add: ajustes de pastas e testes

.gitignore

@@ -234,6 +234,7 @@ PublishScripts/
 # NuGet v3's project.json files produces more ignorable files
 *.nuget.props
 *.nuget.targets
+nuget.config
 
 # Microsoft Azure Build Output
 csx/

CampusWorkshops.Tests/CampusWorkshops.Tests.csproj

@@ -0,0 +1,27 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net9.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <IsPackable>false</IsPackable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="coverlet.collector" Version="6.0.2" />
+    <PackageReference Include="Microsoft.Extensions.TimeProvider.Testing" Version="9.10.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.12.0" />
+    <PackageReference Include="NSubstitute" Version="5.3.0" />
+    <PackageReference Include="xunit" Version="2.9.2" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.8.2" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <Using Include="Xunit" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\Workshop10-API\Workshop10-API.csproj" />
+  </ItemGroup>
+
+</Project>

CampusWorkshops.Tests/Registration/WorkshopRegistrationPolicyTests.cs

@@ -0,0 +1,101 @@
+
+// CampusWorkshops.Tests/Registration/RegistrationPolicyTests.cs
+using System;
+using CampusWorkshops.Api.Domain.Registration;
+using CampusWorkshops.Api.Models; // Workshop do seu projeto
+using Microsoft.Extensions.Time.Testing;
+using Xunit;
+
+namespace CampusWorkshops.Tests.Registration
+{
+    public class RegistrationPolicyTests
+    {
+        private static (RegistrationPolicy Policy, FakeTimeProvider Time) BuildSut(DateTimeOffset nowUtc)
+        {
+            var time = new FakeTimeProvider(nowUtc.UtcDateTime);
+            var policy = new RegistrationPolicy(time);
+            return (policy, time);
+        }
+
+        private static Workshop W(int capacity, DateTimeOffset startAt)
+            => new Workshop
+            {
+                Id = Guid.NewGuid(),
+                Title = "Qualquer título",
+                StartAt = startAt.UtcDateTime,     // se seu StartAt for DateTimeOffset, use .StartAt = startAt
+                EndAt = startAt.UtcDateTime.AddHours(2),
+                Capacity = capacity,
+                IsOnline = true
+            };
+
+        [Fact]
+        public void Rejects_When_Window_Closed_At_24h()
+        {
+            // Arrange
+            var now = DateTimeOffset.Parse("2025-03-01T12:00:00Z");
+            var (policy, _) = BuildSut(now);
+            var w = W(capacity: 10, startAt: now.AddHours(RegistrationPolicy.CloseWindowLeadHours));
+            var enrolled = 0;
+
+            // Act
+            var decision = policy.Decide(w, enrolled);
+
+            // Assert
+            Assert.Equal(RegistrationOutcome.Rejected, decision.Outcome);
+            Assert.Contains("Registration window closed.", decision.Reasons);
+        }
+
+        [Fact]
+        public void Accepts_When_Seats_Available()
+        {
+            // Arrange
+            var now = DateTimeOffset.Parse("2025-03-01T12:00:00Z");
+            var (policy, _) = BuildSut(now);
+            var w = W(capacity: 10, startAt: now.AddHours(36));
+            var enrolled = 9;
+
+            // Act
+            var decision = policy.Decide(w, enrolled);
+
+            // Assert
+            Assert.Equal(RegistrationOutcome.Accepted, decision.Outcome);
+            Assert.Contains("Accepted", decision.Reasons);
+        }
+
+        [Fact]
+        public void Rejects_When_Full()
+        {
+            // Arrange
+            var now = DateTimeOffset.Parse("2025-03-01T12:00:00Z");
+            var (policy, _) = BuildSut(now);
+            var w = W(capacity: 10, startAt: now.AddHours(36));
+            var enrolled = 10;
+
+            // Act
+            var decision = policy.Decide(w, enrolled);
+
+            // Assert
+            Assert.Equal(RegistrationOutcome.Rejected, decision.Outcome);
+            Assert.Contains("No seats available.", decision.Reasons);
+        }
+
+        [Theory]
+        [InlineData(30, RegistrationOutcome.Accepted)]
+        [InlineData(24, RegistrationOutcome.Rejected)]
+        [InlineData(10, RegistrationOutcome.Rejected)]
+        public void Window_Rules(int hoursToStart, RegistrationOutcome expected)
+        {
+            // Arrange
+            var now = DateTimeOffset.Parse("2025-03-01T12:00:00Z");
+            var (policy, _) = BuildSut(now);
+            var w = W(capacity: 5, startAt: now.AddHours(hoursToStart));
+            var enrolled = 0;
+
+            // Act
+            var decision = policy.Decide(w, enrolled);
+
+            // Assert
+            Assert.Equal(expected, decision.Outcome);
+        }
+    }
+}

