@develit-services/bank 0.8.1 → 0.8.3

package/README.md

@@ -24,7 +24,7 @@ Sluzba se sklada z:
 
 ## Zivotni cyklus platby
 
-Platba prochazi 5 fazemi s explicitnimi typy:
+Platba prochazi 6 fazemi s explicitnimi typy:
 
 ```
 SendPaymentInput (API vstup)
@@ -55,10 +55,17 @@ SendPaymentInput (API vstup)
 │    Odeslana do banky, ceka na autorizaci    │
 │    (muze jiz mit bankRefId)                 │
 └──────────────────┬──────────────────────────┘
-                   │  autorizace + zpracovani bankou
+                   │  uzivatel autorizuje (callback)
                    ▼
 ┌─────────────────────────────────────────────┐
-│ 5. CompletedPayment        status: COMPLETED│
+│ 5. SignedPayment           status: SIGNED   │
+│    Autorizovana uzivatelem, banka           │
+│    zpracovava                               │
+└──────────────────┬──────────────────────────┘
+                   │  banka dokonci zpracovani
+                   ▼
+┌─────────────────────────────────────────────┐
+│ 6. CompletedPayment        status: COMPLETED│
 │    Zpracovana bankou, ma bankRefId          │
 │    a processedAt timestamp                  │
 │    (pripadne FAILED / PENDING)              │
@@ -71,6 +78,7 @@ SendPaymentInput (API vstup)
 |--------|-------|
 | `CREATED` | Platba vytvorena, ceka na zpracovani |
 | `PREPARED` | Odeslana do banky, ceka na autorizaci |
+| `SIGNED` | Autorizovana uzivatelem, banka zpracovava |
 | `PENDING` | Banka zpracovava |
 | `COMPLETED` | Uspesne dokoncena |
 | `FAILED` | Selhala |
@@ -146,11 +154,14 @@ Kazdy batch obsahuje pouze platby **jednoho typu** (SEPA, DOMESTIC nebo SWIFT).
 Workflow (Cloudflare Durable Object) ridi zpracovani batche:
 
 1. Nacte a validuje batch (nesmi byt SIGNED/PROCESSING)
+1b. Nacte payment requesty pro batch z `payment_request` tabulky
 2. Zamkne batch (nastavi PROCESSING, overi checksum)
 3. Iniciuje batch u banky pres konektor podle typu platby (`connector.initiateDomesticBatch()` / `initiateSEPABatch()` / `initiateForeignBatch()`)
+3b. Aktualizuje singlePayments na PREPARED (bankRefId, initiatedAt, authorizationUrl)
 4. Aktualizuje batch na READY_TO_SIGN s autorizacnimi URL
+4a. MOCK konektor: preskoci autorizaci, rovnou oznaci singlePayments jako COMPLETED a batch jako SIGNED
 5. Odesle email s odkazem na autorizaci
-6. Ceka na autorizaci uzivatelem
+6. (TBD) Ceka na autorizaci uzivatelem (waitForEvent)
 
 ### CRON kontrola stavu
 
@@ -241,6 +252,64 @@ Vsechny konektory dedi z abstraktni tridy `IBankConnector`, ktera poskytuje spol
 | Mock | `MOCK` | Vsechny typy | Testovaci, automaticky dokoncuje platby |
 | Mock COBS | `MOCK_COBS` | Vsechny typy | Testovaci COBS konektor |
 
+### Podporovane sluzby dle bank (Finbricks, CZ)
+
+> Data ze sandbox prostredi Finbricks (`/status/bankInfo`). Aktualizovano: 2026-02-23.
