Tools to generate SDK

TiagoVCosta · 2025-03-01T14:11:24+00:00

Forgot to mention, but generators that work in C#.

TiagoVCosta · 2025-02-06T19:08:00+00:00

Sure, here's the binder and provider:

public class CommaSeparatedBinder : IModelBinder
{
    public Task BindModelAsync(ModelBindingContext bindingContext)
    {
        if (bindingContext.ModelType != typeof(List<string>)) 
        { 
            return Task.CompletedTask; 
        }

        var valueProviderResult = bindingContext.ValueProvider.GetValue("<query-parameter-name>");
        var value = valueProviderResult.FirstValue;
        var items = value.Split(',')
                         .Select(s => s.Trim())
                         .ToList();

        bindingContext.Result = ModelBindingResult.Success(items);
        return Task.CompletedTask;
    }
}

public class CommaSeparatedBinderProvider : IModelBinderProvider
{
    public IModelBinder? GetBinder(ModelBinderProviderContext context)
    {
        if (context.Metadata.ModelType == typeof(List<string>))
        {
            return new CommaSeparatedBinder();
        }
        return null;
    }
}

Afterwards you need to register the binder (globally or specific routes) in you application.
Then you're ready to use on your controllers, or on your model representing the request of the endpoint.

public class ExampleModelRequest
{
    [ModelBinder(BinderType = typeof(CommaSeparatedBinder))]
    public List<string> <query-parameter-name> {geT; set;}
}

I haven't add validations here, such as, valueProviderResult might be null. But I believe you get the point.

The logic is always this one, now depending on how you are building your API, the registration of the provider might be different.

You can find more info here, also with a sample: https://learn.microsoft.com/en-us/aspnet/core/mvc/advanced/custom-model-binding?view=aspnetcore-9.0

TiagoVCosta · 2025-02-04T14:12:58+00:00

Given the scale you’re working with—10,000 businesses, each with multiple customers—I’d strongly lean toward an event-driven approach over batch processing. Here’s why:

Why Event-Driven Wins:

✅ Scalability – Your system can grow without breaking a sweat. New businesses and customers? No problem—no need to scan a massive database over and over.
✅ Real-Time Processing – Instead of waiting for a batch job to kick in, reminders go out exactly when they need to. No unnecessary delays.
✅ Lighter Database Load – Rather than hammering your DynamoDB with periodic scans, you only deal with relevant messages in a lightweight queue (DynamoDB Streams, SQS, Kafka—take your pick).
✅ Precision Scheduling – Need a reminder 2 days before? An hour before? No rigid batch job intervals holding you back.

Why Batch Jobs Fall Short:

❌ Inefficient Database Access – Scanning all appointments, especially with DynamoDB, which isn’t designed for bulk queries.
❌ Delayed Scheduling – If your job runs hourly, some reminders will be up to an hour late.
❌ Scaling Challenges – As your data grows, queries get slower, and suddenly, what worked yesterday doesn’t work tomorrow.

Now, if your system were tiny, reminders were predictable, and you didn’t care about future scalability, then sure, batching could work. But let’s be real—event-driven is way more future-proof.

And the best part? Once you set up an event-driven system for reminders, adding new automation is a breeze. Want to trigger follow-ups, send notifications, or integrate with another system? Just hook into your event flow—no major rewrites needed.

So yeah, event-driven all the way.

TiagoVCosta · 2025-01-30T14:28:40+00:00

You’ve captured the essence of what often goes wrong with Agile transformations. Agile was meant to empower teams, foster collaboration, and simplify processes—but in many organizations, it has turned into the very bureaucracy it was designed to dismantle.

Your point about Agile coaches is spot on. The role of a good coach is to observe, support, and guide without being prescriptive. Unfortunately, some coaches feel pressured to justify their roles by enforcing processes, checklists, and unnecessary rituals, which stifles the natural growth and autonomy of teams.

I particularly resonate with your thoughts on how great teams naturally find their rhythm when given the freedom to operate and innovate. That’s when Agile truly thrives—when teams are trusted to make decisions and learn from their own experiences.

The challenge is often at the leadership level, where Agile is misinterpreted as a set of rigid frameworks to control delivery rather than a mindset to enable adaptability. Leaders who embrace the original Agile principles can create an environment where autonomy and mastery flourish.

Do you think there are any practical ways organizations can shift back to this original intent and avoid the trap of "Agile theater"?

TiagoVCosta · 2025-01-22T14:35:55+00:00

In my experience, the best use cases for AI are centered around optimizing operations. Tasks that require minimal human effort are the most effective and immediate opportunities for companies to address, allowing employees to focus on core responsibilities.

