">""</span><span class="p">,</span> <span class="no">true</span><span class="p">,</span> <span class="no">true</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">nil</span><span class="p">)</span> <span class="n">must</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="n">cancel</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(){</span> <span class="n">_</span> <span class="o">=</span> <span class="n">b</span><span class="o">.</span><span class="n">Ch</span><span class="o">.</span><span class="n">QueueUnbind</span><span class="p">(</span><span class="n">q</span><span class="o">.</span><span class="n">Name</span><span class="p">,</span> <span class="s">""</span><span class="p">,</span> <span class="n">ex</span><span class="p">,</span> <span class="no">nil</span><span class="p">);</span> <span class="n">_</span> <span class="o">=</span> <span class="n">b</span><span class="o">.</span><span class="n">Ch</span><span class="o">.</span><span class="n">QueueDelete</span><span class="p">(</span><span class="n">q</span><span class="o">.</span><span class="n">Name</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">true</span><span class="p">)</span> <span class="p">}</span> <span class="k">return</span> <span class="n">msgs</span><span class="p">,</span> <span class="n">cancel</span> <span class="p">}</span> <span class="c">// Consumo direct: fila durável com routing key (ideal para comandos de ordem).</span> <span class="k">func</span> <span class="p">(</span><span class="n">b</span> <span class="o">*</span><span class="n">Bus</span><span class="p">)</span> <span class="n">ConsumeDirect</span><span class="p">(</span><span class="n">ex</span><span class="p">,</span> <span class="n">queue</span><span class="p">,</span> <span class="n">key</span> <span class="kt">string</span><span class="p">)</span> <span class="p">(</span><span class="o">&lt;-</span><span class="k">chan</span> <span class="n">amqp</span><span class="o">.</span><span class="n">Delivery</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">q</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">b</span><span class="o">.</span><span class="n">Ch</span><span class="o">.</span><span class="n">QueueDeclare</span><span class="p">(</span><span class="n">queue</span><span class="p">,</span> <span class="no">true</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">nil</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">if</span> <span class="n">err</span> <span class="o">=</span> <span class="n">b</span><span class="o">.</span><span class="n">Ch</span><span class="o">.</span><span class="n">QueueBind</span><span class="p">(</span><span class="n">q</span><span class="o">.</span><span class="n">Name</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">ex</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">nil</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">return</span> <span class="n">b</span><span class="o">.</span><span class="n">Ch</span><span class="o">.</span><span class="n">Consume</span><span class="p">(</span><span class="n">q</span><span class="o">.</span><span class="n">Name</span><span class="p">,</span> <span class="s">""</span><span class="p">,</span> <span class="no">true</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">false</span><span class="p">,</span> <span class="no">nil</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Decisão</strong>: abstrair conexão/publicação/consumo torna os serviços mais legíveis e reduz repetição.</p> <h2> 4. MarketData: consumindo a Binance em tempo real </h2> <h3> <code>cmd/marketdata/main.go</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"log"</span> <span class="s">"os"</span> <span class="s">"strconv"</span> <span class="n">binance</span> <span class="s">"github.com/adshao/go-binance/v2"</span> <span class="s">"github.com/sertaoseracloud/trailingstop-bc/internal/messaging"</span> <span class="s">"github.com/sertaoseracloud/trailingstop-bc/internal/types"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">symbol</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"SYMBOL"</span><span class="p">)</span> <span class="k">if</span> <span class="n">symbol</span> <span class="o">==</span> <span class="s">""</span> <span class="p">{</span> <span class="n">symbol</span> <span class="o">=</span> <span class="s">"BTCUSDT"</span> <span class="p">}</span> <span class="k">if</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"BINANCE_TESTNET"</span><span class="p">)</span> <span class="o">==</span> <span class="s">"true"</span> <span class="p">{</span> <span class="n">binance</span><span class="o">.</span><span class="n">UseTestnet</span> <span class="o">=</span> <span class="no">true</span> <span class="p">}</span> <span class="n">bus</span> <span class="o">:=</span> <span class="n">messaging</span><span class="o">.</span><span class="n">MustBus</span><span class="p">()</span> <span class="k">defer</span> <span class="n">bus</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[marketdata] WS AggTrade %s (testnet=%v)"</span><span class="p">,</span> <span class="n">symbol</span><span class="p">,</span> <span class="n">binance</span><span class="o">.</span><span class="n">UseTestnet</span><span class="p">)</span> <span class="n">handler</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">binance</span><span class="o">.</span><span class="n">WsAggTradeEvent</span><span class="p">)</span> <span class="p">{</span> <span class="n">price</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">strconv</span><span class="o">.</span><span class="n">ParseFloat</span><span class="p">(</span><span class="n">e</span><span class="o">.</span><span class="n">Price</span><span class="p">,</span> <span class="m">64</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="p">}</span> <span class="n">tick</span> <span class="o">:=</span> <span class="n">types</span><span class="o">.</span><span class="n">PriceTick</span><span class="p">{</span> <span class="n">Symbol</span><span class="o">:</span> <span class="n">symbol</span><span class="p">,</span> <span class="n">Price</span><span class="o">:</span> <span class="n">price</span><span class="p">,</span> <span class="n">Ts</span><span class="o">:</span> <span class="n">types</span><span class="o">.</span><span class="n">NowMs</span><span class="p">()</span> <span class="p">}</span> <span class="n">_</span> <span class="o">=</span> <span class="n">bus</span><span class="o">.</span><span class="n">PublishJSON</span><span class="p">(</span><span class="n">messaging</span><span class="o">.</span><span class="n">ExMarketData</span><span class="p">,</span> <span class="s">""</span><span class="p">,</span> <span class="n">tick</span><span class="p">)</span> <span class="p">}</span> <span class="n">errHandler</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(</span><span class="n">err</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"ws err: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">doneC</span><span class="p">,</span> <span class="n">stopC</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">binance</span><span class="o">.</span><span class="n">WsAggTradeServe</span><span class="p">(</span><span class="n">symbol</span><span class="p">,</span> <span class="n">handler</span><span class="p">,</span> <span class="n">errHandler</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="o">&lt;-</span><span class="n">doneC</span><span class="p">;</span> <span class="nb">close</span><span class="p">(</span><span class="n">stopC</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Por quê assim?</strong></p> <ul> <li>O canal <strong>AggTrade</strong> traz um fluxo rico de preços.</li> <li>Publicar em <code>marketdata.events</code> (fanout) permite múltiplos consumidores (ex.: backtests, dashboards) sem acoplamento.</li> </ul> <h2> 5. Orchestrator: o cérebro do trailing </h2> <h3> <code>cmd/orchestrator/main.go</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"encoding/json"</span> <span class="s">"log"</span> <span class="s">"math"</span> <span class="s">"os"</span> <span class="s">"strconv"</span> <span class="s">"strings"</span> <span class="s">"github.com/sertaoseracloud/trailingstop-bc/internal/messaging"</span> <span class="s">"github.com/sertaoseracloud/trailingstop-bc/internal/types"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">getenvf</span><span class="p">(</span><span class="n">key</span> <span class="kt">string</span><span class="p">,</span> <span class="n">def</span> <span class="kt">float64</span><span class="p">)</span> <span class="kt">float64</span> <span class="p">{</span> <span class="n">v</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="n">key</span><span class="p">);</span> <span class="k">if</span> <span class="n">v</span> <span class="o">==</span> <span class="s">""</span> <span class="p">{</span> <span class="k">return</span> <span class="n">def</span> <span class="p">}</span> <span class="n">f</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">strconv</span><span class="o">.</span><span class="n">ParseFloat</span><span class="p">(</span><span class="n">v</span><span class="p">,</span> <span class="m">64</span><span class="p">);</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">def</span> <span class="p">}</span> <span class="k">return</span> <span class="n">f</span> <span class="p">}</span> <span class="k">func</span> <span class="n">main</span><span class="p">(){</span> <span class="n">symbol</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"SYMBOL"</span><span class="p">);</span> <span class="k">if</span> <span class="n">symbol</span> <span class="o">==</span> <span class="s">""</span> <span class="p">{</span> <span class="n">symbol</span> <span class="o">=</span> <span class="s">"BTCUSDT"</span> <span class="p">}</span> <span class="n">side</span> <span class="o">:=</span> <span class="n">strings</span><span class="o">.</span><span class="n">ToUpper</span><span class="p">(</span><span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"SIDE"</span><span class="p">));</span> <span class="k">if</span> <span class="n">side</span> <span class="o">==</span> <span class="s">""</span> <span class="p">{</span> <span class="n">side</span> <span class="o">=</span> <span class="s">"SELL"</span> <span class="p">}</span> <span class="n">qty</span> <span class="o">:=</span> <span class="n">getenvf</span><span class="p">(</span><span class="s">"QTY"</span><span class="p">,</span> <span class="m">0.001</span><span class="p">)</span> <span class="n">trailing</span> <span class="o">:=</span> <span class="n">getenvf</span><span class="p">(</span><span class="s">"TRAILING_PERCENT"</span><span class="p">,</span> <span class="m">1.0</span><span class="p">)</span> <span class="n">activation</span> <span class="o">:=</span> <span class="n">getenvf</span><span class="p">(</span><span class="s">"ACTIVATION_PRICE"</span><span class="p">,</span> <span class="m">0</span><span class="p">)</span> <span class="n">bus</span> <span class="o">:=</span> <span class="n">messaging</span><span class="o">.</span><span class="n">MustBus</span><span class="p">();</span> <span class="k">defer</span> <span class="n">bus</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="n">msgs</span><span class="p">,</span> <span class="n">cancel</span> <span class="o">:=</span> <span class="n">bus</span><span class="o">.</span><span class="n">ConsumeFanout</span><span class="p">(</span><span class="n">messaging</span><span class="o">.</span><span class="n">ExMarketData</span><span class="p">);</span> <span class="k">defer</span> <span class="n">cancel</span><span class="p">()</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[orchestrator] %s side=%s qty=%.6f trailing=%.4f%% activation=%.4f"</span><span class="p">,</span> <span class="n">symbol</span><span class="p">,</span> <span class="n">side</span><span class="p">,</span> <span class="n">qty</span><span class="p">,</span> <span class="n">trailing</span><span class="p">,</span> <span class="n">activation</span><span class="p">)</span> <span class="n">activated</span> <span class="o">:=</span> <span class="no">false</span> <span class="n">ref</span> <span class="o">:=</span> <span class="m">0.0</span> <span class="c">// topo (SELL) ou fundo (BUY)</span> <span class="n">fired</span> <span class="o">:=</span> <span class="no">false</span> <span class="k">for</span> <span class="n">d</span> <span class="o">:=</span> <span class="k">range</span> <span class="n">msgs</span> <span class="p">{</span> <span class="k">var</span> <span class="n">tick</span> <span class="n">types</span><span class="o">.