collection-api-refacil-mcp 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +731 -0
  3. package/dist/config.d.ts +16 -0
  4. package/dist/config.js +70 -0
  5. package/dist/config.js.map +1 -0
  6. package/dist/core/auth.d.ts +26 -0
  7. package/dist/core/auth.js +150 -0
  8. package/dist/core/auth.js.map +1 -0
  9. package/dist/core/resources.d.ts +24 -0
  10. package/dist/core/resources.js +119 -0
  11. package/dist/core/resources.js.map +1 -0
  12. package/dist/core/tools.d.ts +48 -0
  13. package/dist/core/tools.js +933 -0
  14. package/dist/core/tools.js.map +1 -0
  15. package/dist/index.d.ts +2 -0
  16. package/dist/index.js +204 -0
  17. package/dist/index.js.map +1 -0
  18. package/package.json +61 -0
package/dist/config.d.ts ADDED
@@ -0,0 +1,16 @@
1
+ export declare const appConfig: {
2
+ readonly name: "collection-api-refacil";
3
+ readonly description: "MCP API for Collection API Refacil";
4
+ readonly baseUrl: string;
5
+ readonly port: number;
6
+ readonly environment: string;
7
+ readonly authType: "secretId";
8
+ readonly secretId: string;
9
+ readonly apiToken: string | undefined;
10
+ readonly username: string;
11
+ readonly password: string;
12
+ readonly secretKey: string;
13
+ readonly authEndpoint: string;
14
+ readonly tokenCacheTtl: number;
15
+ readonly mcpToken: string | undefined;
16
+ };
package/dist/config.js ADDED
@@ -0,0 +1,70 @@
1
+ import { config } from 'dotenv';
2
+ // Cargar variables de entorno
3
+ config();
4
+ // Detectar modo de ejecución
5
+ const mode = process.argv.includes('--http') || process.env.MCP_MODE === 'http' ? 'http' : 'stdio';
6
+ // Validar variables de entorno requeridas
7
+ const requiredEnvVars = ["BASE_URL"];
8
+ const missingVars = requiredEnvVars.filter(varName => {
9
+ const value = process.env[varName];
10
+ return !value || value.trim().length === 0;
11
+ });
12
+ if (missingVars.length > 0) {
13
+ const guidance = [
14
+ "Añade las variables faltantes en la configuración MCP de tu IDE (Cursor, Claude Desktop, etc.)",
15
+ "'env': {",
16
+ missingVars.map(varName => ` "${varName}": "valor"`).join(',\n'),
17
+ "}"
18
+ ].join('\n');
19
+ throw new Error(`❌ Faltan variables de entorno requeridas: ${missingVars.join(', ')}\n${guidance}`);
20
+ }
21
+ // Validar variables opcionales según modo
22
+ const optionalEnvVars = ["SECRET_ID", "AUTH_ENDPOINT"];
23
+ const missingOptionalVars = optionalEnvVars.filter(varName => {
24
+ const value = process.env[varName];
25
+ return !value || value.trim().length === 0;
26
+ });
27
+ if (missingOptionalVars.length > 0) {
28
+ if (mode === 'stdio') {
29
+ // En modo STDIO, las variables son requeridas
30
+ const guidance = [
31
+ "Añade las variables faltantes en la configuración MCP de tu IDE (Cursor, Claude Desktop, etc.)",
32
+ "'env': {",
33
+ missingOptionalVars.map(varName => ` "${varName}": "valor"`).join(',\n'),
34
+ "}"
35
+ ].join('\n');
36
+ throw new Error(`❌ Faltan variables de entorno requeridas para modo STDIO: ${missingOptionalVars.join(', ')}\n${guidance}`);
37
+ }
38
+ else {
39
+ // En modo HTTP, son opcionales (pueden venir del header X-Secret-ID)
40
+ console.error(`⚠️ Variables opcionales no configuradas: ${missingOptionalVars.join(', ')}`);
41
+ console.error(` En modo HTTP, puedes proporcionar SECRET_ID via header X-Secret-ID en cada request`);
42
+ }
43
+ }
44
+ const port = Number.parseInt(process.env.PORT || '3008', 10);
45
+ const tokenCacheTtl = Number.parseInt(process.env.TOKEN_CACHE_TTL || '3600', 10);
46
+ // En HTTP mode, secretId y authEndpoint son opcionales (vienen del header X-Secret-ID)