CampusWorkshops.Tests/UnitTest1.cs

@@ -0,0 +1,10 @@
+namespace CampusWorkshops.Tests;
+
+public class UnitTest1
+{
+    [Fact]
+    public void Test1()
+    {
+
+    }
+}

Program.cs

@@ -1,63 +0,0 @@
-// Note: repository implementation removed for workshop exercise (TODOs in project files)
-using Microsoft.AspNetCore.Diagnostics;
-using Microsoft.AspNetCore.Mvc;
-using CampusWorkshops.Api.Repositories;
-using Microsoft.EntityFrameworkCore;
-using CampusWorkshops.Api.Infrastructure.Data;
-
-var builder = WebApplication.CreateBuilder(args);
-
-// Add services
-builder.Services.AddDbContext<WorkshopsDbContext>(options =>
-    options.UseSqlite(builder.Configuration.GetConnectionString("WorkshopsDb")));
-
-builder.Services.AddScoped<IWorkshopRepository, EfWorkshopRepository>();
-builder.Services.AddControllers();
-builder.Services.AddEndpointsApiExplorer();
-builder.Services.AddSwaggerGen(o =>
-{
-    o.SwaggerDoc("v1", new Microsoft.OpenApi.Models.OpenApiInfo
-    {
-        Title = "CampusWorkshops API",
-        Version = "v1",
-        Description = "API para gestão de workshops do campus (MVP in-memory)."
-    });
-});
-
-// DI
-
-var app = builder.Build();
-
-// Exception handler that returns RFC7807 ProblemDetails for unhandled errors
-app.UseExceptionHandler(errApp =>
-{
-    errApp.Run(async context =>
-    {
-        var feature = context.Features.Get<IExceptionHandlerFeature>();
-        var ex = feature?.Error;
-
-        var pd = new ProblemDetails
-        {
-            Title = "An unexpected error occurred.",
-            Status = StatusCodes.Status500InternalServerError,
-            Detail = app.Environment.IsDevelopment() ? ex?.Message : null
-        };
-
-        context.Response.StatusCode = pd.Status.Value;
-        context.Response.ContentType = "application/problem+json";
-        await context.Response.WriteAsJsonAsync(pd);
-    });
-});
-
-app.UseHttpsRedirection();
-
-app.UseSwagger();
-app.UseSwaggerUI(c =>
-{
-    c.SwaggerEndpoint("/swagger/v1/swagger.json", "CampusWorkshops API v1");
-    c.RoutePrefix = "swagger"; // serve at /swagger
-});
-
-app.MapControllers();
-
-app.Run();