</span><span class="n">PriceTick</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">Unmarshal</span><span class="p">(</span><span class="n">d</span><span class="o">.</span><span class="n">Body</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">tick</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="o">||</span> <span class="n">tick</span><span class="o">.</span><span class="n">Symbol</span> <span class="o">!=</span> <span class="n">symbol</span> <span class="p">{</span> <span class="k">continue</span> <span class="p">}</span> <span class="n">p</span> <span class="o">:=</span> <span class="n">tick</span><span class="o">.</span><span class="n">Price</span> <span class="k">if</span> <span class="o">!</span><span class="n">activated</span> <span class="p">{</span> <span class="k">if</span> <span class="n">activation</span> <span class="o">==</span> <span class="m">0</span> <span class="o">||</span> <span class="p">(</span><span class="n">side</span> <span class="o">==</span> <span class="s">"SELL"</span> <span class="o">&amp;&amp;</span> <span class="n">p</span> <span class="o">&gt;=</span> <span class="n">activation</span><span class="p">)</span> <span class="o">||</span> <span class="p">(</span><span class="n">side</span> <span class="o">==</span> <span class="s">"BUY"</span> <span class="o">&amp;&amp;</span> <span class="n">p</span> <span class="o">&lt;=</span> <span class="n">activation</span><span class="p">)</span> <span class="p">{</span> <span class="n">activated</span><span class="p">,</span> <span class="n">ref</span> <span class="o">=</span> <span class="no">true</span><span class="p">,</span> <span class="n">p</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[orchestrator] ativado em %.8f"</span><span class="p">,</span> <span class="n">p</span><span class="p">)</span> <span class="p">}</span> <span class="k">continue</span> <span class="p">}</span> <span class="k">if</span> <span class="n">side</span> <span class="o">==</span> <span class="s">"SELL"</span> <span class="p">{</span> <span class="k">if</span> <span class="n">p</span> <span class="o">&gt;</span> <span class="n">ref</span> <span class="p">{</span> <span class="n">ref</span> <span class="o">=</span> <span class="n">p</span> <span class="p">}</span> <span class="c">// atualiza topo</span> <span class="n">drop</span> <span class="o">:=</span> <span class="p">(</span><span class="n">ref</span> <span class="o">-</span> <span class="n">p</span><span class="p">)</span> <span class="o">/</span> <span class="n">ref</span> <span class="o">*</span> <span class="m">100</span> <span class="k">if</span> <span class="o">!</span><span class="n">fired</span> <span class="o">&amp;&amp;</span> <span class="n">drop</span> <span class="o">&gt;=</span> <span class="n">trailing</span> <span class="p">{</span> <span class="n">cmd</span> <span class="o">:=</span> <span class="n">types</span><span class="o">.</span><span class="n">PlaceOrder</span><span class="p">{</span> <span class="n">Symbol</span><span class="o">:</span> <span class="n">symbol</span><span class="p">,</span> <span class="n">Side</span><span class="o">:</span> <span class="s">"SELL"</span><span class="p">,</span> <span class="n">Qty</span><span class="o">:</span> <span class="n">qty</span><span class="p">,</span> <span class="n">Type</span><span class="o">:</span> <span class="s">"MARKET"</span> <span class="p">}</span> <span class="n">_</span> <span class="o">=</span> <span class="n">bus</span><span class="o">.</span><span class="n">PublishJSON</span><span class="p">(</span><span class="n">messaging</span><span class="o">.</span><span class="n">ExOrderCmds</span><span class="p">,</span> <span class="s">"place_order"</span><span class="p">,</span> <span class="n">cmd</span><span class="p">)</span> <span class="n">fired</span> <span class="o">=</span> <span class="no">true</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[orchestrator] disparo SELL: topo=%.8f atual=%.8f queda=%.4f%%"</span><span class="p">,</span> <span class="n">ref</span><span class="p">,</span> <span class="n">p</span><span class="p">,</span> <span class="n">drop</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="c">// BUY</span> <span class="k">if</span> <span class="n">ref</span> <span class="o">==</span> <span class="m">0</span> <span class="o">||</span> <span class="n">p</span> <span class="o">&lt;</span> <span class="n">ref</span> <span class="p">{</span> <span class="n">ref</span> <span class="o">=</span> <span class="n">p</span> <span class="p">}</span> <span class="c">// guarda fundo</span> <span class="n">rise</span> <span class="o">:=</span> <span class="p">(</span><span class="n">p</span> <span class="o">-</span> <span class="n">ref</span><span class="p">)</span> <span class="o">/</span> <span class="n">math</span><span class="o">.</span><span class="n">Max</span><span class="p">(</span><span class="n">ref</span><span class="p">,</span> <span class="m">1e-9</span><span class="p">)</span> <span class="o">*</span> <span class="m">100</span> <span class="k">if</span> <span class="o">!</span><span class="n">fired</span> <span class="o">&amp;&amp;</span> <span class="n">rise</span> <span class="o">&gt;=</span> <span class="n">trailing</span> <span class="p">{</span> <span class="n">cmd</span> <span class="o">:=</span> <span class="n">types</span><span class="o">.</span><span class="n">PlaceOrder</span><span class="p">{</span> <span class="n">Symbol</span><span class="o">:</span> <span class="n">symbol</span><span class="p">,</span> <span class="n">Side</span><span class="o">:</span> <span class="s">"BUY"</span><span class="p">,</span> <span class="n">Qty</span><span class="o">:</span> <span class="n">qty</span><span class="p">,</span> <span class="n">Type</span><span class="o">:</span> <span class="s">"MARKET"</span> <span class="p">}</span> <span class="n">_</span> <span class="o">=</span> <span class="n">bus</span><span class="o">.</span><span class="n">PublishJSON</span><span class="p">(</span><span class="n">messaging</span><span class="o">.</span><span class="n">ExOrderCmds</span><span class="p">,</span> <span class="s">"place_order"</span><span class="p">,</span> <span class="n">cmd</span><span class="p">)</span> <span class="n">fired</span> <span class="o">=</span> <span class="no">true</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[orchestrator] disparo BUY: fundo=%.8f atual=%.8f alta=%.4f%%"</span><span class="p">,</span> <span class="n">ref</span><span class="p">,</span> <span class="n">p</span><span class="p">,</span> <span class="n">rise</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Decisão</strong>: a estratégia roda <strong>dentro do orquestrador</strong> (e não na corretora). Isso nos dá controle total, facilita simulação e permite trocar regras sem tocar em MarketData ou Orders.</p> <h2> 6. Orders: a ponte com a corretora </h2> <h3> <code>cmd/order/main.go</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"context"</span> <span class="s">"encoding/json"</span> <span class="s">"log"</span> <span class="s">"os"</span> <span class="s">"strconv"</span> <span class="n">binance</span> <span class="s">"github.com/adshao/go-binance/v2"</span> <span class="s">"github.com/sertaoseracloud/trailingstop-bc/internal/messaging"</span> <span class="s">"github.com/sertaoseracloud/trailingstop-bc/internal/types"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">(){</span> <span class="k">if</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"BINANCE_TESTNET"</span><span class="p">)</span> <span class="o">==</span> <span class="s">"true"</span> <span class="p">{</span> <span class="n">binance</span><span class="o">.</span><span class="n">UseTestnet</span> <span class="o">=</span> <span class="no">true</span> <span class="p">}</span> <span class="n">apiKey</span><span class="p">,</span> <span class="n">apiSecret</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"BINANCE_API_KEY"</span><span class="p">),</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"BINANCE_API_SECRET"</span><span class="p">)</span> <span class="n">bus</span> <span class="o">:=</span> <span class="n">messaging</span><span class="o">.</span><span class="n">MustBus</span><span class="p">();</span> <span class="k">defer</span> <span class="n">bus</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="n">msgs</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">bus</span><span class="o">.</span><span class="n">ConsumeDirect</span><span class="p">(</span><span class="n">messaging</span><span class="o">.</span><span class="n">ExOrderCmds</span><span class="p">,</span> <span class="s">"orders.place"</span><span class="p">,</span> <span class="s">"place_order"</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">client</span> <span class="o">:=</span> <span class="n">binance</span><span class="o">.</span><span class="n">NewClient</span><span class="p">(</span><span class="n">apiKey</span><span class="p">,</span> <span class="n">apiSecret</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[order] pronto (testnet=%v)"</span><span class="p">,</span> <span class="n">binance</span><span class="o">.</span><span class="n">UseTestnet</span><span class="p">)</span> <span class="k">for</span> <span class="n">d</span> <span class="o">:=</span> <span class="k">range</span> <span class="n">msgs</span> <span class="p">{</span> <span class="k">var</span> <span class="n">cmd</span> <span class="n">types</span><span class="o">.</span><span class="n">PlaceOrder</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">Unmarshal</span><span class="p">(</span><span class="n">d</span><span class="o">.</span><span class="n">Body</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">cmd</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">continue</span> <span class="p">}</span> <span class="n">res</span> <span class="o">:=</span> <span class="n">types</span><span class="o">.</span><span class="n">OrderResult</span><span class="p">{</span> <span class="n">Symbol</span><span class="o">:</span> <span class="n">cmd</span><span class="o">.</span><span class="n">Symbol</span><span class="p">,</span> <span class="n">Side</span><span class="o">:</span> <span class="n">cmd</span><span class="o">.</span><span class="n">Side</span><span class="p">,</span> <span class="n">Ts</span><span class="o">:</span> <span class="n">types</span><span class="o">.</span><span class="n">NowMs</span><span class="p">()</span> <span class="p">}</span> <span class="k">if</span> <span class="n">apiKey</span> <span class="o">==</span> <span class="s">""</span> <span class="o">||</span> <span class="n">apiSecret</span> <span class="o">==</span> <span class="s">""</span> <span class="p">{</span> <span class="n">res</span><span class="o">.</span><span class="n">Status</span><span class="p">,</span> <span class="n">res</span><span class="o">.</span><span class="n">FilledQty</span> <span class="o">=</span> <span class="s">"SIMULATED"</span><span class="p">,</span> <span class="n">cmd</span><span class="o">.</span><span class="n">Qty</span> <span class="n">_</span> <span class="o">=</span> <span class="n">bus</span><span class="o">.</span><span class="n">PublishJSON</span><span class="p">(</span><span class="n">messaging</span><span class="o">.</span><span class="n">ExOrderEvts</span><span class="p">,</span> <span class="s">""</span><span class="p">,</span> <span class="n">res</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[order] (simulado) %s %f %s"</span><span class="p">,</span> <span class="n">cmd</span><span class="o">.</span><span class="n">Side</span><span class="p">,</span> <span class="n">cmd</span><span class="o">.</span><span class="n">Qty</span><span class="p">,</span> <span class="n">cmd</span><span class="o">.</span><span class="n">Symbol</span><span class="p">)</span> <span class="k">continue</span> <span class="p">}</span> <span class="n">sideType</span> <span class="o">:=</span> <span class="n">binance</span><span class="o">.</span><span class="n">SideTypeSell</span><span class="p">;</span> <span class="k">if</span> <span class="n">cmd</span><span class="o">.</span><span class="n">Side</span> <span class="o">==</span> <span class="s">"BUY"</span> <span class="p">{</span> <span class="n">sideType</span> <span class="o">=</span> <span class="n">binance</span><span class="o">.</span><span class="n">SideTypeBuy</span> <span class="p">}</span> <span class="n">svc</span> <span class="o">:=</span> <span class="n">client</span><span class="o">.</span><span class="n">NewCreateOrderService</span><span class="p">()</span><span class="o">.</span> <span class="n">Symbol</span><span class="p">(</span><span class="n">cmd</span><span class="o">.