47
+ // En STDIO mode, son requeridos (ya validados arriba)
48
+ const secretId = process.env.SECRET_ID || '';
49
+ const authEndpoint = process.env.AUTH_ENDPOINT || '';
50
+ const apiToken = process.env.API_TOKEN;
51
+ const username = process.env.USERNAME || '';
52
+ const password = process.env.PASSWORD || '';
53
+ const secretKey = process.env.SECRET_KEY || '';
54
+ export const appConfig = {
55
+ name: 'collection-api-refacil',
56
+ description: 'MCP API for Collection API Refacil',
57
+ baseUrl: process.env.BASE_URL,
58
+ port,
59
+ environment: process.env.ENVIRONMENT || process.env.NODE_ENV || 'development',
60
+ authType: 'secretId',
61
+ secretId,
62
+ apiToken,
63
+ username,
64
+ password,
65
+ secretKey,
66
+ authEndpoint,
67
+ tokenCacheTtl,
68
+ mcpToken: process.env.MCP_TOKEN ?? undefined
69
+ };
70
+ //# sourceMappingURL=config.js.map
package/dist/config.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,8BAA8B;AAC9B,MAAM,EAAE,CAAC;AAET,6BAA6B;AAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;AAEnG,0CAA0C;AAC1C,MAAM,eAAe,GAAG,CAAC,UAAU,CAAC,CAAC;AACrC,MAAM,WAAW,GAAG,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACnC,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,CAAC;AAC7C,CAAC,CAAC,CAAC;AAEH,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;IAC3B,MAAM,QAAQ,GAAG;QACf,gGAAgG;QAChG,UAAU;QACV,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,OAAO,YAAY,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;QACjE,GAAG;KACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEb,MAAM,IAAI,KAAK,CACb,6CAA6C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,QAAQ,EAAE,CACnF,CAAC;AACJ,CAAC;AAED,0CAA0C;AAC1C,MAAM,eAAe,GAAa,CAAC,WAAW,EAAC,eAAe,CAAC,CAAC;AAChE,MAAM,mBAAmB,GAAG,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE;IAC3D,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACnC,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,CAAC;AAC7C,CAAC,CAAC,CAAC;AAEH,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;IACnC,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;QACrB,8CAA8C;QAC9C,MAAM,QAAQ,GAAG;YACf,gGAAgG;YAChG,UAAU;YACV,mBAAmB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,OAAO,YAAY,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;YACzE,GAAG;SACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEb,MAAM,IAAI,KAAK,CACb,6DAA6D,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,QAAQ,EAAE,CAC3G,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,qEAAqE;QACrE,OAAO,CAAC,KAAK,CAAC,6CAA6C,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7F,OAAO,CAAC,KAAK,CAAC,uFAAuF,CAAC,CAAC;IACzG,CAAC;AACH,CAAC;AAED,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,MAAM,EAAE,EAAE,CAAC,CAAC;AAC7D,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,MAAM,EAAE,EAAE,CAAC,CAAC;AAEjF,uFAAuF;AACvF,sDAAsD;AACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC;AAC7C,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,EAAE,CAAC;AACrD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC;AACvC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC;AAC5C,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC;AAC5C,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC;AAE/C,MAAM,CAAC,MAAM,SAAS,GAAG;IACvB,IAAI,EAAE,wBAAwB;IAC9B,WAAW,EAAE,oCAAoC;IACjD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,QAAS;IAC9B,IAAI;IACJ,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,aAAa;IAC7E,QAAQ,EAAE,UAAU;IACpB,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,SAAS;IACT,YAAY;IACZ,aAAa;IACb,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,SAAS;CACpC,CAAC"}