+
+#### Platby
+
+| Banka | Provider | Domestic | SEPA | Foreign | Batch | Recurring | Pairing | Settled |
+|-------|----------|:--------:|:----:|:-------:|:-----:|:---------:|:-------:|:-------:|
+| MONETA Money Bank | `MONETA` | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ |
+| Mock Cobs banka | `MOCK_COBS` | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ |
+| Air Bank | `AIRBANK` | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ |
+| J&T Banka | `JTB` | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ |
+| mBank | `MBANK` | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ |
+| Raiffeisen | `RAIFFEISEN` | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ |
+| Fio banka | `FIO` | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ |
+| CSOB | `CSOB` | ✅ | ✅ | ❌ | ✅ | ✅ | ❌ | ❌ |
+| Komercni banka | `KB` | ✅ | ❌ | ❌ | ✅ | ❌ | ✅ | ✅ |
+| UniCredit | `UNICREDIT` | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ |
+| Ceska sporitelna | `CSAS` | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ |
+| Partners Banka | `PARTNERS` | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ |
+| Banka CREDITAS | `CREDITAS` | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ |
+
+#### Ucty (informace)
+
+| Banka | Provider | Info | Zustatek | Transakce |
+|-------|----------|:----:|:--------:|:---------:|
+| MONETA Money Bank | `MONETA` | ✅ | ✅ | ✅ |
+| Mock Cobs banka | `MOCK_COBS` | ✅ | ✅ | ✅ |
+| Air Bank | `AIRBANK` | ✅ | ✅ | ✅ |
+| J&T Banka | `JTB` | ✅ | ✅ | ✅ |
+| mBank | `MBANK` | ✅ | ✅ | ✅ |
+| Raiffeisen | `RAIFFEISEN` | ✅ | ✅ | ✅ |
+| Fio banka | `FIO` | ✅ | ✅ | ✅ |
+| CSOB | `CSOB` | ✅ | ✅ | ✅ |
+| Komercni banka | `KB` | ✅ | ✅ | ✅ |
+| UniCredit | `UNICREDIT` | ✅ | ✅ | ✅ |
+| Ceska sporitelna | `CSAS` | ✅ | ✅ | ✅ |
+| Partners Banka | `PARTNERS` | ✅ | ✅ | ✅ |
+| Banka CREDITAS | `CREDITAS` | ✅ | ✅ | ✅ |
+
+#### Instant platby
+
+| Banka | Provider | Domestic Creditor | Domestic Debtor | SEPA Creditor | SEPA Debtor |
+|-------|----------|:-----------------:|:---------------:|:-------------:|:-----------:|
+| MONETA Money Bank | `MONETA` | ✅ | ✅ | ❌ | ❌ |
+| Mock Cobs banka | `MOCK_COBS` | ✅ | ✅ | ✅ | ❌ |
+| Air Bank | `AIRBANK` | ✅ | ✅ | ✅ | ✅ |
+| J&T Banka | `JTB` | ✅ | ✅ | ✅ | ✅ |
+| mBank | `MBANK` | ✅ | ✅ | ❌ | ❌ |
+| Raiffeisen | `RAIFFEISEN` | ✅ | ✅ | ❌ | ❌ |
+| Fio banka | `FIO` | ✅ | ✅ | ❌ | ✅ |
+| CSOB | `CSOB` | ✅ | ✅ | ❌ | ❌ |
+| Komercni banka | `KB` | ✅ | ✅ | ❌ | ❌ |
+| UniCredit | `UNICREDIT` | ✅ | ✅ | ❌ | ❌ |
+| Ceska sporitelna | `CSAS` | ✅ | ✅ | ❌ | ❌ |
+| Partners Banka | `PARTNERS` | ✅ | ✅ | ❌ | ❌ |
+| Banka CREDITAS | `CREDITAS` | ✅ | ✅ | ❌ | ❌ |
+
 ### Metody konektoru
 
 Kazdy konektor implementuje nasledujici metody (nebo vraci `Not implemented`):
@@ -319,6 +388,7 @@ Bank service je **RPC worker** - nema vlastni verejne HTTP endpointy. Vsechny ak
 | `send-payment` | Odesle platbu (vlozi do fronty pro batchovani) |
 | `send-payment-sync` | Odesle platbu synchronne primo do banky, vrati `authorizationUrl` (bez queue/batch/DB) |
 | `get-payments` | Seznam plateb s paginaci a filtry (ucet, castka, mena, smer, datum, stav) |
+| `handle-authorization-callback` | Zpracuje callback po autorizaci platby/batche (aktualizuje singlePayment + batch status) |
 | `simulate-deposit` | Testovaci: vytvori prichozi platbu ve stavu COMPLETED |
 
 ### Batch operace
@@ -374,11 +444,17 @@ Klicove sloupce: `correlationId`, `refId`, `bankRefId`, `amount`, `currency`, `d
 
 Unikatni omezeni: `(connectorKey, bankRefId)`.