</span><span class="n">Symbol</span><span class="p">)</span><span class="o">.</span> <span class="n">Side</span><span class="p">(</span><span class="n">sideType</span><span class="p">)</span><span class="o">.</span> <span class="n">Type</span><span class="p">(</span><span class="n">binance</span><span class="o">.</span><span class="n">OrderTypeMarket</span><span class="p">)</span><span class="o">.</span> <span class="n">Quantity</span><span class="p">(</span><span class="n">strconv</span><span class="o">.</span><span class="n">FormatFloat</span><span class="p">(</span><span class="n">cmd</span><span class="o">.</span><span class="n">Qty</span><span class="p">,</span> <span class="sc">'f'</span><span class="p">,</span> <span class="o">-</span><span class="m">1</span><span class="p">,</span> <span class="m">64</span><span class="p">))</span> <span class="n">ord</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">svc</span><span class="o">.</span><span class="n">Do</span><span class="p">(</span><span class="n">context</span><span class="o">.</span><span class="n">Background</span><span class="p">())</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">res</span><span class="o">.</span><span class="n">Status</span><span class="p">,</span> <span class="n">res</span><span class="o">.</span><span class="n">Error</span> <span class="o">=</span> <span class="s">"REJECTED"</span><span class="p">,</span> <span class="n">err</span><span class="o">.</span><span class="n">Error</span><span class="p">()</span> <span class="n">_</span> <span class="o">=</span> <span class="n">bus</span><span class="o">.</span><span class="n">PublishJSON</span><span class="p">(</span><span class="n">messaging</span><span class="o">.</span><span class="n">ExOrderEvts</span><span class="p">,</span> <span class="s">""</span><span class="p">,</span> <span class="n">res</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[order] erro: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">continue</span> <span class="p">}</span> <span class="n">res</span><span class="o">.</span><span class="n">Status</span><span class="p">,</span> <span class="n">res</span><span class="o">.</span><span class="n">OrderID</span> <span class="o">=</span> <span class="kt">string</span><span class="p">(</span><span class="n">ord</span><span class="o">.</span><span class="n">Status</span><span class="p">),</span> <span class="n">ord</span><span class="o">.</span><span class="n">OrderID</span> <span class="n">_</span> <span class="o">=</span> <span class="n">bus</span><span class="o">.</span><span class="n">PublishJSON</span><span class="p">(</span><span class="n">messaging</span><span class="o">.</span><span class="n">ExOrderEvts</span><span class="p">,</span> <span class="s">""</span><span class="p">,</span> <span class="n">res</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[order] enviado %s qty=%s symbol=%s id=%d status=%s"</span><span class="p">,</span> <span class="n">cmd</span><span class="o">.</span><span class="n">Side</span><span class="p">,</span> <span class="n">ord</span><span class="o">.</span><span class="n">OrigQuantity</span><span class="p">,</span> <span class="n">cmd</span><span class="o">.</span><span class="n">Symbol</span><span class="p">,</span> <span class="n">ord</span><span class="o">.</span><span class="n">OrderID</span><span class="p">,</span> <span class="n">ord</span><span class="o">.</span><span class="n">Status</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Decisões</strong></p> <ul> <li> <strong>Dry-run automático</strong>: sem chaves, o serviço publica um <code>OrderResult</code> simulado.</li> <li> <strong>MARKET por simplicidade</strong>: evita detalhes de <em>filters</em>; você pode evoluir para ordens nativas de trailing depois.</li> </ul> <h2> 7. Observabilidade (OpenTelemetry) </h2> <h3> <code>internal/tracing/otel.go</code> (exemplo mínimo) </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">tracing</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"context"</span> <span class="s">"log"</span> <span class="s">"go.opentelemetry.io/otel"</span> <span class="s">"go.opentelemetry.io/otel/exporters/stdout/stdouttrace"</span> <span class="n">sdktrace</span> <span class="s">"go.opentelemetry.io/otel/sdk/trace"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">Init</span><span class="p">()</span> <span class="k">func</span><span class="p">(</span><span class="n">context</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="kt">error</span> <span class="p">{</span> <span class="n">exp</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">stdouttrace</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">stdouttrace</span><span class="o">.</span><span class="n">WithPrettyPrint</span><span class="p">())</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"otel exporter: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">tp</span> <span class="o">:=</span> <span class="n">sdktrace</span><span class="o">.</span><span class="n">NewTracerProvider</span><span class="p">(</span> <span class="n">sdktrace</span><span class="o">.</span><span class="n">WithBatcher</span><span class="p">(</span><span class="n">exp</span><span class="p">),</span> <span class="p">)</span> <span class="n">otel</span><span class="o">.</span><span class="n">SetTracerProvider</span><span class="p">(</span><span class="n">tp</span><span class="p">)</span> <span class="k">return</span> <span class="n">tp</span><span class="o">.</span><span class="n">Shutdown</span> <span class="p">}</span> </code></pre> </div> <p><strong>Por quê?</strong></p> <ul> <li>Facilita acompanhar o caminho de uma ordem e diagnosticar gargalos.</li> </ul> <h2> 8. Docker Compose e configuração </h2> <h3> <code>.env.example</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>AMQP_URL=amqp://guest:guest@rabbitmq:5672/ SYMBOL=BTCUSDT BINANCE_TESTNET=true SIDE=SELL QTY=0.001 TRAILING_PERCENT=1.0 ACTIVATION_PRICE=0 BINANCE_API_KEY= BINANCE_API_SECRET= </code></pre> </div> <h3> <code>docker-compose.yml</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">version</span><span class="pi">:</span> <span class="s2">"</span><span class="s">3.9"</span> <span class="na">services</span><span class="pi">:</span> <span class="na">rabbitmq</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">rabbitmq:3.12-management</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">5672:5672"</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">15672:15672"</span> <span class="na">healthcheck</span><span class="pi">:</span> <span class="na">test</span><span class="pi">:</span> <span class="pi">[</span><span class="s2">"</span><span class="s">CMD"</span><span class="pi">,</span> <span class="s2">"</span><span class="s">rabbitmq-diagnostics"</span><span class="pi">,</span> <span class="s2">"</span><span class="s">-q"</span><span class="pi">,</span> <span class="s2">"</span><span class="s">ping"</span><span class="pi">]</span> <span class="na">interval</span><span class="pi">:</span> <span class="s">10s</span> <span class="na">timeout</span><span class="pi">:</span> <span class="s">5s</span> <span class="na">retries</span><span class="pi">:</span> <span class="m">5</span> <span class="na">marketdata</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">./cmd/marketdata</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">AMQP_URL=${AMQP_URL}</span> <span class="pi">-</span> <span class="s">SYMBOL=${SYMBOL}</span> <span class="pi">-</span> <span class="s">BINANCE_TESTNET=${BINANCE_TESTNET}</span> <span class="na">depends_on</span><span class="pi">:</span> <span class="na">rabbitmq</span><span class="pi">:</span> <span class="na">condition</span><span class="pi">:</span> <span class="s">service_healthy</span> <span class="na">orchestrator</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">./cmd/orchestrator</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">AMQP_URL=${AMQP_URL}</span> <span class="pi">-</span> <span class="s">SYMBOL=${SYMBOL}</span> <span class="pi">-</span> <span class="s">SIDE=${SIDE}</span> <span class="pi">-</span> <span class="s">QTY=${QTY}</span> <span class="pi">-</span> <span class="s">TRAILING_PERCENT=${TRAILING_PERCENT}</span> <span class="pi">-</span> <span class="s">ACTIVATION_PRICE=${ACTIVATION_PRICE}</span> <span class="na">depends_on</span><span class="pi">:</span> <span class="na">rabbitmq</span><span class="pi">:</span> <span class="na">condition</span><span class="pi">:</span> <span class="s">service_healthy</span> <span class="na">order</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">./cmd/order</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">AMQP_URL=${AMQP_URL}</span> <span class="pi">-</span> <span class="s">BINANCE_TESTNET=${BINANCE_TESTNET}</span> <span class="pi">-</span> <span class="s">BINANCE_API_KEY=${BINANCE_API_KEY}</span> <span class="pi">-</span> <span class="s">BINANCE_API_SECRET=${BINANCE_API_SECRET}</span> <span class="na">depends_on</span><span class="pi">:</span> <span class="na">rabbitmq</span><span class="pi">:</span> <span class="na">condition</span><span class="pi">:</span> <span class="s">service_healthy</span> </code></pre> </div> <p><strong>Dicas rápidas</strong></p> <ul> <li>UI do RabbitMQ em <code>http://localhost:15672</code> (guest/guest).</li> <li>Escale serviços conforme a carga: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> docker compose up <span class="nt">--build</span> <span class="nt">--scale</span> <span class="nv">orchestrator</span><span class="o">=</span>2 <span class="nt">--scale</span> <span class="nv">order</span><span class="o">=</span>2 </code></pre> </div> <h2> 9. Rodando e validando </h2> <ol> <li>Crie o <code>.env</code> a partir do exemplo e ajuste parâmetros.</li> <li>Suba tudo com <code>docker compose up --build</code>.</li> <li>Observe nos logs:</li> </ol> <ul> <li> <code>marketdata</code>: conexão WS e publicação de <code>PriceTick</code>.</li> <li> <code>orchestrator</code>: ativação da estratégia, atualização de topo/fundo e <strong>disparo</strong> quando <code>TRAILING_PERCENT</code> é atingido.</li> <li> <code>order</code>: ordem <strong>simulada</strong> (sem chaves) ou <strong>real</strong> (com chaves), seguido de <code>OrderResult</code>.</li> </ul> <p><strong>Sanidade</strong>: se o mercado estiver parado, ajuste <code>TRAILING_PERCENT</code> para valores menores ou teste em outro <code>SYMBOL</code>.</p> <h2> 10. Para onde ir a partir daqui </h2> <ul> <li> <strong>Trailing nativo</strong>: migrar envio para tipos de ordem que aceitam <code>trailingDelta</code>.</li> <li> <strong>Múltiplos pares</strong>: instâncias por símbolo com <em>routing key</em> específica.</li> <li> <strong>Persistência</strong>: salvar estado do trailing (Redis/Postgres) para tolerância a falhas.</li> <li> <strong>Observabilidade pro</strong>: Prometheus + Grafana, traces para latências por etapa.</li> </ul> <h2> Conclusão </h2> <p>Você construiu um bot de trailing stop <strong>moderno</strong>, <strong>desacoplado</strong> e <strong>observável</strong>. Mais importante: entendeu <strong>por que</strong> cada peça existe. A partir daqui, dá para adaptar a estratégia, integrar novas exchanges, ou evoluir para ordens nativas — tudo sem desmontar o resto do sistema. Bora operar com segurança e arquitetura bem pensada? 🙌</p> <h2> 💡Curtiu? </h2> <p>Se quiser trocar ideia sobre IA, cloud e arquitetura, me segue nas redes:</p> <ul> <li><a href="https://olink.ai/sertaoseracloud" rel="noopener noreferrer">Redes Sociais</a></li> <li><a href="https://github.com/sertaoseracloud/poc-sidecar-go" rel="noopener noreferrer">⭐ Repo no GitHub</a></li> </ul> <p>Publico conteúdos técnicos direto do campo de batalha. E quando descubro uma ferramenta que economiza tempo e resolve bem, como essa, você fica sabendo também.</p> web3 eventdriven ddd programming E-mails de verificação com AWS SES + Lambda (Node.js) e Terraform: do zero ao envio Cláudio Filipe Lima Rapôso Mon, 18 Aug 2025 21:43:30 +0000 https://forem.com/sertaoseracloud/e-mails-de-verificacao-com-aws-ses-lambda-nodejs-e-terraform-do-zero-ao-envio-20fo https://forem.com/sertaoseracloud/e-mails-de-verificacao-com-aws-ses-lambda-nodejs-e-terraform-do-zero-ao-envio-20fo <p>Eu quero te levar do zero até uma solução <strong>funcional</strong> de verificação de e-mail, sem depender de servidores próprios. Vamos usar <strong>AWS SES</strong> para enviar os e-mails, <strong>DynamoDB</strong> para guardar tokens com <strong>TTL</strong>, e <strong>AWS Lambda</strong> (Node.js) para orquestrar tudo. A infraestrutura nasce com <strong>Terraform</strong> usando <strong>módulos</strong> separados (SES, DynamoDB, IAM, Lambda), mantendo o código limpo e fácil de evoluir.