Workshop10-API.sln

@@ -1,19 +1,46 @@
+
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio Version 17
 VisualStudioVersion = 17.5.2.0
 MinimumVisualStudioVersion = 10.0.40219.1
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Workshop10-API", "Workshop10-API.csproj", "{5106011C-9EE5-2CD0-05A5-164233706862}"
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Workshop10-API", "Workshop10-API\Workshop10-API.csproj", "{A51E3052-20C8-4154-905F-4AE95A131FB1}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CampusWorkshops.Tests", "CampusWorkshops.Tests\CampusWorkshops.Tests.csproj", "{3327A641-9CFC-40DA-9E4E-0E6BD3390068}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
+		Debug|x64 = Debug|x64
+		Debug|x86 = Debug|x86
 		Release|Any CPU = Release|Any CPU
+		Release|x64 = Release|x64
+		Release|x86 = Release|x86
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
-		{5106011C-9EE5-2CD0-05A5-164233706862}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{5106011C-9EE5-2CD0-05A5-164233706862}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{5106011C-9EE5-2CD0-05A5-164233706862}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Debug|x64.ActiveCfg = Debug|Any CPU
-		{5106011C-9EE5-2CD0-05A5-164233706862}.Release|Any CPU.Build.0 = Release|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Debug|x64.Build.0 = Debug|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Debug|x86.Build.0 = Debug|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Release|Any CPU.Build.0 = Release|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Release|x64.ActiveCfg = Release|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Release|x64.Build.0 = Release|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Release|x86.ActiveCfg = Release|Any CPU
+		{A51E3052-20C8-4154-905F-4AE95A131FB1}.Release|x86.Build.0 = Release|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Debug|x64.Build.0 = Debug|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Debug|x86.Build.0 = Debug|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Release|Any CPU.Build.0 = Release|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Release|x64.ActiveCfg = Release|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Release|x64.Build.0 = Release|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Release|x86.ActiveCfg = Release|Any CPU
+		{3327A641-9CFC-40DA-9E4E-0E6BD3390068}.Release|x86.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

Workshop10-API/Controllers/AuthController.cs

@@ -0,0 +1,57 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.IdentityModel.Tokens;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+
+namespace CampusWorkshops.Api.Controllers;
+
+[ApiController]
+[Route("api/[controller]")]
+public class AuthController : ControllerBase
+{
+    // Usuários de exemplo (NÃO use plaintext em produção)
+    private static readonly Dictionary<string,(string Password, string[] Roles)> Users = new()
+    {
+        ["admin@campus"] = ("admin123", new[] { "Admin", "Instructor" }),
+        ["inst@campus"]  = ("inst123",  new[] { "Instructor" }),
+        ["aluno@campus"] = ("aluno123", Array.Empty<string>())
+    };
+
+    private readonly IConfiguration _cfg;
+    public AuthController(IConfiguration cfg) => _cfg = cfg;
+
+    public record LoginRequest(string Username, string Password);
+    public record TokenResponse(string AccessToken, DateTime ExpiresAt);
+
+    [HttpPost("login")]
+    [ProducesResponseType(typeof(TokenResponse), 200)]
+    [ProducesResponseType(401)]
+    public IActionResult Login([FromBody] LoginRequest body)
+    {
+        if (!Users.TryGetValue(body.Username, out var u) || u.Password != body.Password)
+            return Unauthorized();
+
+        var jwt = _cfg.GetSection("Jwt");
+        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwt["Key"]!));
+        var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
+
+        var claims = new List<Claim>
+        {
+            new(JwtRegisteredClaimNames.Sub, body.Username),
+            new(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
+        };
+        claims.AddRange(u.Roles.Select(r => new Claim(ClaimTypes.Role, r)));
+
+        var expires = DateTime.UtcNow.AddHours(2);
+        var token = new JwtSecurityToken(
+            issuer: jwt["Issuer"],
+            audience: jwt["Audience"],
+            claims: claims,
+            expires: expires,
+            signingCredentials: creds
+        );
+        var encoded = new JwtSecurityTokenHandler().WriteToken(token);
+        return Ok(new TokenResponse(encoded, expires));
+    }
+}