 
+### payment_request
+
+Odchozi platby v prubehu zpracovani (in-flight). Kazda platba v batchi ma vlastni radek se stavem.
+
+Klicove sloupce: `batchId`, `status`, `bankRefId`, `amount`, `currency`, `paymentType`, `creditorIban`, `debtorIban`, `accountId`, `connectorKey`, `authorizationUrl`, `initiatedAt`, `processedAt`, `statusReason`.
+
 ### batch
 
-Batch plateb s JSON polem plateb a stavovymi informacemi.
+Batch plateb se stavovymi informacemi. Platby jsou v tabulce `payment_request` (vazba pres `batchId`).
 
-Klicove sloupce: `status`, `payments` (JSON), `authorizationUrl`, `signHash`, `signId`, `sizeLimit`, `accountId`.
+Klicove sloupce: `status`, `authorizationUrls`, `paymentsChecksum`, `metadata`, `sizeLimit`, `accountId`, `paymentType`.
 
 ### account
 

package/dist/database/schema.cjs

@@ -1,6 +1,6 @@
 'use strict';
 
-const payment_schema = require('../shared/bank.IVhZ_RlH.cjs');
+const paymentRequest_schema = require('../shared/bank.SQ4Mmr8u.cjs');
 require('@develit-io/backend-sdk');
 require('drizzle-orm/relations');
 require('drizzle-orm/sqlite-core');
@@ -13,9 +13,11 @@ require('drizzle-zod');
 
 
 
-exports.account = payment_schema.account;
-exports.accountCredentials = payment_schema.accountCredentials;
-exports.batch = payment_schema.batch;
-exports.ott = payment_schema.ott;
-exports.payment = payment_schema.payment;
-exports.paymentRelations = payment_schema.paymentRelations;
+exports.account = paymentRequest_schema.account;
+exports.accountCredentials = paymentRequest_schema.accountCredentials;
+exports.batch = paymentRequest_schema.batch;
+exports.ott = paymentRequest_schema.ott;
+exports.payment = paymentRequest_schema.payment;
+exports.paymentRelations = paymentRequest_schema.paymentRelations;
+exports.paymentRequest = paymentRequest_schema.paymentRequest;
+exports.paymentRequestRelations = paymentRequest_schema.paymentRequestRelations;

package/dist/database/schema.d.cts

@@ -1,4 +1,4 @@
-export { aq as account, ar as accountCredentials, as as batch, at as ott, au as payment, av as paymentRelations } from '../shared/bank.BJ7LqYtJ.cjs';
+export { as as account, at as accountCredentials, au as batch, av as ott, aw as payment, ax as paymentRelations, ay as paymentRequest, az as paymentRequestRelations } from '../shared/bank.DDveEfub.cjs';
 import 'drizzle-orm/sqlite-core';
 import 'drizzle-orm';
 import '@develit-io/backend-sdk';

package/dist/database/schema.d.mts

@@ -1,4 +1,4 @@
-export { aq as account, ar as accountCredentials, as as batch, at as ott, au as payment, av as paymentRelations } from '../shared/bank.BJ7LqYtJ.mjs';
+export { as as account, at as accountCredentials, au as batch, av as ott, aw as payment, ax as paymentRelations, ay as paymentRequest, az as paymentRequestRelations } from '../shared/bank.DDveEfub.mjs';
 import 'drizzle-orm/sqlite-core';
 import 'drizzle-orm';
 import '@develit-io/backend-sdk';

package/dist/database/schema.d.ts

@@ -1,4 +1,4 @@
-export { aq as account, ar as accountCredentials, as as batch, at as ott, au as payment, av as paymentRelations } from '../shared/bank.BJ7LqYtJ.js';