</p> <h2> O problema e a solução </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj2g43ttqej406cbahkic.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj2g43ttqej406cbahkic.png" alt="Solução" width="800" height="601"></a></p> <p>Toda aplicação que cria contas precisa <strong>verificar e-mails</strong>. Fazer isso na unha costuma gerar acoplamento, scripts soltos e dor de cabeça com credenciais. Aqui eu:</p> <ul> <li>Provisiono a infraestrutura <strong>como código</strong>.</li> <li>Centralizo envios no <strong>SES</strong> com remetente verificado.</li> <li>Persisto tokens no <strong>DynamoDB</strong> com <strong>expiração automática</strong> via TTL.</li> <li> <p>Exponho uma <strong>Lambda</strong> com <strong>Function URL</strong> que:</p> <ul> <li> <code>POST /send</code>: gera token, salva no DynamoDB e envia e-mail de verificação.</li> <li> <code>GET /verify?email=...&amp;token=...</code>: valida token e marca como verificado.</li> </ul> </li> </ul> <p>Resultado: um fluxo completo, <strong>serverless</strong>, barato e pronto para plugar no front-end.</p> <blockquote> <p>Observação importante: se sua conta SES estiver em <strong>sandbox</strong>, você precisa <strong>verificar o remetente</strong> e também os <strong>destinatários</strong> de teste, ou usar o <strong>mailbox simulator</strong>. Quando for para produção, peça saída de sandbox. </p> </blockquote> <h2> Arquitetura (visão rápida) </h2> <ul> <li> <strong>Lambda (Node.js)</strong> com Function URL pública.</li> <li> <strong>SES</strong> com identidade de e-mail verificada (remetente).</li> <li> <strong>DynamoDB</strong> com chave composta <code>pk</code> (e-mail) + <code>sk</code> (token) e <code>expiresAt</code> como TTL.</li> <li> <strong>IAM Roles/Policies</strong> mínimos: DynamoDB R/W na tabela e SES <code>SendEmail</code>.</li> </ul> <h2> Pré-requisitos </h2> <ul> <li>Node.js 18+ (usarei runtime <strong>nodejs20.x</strong> na Lambda).</li> <li>Terraform 1.6+.</li> <li>AWS CLI configurado.</li> <li>Uma caixa de e-mail para verificar como remetente no SES.</li> </ul> <h2> Estrutura de pastas </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>ses-dynamodb-lambda-verification/ infra/ main.tf variables.tf outputs.tf modules/ ses/ main.tf variables.tf outputs.tf dynamodb/ main.tf variables.tf outputs.tf iam/ main.tf variables.tf outputs.tf lambda/ main.tf variables.tf outputs.tf app/ package.json src/ core/env.js domain/types.js services/email/email-client.js services/email/email-service.js services/token/token-service.js services/store/repository.js usecases/send-verification.js usecases/verify-token.js handler.js build.sh </code></pre> </div> <p>Eu separei responsabilidades por <strong>módulos Terraform</strong> e <strong>camadas de código</strong> na Lambda, seguindo <strong>SOLID/DRY/YAGNI</strong>.</p> <h2> Infra com Terraform </h2> <h3> 1) Root: <code>infra/main.tf</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">terraform</span> <span class="p">{</span> <span class="nx">required_version</span> <span class="p">=</span> <span class="s2">"&gt;= 1.6.0"</span> <span class="nx">required_providers</span> <span class="p">{</span> <span class="nx">aws</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"hashicorp/aws"</span> <span class="nx">version</span> <span class="p">=</span> <span class="s2">"~&gt; 5.50"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">provider</span> <span class="s2">"aws"</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">aws_region</span> <span class="p">}</span> <span class="nx">locals</span> <span class="p">{</span> <span class="nx">name_prefix</span> <span class="p">=</span> <span class="s2">"${var.project_name}-${var.environment}"</span> <span class="p">}</span> <span class="nx">module</span> <span class="s2">"ses"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"./modules/ses"</span> <span class="nx">sender_email</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">sender_email</span> <span class="nx">name_prefix</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">name_prefix</span> <span class="p">}</span> <span class="nx">module</span> <span class="s2">"dynamodb"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"./modules/dynamodb"</span> <span class="nx">table_name</span> <span class="p">=</span> <span class="s2">"${local.name_prefix}-verifications"</span> <span class="p">}</span> <span class="nx">module</span> <span class="s2">"iam"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"./modules/iam"</span> <span class="nx">name_prefix</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">name_prefix</span> <span class="nx">dynamodb_table_arn</span> <span class="p">=</span> <span class="nx">module</span><span class="p">.</span><span class="nx">dynamodb</span><span class="p">.</span><span class="nx">table_arn</span> <span class="nx">ses_send_actions</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ses:SendEmail"</span><span class="p">,</span> <span class="s2">"ses:SendRawEmail"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">module</span> <span class="s2">"lambda"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"./modules/lambda"</span> <span class="nx">name_prefix</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">name_prefix</span> <span class="nx">role_arn</span> <span class="p">=</span> <span class="nx">module</span><span class="p">.</span><span class="nx">iam</span><span class="p">.</span><span class="nx">lambda_role_arn</span> <span class="nx">artifact_path</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">lambda_artifact_path</span> <span class="nx">env_map</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">TABLE_NAME</span> <span class="p">=</span> <span class="nx">module</span><span class="p">.</span><span class="nx">dynamodb</span><span class="p">.</span><span class="nx">table_name</span> <span class="nx">SES_SENDER</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">sender_email</span> <span class="nx">VERIFY_BASE_URL</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">verify_base_url</span> <span class="nx">TOKEN_TTL_SECONDS</span> <span class="p">=</span> <span class="nx">tostring</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">token_ttl_seconds</span><span class="p">)</span> <span class="nx">AWS_NODEJS_CONNECTION_REUSE_ENABLED</span> <span class="p">=</span> <span class="s2">"1"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"function_url"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">module</span><span class="p">.</span><span class="nx">lambda</span><span class="p">.</span><span class="nx">function_url</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"URL pública da Lambda"</span> <span class="p">}</span> </code></pre> </div> <h3> 2) Root: <code>infra/variables.tf</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"aws_region"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"project_name"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"environment"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"sender_email"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"verify_base_url"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span><span class="p">,</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">""</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"lambda_artifact_path"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"token_ttl_seconds"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">number</span><span class="p">,</span> <span class="nx">default</span> <span class="p">=</span> <span class="mi">900</span> <span class="p">}</span> </code></pre> </div> <h3> 3) Root: <code>infra/outputs.tf</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"table_name"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">module</span><span class="p">.</span><span class="nx">dynamodb</span><span class="p">.</span><span class="nx">table_name</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"function_url"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">module</span><span class="p">.</span><span class="nx">lambda</span><span class="p">.</span><span class="nx">function_url</span> <span class="p">}</span> </code></pre> </div> <h3> Módulo SES: <code>infra/modules/ses/main.tf</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"sender_email"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"name_prefix"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_sesv2_email_identity"</span> <span class="s2">"this"</span> <span class="p">{</span> <span class="nx">email_identity</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">sender_email</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"identity_arn"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_sesv2_email_identity</span><span class="p">.</span><span class="nx">this</span><span class="p">.</span><span class="nx">arn</span> <span class="p">}</span> </code></pre> </div> <blockquote> <p>A identidade de e-mail do SES v2 é gerenciada pelo recurso <code>aws_sesv2_email_identity</code>. </p> </blockquote> <h3> Módulo DynamoDB: <code>infra/modules/dynamodb/main.tf</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"table_name"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_dynamodb_table"</span> <span class="s2">"this"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">table_name</span> <span class="nx">billing_mode</span> <span class="p">=</span> <span class="s2">"PAY_PER_REQUEST"</span> <span class="nx">hash_key</span> <span class="p">=</span> <span class="s2">"pk"</span> <span class="nx">range_key</span> <span class="p">=</span> <span class="s2">"sk"</span> <span class="nx">attribute</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"pk"</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"S"</span> <span class="p">}</span> <span class="nx">attribute</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"sk"</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"S"</span> <span class="p">}</span> <span class="nx">ttl</span> <span class="p">{</span> <span class="nx">attribute_name</span> <span class="p">=</span> <span class="s2">"expiresAt"</span> <span class="nx">enabled</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"table_name"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_dynamodb_table</span><span class="p">.</span><span class="nx">this</span><span class="p">.</span><span class="nx">name</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"table_arn"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_dynamodb_table</span><span class="p">.</span><span class="nx">this</span><span class="p">.</span><span class="nx">arn</span> <span class="p">}</span> </code></pre> </div> <blockquote> <p>O bloco <code>ttl { attribute_name = "expiresAt" enabled = true }</code> habilita expiração automática de itens. A remoção é assíncrona e não consome WCU. </p> </blockquote> <h3> Módulo IAM: <code>infra/modules/iam/main.tf</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"name_prefix"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"dynamodb_table_arn"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"ses_send_actions"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="p">}</span> <span class="nx">data</span> <span class="s2">"aws_iam_policy_document"</span> <span class="s2">"assume"</span> <span class="p">{</span> <span class="nx">statement</span> <span class="p">{</span> <span class="nx">actions</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"sts:AssumeRole"</span><span class="p">]</span> <span class="nx">principals</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"Service"</span> <span class="nx">identifiers</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"lambda.amazonaws.com"</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_iam_role"</span> <span class="s2">"lambda"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"${var.name_prefix}-lambda-role"</span> <span class="nx">assume_role_policy</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_iam_policy_document</span><span class="p">.</span><span class="nx">assume</span><span class="p">.