Workshop10-API/Controllers/DiDemoController.cs

@@ -0,0 +1,59 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using CampusWorkshops.Api.Services;
+
+namespace CampusWorkshops.Api.Controllers;
+
+[ApiController]
+[AllowAnonymous] // Deixe aberto para facilitar o teste
+[Route("api/[controller]")]
+public class DiDemoController : ControllerBase
+{
+    // Visualiza os IDs por lifetime
+    [HttpGet("lifetimes")]
+    public IActionResult Lifetimes(
+        [FromServices] IRequestIdTransient t1,
+        [FromServices] IRequestIdTransient t2,
+        [FromServices] IRequestIdScoped    s1,
+        [FromServices] IRequestIdScoped    s2,
+        [FromServices] IRequestIdSingleton g1,
+        [FromServices] IRequestIdSingleton g2)
+    {
+        return Ok(new {
+            transient1 = t1.Id, transient2 = t2.Id,    // normalmente diferentes NA MESMA chamada
+            scoped1 = s1.Id, scoped2 = s2.Id,          // iguais NA MESMA chamada; mudam entre chamadas
+            singleton1 = g1.Id, singleton2 = g2.Id     // sempre iguais
+        });
+    }
+
+    // Demonstra o "cativeiro" do transient dentro de um singleton
+    [HttpGet("captive-transient")]
+    public IActionResult Captive(
+        [FromServices] ReportingSingleton singleton,
+        [FromServices] IPerRequestClock clockTransient)
+    {
+        // clockTransient é Transient: CreatedAt muda entre requisições
+        var transientCreatedAtNow = clockTransient.CreatedAt;
+
+        // GetClockCreatedAt (TODO) deveria retornar o CreatedAt visto pelo singleton
+        DateTimeOffset? singletonClockCreatedAt = null;
+        string? error = null;
+        try
+        {
+            singletonClockCreatedAt = singleton.GetClockCreatedAt();
+        }
+        catch (Exception ex)
+        {
+            error = $"{ex.GetType().Name}: {ex.Message}";
+        }
+
+        return Ok(new {
+            transientCreatedAtNow,
+            singletonClockCreatedAt,
+            esperado = "Valores DIFERENTES por requisição",
+            observacao = "Mas como o transient foi resolvido DENTRO do singleton, ele congelou e não muda",
+            todoImplementado = error is null,
+            errorAoChamarSingleton = error
+        });
+    }
+}

Workshop10-API/Controllers/WorkshopsController.cs

@@ -2,6 +2,7 @@
 using CampusWorkshops.Api.Dtos;
 using CampusWorkshops.Api.Models;
 using CampusWorkshops.Api.Repositories;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace CampusWorkshops.Api.Controllers;
@@ -16,10 +17,11 @@ public class WorkshopsController : ControllerBase
 
     /// <summary>Lista workshops com filtros opcionais.</summary>
     [HttpGet]
+    [Authorize]
     public async Task<IActionResult> GetAll([FromQuery] DateTimeOffset? from, [FromQuery] DateTimeOffset? to, [FromQuery] string? q, CancellationToken ct)
     {
         var workshops = await _repo.GetAllAsync(from, to, q, ct);
-        
+
         var response = workshops.Select(w => new WorkshopResponse(
             w.Id,
             w.Title,
@@ -36,10 +38,11 @@ public class WorkshopsController : ControllerBase
 
     /// <summary>Obtém um workshop por Id.</summary>
     [HttpGet("{id:guid}")]
+    [Authorize]
     public async Task<IActionResult> GetById(Guid id, CancellationToken ct)
     {
         var workshop = await _repo.GetByIdAsync(id, ct);
-        
+
         if (workshop == null)
         {
             return NotFound();
@@ -61,6 +64,7 @@ public class WorkshopsController : ControllerBase
 
     /// <summary>Cria um novo workshop.</summary>
     [HttpPost]
+    [Authorize(Policy = "CanWriteWorkshops")]
     public async Task<IActionResult> Create([FromBody] CreateWorkshopRequest body, CancellationToken ct)
     {
         if (!ModelState.IsValid)
@@ -119,6 +123,8 @@ public class WorkshopsController : ControllerBase
 
     /// <summary>Atualiza parcialmente um workshop existente.</summary>
     [HttpPatch("{id:guid}")]
+    [Authorize(Policy = "CanWriteWorkshops")]
+
     public async Task<IActionResult> Patch(Guid id, [FromBody] PatchWorkshopRequest body, CancellationToken ct)
     {
         if (!ModelState.IsValid)
@@ -135,10 +141,10 @@ public class WorkshopsController : ControllerBase
         // Aplicar apenas os campos fornecidos
         if (body.Title != null)
             existingWorkshop.Title = body.Title;
-        
+
         if (body.Description != null)
             existingWorkshop.Description = body.Description;
-        
+
         if (body.StartAt.HasValue)
         {
             if (body.StartAt.Value < DateTimeOffset.UtcNow)
@@ -147,13 +153,13 @@ public class WorkshopsController : ControllerBase
             }
             existingWorkshop.StartAt = body.StartAt.Value;
         }
-        
+
         if (body.EndAt.HasValue)
             existingWorkshop.EndAt = body.EndAt.Value;
-        
+
         if (body.Location != null)
             existingWorkshop.Location = body.Location;
-        
+
         if (body.Capacity.HasValue)
         {
             if (body.Capacity.Value < 1)
@@ -162,7 +168,7 @@ public class WorkshopsController : ControllerBase
             }
             existingWorkshop.Capacity = body.Capacity.Value;
         }
-        
+
         if (body.IsOnline.HasValue)
             existingWorkshop.IsOnline = body.IsOnline.Value;
 