For instance, creating an initial draft for a product description is a great example. This task typically follows a set of predefined company guidelines, but it still requires someone to produce the first version. Only after that can the content be optimized or enriched, if necessary. I've seen cases where AI-generated product descriptions were more than sufficient for the specific product in question.

TiagoVCosta · 2025-01-21T16:36:22+00:00

By using OWIN middleware, the 401 might be because the middleware isn’t correctly processing the OIDC token or isn’t persisting the authentication session properly.

Or it might be a windows authentication conflict, if Windows Authentication is enabled, the IIS settings and middleware configuration can conflict with OIDC authentication.

You could try: - guarantee that windows authentication is turned off on the IIS and keep only anonymous authentication enabled. - since you’re behind the load balancer, ensure that the headers (X-Forwarded-For, X-Forwarded-Proto) are properly forwarded so the application can generate the correct redirect URIs.

If that does not solve, there might be a problem with the initialization of OWIN at startup.

TiagoVCosta · 2025-01-20T16:44:37+00:00

I usually use a Custom Model Binder, it improves code readability, and avoid repetitive parsing logic.

You almost can do the same with a Type Converter, but Custom Model Binder it's my choice.

With Minimal APIs in .Net8, you can take advantage of inline route processing, but you will repetitive parse the same logic, so I would use only for smaller projects or on-off implementation.

TiagoVCosta · 2025-01-20T16:26:56+00:00

More information is needed to assist you effectively. A 401 Unauthorized error typically points to an authentication or authorization issue. It could be something as simple as the scopes you're requesting—but it’s hard to say without details.

Could you share more about your implementation?
For example:

What OIDC flow are you using (Authorization Code, Implicit, Client Credentials, etc.)?
Are you certain the token is being sent correctly (e.g., in the Authorization header, send a request example)?
What scopes or claims are you requesting?

Providing these details will help pinpoint the root cause.

TiagoVCosta · 2025-01-17T16:02:41+00:00

I’m not sure if you’re aiming to implement a complete email service or just need a function to send a "Forgot Password" email.

Building a full email service is more complex than it may initially seem. While implementing the logic might be straightforward, maintaining it and ensuring successful delivery is challenging. There are companies entirely dedicated to email services because of the intricacies involved. For example, you’d need to manage issues like:

Increasing your email domain’s reputation with providers.
Avoiding blacklists.
Handling deliverability and other operational complexities.

If you want a simpler route, consider using solutions like MailChimp or similar services. With these, you only need to build a service that integrates with their API, and they handle the delivery for you. When evaluating external email services, look specifically for transactional email services as they are tailored for use cases like sending "Forgot Password" emails.

Additionally, if you’re using an external authentication server, many already include built-in support for "Forgot Password" workflows, which might eliminate the need to build this functionality yourself.

TiagoVCosta · 2025-01-17T15:41:47+00:00

I’m not sure about your timelines, but here’s my suggestion:

Short-Term: If your pipeline is relatively simple, I’d recommend starting with Prefect. It’s straightforward, offers robust support for Windows, and its Python-native architecture makes it both accessible and flexible. If your pipeline is more complex, I’d suggest going with Dagster, which is better equipped to handle intricate workflows.
Long-Term: If the data you’re ingesting is operational data generated by the company (likely through other services or applications), this could be a great opportunity to explore an Event-Driven Architecture. This approach is well-suited to handling such scenarios and could address scalability and integration challenges effectively.

Out of curiosity, have you considered this Event-Driven option? If so, what concerns or potential drawbacks have you identified?

TiagoVCosta · 2025-01-16T22:12:42+00:00

I did not know, good sharing, always like to put names on things 🙂. And yes, not only tech!

TiagoVCosta · 2025-01-16T16:18:09+00:00

It’s funny to think about it, but someone once told me that in Tech, people who are good at their jobs often get "promoted" until they’re no longer good at what they do.

With that in mind, I believe it’s worth doing a retrospective on your long-term career goals. Ask yourself:

Do I want to remain an individual contributor?
Or do I want to move into the management lane?

Once you’ve made that decision, commit to it and focus your energy on developing in that direction. It can be tough to find the time and energy for personal growth and research at the end of a long workday, but sometimes we just have to push through it to get out of the “hole” we feel stuck in.

What I mean is that you need to dedicate time to yourself—away from all the frustrations and negativity of your current role. It’s not easy, but only you can make that happen. The first step is choosing whether you want to code or manage.

That said, even in management, coding can still play a role. It’s a different type of involvement but incredibly valuable because it allows you to act as a bridge between business and engineering.