</span><span class="nx">json</span> <span class="p">}</span> <span class="nx">data</span> <span class="s2">"aws_iam_policy_document"</span> <span class="s2">"lambda_policy"</span> <span class="p">{</span> <span class="nx">statement</span> <span class="p">{</span> <span class="nx">actions</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ses_send_actions</span> <span class="nx">resources</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"*"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">statement</span> <span class="p">{</span> <span class="nx">actions</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"dynamodb:PutItem"</span><span class="p">,</span> <span class="s2">"dynamodb:GetItem"</span><span class="p">,</span> <span class="s2">"dynamodb:UpdateItem"</span><span class="p">]</span> <span class="nx">resources</span> <span class="p">=</span> <span class="p">[</span><span class="nx">var</span><span class="p">.</span><span class="nx">dynamodb_table_arn</span><span class="p">]</span> <span class="p">}</span> <span class="nx">statement</span> <span class="p">{</span> <span class="nx">actions</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"logs:CreateLogGroup"</span><span class="p">,</span> <span class="s2">"logs:CreateLogStream"</span><span class="p">,</span> <span class="s2">"logs:PutLogEvents"</span><span class="p">]</span> <span class="nx">resources</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"*"</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_iam_policy"</span> <span class="s2">"lambda_inline"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"${var.name_prefix}-lambda-policy"</span> <span class="nx">policy</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_iam_policy_document</span><span class="p">.</span><span class="nx">lambda_policy</span><span class="p">.</span><span class="nx">json</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_iam_role_policy_attachment"</span> <span class="s2">"attach"</span> <span class="p">{</span> <span class="nx">role</span> <span class="p">=</span> <span class="nx">aws_iam_role</span><span class="p">.</span><span class="nx">lambda</span><span class="p">.</span><span class="nx">name</span> <span class="nx">policy_arn</span> <span class="p">=</span> <span class="nx">aws_iam_policy</span><span class="p">.</span><span class="nx">lambda_inline</span><span class="p">.</span><span class="nx">arn</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"lambda_role_arn"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_iam_role</span><span class="p">.</span><span class="nx">lambda</span><span class="p">.</span><span class="nx">arn</span> <span class="p">}</span> </code></pre> </div> <h3> Módulo Lambda: <code>infra/modules/lambda/main.tf</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"name_prefix"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"role_arn"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"artifact_path"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"env_map"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_lambda_function"</span> <span class="s2">"app"</span> <span class="p">{</span> <span class="nx">function_name</span> <span class="p">=</span> <span class="s2">"${var.name_prefix}-verification"</span> <span class="nx">role</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">role_arn</span> <span class="nx">filename</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">artifact_path</span> <span class="nx">handler</span> <span class="p">=</span> <span class="s2">"handler.handler"</span> <span class="nx">runtime</span> <span class="p">=</span> <span class="s2">"nodejs20.x"</span> <span class="nx">timeout</span> <span class="p">=</span> <span class="mi">10</span> <span class="nx">memory_size</span> <span class="p">=</span> <span class="mi">256</span> <span class="nx">environment</span> <span class="p">{</span> <span class="nx">variables</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">env_map</span> <span class="p">}</span> <span class="nx">source_code_hash</span> <span class="p">=</span> <span class="nx">filebase64sha256</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">artifact_path</span><span class="p">)</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_lambda_function_url"</span> <span class="s2">"public"</span> <span class="p">{</span> <span class="nx">function_name</span> <span class="p">=</span> <span class="nx">aws_lambda_function</span><span class="p">.</span><span class="nx">app</span><span class="p">.</span><span class="nx">function_name</span> <span class="nx">authorization_type</span> <span class="p">=</span> <span class="s2">"NONE"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"function_name"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_lambda_function</span><span class="p">.</span><span class="nx">app</span><span class="p">.</span><span class="nx">function_name</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"function_url"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_lambda_function_url</span><span class="p">.</span><span class="nx">public</span><span class="p">.</span><span class="nx">function_url</span> <span class="p">}</span> </code></pre> </div> <blockquote> <p>Function URL deixa a Lambda acessível por HTTP diretamente, com <code>authorization_type = "NONE"</code> para simplificar o teste. </p> </blockquote> <h2> Lambda (Node.js) — código de aplicação </h2> <h3> <code>app/package.json</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"email-verification"</span><span class="p">,</span><span class="w"> </span><span class="nl">"version"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1.0.0"</span><span class="p">,</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"module"</span><span class="p">,</span><span class="w"> </span><span class="nl">"main"</span><span class="p">:</span><span class="w"> </span><span class="s2">"src/handler.js"</span><span class="p">,</span><span class="w"> </span><span class="nl">"scripts"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"zip"</span><span class="p">:</span><span class="w"> </span><span class="s2">"rm -f function.zip &amp;&amp; cd app &amp;&amp; zip -r ../function.zip . -x </span><span class="se">\"</span><span class="s2">*.zip</span><span class="se">\"</span><span class="s2">"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"dependencies"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"@aws-sdk/client-sesv2"</span><span class="p">:</span><span class="w"> </span><span class="s2">"^3.640.0"</span><span class="p">,</span><span class="w"> </span><span class="nl">"@aws-sdk/client-dynamodb"</span><span class="p">:</span><span class="w"> </span><span class="s2">"^3.640.0"</span><span class="p">,</span><span class="w"> </span><span class="nl">"@aws-sdk/lib-dynamodb"</span><span class="p">:</span><span class="w"> </span><span class="s2">"^3.640.0"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <blockquote> <p>A Lambda usa <strong>SESv2</strong> com <code>SendEmailCommand</code> do SDK v3. </p> </blockquote> <h3> <code>app/src/core/env.js</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">export</span> <span class="kd">const</span> <span class="nx">env</span> <span class="o">=</span> <span class="p">{</span> <span class="na">tableName</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">TABLE_NAME</span><span class="p">,</span> <span class="na">sender</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">SES_SENDER</span><span class="p">,</span> <span class="na">verifyBaseUrl</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">VERIFY_BASE_URL</span> <span class="o">||</span> <span class="dl">""</span><span class="p">,</span> <span class="na">tokenTtlSeconds</span><span class="p">:</span> <span class="nc">Number</span><span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">TOKEN_TTL_SECONDS</span> <span class="o">||</span> <span class="dl">"</span><span class="s2">900</span><span class="dl">"</span><span class="p">)</span> <span class="p">};</span> </code></pre> </div> <h3> <code>app/src/domain/types.js</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">export</span> <span class="kd">const</span> <span class="nx">Status</span> <span class="o">=</span> <span class="nb">Object</span><span class="p">.</span><span class="nf">freeze</span><span class="p">({</span> <span class="na">Pending</span><span class="p">:</span> <span class="dl">"</span><span class="s2">pending</span><span class="dl">"</span><span class="p">,</span> <span class="na">Verified</span><span class="p">:</span> <span class="dl">"</span><span class="s2">verified</span><span class="dl">"</span> <span class="p">});</span> </code></pre> </div> <h3> <code>app/src/services/token/token-service.js</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="nx">crypto</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">crypto</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">function</span> <span class="nf">generateToken</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">crypto</span><span class="p">.</span><span class="nf">randomBytes</span><span class="p">(</span><span class="mi">32</span><span class="p">).</span><span class="nf">toString</span><span class="p">(</span><span class="dl">"</span><span class="s2">base64url</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">function</span> <span class="nf">expirationEpoch</span><span class="p">(</span><span class="nx">secondsFromNow</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">now</span> <span class="o">=</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">floor</span><span class="p">(</span><span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="o">/</span> <span class="mi">1000</span><span class="p">);</span> <span class="k">return</span> <span class="nx">now</span> <span class="o">+</span> <span class="nx">secondsFromNow</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <h3> <code>app/src/services/email/email-client.js</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">SESv2Client</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/client-sesv2</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">function</span> <span class="nf">makeSes</span><span class="p">(</span><span class="nx">region</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nc">SESv2Client</span><span class="p">({</span> <span class="nx">region</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <h3> <code>app/src/services/email/email-service.js</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">SendEmailCommand</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/client-sesv2</span><span class="dl">"</span><span class="p">;</span> <span class="kd">function</span> <span class="nf">subject</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="dl">"</span><span class="s2">Confirme seu e-mail</span><span class="dl">"</span><span class="p">;</span> <span class="p">}</span> <span class="kd">function</span> <span class="nf">htmlBody</span><span class="p">(</span><span class="nx">link</span><span class="p">,</span> <span class="nx">token</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">link</span> <span class="p">?</span> <span class="s2">`&lt;p&gt;Obrigado por se cadastrar.&lt;/p&gt;&lt;p&gt;Clique para verificar: &lt;a href="</span><span class="p">${</span><span class="nx">link</span><span class="p">}</span><span class="s2">"&gt;</span><span class="p">${</span><span class="nx">link</span><span class="p">}</span><span class="s2">&lt;/a&gt;&lt;/p&gt;&lt;p&gt;Ou use este token: &lt;b&gt;</span><span class="p">${</span><span class="nx">token</span><span class="p">}</span><span class="s2">&lt;/b&gt;&lt;/p&gt;`</span> <span class="p">:</span> <span class="s2">`&lt;p&gt;Obrigado por se cadastrar.&lt;/p&gt;&lt;p&gt;Use este token para verificar: &lt;b&gt;</span><span class="p">${</span><span class="nx">token</span><span class="p">}</span><span class="s2">&lt;/b&gt;&lt;/p&gt;`</span><span class="p">;</span> <span class="p">}</span> <span class="kd">function</span> <span class="nf">textBody</span><span class="p">(</span><span class="nx">link</span><span class="p">,</span> <span class="nx">token</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">link</span> <span class="p">?</span> <span class="s2">`Obrigado por se cadastrar.\nVerifique seu e-mail: </span><span class="p">${</span><span class="nx">link</span><span class="p">}</span><span class="s2">\nToken: </span><span class="p">${</span><span class="nx">token</span><span class="p">}</span><span class="s2">`</span> <span class="p">:</span> <span class="s2">`Obrigado por se cadastrar.