@@ -199,6 +205,8 @@ public class WorkshopsController : ControllerBase
 
     /// <summary>Remove um workshop.</summary>
     [HttpDelete("{id:guid}")]
+    [Authorize(Policy = "CanDeleteWorkshops")]
+
     public async Task<IActionResult> Delete(Guid id, CancellationToken ct)
     {
         var workshop = await _repo.GetByIdAsync(id, ct);

Workshop10-API/Domain/Registration/WorkshopRegistrationPolicy.cs

@@ -0,0 +1,60 @@
+using System;
+using System.Collections.Generic;
+using CampusWorkshops.Api.Models; // <-- Workshop do seu projeto
+
+namespace CampusWorkshops.Api.Domain.Registration
+{
+    public enum RegistrationOutcome { Accepted, Rejected }
+
+    public sealed record RegistrationDecision(RegistrationOutcome Outcome, IReadOnlyList<string> Reasons);
+
+    /// <summary>
+    /// Regra simples de registro para Workshop.
+    /// Regras:
+    /// - Janela fecha quando faltar <= 24h para o StartAt.
+    /// - Se há assentos (Capacity - enrolled > 0) → Accepted; senão → Rejected.
+    /// </summary>
+    public sealed class RegistrationPolicy
+    {
+        public const int CloseWindowLeadHours = 24;
+
+        private readonly TimeProvider _time;
+
+        public RegistrationPolicy(TimeProvider time)
+        {
+            _time = time ?? throw new ArgumentNullException(nameof(time));
+        }
+
+        /// <summary>
+        /// Decide usando apenas o Workshop e o número ATUAL de inscritos (enrolled).
+        /// </summary>
+        public RegistrationDecision Decide(Workshop w, int enrolled)
+        {
+            if (w is null) throw new ArgumentNullException(nameof(w));
+            var reasons = new List<string>();
+
+            // (1) Janela de inscrição
+            var now = _time.GetUtcNow();
+            // Se StartAt for DateTime (não Offset) no seu modelo, troque por:
+            // var startAtUtc = DateTime.SpecifyKind(w.StartAt, DateTimeKind.Utc);
+            // if (startAtUtc - now <= TimeSpan.FromHours(CloseWindowLeadHours)) { ... }
+            if (w.StartAt - now <= TimeSpan.FromHours(CloseWindowLeadHours))
+            {
+                reasons.Add("Registration window closed.");
+                return new RegistrationDecision(RegistrationOutcome.Rejected, reasons);
+            }
+
+            // (2) Capacidade
+            var seatsLeft = w.Capacity - enrolled;
+            if (seatsLeft > 0)
+            {
+                reasons.Add("Accepted");
+                return new RegistrationDecision(RegistrationOutcome.Accepted, reasons);
+            }
+
+            reasons.Add("No seats available.");
+            return new RegistrationDecision(RegistrationOutcome.Rejected, reasons);
+        }
+    }
+}
+