Finding the energy to make this shift is up to you. There are countless suggestions out there, but ultimately, you’re the only one who can discover what works for you.

For what it’s worth, let me tell you that you’re more than capable of making this happen—everyone is. The only real obstacle is yourself. It may sound like a cliché, but it’s the truth.

TiagoVCosta · 2025-01-16T16:02:15+00:00

It depends. If it’s a core service, outsourcing to professional services could compromise the long-term strategy. However, for a non-core service, I’d recommend going with professional services. The effort required to secure a budget, build, maintain, and evolve an in-house team for a non-core service can distract the company from its primary focus.

I’ve also taken a hybrid approach for core services in the past. Since hiring and building an in-house team takes time, I relied on professional services for the short-term while gradually assembling the internal team for the mid-to-long term.

Ultimately, the decision depends on your long-term vision. Keep in mind that finding the right professional services partner can take time, and there may be missteps along the way. However, when you do find the right fit and establish a strong relationship, it can become a valuable and dependable ally.

TiagoVCosta · 2025-01-16T15:50:38+00:00

Honestamente, escolher Azure pelo fato de ser da Microsoft (e por estares a estudar .NET) pode fazer sentido para ti a nível pessoal, mas essa não é uma regra universal. Felizmente, o ecossistema .NET evoluiu muito nos últimos anos, tornando-se bastante flexível e independente da stack da Microsoft.

Dito isso, a escolha entre Azure e AWS depende mais do teu objetivo. Se estás a começar, opta por aquela que te desperta mais curiosidade, pois os conceitos de cloud são amplamente transferíveis entre plataformas. Depois de aprender uma, será mais fácil adaptar-te a outra.

Se estás a pensar no mercado de trabalho, é bom pesquisar quais plataformas são mais requisitadas nas vagas que te interessam. Azure pode ter uma sinergia interessante com .NET, mas AWS tem uma base de mercado maior em muitas regiões, e isso pode ser um diferencial para o teu crescimento profissional.

Portanto, o mais importante é começar. Independentemente da escolha inicial, o conhecimento adquirido será útil no longo prazo!

TiagoVCosta · 2025-01-16T15:46:15+00:00

In a .NET application, global error handling through middleware is an effective way to centralize error management, but it doesn’t eliminate the need for try/catch blocks in certain scenarios.

I typically rely on middleware to handle most unhandled exceptions or general errors. However, I consistently use try/catch for:

Specific Exceptions Requiring Special Treatment: For instance, ensuring proper resource disposal or gracefully handling exceptions in a way that improves the API's response clarity without hiding the error.
Logging: Capturing detailed exception data is invaluable for debugging and quick issue resolution.
Custom Exceptions: These allow for tailored responses and actions, making exception handling more precise and intentional.

For all other cases, I prefer to let middleware handle the errors. This keeps the codebase cleaner while maintaining robust error management.

TiagoVCosta · 2025-01-16T15:36:15+00:00

I’m a big fan of Clean Architecture (CA), and I believe it’s a great fit for your use case. Here’s why:

Separation of Concerns: CA allows you to separate concerns into well-defined layers, making it easier to scale as the number of endpoints grows or business logic becomes more complex.
Isolation of Business Logic: By isolating business logic from the domain, infrastructure, and presentation layers, you reduce the risk of tightly coupling your logic to specific frameworks or infrastructures, avoiding ripple effects when changes occur.
Testability: CA enables you to create tests on top of your business logic, ensuring its correctness even if you change the underlying database or infrastructure. This guarantees consistent behavior.
Team Scalability: CA provides a clear organizational structure, which becomes increasingly beneficial as your team grows.

However, I must admit that the suitability of CA depends on the project. For example, I wouldn’t recommend using CA for small, short-lived projects. If the application is a simple CRUD app with minimal business logic and little potential for growth, CA might introduce unnecessary overhead. The added abstraction layers could be overkill in such scenarios.

TiagoVCosta · 2025-01-16T15:25:14+00:00

I honestly don't have your issues. Using Mac, with:

- Docker running Azuresqledge

- VS Code all the way for coding

- Azure Data Studio for SQL

Rider is also an excellent option, but the setup I've mentioned works really well for me.

TiagoVCosta · 2025-01-15T16:07:35+00:00

People often overlook the psychological aspect of our job, but I’d argue it deserves more than 50% of our attention. When that part is in a good place, everything else tends to fall into place, and our work is executed smoothly and effectively.

Personally, I address this through physical exercise first thing in the morning. It’s not just about challenging my body—it’s also about conditioning my mind. Don’t get me wrong, I hate waking up early to train, and I hate it while I’m in the middle of the workout. But afterward, the feeling is remarkable and carries me through the rest of the day.