\nToken de verificação: </span><span class="p">${</span><span class="nx">token</span><span class="p">}</span><span class="s2">`</span><span class="p">;</span> <span class="p">}</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">sendVerificationEmail</span><span class="p">({</span> <span class="nx">ses</span><span class="p">,</span> <span class="nx">sender</span><span class="p">,</span> <span class="nx">to</span><span class="p">,</span> <span class="nx">link</span><span class="p">,</span> <span class="nx">token</span> <span class="p">})</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">input</span> <span class="o">=</span> <span class="p">{</span> <span class="na">FromEmailAddress</span><span class="p">:</span> <span class="nx">sender</span><span class="p">,</span> <span class="na">Destination</span><span class="p">:</span> <span class="p">{</span> <span class="na">ToAddresses</span><span class="p">:</span> <span class="p">[</span><span class="nx">to</span><span class="p">]</span> <span class="p">},</span> <span class="na">Content</span><span class="p">:</span> <span class="p">{</span> <span class="na">Simple</span><span class="p">:</span> <span class="p">{</span> <span class="na">Subject</span><span class="p">:</span> <span class="p">{</span> <span class="na">Data</span><span class="p">:</span> <span class="nf">subject</span><span class="p">()</span> <span class="p">},</span> <span class="na">Body</span><span class="p">:</span> <span class="p">{</span> <span class="na">Html</span><span class="p">:</span> <span class="p">{</span> <span class="na">Data</span><span class="p">:</span> <span class="nf">htmlBody</span><span class="p">(</span><span class="nx">link</span><span class="p">,</span> <span class="nx">token</span><span class="p">)</span> <span class="p">},</span> <span class="na">Text</span><span class="p">:</span> <span class="p">{</span> <span class="na">Data</span><span class="p">:</span> <span class="nf">textBody</span><span class="p">(</span><span class="nx">link</span><span class="p">,</span> <span class="nx">token</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">};</span> <span class="k">await</span> <span class="nx">ses</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="k">new</span> <span class="nc">SendEmailCommand</span><span class="p">(</span><span class="nx">input</span><span class="p">));</span> <span class="p">}</span> </code></pre> </div> <h3> <code>app/src/services/store/repository.js</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">DynamoDBClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/client-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">DynamoDBDocumentClient</span><span class="p">,</span> <span class="nx">PutCommand</span><span class="p">,</span> <span class="nx">GetCommand</span><span class="p">,</span> <span class="nx">UpdateCommand</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/lib-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">function</span> <span class="nf">makeRepo</span><span class="p">(</span><span class="nx">tableName</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">ddb</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">DynamoDBClient</span><span class="p">({});</span> <span class="kd">const</span> <span class="nx">doc</span> <span class="o">=</span> <span class="nx">DynamoDBDocumentClient</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="nx">ddb</span><span class="p">);</span> <span class="k">return</span> <span class="p">{</span> <span class="k">async</span> <span class="nf">putPending</span><span class="p">({</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">token</span><span class="p">,</span> <span class="nx">expiresAt</span> <span class="p">})</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">item</span> <span class="o">=</span> <span class="p">{</span> <span class="na">pk</span><span class="p">:</span> <span class="nx">email</span><span class="p">,</span> <span class="na">sk</span><span class="p">:</span> <span class="nx">token</span><span class="p">,</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">pending</span><span class="dl">"</span><span class="p">,</span> <span class="nx">expiresAt</span> <span class="p">};</span> <span class="k">await</span> <span class="nx">doc</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="k">new</span> <span class="nc">PutCommand</span><span class="p">({</span> <span class="na">TableName</span><span class="p">:</span> <span class="nx">tableName</span><span class="p">,</span> <span class="na">Item</span><span class="p">:</span> <span class="nx">item</span><span class="p">,</span> <span class="na">ConditionExpression</span><span class="p">:</span> <span class="dl">"</span><span class="s2">attribute_not_exists(pk) AND attribute_not_exists(sk)</span><span class="dl">"</span> <span class="p">}));</span> <span class="k">return</span> <span class="nx">item</span><span class="p">;</span> <span class="p">},</span> <span class="k">async</span> <span class="nf">getOne</span><span class="p">({</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">token</span> <span class="p">})</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">res</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">doc</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="k">new</span> <span class="nc">GetCommand</span><span class="p">({</span> <span class="na">TableName</span><span class="p">:</span> <span class="nx">tableName</span><span class="p">,</span> <span class="na">Key</span><span class="p">:</span> <span class="p">{</span> <span class="na">pk</span><span class="p">:</span> <span class="nx">email</span><span class="p">,</span> <span class="na">sk</span><span class="p">:</span> <span class="nx">token</span> <span class="p">}</span> <span class="p">}));</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">Item</span> <span class="o">||</span> <span class="kc">null</span><span class="p">;</span> <span class="p">},</span> <span class="k">async</span> <span class="nf">markVerified</span><span class="p">({</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">token</span> <span class="p">})</span> <span class="p">{</span> <span class="k">await</span> <span class="nx">doc</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="k">new</span> <span class="nc">UpdateCommand</span><span class="p">({</span> <span class="na">TableName</span><span class="p">:</span> <span class="nx">tableName</span><span class="p">,</span> <span class="na">Key</span><span class="p">:</span> <span class="p">{</span> <span class="na">pk</span><span class="p">:</span> <span class="nx">email</span><span class="p">,</span> <span class="na">sk</span><span class="p">:</span> <span class="nx">token</span> <span class="p">},</span> <span class="na">UpdateExpression</span><span class="p">:</span> <span class="dl">"</span><span class="s2">SET #s = :v</span><span class="dl">"</span><span class="p">,</span> <span class="na">ExpressionAttributeNames</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">#s</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">status</span><span class="dl">"</span> <span class="p">},</span> <span class="na">ExpressionAttributeValues</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">:v</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">verified</span><span class="dl">"</span> <span class="p">}</span> <span class="p">}));</span> <span class="p">}</span> <span class="p">};</span> <span class="p">}</span> </code></pre> </div> <h3> <code>app/src/usecases/send-verification.js</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">generateToken</span><span class="p">,</span> <span class="nx">expirationEpoch</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../services/token/token-service.js</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">sendVerification</span><span class="p">({</span> <span class="nx">repo</span><span class="p">,</span> <span class="nx">emailService</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">baseUrl</span><span class="p">,</span> <span class="nx">ttlSeconds</span><span class="p">,</span> <span class="nx">sender</span> <span class="p">})</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="nf">generateToken</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">expiresAt</span> <span class="o">=</span> <span class="nf">expirationEpoch</span><span class="p">(</span><span class="nx">ttlSeconds</span><span class="p">);</span> <span class="k">await</span> <span class="nx">repo</span><span class="p">.</span><span class="nf">putPending</span><span class="p">({</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">token</span><span class="p">,</span> <span class="nx">expiresAt</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">link</span> <span class="o">=</span> <span class="nx">baseUrl</span> <span class="p">?</span> <span class="s2">`</span><span class="p">${</span><span class="nx">baseUrl</span><span class="p">.</span><span class="nf">replace</span><span class="p">(</span><span class="sr">/</span><span class="se">\/</span><span class="sr">$/</span><span class="p">,</span> <span class="dl">""</span><span class="p">)}</span><span class="s2">/verify?email=</span><span class="p">${</span><span class="nf">encodeURIComponent</span><span class="p">(</span><span class="nx">email</span><span class="p">)}</span><span class="s2">&amp;token=</span><span class="p">${</span><span class="nf">encodeURIComponent</span><span class="p">(</span><span class="nx">token</span><span class="p">)}</span><span class="s2">`</span> <span class="p">:</span> <span class="dl">""</span><span class="p">;</span> <span class="k">await</span> <span class="nx">emailService</span><span class="p">.</span><span class="nf">send</span><span class="p">({</span> <span class="na">to</span><span class="p">:</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">token</span><span class="p">,</span> <span class="nx">link</span><span class="p">,</span> <span class="nx">sender</span> <span class="p">});</span> <span class="k">return</span> <span class="p">{</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">expiresAt</span><span class="p">,</span> <span class="na">linkPresent</span><span class="p">:</span> <span class="nc">Boolean</span><span class="p">(</span><span class="nx">link</span><span class="p">)</span> <span class="p">};</span> <span class="p">}</span> </code></pre> </div> <h3> <code>app/src/usecases/verify-token.js</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">verifyToken</span><span class="p">({</span> <span class="nx">repo</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">token</span> <span class="p">})</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">item</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">repo</span><span class="p">.</span><span class="nf">getOne</span><span class="p">({</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">token</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">item</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="na">ok</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">reason</span><span class="p">:</span> <span class="dl">"</span><span class="s2">invalid</span><span class="dl">"</span> <span class="p">};</span> <span class="k">if </span><span class="p">(</span><span class="nx">item</span><span class="p">.</span><span class="nx">expiresAt</span> <span class="o">&amp;&amp;</span> <span class="nx">item</span><span class="p">.</span><span class="nx">expiresAt</span> <span class="o">&lt;</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">floor</span><span class="p">(</span><span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="o">/</span> <span class="mi">1000</span><span class="p">))</span> <span class="k">return</span> <span class="p">{</span> <span class="na">ok</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">reason</span><span class="p">:</span> <span class="dl">"</span><span class="s2">expired</span><span class="dl">"</span> <span class="p">};</span> <span class="k">await</span> <span class="nx">repo</span><span class="p">.</span><span class="nf">markVerified</span><span class="p">({</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">token</span> <span class="p">});</span> <span class="k">return</span> <span class="p">{</span> <span class="na">ok</span><span class="p">:</span> <span class="kc">true</span> <span class="p">};</span> <span class="p">}</span> </code></pre> </div> <h3> <code>app/src/handler.js</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">env</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./core/env.js</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">makeRepo</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./services/store/repository.js</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">makeSes</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./services/email/email-client.js</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">emailSvc</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./services/email/email-service.js</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">sendVerification</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./usecases/send-verification.js</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">verifyToken</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./usecases/verify-token.js</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">repo</span> <span class="o">=</span> <span class="nf">makeRepo</span><span class="p">(</span><span class="nx">env</span><span class="p">.