+export { as as account, at as accountCredentials, au as batch, av as ott, aw as payment, ax as paymentRelations, ay as paymentRequest, az as paymentRequestRelations } from '../shared/bank.DDveEfub.js';
 import 'drizzle-orm/sqlite-core';
 import 'drizzle-orm';
 import '@develit-io/backend-sdk';

package/dist/database/schema.mjs

@@ -1,4 +1,4 @@
-export { n as account, p as accountCredentials, q as batch, r as ott, s as payment, t as paymentRelations } from '../shared/bank.993UA65l.mjs';
+export { n as account, p as accountCredentials, q as batch, r as ott, s as payment, t as paymentRelations, u as paymentRequest, v as paymentRequestRelations } from '../shared/bank.C4VOdIx1.mjs';
 import '@develit-io/backend-sdk';
 import 'drizzle-orm/relations';
 import 'drizzle-orm/sqlite-core';

package/dist/export/worker.cjs

@@ -1,18 +1,18 @@
 'use strict';
 
 const backendSdk = require('@develit-io/backend-sdk');
-const drizzle = require('../shared/bank.Bs7mkXbR.cjs');
+const drizzle = require('../shared/bank.BOnP9p9Y.cjs');
 const cloudflare_workers = require('cloudflare:workers');
 const d1 = require('drizzle-orm/d1');
+const mock_connector = require('../shared/bank.CQURey1E.cjs');
+require('jose');
 const zod = require('zod');
-const payment_schema = require('../shared/bank.IVhZ_RlH.cjs');
+const paymentRequest_schema = require('../shared/bank.SQ4Mmr8u.cjs');
 const generalCodes = require('@develit-io/general-codes');
 require('date-fns');
-require('jose');
 const drizzleOrm = require('drizzle-orm');
 require('node:crypto');
-const mock_connector = require('../shared/bank.Ce-NBBw1.cjs');
-require('../shared/bank.Cp0yvOdq.cjs');
+require('../shared/bank.C-T1FQxg.cjs');
 require('drizzle-orm/relations');
 require('drizzle-orm/sqlite-core');
 require('drizzle-zod');
@@ -94,6 +94,16 @@ const deletePaymentsByAccountCommand = (db, { accountId }) => {
   };
 };
 
+const createPaymentRequestCommand = (db, { paymentRequest }) => {
+  return {
+    command: db.insert(drizzle.tables.paymentRequest).values({
+      ...paymentRequest,
+      creditorIban: paymentRequest.creditor.iban,
+      debtorIban: paymentRequest.debtor.iban
+    }).returning()
+  };
+};
+
 const getAccountBatchCountsQuery = async (db, { accountId }) => {
   const result = await db.select({
     totalCount: drizzleOrm.sql`COUNT(*)`.as("totalCount"),
@@ -144,7 +154,7 @@ const getAllAccountsQuery = async (db, filters) => {
 };
 
 const getAllPendingBatchesQuery = (db) => {
-  return db.select().from(drizzle.tables.batch).where(drizzleOrm.inArray(drizzle.tables.batch.status, ["READY_TO_SIGN"]));
+  return db.select().from(drizzle.tables.batch).where(drizzleOrm.inArray(drizzle.tables.batch.status, ["READY_TO_SIGN", "SIGNED"]));
 };
 
 const buildMultiFilterConditions = (column, value) => {
@@ -249,6 +259,11 @@ const getOttQuery = async (db, { ott }) => {
   return await db.select().from(drizzle.tables.ott).where(drizzleOrm.eq(drizzle.tables.ott.oneTimeToken, ott)).get();
 };
 
+const getPaymentRequestByIdQuery = async (db, { paymentId }) => {