Workshop10-API/Program.cs

@@ -0,0 +1,164 @@
+// Note: repository implementation removed for workshop exercise (TODOs in project files)
+using Microsoft.AspNetCore.Diagnostics;
+using Microsoft.AspNetCore.Mvc;
+using CampusWorkshops.Api.Repositories;
+using Microsoft.EntityFrameworkCore;
+using CampusWorkshops.Api.Infrastructure.Data;
+using System.Text;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
+using Microsoft.OpenApi.Models;
+using CampusWorkshops.Api.Services;
+using Microsoft.Extensions.Options;
+using Microsoft.Extensions.Caching.Memory;
+using CampusWorkshops.Api.Domain.Registration;
+
+var builder = WebApplication.CreateBuilder(args);
+
+// JWT
+var jwt = builder.Configuration.GetSection("Jwt");
+var keyBytes = Encoding.UTF8.GetBytes(jwt["Key"]!);
+
+builder.Services
+  .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+  .AddJwtBearer(options =>
+  {
+      options.TokenValidationParameters = new()
+      {
+          ValidateIssuer = true,
+          ValidateAudience = true,
+          ValidateIssuerSigningKey = true,
+          ValidIssuer = jwt["Issuer"],
+          ValidAudience = jwt["Audience"],
+          IssuerSigningKey = new SymmetricSecurityKey(keyBytes),
+          ClockSkew = TimeSpan.FromMinutes(1) // previsível para testes
+      };
+  });
+
+builder.Services.AddAuthorization();
+
+builder.Services.AddAuthorization(options =>
+{
+    options.AddPolicy("CanWriteWorkshops", p => p.RequireRole("Instructor","Admin"));
+    options.AddPolicy("CanDeleteWorkshops", p => p.RequireRole("Admin"));
+    options.AddPolicy("CanViewAnalytics",  p => p.RequireRole("Admin"));
+});
+
+// Add services
+builder.Services.AddDbContext<WorkshopsDbContext>(options =>
+    options.UseSqlite(builder.Configuration.GetConnectionString("WorkshopsDb")));
+
+builder.Services.AddMemoryCache();
+builder.Services.Configure<CacheSettings>(builder.Configuration.GetSection("Cache"));
+
+
+// Primeiro registramos a implementação EF concreta
+builder.Services.AddScoped<EfWorkshopRepository>();
+
+// tempo do sistema para produção:
+builder.Services.AddSingleton<TimeProvider>(TimeProvider.System);
+// regra de domínio (stateless); pode ser Singleton
+builder.Services.AddSingleton<RegistrationPolicy>();
+
+// Depois expomos IWorkshopRepository como o "EF envelopado por cache"
+builder.Services.AddScoped<IWorkshopRepository>(sp =>
+    new CachedWorkshopRepository(
+        sp.GetRequiredService<EfWorkshopRepository>(),
+        sp.GetRequiredService<IMemoryCache>(),
+        sp.GetRequiredService<IOptionsSnapshot<CacheSettings>>()));
+
+// Lifetimes de exemplo
+builder.Services.AddTransient<IRequestIdTransient, RequestIdTransient>();
+builder.Services.AddScoped<IRequestIdScoped, RequestIdScoped>();
+builder.Services.AddSingleton<IRequestIdSingleton, RequestIdSingleton>();
+
+// Exemplo de "captive dependency"
+builder.Services.AddTransient<IPerRequestClock, PerRequestClock>(); // Transient
+builder.Services.AddSingleton<ReportingSingleton>();
+
+
+// Removendo para ativar o cached repository
+// builder.Services.AddScoped<IWorkshopRepository, EfWorkshopRepository>();
+builder.Services.AddControllers();
+builder.Services.AddEndpointsApiExplorer();
+builder.Services.AddSwaggerGen(o =>
+{
+    o.SwaggerDoc("v1", new Microsoft.OpenApi.Models.OpenApiInfo
+    {
+        Title = "CampusWorkshops API",
+        Version = "v1",
+        Description = "API para gestão de workshops do campus (MVP in-memory)."
+    });
+    var bearerScheme = new OpenApiSecurityScheme
+    {
+        Name = "Authorization",
+        Description = "Cole apenas o JWT (sem 'Bearer ').",
+        In = ParameterLocation.Header,
+        Type = SecuritySchemeType.Http,   // <- IMPORTANTE
+        Scheme = "bearer",                // <- minúsculo
+        BearerFormat = "JWT",
+        Reference = new OpenApiReference   // <- garante que o requirement aponte para esta definição
+        {
+            Type = ReferenceType.SecurityScheme,
+            Id = "Bearer"
+        }
+    };
+
+    o.AddSecurityDefinition("Bearer", bearerScheme);
+
+    o.AddSecurityRequirement(new OpenApiSecurityRequirement
+    {
+        {
+            new OpenApiSecurityScheme
+            {
+                Reference = new OpenApiReference
+                {
+                    Type = ReferenceType.SecurityScheme,
+                    Id = "Bearer"
+                }
+            },
+            Array.Empty<string>()
+        }
+    });
+});
+
+// DI
+
+var app = builder.Build();
+
+// Exception handler that returns RFC7807 ProblemDetails for unhandled errors
+app.UseExceptionHandler(errApp =>
+{
+    errApp.Run(async context =>
+    {
+        var feature = context.Features.Get<IExceptionHandlerFeature>();
+        var ex = feature?.Error;
+
+        var pd = new ProblemDetails
+        {
+            Title = "An unexpected error occurred.",
+            Status = StatusCodes.Status500InternalServerError,
+            Detail = app.Environment.IsDevelopment() ? ex?.Message : null
+        };
+
+        context.Response.StatusCode = pd.Status.Value;
+        context.Response.ContentType = "application/problem+json";
+        await context.Response.WriteAsJsonAsync(pd);
+    });
+});
+
+app.UseHttpsRedirection();
+
+app.UseAuthentication();   // <-- antes
+app.UseAuthorization();    // <-- depois
+
+app.UseSwagger();
+app.UseSwaggerUI(c =>
+{
+    c.SwaggerEndpoint("/swagger/v1/swagger.json", "CampusWorkshops API v1");
+    c.RoutePrefix = "swagger"; // serve at /swagger
+});
+
+app.MapControllers();
+
+app.Run();