</span><span class="nx">tableName</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">ses</span> <span class="o">=</span> <span class="nf">makeSes</span><span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">AWS_REGION</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">emailService</span> <span class="o">=</span> <span class="p">{</span> <span class="na">send</span><span class="p">:</span> <span class="p">({</span> <span class="nx">to</span><span class="p">,</span> <span class="nx">token</span><span class="p">,</span> <span class="nx">link</span><span class="p">,</span> <span class="nx">sender</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="nx">emailSvc</span><span class="p">.</span><span class="nf">sendVerificationEmail</span><span class="p">({</span> <span class="nx">ses</span><span class="p">,</span> <span class="na">sender</span><span class="p">:</span> <span class="nx">sender</span> <span class="o">||</span> <span class="nx">env</span><span class="p">.</span><span class="nx">sender</span><span class="p">,</span> <span class="nx">to</span><span class="p">,</span> <span class="nx">link</span><span class="p">,</span> <span class="nx">token</span> <span class="p">})</span> <span class="p">};</span> <span class="kd">function</span> <span class="nf">json</span><span class="p">(</span><span class="nx">status</span><span class="p">,</span> <span class="nx">body</span><span class="p">,</span> <span class="nx">headers</span> <span class="o">=</span> <span class="p">{})</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">statusCode</span><span class="p">:</span> <span class="nx">status</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">content-type</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">application/json</span><span class="dl">"</span><span class="p">,</span> <span class="p">...</span><span class="nx">headers</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">body</span><span class="p">)</span> <span class="p">};</span> <span class="p">}</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">handler</span><span class="p">(</span><span class="nx">event</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">rawPath</span> <span class="o">=</span> <span class="nx">event</span><span class="p">.</span><span class="nx">rawPath</span> <span class="o">||</span> <span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">method</span> <span class="o">=</span> <span class="nx">event</span><span class="p">.</span><span class="nx">requestContext</span><span class="p">?.</span><span class="nx">http</span><span class="p">?.</span><span class="nx">method</span> <span class="o">||</span> <span class="dl">"</span><span class="s2">GET</span><span class="dl">"</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="nx">method</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span> <span class="o">&amp;&amp;</span> <span class="nx">rawPath</span><span class="p">.</span><span class="nf">endsWith</span><span class="p">(</span><span class="dl">"</span><span class="s2">/send</span><span class="dl">"</span><span class="p">))</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">body</span> <span class="o">=</span> <span class="k">typeof</span> <span class="nx">event</span><span class="p">.</span><span class="nx">body</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">string</span><span class="dl">"</span> <span class="p">?</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">body</span> <span class="o">||</span> <span class="dl">"</span><span class="s2">{}</span><span class="dl">"</span><span class="p">)</span> <span class="p">:</span> <span class="nx">event</span><span class="p">.</span><span class="nx">body</span> <span class="o">||</span> <span class="p">{};</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">body</span><span class="p">?.</span><span class="nx">email</span><span class="p">)</span> <span class="k">return</span> <span class="nf">json</span><span class="p">(</span><span class="mi">400</span><span class="p">,</span> <span class="p">{</span> <span class="na">error</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email_required</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">sendVerification</span><span class="p">({</span> <span class="nx">repo</span><span class="p">,</span> <span class="nx">emailService</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="nx">body</span><span class="p">.</span><span class="nx">email</span><span class="p">,</span> <span class="na">baseUrl</span><span class="p">:</span> <span class="nx">env</span><span class="p">.</span><span class="nx">verifyBaseUrl</span><span class="p">,</span> <span class="na">ttlSeconds</span><span class="p">:</span> <span class="nx">env</span><span class="p">.</span><span class="nx">tokenTtlSeconds</span><span class="p">,</span> <span class="na">sender</span><span class="p">:</span> <span class="nx">env</span><span class="p">.</span><span class="nx">sender</span> <span class="p">});</span> <span class="k">return</span> <span class="nf">json</span><span class="p">(</span><span class="mi">202</span><span class="p">,</span> <span class="p">{</span> <span class="na">email</span><span class="p">:</span> <span class="nx">result</span><span class="p">.</span><span class="nx">email</span><span class="p">,</span> <span class="na">expiresAt</span><span class="p">:</span> <span class="nx">result</span><span class="p">.</span><span class="nx">expiresAt</span><span class="p">,</span> <span class="na">linkIncluded</span><span class="p">:</span> <span class="nx">result</span><span class="p">.</span><span class="nx">linkPresent</span> <span class="p">});</span> <span class="p">}</span> <span class="k">if </span><span class="p">(</span><span class="nx">method</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">GET</span><span class="dl">"</span> <span class="o">&amp;&amp;</span> <span class="nx">rawPath</span><span class="p">.</span><span class="nf">endsWith</span><span class="p">(</span><span class="dl">"</span><span class="s2">/verify</span><span class="dl">"</span><span class="p">))</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">qs</span> <span class="o">=</span> <span class="nx">event</span><span class="p">.</span><span class="nx">rawQueryString</span> <span class="o">||</span> <span class="dl">""</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">params</span> <span class="o">=</span> <span class="nb">Object</span><span class="p">.</span><span class="nf">fromEntries</span><span class="p">(</span><span class="k">new</span> <span class="nc">URLSearchParams</span><span class="p">(</span><span class="nx">qs</span><span class="p">).</span><span class="nf">entries</span><span class="p">());</span> <span class="kd">const</span> <span class="nx">email</span> <span class="o">=</span> <span class="nx">params</span><span class="p">.</span><span class="nx">email</span> <span class="o">||</span> <span class="dl">""</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="nx">params</span><span class="p">.</span><span class="nx">token</span> <span class="o">||</span> <span class="dl">""</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">email</span> <span class="o">||</span> <span class="o">!</span><span class="nx">token</span><span class="p">)</span> <span class="k">return</span> <span class="nf">json</span><span class="p">(</span><span class="mi">400</span><span class="p">,</span> <span class="p">{</span> <span class="na">error</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email_and_token_required</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">res</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">verifyToken</span><span class="p">({</span> <span class="nx">repo</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">token</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">res</span><span class="p">.</span><span class="nx">ok</span><span class="p">)</span> <span class="k">return</span> <span class="nf">json</span><span class="p">(</span><span class="mi">400</span><span class="p">,</span> <span class="p">{</span> <span class="na">verified</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">reason</span><span class="p">:</span> <span class="nx">res</span><span class="p">.</span><span class="nx">reason</span> <span class="p">});</span> <span class="k">return</span> <span class="nf">json</span><span class="p">(</span><span class="mi">200</span><span class="p">,</span> <span class="p">{</span> <span class="na">verified</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="p">}</span> <span class="k">return</span> <span class="nf">json</span><span class="p">(</span><span class="mi">404</span><span class="p">,</span> <span class="p">{</span> <span class="na">error</span><span class="p">:</span> <span class="dl">"</span><span class="s2">not_found</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <h2> Build do artefato da Lambda </h2> <h3> <code>app/build.sh</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/usr/bin/env bash</span> <span class="nb">set</span> <span class="nt">-euo</span> pipefail <span class="nb">cd</span> <span class="s2">"</span><span class="si">$(</span><span class="nb">dirname</span> <span class="s2">"</span><span class="nv">$0</span><span class="s2">"</span><span class="si">)</span><span class="s2">"</span> npm ci <span class="nb">cd</span> .. <span class="nb">rm</span> <span class="nt">-f</span> <span class="k">function</span>.zip <span class="nb">cd </span>app zip <span class="nt">-r</span> ../function.zip <span class="nb">.</span> <span class="nt">-x</span> <span class="s2">"*.zip"</span> </code></pre> </div> <p>Esse zip contém <code>src/</code> e <code>node_modules</code>. O handler é <code>handler.handler</code> como configurado.</p> <h2> Deploy: passo a passo </h2> <ol> <li>Ajuste variáveis:</li> </ol> <p>Crie um arquivo <code>infra/terraform.tfvars</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">aws_region</span> <span class="err">=</span> <span class="s2">"us-east-1"</span> <span class="nx">project_name</span> <span class="err">=</span> <span class="s2">"email-verify"</span> <span class="nx">environment</span> <span class="err">=</span> <span class="s2">"dev"</span> <span class="nx">sender_email</span> <span class="err">=</span> <span class="s2">"seu-remetente@dominio.com"</span> <span class="nx">lambda_artifact_path</span> <span class="err">=</span> <span class="s2">"../function.zip"</span> <span class="nx">token_ttl_seconds</span> <span class="err">=</span> <span class="mi">900</span> <span class="nx">verify_base_url</span> <span class="err">=</span> <span class="s2">""</span> <span class="c1"># deixe vazio por agora, ou coloque a URL que fará o GET /verify</span> </code></pre> </div> <ol> <li><p>Verifique/prepare o remetente no SES (console) ou com Terraform do módulo <code>ses</code>. Se a conta estiver em sandbox, verifique também o destinatário de teste. </p></li> <li><p>Gere o pacote da Lambda:<br> </p></li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bash app/build.sh </code></pre> </div> <ol> <li>Aplique Terraform: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">cd </span>infra terraform init terraform apply <span class="nt">-auto-approve</span> </code></pre> </div> <ol> <li>Copie a <strong>Function URL</strong> de saída.</li> </ol> <p>Se quiser que o e-mail traga o link direto de verificação apontando para a própria Lambda, defina <code>verify_base_url</code> igual à Function URL e rode:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>terraform apply <span class="nt">-var</span><span class="o">=</span><span class="s2">"verify_base_url=</span><span class="si">$(</span>terraform output <span class="nt">-raw</span> function_url<span class="si">)</span><span class="s2">"</span> <span class="nt">-auto-approve</span> </code></pre> </div> <h2> Como testar (curl, Postman e AWS CLI) </h2> <h3> 1) Disparar e-mail de verificação </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">FUNCTION_URL</span><span class="o">=</span><span class="si">$(</span>terraform <span class="nt">-chdir</span><span class="o">=</span>infra output <span class="nt">-raw</span> function_url<span class="si">)</span> curl <span class="nt">-s</span> <span class="nt">-X</span> POST <span class="s2">"</span><span class="nv">$FUNCTION_URL</span><span class="s2">/send"</span> <span class="se">\</span> <span class="nt">-H</span> <span class="s2">"content-type: application/json"</span> <span class="se">\</span> <span class="nt">-d</span> <span class="s1">'{"email":"destinatario@exemplo.com"}'</span> | jq </code></pre> </div> <p>Resposta esperada:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"destinatario@exemplo.