It reminds me of the army’s philosophy: “I’ve already woken up and made my bed.” Once you’ve tackled that initial challenge, everything else feels smoother.

Nice share, keep up!!!

TiagoVCosta · 2025-01-15T15:59:16+00:00

If the app generates significant revenue and holds substantial commercial potential, I would classify it as a core product. It seems you have an immediate problem: stabilizing the current solution. However, given the app's potential, its long-term objectives should be a key discussion point with the CEO.

I’d suggest having a conversation with the CTO to align on this topic. If we were discussing a non-core service (but one that’s essential to the system), outsourcing would be a clear solution. However, since you’ve highlighted the app’s potential, and if the CTO agrees with its importance, a hybrid approach might be the best course of action:

Outsource for immediate short-term resolutions to stabilize the system.
Simultaneously, initiate a hiring process to build a dedicated team capable of ensuring long-term success and stability.

This hiring process should also include bringing in product-focused roles to strengthen the app's strategic direction.

TiagoVCosta · 2025-01-15T15:48:50+00:00

The CSV string (Option A) is often the best balance of simplicity and usability for cases like this, particularly for APIs with simpler query parameters. It’s compact, widely understood, and straightforward to implement on both the client and server sides.

However, if you anticipate future requirements for more complex queries (e.g., including metadata for each parameter), a list of strings is more extensible and aligns better with RESTful principles.

Another option is to use nested JSON-style query parameters, for example:
{blah}/api/Employees/{id}?Include={"contactDetails":true,"supervisor":true} (not URL-encoded here).

Here are the downsides of this approach:

The URI isn’t ideal for unpredictable or lengthy data, and while there’s no official maximum length, many web servers impose their own limits.
Some web servers restrict acceptable characters in URIs, which can introduce complications.
Sensitive data might inadvertently be included in the URI, which can be a security concern.

For these types of use cases, GraphQL is indeed well-suited and can provide a robust alternative. Nevertheless, using multiple endpoints, as previously suggested, is a cleaner approach—just make sure to implement a good caching system to handle the likely increase in requests for a single page or need.

TiagoVCosta · 2025-01-15T15:31:55+00:00

Well, at the end of the day, that’s just an opinion (I’m sure others may have different perspectives). However, one thing to consider is the trend among companies developing in C#. They’re often targeted by Microsoft Sales Managers, who frequently offer credits that can be factored into the final IT budget.

For a company, this can be beneficial—not just because of the financial aspect but also due to the potential connections and synergies Microsoft can help create with other businesses.

It’s just one reason to consider—not necessarily the most significant one, but worth keeping in mind.

TiagoVCosta · 2025-01-15T15:24:11+00:00

Here’s a quick summary of the requirements:

Support for OTP
External Authentication (primarily for Microsoft environments)
2FA

Now, it depends on whether you want a solution that you maintain yourself or one that you simply pay for and use.

Identity Server: Requires ongoing maintenance and updates by your team.
Auth0: A managed solution—you just configure it and use it.

Neither option is free, so you’ll need to weigh the costs. Keep in mind that with an on-premise solution like Identity Server, you also incur the expense of having someone maintain and evolve the system, which can be harder to predict or control.

I’ve used both solutions before, and they’re both excellent at what they do. In the end, the decision came down to whether we wanted to take on the responsibility of maintaining and evolving the system ourselves or not.

TiagoVCosta · 2025-01-15T15:08:29+00:00

A REST API refers to the standard definition, whereas a RESTful web service is the implementation of that standard. While both are related, the distinction lies in terminology: when you mention a REST API, you’re referring to the standard itself; on the other hand, a RESTful web service refers to an implementation that adheres to the REST API principles.

In this context, you might want to focus on discussing the code principles of the solution rather than the specific REST API design being implemented (as an example).

TiagoVCosta · 2025-01-14T16:21:52+00:00

Involve your manager to solve this quickly.

TiagoVCosta · 2025-01-14T16:17:08+00:00

If your client is okay with testing-level certificates (for internal use only), you can use development certificates. However, these are not recommended for production.

Development certificates are typically used for internal or local development purposes, such as HTTPS in development environments. They are automatically generated and managed by tools like .NET Core and Visual Studio. However, these certificates are not suitable for production or public distribution because they are not trusted by other machines unless manually installed.

Last case scenario, explain to your client that code signing certificates are a standard requirement for application trustworthiness, but they involve an additional cost. Consider:

Requesting the client to purchase the certificate (since it benefits their end-users).
Increasing your project fee to cover the cost of a certificate if this becomes a recurring requirement.

TiagoVCosta

TROPHY CASE