Workshop10-API/Repositories/CachedWorkshopRepository.cs

@@ -0,0 +1,82 @@
+using CampusWorkshops.Api.Models;
+using Microsoft.Extensions.Caching.Memory;
+using Microsoft.Extensions.Options;
+
+namespace CampusWorkshops.Api.Repositories;
+
+public sealed class CachedWorkshopRepository : IWorkshopRepository
+{
+    private readonly IWorkshopRepository _inner;
+    private readonly IMemoryCache _cache;
+    private readonly TimeSpan _ttl;
+
+    public CachedWorkshopRepository(
+        IWorkshopRepository inner,
+        IMemoryCache cache,
+        IOptionsSnapshot<CampusWorkshops.Api.Services.CacheSettings> opts)
+    {
+        _inner = inner;
+        _cache = cache;
+        _ttl = TimeSpan.FromSeconds(opts.Value.DefaultTtlSeconds);
+    }
+
+    private static string KeyById(Guid id) => $"workshops:byId:{id}";
+    private static string KeyList(DateTimeOffset? from, DateTimeOffset? to, string? q)
+        => $"workshops:list:{from?.ToUnixTimeSeconds()}:{to?.ToUnixTimeSeconds()}:{q?.Trim().ToLowerInvariant()}";
+    public async Task<IReadOnlyList<Workshop>> GetAllAsync(
+        DateTimeOffset? from, DateTimeOffset? to, string? q, CancellationToken ct)
+    {   
+        // Implementação final
+        var key = KeyList(from, to, q);
+        if (_cache.TryGetValue(key, out IReadOnlyList<Workshop>? cached) && cached is not null)
+            return cached;
+
+        var data = await _inner.GetAllAsync(from, to, q, ct);
+        _cache.Set(key, data, _ttl);
+        return data;
+    }
+
+
+    public async Task<Workshop?> GetByIdAsync(Guid id, CancellationToken ct)
+    {
+        var key = KeyById(id);
+        if (_cache.TryGetValue(key, out Workshop? cached) && cached is not null)
+            return cached;
+
+        var w = await _inner.GetByIdAsync(id, ct);
+        if (w is not null) _cache.Set(key, w, _ttl);
+        return w;
+    }
+
+    // Ações de escrita: apenas encaminham e limpam entradas simples
+    public async Task<Workshop> AddAsync(Workshop workshop, CancellationToken ct)
+    {
+        var w = await _inner.AddAsync(workshop, ct);
+        _cache.Remove(KeyById(w.Id));
+        return w;
+    }
+
+    public async Task<Workshop?> UpdateAsync(Workshop workshop, CancellationToken ct)
+    {
+        var w = await _inner.UpdateAsync(workshop, ct);
+        if (w is not null) _cache.Remove(KeyById(w.Id));
+        return w;
+    }
+
+    public async Task<bool> DeleteAsync(Guid id, CancellationToken ct)
+    {
+        var ok = await _inner.DeleteAsync(id, ct);
+        if (ok) _cache.Remove(KeyById(id));
+        return ok;
+    }
+
+    public Task<bool> ExistsAsync(Guid id, CancellationToken ct)
+        => _inner.ExistsAsync(id, ct);
+
+    public async Task<Workshop?> UpdatePartialAsync(Guid id, Action<Workshop> updateAction, CancellationToken ct)
+    {
+        var w = await _inner.UpdatePartialAsync(id, updateAction, ct);
+        if (w is not null) _cache.Remove(KeyById(w.Id));
+        return w;
+    }
+}