package/dist/core/auth.d.ts ADDED
@@ -0,0 +1,26 @@
1
+ declare class SecretIdAuthManager {
2
+ private tokenCache;
3
+ private readonly secretId;
4
+ private readonly authEndpoint;
5
+ private readonly tokenCacheTtl;
6
+ constructor(secretId: string, authEndpoint: string, tokenCacheTtl?: number);
7
+ /**
8
+ * Obtiene un token válido, renovándolo si es necesario
9
+ * @param secretId - Secret ID específico para este request (opcional, usa el global por defecto)
10
+ */
11
+ getValidToken(secretId?: string): Promise<string>;
12
+ /**
13
+ * Renueva el token llamando al endpoint de autenticación
14
+ * @param secretId - Secret ID a usar para la autenticación
15
+ */
16
+ private refreshToken;
17
+ /**
18
+ * Limpia tokens expirados
19
+ */
20
+ cleanupExpiredTokens(): void;
21
+ }
22
+ export declare const authManager: SecretIdAuthManager;
23
+ export declare function getAuthHeaders(secretId?: string): Promise<Record<string, string>>;
24
+ export declare function validateMcpToken(token: string, expectedToken: string): boolean;
25
+ export declare function setupAuthHooks(fastify: any): void;
26
+ export {};
package/dist/core/auth.js ADDED
@@ -0,0 +1,150 @@
1
+ import axios from 'axios';
2
+ class SecretIdAuthManager {
3
+ tokenCache = new Map();
4
+ secretId;
5
+ authEndpoint;
6
+ tokenCacheTtl;
7
+ constructor(secretId, authEndpoint, tokenCacheTtl = 3600) {
8
+ this.secretId = secretId;
9
+ this.authEndpoint = authEndpoint;
10
+ this.tokenCacheTtl = tokenCacheTtl;
11
+ }
12
+ /**
13
+ * Obtiene un token válido, renovándolo si es necesario
14
+ * @param secretId - Secret ID específico para este request (opcional, usa el global por defecto)
15
+ */
16
+ async getValidToken(secretId) {
17
+ const targetSecretId = secretId || this.secretId;
18
+ const cached = this.tokenCache.get(targetSecretId);
19
+ const now = Date.now();
20
+ // Verificar si el token existe y no ha expirado
21
+ if (cached && cached.expiresAt > now) {
22
+ return cached.token;
23
+ }
24
+ // Renovar token
25
+ return this.refreshToken(targetSecretId);
26
+ }
27
+ /**
28
+ * Renueva el token llamando al endpoint de autenticación
29
+ * @param secretId - Secret ID a usar para la autenticación
30
+ */
31
+ async refreshToken(secretId) {
32
+ try {
33
+ console.error(`🔑 Solicitando token de autenticación...`);
34
+ console.error(` URL: ${this.authEndpoint}`);
35
+ console.error(` Secret ID: ${secretId.substring(0, 10)}...`);
36
+ const response = await axios.post(this.authEndpoint, {
37
+ secretId: secretId
38
+ }, {
39
+ headers: {
40
+ 'Content-Type': 'application/json'
41
+ },
42
+ timeout: 30000, // 30 segundos de timeout
43
+ validateStatus: (status) => status < 500 // No lanzar error en 4xx
44
+ });
45
+ console.error(`📥 Respuesta recibida: HTTP ${response.status}`);
46
+ // Validar respuesta exitosa
47
+ if (response.status !== 200) {
48
+ console.error(`❌ Error HTTP: ${response.status} - ${response.statusText}`);
49
+ console.error(` Respuesta: ${JSON.stringify(response.data)}`);
50
+ throw new Error(`Error en autenticación: HTTP ${response.status} - ${response.data?.message || response.statusText}`);
51
+ }
52
+ // Extraer token de la respuesta (soporta múltiples formatos)
53
+ let token = null;
54
+ // Formato 1: { payload: { token: "..." } } (Refacil estándar)
55
+ if (response.data?.payload?.token) {
56
+ token = response.data.payload.token;
57
+ }
58
+ // Formato 2: { token: "..." } (directo)
59
+ else if (response.data?.token) {
60
+ token = response.data.token;
61
+ }
62