+  const results = await db.select().from(drizzle.tables.paymentRequest).where(drizzleOrm.eq(drizzle.tables.paymentRequest.id, paymentId)).limit(1);
+  return results[0] ?? null;
+};
+
 const seperateSupportedPayments = (incomingPayments, accounts) => {
   const [supportedPayments, unsupportedPayments] = incomingPayments.reduce(
     ([valid, invalid], payment) => {
@@ -272,12 +287,12 @@ const seperateSupportedPayments = (incomingPayments, accounts) => {
 
 const sendPaymentInputSchema = zod.z.object({
   correlationId: zod.z.string().min(1),
-  refId: zod.z.string(),
+  refId: zod.z.string().optional(),
   amount: zod.z.number().positive(),
-  paymentType: zod.z.enum(payment_schema.PAYMENT_TYPES),
-  chargeBearer: zod.z.enum(payment_schema.CHARGE_BEARERS).optional(),
+  paymentType: zod.z.enum(paymentRequest_schema.PAYMENT_TYPES),
+  chargeBearer: zod.z.enum(paymentRequest_schema.CHARGE_BEARERS).optional(),
   executionDate: zod.z.string().optional(),
-  instructionPriority: zod.z.enum(payment_schema.INSTRUCTION_PRIORITIES).optional(),
+  instructionPriority: zod.z.enum(paymentRequest_schema.INSTRUCTION_PRIORITIES).optional(),
   currency: zod.z.enum(generalCodes.CURRENCY_CODES),
   vs: zod.z.string().optional(),
   ss: zod.z.string().optional(),
@@ -290,7 +305,7 @@ const sendPaymentInputSchema = zod.z.object({
 });
 
 const getAuthUriInputSchema = zod.z.object({
-  connectorKey: zod.z.enum(payment_schema.CONNECTOR_KEYS)
+  connectorKey: zod.z.enum(paymentRequest_schema.CONNECTOR_KEYS)
 });
 
 const authorizeAccountInputSchema = zod.z.object({
@@ -311,7 +326,7 @@ const simulateDepositInputSchema = zod.z.object({
   message: zod.z.string(),
   creditor: backendSdk.bankAccountMetadataSchema,
   debtor: backendSdk.bankAccountMetadataSchema,
-  connectorKey: zod.z.enum(payment_schema.CONNECTOR_KEYS)
+  connectorKey: zod.z.enum(paymentRequest_schema.CONNECTOR_KEYS)
 });
 
 const ALLOWED_BATCH_FILTERS = {
@@ -326,7 +341,7 @@ const getBatchesInputSchema = zod.z.object({
     direction: zod.z.enum(["asc", "desc"])
   }),
   [ALLOWED_BATCH_FILTERS.ACCOUNT_ID]: zod.z.union([zod.z.uuid(), zod.z.uuid().array()]).optional(),
-  [ALLOWED_BATCH_FILTERS.STATUS]: zod.z.union([zod.z.enum(payment_schema.BATCH_STATUSES), zod.z.enum(payment_schema.BATCH_STATUSES).array()]).optional()
+  [ALLOWED_BATCH_FILTERS.STATUS]: zod.z.union([zod.z.enum(paymentRequest_schema.BATCH_STATUSES), zod.z.enum(paymentRequest_schema.BATCH_STATUSES).array()]).optional()
 });
 
 const processBatchInputSchema = zod.z.object({
@@ -381,10 +396,10 @@ const getPaymentsInputSchema = zod.z.object({
   [ALLOWED_PAYMENT_FILTERS.ACCOUNT_ID]: zod.z.union([zod.z.uuid(), zod.z.uuid().array()]).optional(),
   [ALLOWED_PAYMENT_FILTERS.AMOUNT]: zod.z.union([zod.z.number(), zod.z.number().array()]).optional(),
   [ALLOWED_PAYMENT_FILTERS.CURRENCY]: zod.z.union([zod.z.enum(generalCodes.CURRENCY_CODES), zod.z.enum(generalCodes.CURRENCY_CODES).array()]).optional(),
-  [ALLOWED_PAYMENT_FILTERS.DIRECTION]: zod.z.union([zod.z.enum(payment_schema.PAYMENT_DIRECTIONS), zod.z.enum(payment_schema.PAYMENT_DIRECTIONS).array()]).optional(),