Workshop10-API/Services/CacheSettings.cs

@@ -0,0 +1,6 @@
+namespace CampusWorkshops.Api.Services;
+
+public sealed class CacheSettings
+{
+    public int DefaultTtlSeconds { get; set; } = 15;
+}

Workshop10-API/Services/PerRequestClock.cs

@@ -0,0 +1,12 @@
+namespace CampusWorkshops.Api.Services;
+
+public interface IPerRequestClock
+{
+    // Carimbo criado no CONSTRUTOR (não muda depois)
+    DateTimeOffset CreatedAt { get; }
+}
+
+public sealed class PerRequestClock : IPerRequestClock
+{
+    public DateTimeOffset CreatedAt { get; } = DateTimeOffset.UtcNow;
+}

Workshop10-API/Services/ReportingSingleton.cs

@@ -0,0 +1,23 @@
+using System;
+
+namespace CampusWorkshops.Api.Services;
+
+/// <summary>
+/// Singleton que recebe um Transient (IPerRequestClock).
+/// Na prática, o Transient é resolvido uma única vez, na construção do Singleton,
+/// e "vira" efetivamente singleton dentro dele.
+/// </summary>
+public sealed class ReportingSingleton
+{
+    private readonly IPerRequestClock _clock;
+
+    public ReportingSingleton(IPerRequestClock clock)
+    {
+        _clock = clock;
+    }
+
+    public DateTimeOffset GetClockCreatedAt()
+    {
+        return _clock.CreatedAt;
+    }
+}

Workshop10-API/Services/RequestId.cs

@@ -0,0 +1,9 @@
+namespace CampusWorkshops.Api.Services;
+
+public interface IRequestIdTransient { Guid Id { get; } }
+public interface IRequestIdScoped    { Guid Id { get; } }
+public interface IRequestIdSingleton { Guid Id { get; } }
+
+internal sealed class RequestIdTransient : IRequestIdTransient { public Guid Id { get; } = Guid.NewGuid(); }
+internal sealed class RequestIdScoped    : IRequestIdScoped    { public Guid Id { get; } = Guid.NewGuid(); }
+internal sealed class RequestIdSingleton : IRequestIdSingleton { public Guid Id { get; } = Guid.NewGuid(); }

Workshop10-API/Workshop10-API.csproj

@@ -8,6 +8,7 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="9.0.9" />
     <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.2" />
     <PackageReference Include="Microsoft.EntityFrameworkCore" Version="9.0.8" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.8">

Workshop10-API/appsettings.json

@@ -0,0 +1,15 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  },
+  "Jwt": {
+    "Issuer": "CampusWorkshops",
+    "Audience": "CampusWorkshops.Api",
+    "Key": "some-key-that-is-super-secret-always-secured"
+  },
+  "Cache": { "DefaultTtlSeconds": 15 },
+  "AllowedHosts": "*"
+}

appsettings.json

@@ -1,9 +0,0 @@
-{
-  "Logging": {
-    "LogLevel": {
-      "Default": "Information",
-      "Microsoft.AspNetCore": "Warning"
-    }
-  },
-  "AllowedHosts": "*"
-}