+ // Formato 3: { data: { token: "..." } }
63
+ else if (response.data?.data?.token) {
64
+ token = response.data.data.token;
65
+ }
66
+ if (!token) {
67
+ throw new Error(`Token no encontrado en la respuesta. Estructura recibida: ${JSON.stringify(response.data)}`);
68
+ }
69
+ const expiresAt = Date.now() + (this.tokenCacheTtl * 1000);
70
+ // Almacenar en caché usando el secretId específico
71
+ this.tokenCache.set(secretId, {
72
+ token,
73
+ expiresAt
74
+ });
75
+ console.error(`✅ Token obtenido exitosamente. Expira en ${this.tokenCacheTtl} segundos`);
76
+ return token;
77
+ }
78
+ catch (error) {
79
+ // Manejo detallado de errores
80
+ if (error.code === 'ECONNREFUSED') {
81
+ console.error(`❌ Error de conexión: No se puede conectar a ${this.authEndpoint}`);
82
+ throw new Error(`No se puede conectar al servidor de autenticación. Verifica que la URL sea correcta.`);
83
+ }
84
+ else if (error.code === 'ETIMEDOUT' || error.code === 'ECONNABORTED') {
85
+ console.error(`❌ Timeout: La petición tardó más de 30 segundos`);
86
+ throw new Error(`Timeout al conectar con el servidor de autenticación.`);
87
+ }
88
+ else if (error.response) {
89
+ // El servidor respondió con un error
90
+ const errorMsg = error.response?.data?.message || error.response?.statusText || 'Error desconocido';
91
+ console.error(`❌ Error del servidor: HTTP ${error.response.status} - ${errorMsg}`);
92
+ throw new Error(`Error de autenticación: ${errorMsg}`);
93
+ }
94
+ else if (error.request) {
95
+ // La petición se hizo pero no hubo respuesta
96
+ console.error(`❌ Sin respuesta del servidor`);
97
+ console.error(` URL: ${this.authEndpoint}`);
98
+ throw new Error(`El servidor no respondió. Verifica la conectividad.`);
99
+ }
100
+ else {
101
+ // Error al configurar la petición
102
+ const errorMsg = error instanceof Error ? error.message : 'Unknown error';
103
+ console.error(`❌ Error al renovar token: ${errorMsg}`);
104
+ throw new Error(`Error al renovar token: ${errorMsg}`);
105
+ }
106
+ }
107
+ }
108
+ /**
109
+ * Limpia tokens expirados
110
+ */
111
+ cleanupExpiredTokens() {
112
+ const now = Date.now();
113
+ for (const [key, value] of this.tokenCache.entries()) {
114
+ if (value.expiresAt <= now) {
115
+ this.tokenCache.delete(key);
116
+ }
117
+ }
118
+ }
119
+ }
120
+ // Importar configuración
121
+ import { appConfig } from '../config.js';
122
+ // Construir la URL completa del endpoint de autenticación
123
+ const authUrl = `${appConfig.baseUrl}${appConfig.authEndpoint}`;
124
+ // Instancia global del gestor de autenticación usando valores de configuración
125
+ export const authManager = new SecretIdAuthManager(appConfig.secretId, authUrl, appConfig.tokenCacheTtl);
126
+ // Función helper para obtener headers autenticados
127
+ // En HTTP mode: se puede pasar secretId per-request via header X-Secret-ID
128
+ // En STDIO mode: siempre usa el secretId del .env
129
+ // IMPORTANTE: Para authType 'secretId', se incluyen tanto Authorization como x-secret-id
130
+ export async function getAuthHeaders(secretId) {
131
+ const targetSecretId = secretId || appConfig.secretId;
132
+ const token = await authManager.getValidToken(secretId);
133
+ return {
134
+ 'Authorization': `Bearer ${token}`,
135
+ 'x-secret-id': targetSecretId,
136
+ 'Content-Type': 'application/json'
137
+ };
138
+ }
139
+ // Nota: La autenticación MCP se maneja directamente en el endpoint /mcp
140
+ // No se requiere middleware global para evitar conflictos con Cursor y otros clientes MCP
141
+ // Helper para validar tokens MCP (usado internamente en endpoints)