+  [ALLOWED_PAYMENT_FILTERS.DIRECTION]: zod.z.union([zod.z.enum(paymentRequest_schema.PAYMENT_DIRECTIONS), zod.z.enum(paymentRequest_schema.PAYMENT_DIRECTIONS).array()]).optional(),
   [ALLOWED_PAYMENT_FILTERS.FROM]: zod.z.date().optional(),
   [ALLOWED_PAYMENT_FILTERS.TO]: zod.z.date().optional(),
-  [ALLOWED_PAYMENT_FILTERS.STATUS]: zod.z.union([zod.z.enum(payment_schema.PAYMENT_STATUSES), zod.z.enum(payment_schema.PAYMENT_STATUSES).array()]).optional()
+  [ALLOWED_PAYMENT_FILTERS.STATUS]: zod.z.union([zod.z.enum(paymentRequest_schema.PAYMENT_STATUSES), zod.z.enum(paymentRequest_schema.PAYMENT_STATUSES).array()]).optional()
 });
 
 const syncAccountInputSchema = zod.z.object({
@@ -419,7 +434,7 @@ zod.z.object({
 });
 
 const updateAccountInputSchema = zod.z.object({
-  account: payment_schema.accountInsertSchema
+  account: paymentRequest_schema.accountInsertSchema
 });
 
 const getBankAccountsInputSchema = zod.z.object({
@@ -434,6 +449,13 @@ const disconnectAccountInputSchema = zod.z.object({
   accountId: zod.z.uuid()
 });
 
+const handleAuthorizationCallbackInputSchema = zod.z.object({
+  paymentId: zod.z.string().uuid().optional(),
+  batchId: zod.z.string().uuid().optional()
+}).refine((data) => data.paymentId || data.batchId, {
+  message: "Either paymentId or batchId is required"
+});
+
 const sendPaymentSyncInputSchema = sendPaymentInputSchema;
 
 var __defProp = Object.defineProperty;
@@ -593,12 +615,45 @@ let BankServiceBase = class extends backendSdk.develitWorker(cloudflare_workers.
       }).command.execute();
       statusChanged = true;
     }
+    if (statusChanged) {
+      const paymentRequests = await drizzle.getPaymentRequestsByBatchIdQuery(this.db, {
+        batchId: batch.id
+      });
+      const perPaymentStatuses = "payments" in apiResponse ? apiResponse.payments : null;
+      const batchStatusToPaymentStatus = {
+        SIGNED: "SIGNED",
+        COMPLETED: "COMPLETED",
+        FAILED: "FAILED",
+        SIGNATURE_FAILED: "FAILED"
+      };
+      for (const pr of paymentRequests) {
+        let newStatus = pr.status;
+        if (perPaymentStatuses) {
+          const match = perPaymentStatuses.find(
+            (p) => p.merchantTransactionId === pr.id
+          );
+          if (match) {
+            newStatus = mock_connector.mapFinbricksTransactionStatus(
+              match.resultCode
+            );
+          }
+        } else {
+          newStatus = batchStatusToPaymentStatus[currentStatus] ?? pr.status;
+        }
+        if (newStatus !== pr.status) {
+          await drizzle.updatePaymentRequestStatusCommand(this.db, {
+            id: pr.id,
+            status: newStatus,
+            processedAt: newStatus === "COMPLETED" || newStatus === "FAILED" ? /* @__PURE__ */ new Date() : void 0
+          }).command.execute();
+        }
+      }
+    }
     return {
       batchId: batch.id,
       previousStatus,
       currentStatus,
       statusChanged
-      // eventSent,
     };
   }
   async updateBatchStatuses(input) {
@@ -670,6 +725,77 @@ let BankServiceBase = class extends backendSdk.develitWorker(cloudflare_workers.