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"expiresAt"</span><span class="p">:</span><span class="w"> </span><span class="mi">1724099999</span><span class="p">,</span><span class="w"> </span><span class="nl">"linkIncluded"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Se <code>verify_base_url</code> estiver vazio, <code>linkIncluded</code> será <code>false</code> e o corpo do e-mail trará apenas o token.</p> <blockquote> <p>O envio usa a operação <strong>SESv2 SendEmail</strong> do SDK v3. </p> </blockquote> <h3> 2) Validar o token </h3> <p>Pegue o link no e-mail (se configurado) ou recupere o token no próprio e-mail. Então:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-s</span> <span class="s2">"</span><span class="nv">$FUNCTION_URL</span><span class="s2">/verify?email=destinatario@exemplo.com&amp;token=SEU_TOKEN"</span> | jq </code></pre> </div> <p>Resposta esperada em sucesso:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"verified"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Falhas retornam HTTP 400 com <code>reason</code> igual a <code>invalid</code> ou <code>expired</code>.</p> <h3> 3) Conferir no DynamoDB com AWS CLI </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>aws dynamodb get-item <span class="se">\</span> <span class="nt">--table-name</span> <span class="si">$(</span>terraform <span class="nt">-chdir</span><span class="o">=</span>infra output <span class="nt">-raw</span> table_name<span class="si">)</span> <span class="se">\</span> <span class="nt">--key</span> <span class="s1">'{"pk":{"S":"destinatario@exemplo.com"}, "sk":{"S":"SEU_TOKEN"}}'</span> </code></pre> </div> <p>Você vai ver <code>status</code> mudando para <code>verified</code>. Se estiver aguardando expiração, lembre que o <strong>TTL é assíncrono</strong>; a remoção pode levar algum tempo. </p> <h2> Custos, limites e produção </h2> <ul> <li>DynamoDB com <strong>PAY_PER_REQUEST</strong> e TTL tem custo muito baixo no cenário de verificação.</li> <li>Lambda é cobrada por invocação e tempo de execução, tipicamente centavos.</li> <li>SES em <strong>sandbox</strong> limita destinatários e throughput; para produção, solicite <strong>saída de sandbox</strong>. </li> <li>Para domínios próprios, prefira <strong>identidade de domínio</strong> e configure DKIM/SPF; aqui usei <strong>identidade por e-mail</strong> para simplificar o início. </li> </ul> <h2> Próximos passos </h2> <ul> <li>Substituir a Function URL por <strong>API Gateway</strong> com authorizers.</li> <li>Adicionar template HTML rico e <strong>Configuration Set</strong> do SES (monitoramento, IP pool gerenciado). </li> <li>Colocar a verificação atrás de um domínio customizado e TLS, com <strong>CloudFront + Function URL</strong> ou API Gateway.</li> </ul> <p>Com isso, você tem um <strong>pipeline completo de verificação de e-mail</strong>, IaC de ponta a ponta e uma Lambda enxuta pronta para conectar ao seu front-end.</p> <h2> 💡Curtiu? </h2> <p>Se quiser trocar ideia sobre IA, cloud e arquitetura, me segue nas redes:</p> <ul> <li><a href="https://olink.ai/sertaoseracloud" rel="noopener noreferrer">Redes Sociais</a></li> <li><a href="https://github.com/sertaoseracloud/poc-sidecar-go" rel="noopener noreferrer">⭐ Repo no GitHub</a></li> </ul> <p>Publico conteúdos técnicos direto do campo de batalha. E quando descubro uma ferramenta que economiza tempo e resolve bem, como essa, você fica sabendo também.</p> <h2> Referências </h2> <p>Daniel, G. (2025, August 9). <em>AWS SES with a NestJS Backend to Send Email Verifications</em>. DEV Community. <a href="https://dev.to/aws-builders/aws-ses-with-a-nestjs-backend-to-send-email-verifications-2l9h">https://dev.to/aws-builders/aws-ses-with-a-nestjs-backend-to-send-email-verifications-2l9h</a> (<a href="https://dev.to/aws-builders/aws-ses-with-a-nestjs-backend-to-send-email-verifications-2l9h?utm_source=chatgpt.com">DEV Community</a>)</p> <p>Amazon Web Services. (n.d.). <em>Request production access (Moving out of the Amazon SES sandbox)</em>. In <em>Amazon Simple Email Service Developer Guide</em>. <a href="https://docs.aws.amazon.com/ses/latest/dg/request-production-access.html" rel="noopener noreferrer">https://docs.aws.amazon.com/ses/latest/dg/request-production-access.html</a> (<a href="https://docs.aws.amazon.com/ses/latest/dg/request-production-access.html?utm_source=chatgpt.com" rel="noopener noreferrer">AWS Documentation</a>)</p> <p>Amazon Web Services. (n.d.). <em>Verified identities in Amazon SES</em>. In <em>Amazon Simple Email Service Developer Guide</em>. <a href="https://docs.aws.amazon.com/ses/latest/dg/verify-addresses-and-domains.html" rel="noopener noreferrer">https://docs.aws.amazon.com/ses/latest/dg/verify-addresses-and-domains.html</a> (<a href="https://docs.aws.amazon.com/ses/latest/dg/verify-addresses-and-domains.html?utm_source=chatgpt.com" rel="noopener noreferrer">AWS Documentation</a>)</p> <p>Amazon Web Services. (n.d.). <em>Using time to live (TTL) in DynamoDB</em>. In <em>Amazon DynamoDB Developer Guide</em>. <a href="https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/TTL.html" rel="noopener noreferrer">https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/TTL.html</a> (<a href="https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/TTL.html?utm_source=chatgpt.com" rel="noopener noreferrer">AWS Documentation</a>)</p> <p>HashiCorp. (n.d.). <em>aws_lambda_function_url (Resource)</em>. <em>Terraform Registry</em>. <a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_url.html" rel="noopener noreferrer">https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_url.html</a> (<a href="https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_url.html?utm_source=chatgpt.com" rel="noopener noreferrer">Terraform Registry</a>)</p> <p>Amazon Web Services. (n.d.). <em>Creating and managing Lambda function URLs</em>. In <em>AWS Lambda Developer Guide</em>. <a href="https://docs.aws.amazon.com/lambda/latest/dg/urls-configuration.html" rel="noopener noreferrer">https://docs.aws.amazon.com/lambda/latest/dg/urls-configuration.html</a> (<a href="https://docs.aws.amazon.com/lambda/latest/dg/urls-configuration.html?utm_source=chatgpt.com" rel="noopener noreferrer">AWS Documentation</a>)</p> <p>Amazon Web Services. (n.d.). <em>SendEmailCommand (SESv2)</em>. In <em>AWS SDK for JavaScript v3 API Reference</em>. <a href="https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/sesv2-2019-09-27/SendEmail" rel="noopener noreferrer">https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/sesv2-2019-09-27/SendEmail</a> (<a href="https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/sesv2-2019-09-27/SendEmail?utm_source=chatgpt.com" rel="noopener noreferrer">AWS Documentation</a>)</p> <p>Amazon Web Services. (n.d.). <em>SESv2Client</em>. In <em>AWS SDK for JavaScript v3</em>. <a href="https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/sesv2" rel="noopener noreferrer">https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/sesv2</a> (<a href="https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/sesv2?utm_source=chatgpt.com" rel="noopener noreferrer">AWS Documentation</a>)</p> programming aws serverless lambda Microsoft lança cursos Gratuitos sobre IA Generativa Para iniciantes e para desenvolvedores JavaScript Cláudio Filipe Lima Rapôso Sat, 09 Aug 2025 01:06:30 +0000 https://forem.com/sertaoseracloud/microsoft-lanca-cursos-gratuitos-sobre-ia-generativa-para-iniciantes-e-para-desenvolvedores-25ae https://forem.com/sertaoseracloud/microsoft-lanca-cursos-gratuitos-sobre-ia-generativa-para-iniciantes-e-para-desenvolvedores-25ae <p>Neste artigo comparo dois cursos gratuitos da Microsoft, <strong>AI Agents for Beginners</strong> e <strong>Generative AI for Beginners with JavaScript</strong>. Eu os explorei a fundo porque queria compreender como cada um apresenta conceitos modernos de inteligência artificial para quem está começando. Descobri que o primeiro foca na criação de agentes controlados por modelos de linguagem, enquanto o segundo introduz IA generativa usando JavaScript.</p> <h2> AI Agents for Beginners </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9u4zz283wcn4g3j08anb.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9u4zz283wcn4g3j08anb.png" alt="AI Agents for Beginners" width="800" height="542"></a></p> <h3> Estrutura e conteúdos </h3> <p>O curso possui 11 lições independentes, cada uma com texto, vídeo curto e exemplos de código em Python. As lições vão desde conceitos básicos de agentes e padrões de projeto até o uso de retrieval augmented generation (RAG), design multifuncional e implantação. O conteúdo é traduzido automaticamente para vários idiomas, incluindo português.</p> <h3> Conteúdo técnico </h3> <p>O curso define agente de IA como um sistema com ambiente, sensores, atuadores, memória e ferramentas, permitindo que um modelo de linguagem execute ações. Aborda tipos como reflexo simples, baseado em modelo, orientado a metas e utilitário. Há comparação entre AutoGen, Semantic Kernel e Azure AI Agent Service.</p> <h3> Pontos fortes </h3> <ul> <li>Foco claro em design de agentes </li> <li>Integração com ferramentas Microsoft (Azure, Semantic Kernel, AutoGen) </li> <li>Material multimídia e multilingue </li> </ul> <h2> Generative AI for Beginners with JavaScript </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi1b7rtmzuk3daly2ra4v.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi1b7rtmzuk3daly2ra4v.png" alt="Generative AI for Beginners with JavaScript" width="800" height="411"></a></p> <h3> Estrutura e proposta </h3> <p>O curso tem narrativa gamificada: o aluno viaja no tempo e interage com figuras históricas. São 8 lições sobre IA generativa, desde conceitos de LLMs até engenharia de prompts e RAG. Inclui quizzes e exercícios práticos, com código em JavaScript executável no GitHub Codespaces.</p> <h3> Conteúdo técnico </h3> <p>A primeira lição apresenta fundamentos de IA generativa, exemplos de aplicação e um exemplo de endpoint de chat usando a API <code>gpt-4o-mini</code> do GitHub Models. As lições seguintes exploram engenharia de prompts, RAG e MCP.</p> <h3> Pontos fortes </h3> <ul> <li>Narrativa envolvente </li> <li>Foco em JavaScript e desenvolvimento web </li> <li>Exercícios práticos e quizzes </li> <li>Uso de modelos gratuitos no GitHub Models </li> </ul> <h2> Comparação e recomendações </h2> <p>Na minha visão, <strong>AI Agents for Beginners</strong> é ideal para quem quer mergulhar na arquitetura de agentes e já possui alguma experiência técnica, especialmente em Python e Azure. Já <strong>Generative AI for Beginners with JavaScript</strong> é mais indicado para iniciantes no desenvolvimento web que desejam aplicar IA generativa de forma prática e divertida.</p> <p>Se o objetivo é trabalhar com automação complexa e integração de múltiplos agentes, recomendo o primeiro. Se a meta é prototipar aplicações de IA generativa em JavaScript de forma rápida, o segundo curso é o caminho.</p> <h2> Referências </h2> <ul> <li>Microsoft. (2025a). <em>AI Agents for Beginners – A Course</em>. GitHub Pages. Recuperado em 8 de agosto de 2025, de <a href="https://microsoft.github.io/ai-agents-for-beginners/" rel="noopener noreferrer">https://microsoft.github.io/ai-agents-for-beginners/</a> </li> <li>Microsoft. (2025b). <em>Generative AI for Beginners with JavaScript</em>. GitHub Pages. Recuperado em 8 de agosto de 2025, de <a href="https://microsoft.github.io/generative-ai-with-javascript/#/" rel="noopener noreferrer">https://microsoft.github.io/generative-ai-with-javascript/#/</a> </li> <li>Microsoft Corporation. (2025a). <em>Introduction to AI Agents and Agent Use Cases</em>. Recuperado em 8 de agosto de 2025, de <a href="https://microsoft.github.io/ai-agents-for-beginners/01-intro-to-ai-agents/" rel="noopener noreferrer">https://microsoft.github.io/ai-agents-for-beginners/01-intro-to-ai-agents/</a> </li> <li>Microsoft Corporation. (2025b). <em>Intro to Generative AI</em>. Recuperado em 8 de agosto de 2025, de <a href="https://github.com/microsoft/generative-ai-with-javascript" rel="noopener noreferrer">https://github.com/microsoft/generative-ai-with-javascript</a> </li> </ul> programming javascript ai beginners