142
+ export function validateMcpToken(token, expectedToken) {
143
+ return token === expectedToken;
144
+ }
145
+ // Función de compatibilidad - no hace nada ya que no usamos middleware global
146
+ export function setupAuthHooks(fastify) {
147
+ // No se aplican hooks globales para MCP - autenticación por endpoint
148
+ console.error('MCP authentication configured at endpoint level');
149
+ }
150
+ //# sourceMappingURL=auth.js.map
package/dist/core/auth.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/core/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAO1B,MAAM,mBAAmB;IACf,UAAU,GAA4B,IAAI,GAAG,EAAE,CAAC;IACvC,QAAQ,CAAS;IACjB,YAAY,CAAS;IACrB,aAAa,CAAS;IAEvC,YAAY,QAAgB,EAAE,YAAoB,EAAE,gBAAwB,IAAI;QAC9E,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa,CAAC,QAAiB;QACnC,MAAM,cAAc,GAAG,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC;QACjD,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACnD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,gDAAgD;QAChD,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;YACrC,OAAO,MAAM,CAAC,KAAK,CAAC;QACtB,CAAC;QAED,gBAAgB;QAChB,OAAO,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC;IAC3C,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,YAAY,CAAC,QAAgB;QACzC,IAAI,CAAC;YACH,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;YAC1D,OAAO,CAAC,KAAK,CAAC,WAAW,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,CAAC,iBAAiB,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;YAE/D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE;gBACnD,QAAQ,EAAE,QAAQ;aACnB,EAAE;gBACD,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,OAAO,EAAE,KAAK,EAAE,yBAAyB;gBACzC,cAAc,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,GAAG,GAAG,CAAC,yBAAyB;aACnE,CAAC,CAAC;YAEH,OAAO,CAAC,KAAK,CAAC,+BAA+B,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YAEhE,4BAA4B;YAC5B,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,OAAO,CAAC,KAAK,CAAC,iBAAiB,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;gBAC3E,OAAO,CAAC,KAAK,CAAC,iBAAiB,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAChE,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;YACxH,CAAC;YAED,6DAA6D;YAC7D,IAAI,KAAK,GAAkB,IAAI,CAAC;YAEhC,8DAA8D;YAC9D,IAAI,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;gBAClC,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;YACtC,CAAC;YACD,wCAAwC;iBACnC,IAAI,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;gBAC9B,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC;YAC9B,CAAC;YACD,wCAAwC;iBACnC,IAAI,QAAQ,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;gBACpC,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC;YACnC,CAAC;YAED,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,KAAK,CAAC,6DAA6D,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAChH,CAAC;YAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;YAE3D,mDAAmD;YACnD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE;gBAC5B,KAAK;gBACL,SAAS;aACV,CAAC,CAAC;YAEH,OAAO,CAAC,KAAK,CAAC,4CAA4C,IAAI,CAAC,aAAa,WAAW,CAAC,CAAC;YACzF,OAAO,KAAK,CAAC;QACf,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,8BAA8B;YAC9B,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;gBAClC,OAAO,CAAC,KAAK,CAAC,+CAA+C,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;gBAClF,MAAM,IAAI,KAAK,CAAC,sFAAsF,CAAC,CAAC;YAC1G,CAAC;iBAAM,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;gBACvE,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;gBACjE,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;YAC3E,CAAC;iBAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBAC1B,qCAAqC;gBACrC,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC,QAAQ,EAAE,UAAU,IAAI,mBAAmB,CAAC;gBACpG,OAAO,CAAC,KAAK,CAAC,8BAA8B,KAAK,CAAC,QAAQ,CAAC,MAAM,MAAM,QAAQ,EAAE,CAAC,CAAC;gBACnF,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAC;YACzD,CAAC;iBAAM,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;gBACzB,6CAA6C;gBAC7C,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBAC9C,OAAO,CAAC,KAAK,CAAC,WAAW,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;gBAC9C,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,CAAC;iBAAM,CAAC;gBACN,kCAAkC;gBAClC,MAAM,QAAQ,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBAC1E,OAAO,CAAC,KAAK,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC;gBACvD,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,oBAAoB;QAClB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC;gBAC3B,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAED,yBAAyB;AACzB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,0DAA0D;AAC1D,MAAM,OAAO,GAAG,GAAG,SAAS,CAAC,OAAO,GAAG,SAAS,CAAC,YAAY,EAAE,CAAC;AAEhE,+EAA+E;AAC/E,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,mBAAmB,CAChD,SAAS,CAAC,QAAQ,EAClB,OAAO,EACP,SAAS,CAAC,aAAa,CACxB,CAAC;AAEF,mDAAmD;AACnD,2EAA2E;AAC3E,kDAAkD;AAClD,yFAAyF;AACzF,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,QAAiB;IACpD,MAAM,cAAc,GAAG,QAAQ,IAAI,SAAS,CAAC,QAAQ,CAAC;IACtD,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;IACxD,OAAO;QACL,eAAe,EAAE,UAAU,KAAK,EAAE;QAClC,aAAa,EAAE,cAAc;QAC7B,cAAc,EAAE,kBAAkB;KACnC,CAAC;AACJ,CAAC;AAID,wEAAwE;AACxE,0FAA0F;AAE1F,mEAAmE;AACnE,MAAM,UAAU,gBAAgB,CAAC,KAAa,EAAE,aAAqB;IACnE,OAAO,KAAK,KAAK,aAAa,CAAC;AACjC,CAAC;AAED,8EAA8E;AAC9E,MAAM,UAAU,cAAc,CAAC,OAAY;IACzC,qEAAqE;IACrE,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;AACnE,CAAC"}
package/dist/core/resources.d.ts ADDED
@@ -0,0 +1,24 @@
1
+ /**
2
+ * Recursos MCP - Documentación de la API
3
+ * Auto-generado desde la colección Postman
4
+ */
5
+ export interface McpResource {
6
+ uri: string;
7
+ name: string;
8
+ description: string;
9
+ mimeType: string;
10
+ content: string;
11
+ }
12
+ export declare const resources: McpResource[];
13
+ /**
14
+ * Busca un recurso por URI
15
+ */
16
+ export declare function findResourceByUri(uri: string): McpResource | undefined;
17
+ /**
18
+ * Busca recursos por nombre (búsqueda parcial)
19
+ */
20
+ export declare function findResourcesByName(search: string): McpResource[];
21
+ /**
22
+ * Obtiene todos los URIs disponibles
23
+ */
24
+ export declare function getAllResourceUris(): string[];
package/dist/core/resources.js ADDED
@@ -0,0 +1,119 @@
1
+ /**
2
+ * Recursos MCP - Documentación de la API
3
+ * Auto-generado desde la colección Postman
4
+ */
5
+ // Recursos disponibles
6
+ export const resources = [
7
+ {
8
+ "uri": "postman://collection/refacil-collection-api",
9
+ "name": "Refacil Collection API - API Documentation",
10
+ "description": "**Base URL:** \n\n| **Environment** | **Value** |\n| --- | --- |\n| QA | [https://collection-api.qa.refacil.co](https://collection-api.qa.refacil.co) |\n| PROD | [https://collection-api.refacil.co](https://collection-api.qa.refacil.co) |\n\n \n\n#### Request your Secret ID\n\nTo start using the Collection API, you must first obtain a **Secret ID**. This ID is provided manually by the support team: 📩 `soportetecnico@refacil.com`\n\n> Once issued, the Secret ID must be included in all authentication requests using the header `x-secret-id`",
11
+ "mimeType": "text/markdown",
12