       }
     );
   }
+  async handleAuthorizationCallback(input) {
+    return this.handleAction(
+      { data: input, schema: handleAuthorizationCallbackInputSchema },
+      { successMessage: "Authorization callback processed" },
+      async ({ paymentId, batchId }) => {
+        let targetBatchId = null;
+        let paymentsUpdated = 0;
+        if (paymentId) {
+          const pr = await getPaymentRequestByIdQuery(this.db, { paymentId });
+          if (!pr) {
+            throw backendSdk.createInternalError(null, {
+              message: `Payment request not found: ${paymentId}`,
+              code: "DB-B-008",
+              status: 404
+            });
+          }
+          if (pr.status !== "SIGNED" && pr.status !== "COMPLETED") {
+            await drizzle.updatePaymentRequestStatusCommand(this.db, {
+              id: paymentId,
+              status: "SIGNED"
+            }).command.execute();
+            paymentsUpdated = 1;
+          }
+          targetBatchId = pr.batchId;
+        }
+        if (batchId) {
+          targetBatchId = batchId;
+          const batchPayments = await drizzle.getPaymentRequestsByBatchIdQuery(
+            this.db,
+            {
+              batchId
+            }
+          );
+          for (const pr of batchPayments) {
+            if (pr.status !== "SIGNED" && pr.status !== "COMPLETED") {
+              await drizzle.updatePaymentRequestStatusCommand(this.db, {
+                id: pr.id,
+                status: "SIGNED"
+              }).command.execute();
+              paymentsUpdated++;
+            }
+          }
+        }
+        let batchSigned = false;
+        if (targetBatchId) {
+          const allPayments = await drizzle.getPaymentRequestsByBatchIdQuery(this.db, {
+            batchId: targetBatchId
+          });
+          const allDone = allPayments.every(
+            (p) => p.status === "SIGNED" || p.status === "COMPLETED"
+          );
+          if (allDone) {
+            const batch = await drizzle.getBatchByIdQuery(this.db, {
+              batchId: targetBatchId
+            });
+            if (batch && batch.status !== "SIGNED") {
+              await drizzle.upsertBatchCommand(this.db, {
+                batch: { ...batch, status: "SIGNED" }
+              }).command.execute();
+              batchSigned = true;
+            }
+          }
+        }
+        return {
+          paymentsUpdated,
+          batchId: targetBatchId,
+          batchSigned
+        };
+      }
+    );
+  }
   async addPaymentsToBatch({
     paymentsToBatch
   }) {
@@ -715,21 +841,24 @@ let BankServiceBase = class extends backendSdk.develitWorker(cloudflare_workers.
           (p) => p.sendAsSinglePayment !== true
         );
         for (const singlePayment of singlePayments) {
-          const batchedPayment = mock_connector.toBatchedPayment(singlePayment);
-          const { command } = drizzle.upsertBatchCommand(this.db, {
+          const batchId = backendSdk.uuidv4();
+          const { command: upsertBatch } = drizzle.upsertBatchCommand(this.db, {
             batch: {
-              id: backendSdk.uuidv4(),
+              id: batchId,
               authorizationUrls: [],
               accountId: acc.id,
               paymentType: singlePayment.paymentType,
-              payments: [batchedPayment],
               status: "OPEN",
-              metadata: {
-                sizeLimit: 1
-              }
+              metadata: { sizeLimit: 1 }
             }
           });
-          await command.execute();
+          const { command: insertPaymentRequest } = createPaymentRequestCommand(
+            this.db,
+            {
+              paymentRequest: mock_connector.toPaymentRequestInsert(singlePayment, batchId)
+            }
+          );
+          await this.db.batch([upsertBatch, insertPaymentRequest]);
           this.log({
             message: `\u2728 Created single payment batch (${singlePayment.paymentType}) for account ${acc.id}`
           });
@@ -744,30 +873,48 @@ let BankServiceBase = class extends backendSdk.develitWorker(cloudflare_workers.