+ "content": "# Refacil Collection API\n\n**Base URL:** \n\n| **Environment** | **Value** |\n| --- | --- |\n| QA | [https://collection-api.qa.refacil.co](https://collection-api.qa.refacil.co) |\n| PROD | [https://collection-api.refacil.co](https://collection-api.qa.refacil.co) |\n\n \n\n#### Request your Secret ID\n\nTo start using the Collection API, you must first obtain a **Secret ID**. This ID is provided manually by the support team: 📩 `soportetecnico@refacil.com`\n\n> Once issued, the Secret ID must be included in all authentication requests using the header `x-secret-id`\n\n## Overview\n\nThis API collection contains 1 main items.\n\n## Available Folders\n\n- **Collection API**: **Base URL:** \n\n| **Environment** | **Value** |\n| --- | --- |\n| QA | [https://collection-api.qa.ref...\n- **Authorization**: ## 📌 Overview\n\nTo use the **Collection API**, clients must follow a two-step authentication process...\n- **Payments**\n- **Own Network Collection**: ## 📝Recommendations\n\n- Establish a dedicated **QA environment** to perform thorough testing before ...\n\n## Available Endpoints\n\nTotal endpoints: 9\n\n### Methods Distribution\n\n- GET: 2\n- POST: 7\n"
13
+ },
14
+ {
15
+ "uri": "postman://collection/refacil-collection-api/folder/collection-api",
16
+ "name": "Collection API - Documentation",
17
+ "description": "**Base URL:** \n\n| **Environment** | **Value** |\n| --- | --- |\n| QA | [https://collection-api.qa.refacil.co](https://collection-api.qa.refacil.co) |\n| PROD | [https://collection-api.refacil.co](https://collection-api.qa.refacil.co) |\n\n \n\n#### Request your Secret ID\n\nTo start using the Collection API, you must first obtain a **Secret ID**. This ID is provided manually by the support team: 📩 `soportetecnico@refacil.com`\n\n> Once issued, the Secret ID must be included in all authentication requests using the header `x-secret-id`",
18
+ "mimeType": "text/markdown",
19
+ "content": "# Collection API\n\n**Base URL:** \n\n| **Environment** | **Value** |\n| --- | --- |\n| QA | [https://collection-api.qa.refacil.co](https://collection-api.qa.refacil.co) |\n| PROD | [https://collection-api.refacil.co](https://collection-api.qa.refacil.co) |\n\n \n\n#### Request your Secret ID\n\nTo start using the Collection API, you must first obtain a **Secret ID**. This ID is provided manually by the support team: 📩 `soportetecnico@refacil.com`\n\n> Once issued, the Secret ID must be included in all authentication requests using the header `x-secret-id`\n\n## Endpoints\n\n"
20
+ },
21
+ {
22
+ "uri": "postman://collection/refacil-collection-api/folder/authorization",
23
+ "name": "Authorization - Documentation",
24
+ "description": "## 📌 Overview\n\nTo use the **Collection API**, clients must follow a two-step authentication process:\n\n1. Generate a **JWT (Bearer Token)** using their **Secret ID**\n \n2. (Optional) Generate a **One-Time Token (OTT)** for secure access to specific endpoints\n \n\nEach request must include the correct headers. Tokens have time-based expiration.",
25
+ "mimeType": "text/markdown",
26
+ "content": "# Authorization\n\n## 📌 Overview\n\nTo use the **Collection API**, clients must follow a two-step authentication process:\n\n1. Generate a **JWT (Bearer Token)** using their **Secret ID**\n \n2. (Optional) Generate a **One-Time Token (OTT)** for secure access to specific endpoints\n \n\nEach request must include the correct headers. Tokens have time-based expiration.