               accountId: acc.id,
               paymentType
             });
-            const availableBatch = openBatches.find(
-              (batch) => batch.payments.length < (batch.metadata?.sizeLimit ?? acc.batchSizeLimit)
-            );
-            this.log({
-              message: availableBatch ? `\u{1F504} Found existing OPEN batch (${paymentType}) for account ${acc.id}, merging ${availableBatch.payments.length} existing + ${paymentsOfType.length} new payments` : `\u2728 Creating new batch (${paymentType}) for account ${acc.id} with ${paymentsOfType.length} payments`
-            });
-            const batchedPayments = paymentsOfType.map(mock_connector.toBatchedPayment);
-            const { command } = drizzle.upsertBatchCommand(this.db, {
-              batch: availableBatch ? {
-                ...availableBatch,
-                payments: [...availableBatch.payments, ...batchedPayments]
-              } : {
-                id: backendSdk.uuidv4(),
+            let batchId;
+            let availableCount = 0;
+            let availableBatch;
+            for (const ob of openBatches) {
+              const existingPayments = await drizzle.getPaymentRequestsByBatchIdQuery(
+                this.db,
+                { batchId: ob.id }
+              );
+              const limit = ob.metadata?.sizeLimit ?? acc.batchSizeLimit;
+              if (existingPayments.length < limit) {
+                availableBatch = ob;
+                availableCount = existingPayments.length;
+                break;
+              }
+            }
+            if (availableBatch) {
+              batchId = availableBatch.id;
+              this.log({
+                message: `\u{1F504} Found existing OPEN batch (${paymentType}) for account ${acc.id}, merging ${availableCount} existing + ${paymentsOfType.length} new payments`
+              });
+            } else {
+              batchId = backendSdk.uuidv4();
+              this.log({
+                message: `\u2728 Creating new batch (${paymentType}) for account ${acc.id} with ${paymentsOfType.length} payments`
+              });
+            }
+            const { command: upsertBatch } = drizzle.upsertBatchCommand(this.db, {
+              batch: availableBatch ? { ...availableBatch } : {
+                id: batchId,
                 authorizationUrls: [],
                 accountId: acc.id,
                 paymentType,
-                payments: batchedPayments,
                 status: "OPEN",
-                metadata: {
-                  sizeLimit: acc.batchSizeLimit
-                }
+                metadata: { sizeLimit: acc.batchSizeLimit }
               }
             });
-            await command.execute();
+            const paymentRequestCommands = paymentsOfType.map(
+              (p) => createPaymentRequestCommand(this.db, {
+                paymentRequest: mock_connector.toPaymentRequestInsert(p, batchId)
+              }).command
+            );
+            await this.db.batch([upsertBatch, ...paymentRequestCommands]);
             this.log({
               message: `\u2705 Batch (${paymentType}) upserted successfully for account ${acc.id}`
             });
@@ -1256,6 +1403,24 @@ let BankServiceBase = class extends backendSdk.develitWorker(cloudflare_workers.
       }
     );
   }
+  async getFinbricksSupportedBanks() {
+    const privateKeyPem = (await this.env.SECRETS_STORE.get({
+      secretName: "BANK_SERVICE_FINBRICKS_PRIVATE_KEY_PEM"
+    })).data?.secretValue || "";
+    const client = new mock_connector.FinbricksClient(
+      this.env.FINBRICKS_BASE_URI,
+      this.env.FINBRICKS_MERCHANT_ID,
+      privateKeyPem,
+      this.env.REDIRECT_URI
+    );
+    return client.request({
+      endpoint: mock_connector.FINBRICKS_ENDPOINTS.BANK_INFO,
+      method: "GET",
+      query: {
+        merchantId: this.env.FINBRICKS_MERCHANT_ID
+      }
+    });
+  }
 };
 __decorateClass([
   backendSdk.action("get-payments")
@@ -1272,6 +1437,9 @@ __decorateClass([
 __decorateClass([
   backendSdk.action("update-batch-statuses")
 ], BankServiceBase.prototype, "updateBatchStatuses", 1);
+__decorateClass([
+  backendSdk.action("handle-authorization-callback")
+], BankServiceBase.prototype, "handleAuthorizationCallback", 1);
 __decorateClass([
   backendSdk.action("add-payments-to-batch")
 ], BankServiceBase.prototype, "addPaymentsToBatch", 1);