\n\n## Endpoints\n\n### Generate JWT Authorization Token\n\n**Method**: `GET`\n\n**Path**: `/auth/jwt`\n\nThis endpoint allows third-party clients to generate a temporary **JWT Bearer token** using their assigned Secret ID. \n \nThe token is required to authenticate and access protected endpoints in the Collection API.\n\n- The token is valid for **60 minutes**.\n \n- You must include the `x-secret-id` header to request it.\n\n### Generate One-Time Token (OTT)\n\n**Method**: `POST`\n\n**Path**: `/auth/one-time-token`\n\nThis endpoint generates a **single-use token** that provides an extra layer of security for sensitive operations.\n\n- The token is valid for **60 seconds** and can only be used **once**.\n \n- You must include both `x-secret-id` and `Authorization: Bearer` headers to request it.\n \n\n### 🔐 **Endpoints that require One-Time Token**\n\n| HTTP Method | Endpoint URL | Description |\n| --- | --- | --- |\n| `POST` | `/collection/submit-payment` | Registers a payment or top-up at a branch |\n\n"
27
+ },
28
+ {
29
+ "uri": "postman://collection/refacil-collection-api/folder/own-network-collection",
30
+ "name": "Own Network Collection - Documentation",
31
+ "description": "## 📝Recommendations\n\n- Establish a dedicated **QA environment** to perform thorough testing before production deployment.\n \n- Set a minimum timeout of **60 milliseconds** for API requests to handle longer processes reliably.\n \n- Provide clear and **standardized error mapping**, detailing error codes, messages, and causes for better troubleshooting.\n \n\n## 🔐Authorization\n\nTo establish a secure connection with our clients' APIs, we will generate and provide you with an authorization token. This token will allow us to authenticate with the API that our clients build.\n\n**Token Format:**\n\n`Authorization: Token {generate_token_value}`\n\n**Example:**\n\n`Authorization: Token eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9**`",
32
+ "mimeType": "text/markdown",
33
+ "content": "# Own Network Collection\n\n## 📝Recommendations\n\n- Establish a dedicated **QA environment** to perform thorough testing before production deployment.\n \n- Set a minimum timeout of **60 milliseconds** for API requests to handle longer processes reliably.\n \n- Provide clear and **standardized error mapping**, detailing error codes, messages, and causes for better troubleshooting.\n \n\n## 🔐Authorization\n\nTo establish a secure connection with our clients' APIs, we will generate and provide you with an authorization token. This token will allow us to authenticate with the API that our clients build.\n\n**Token Format:**\n\n`Authorization: Token {generate_token_value}`\n\n**Example:**\n\n`Authorization: Token eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9**`\n\n## Endpoints\n\n### jwt-validate\n\n**Method**: `POST`\n\n**Path**: `/auth/validate`\n\nThis endpoint allows you to validate a JWT token by sending an HTTP POST request to {{base_url}}/auth/validate.\n\n**Base URL:**\n\n| **Enviroment** | **Value** |\n| --- | --- |\n| QA | [https://collection-api.qa.refacil.co](https://collection-api.qa.refacil.co) |\n| PROD | [https://collection-api.refacil.co](https://collection-api.refacil.co) |\n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| secretId | string | ✅ | The secret identifier used to validate the token. **This secretId will be shared by us with the client** |\n| token | string | ✅ | The JWT token to be validated |\n\n### 📤 Response body parameters\n\n| Field | Type | Description |\n| --- | --- | --- |\n| statusCode | number | The HTTP status code of the response |\n| message | string | A message indicating the result of the operation |\n| date | number | The timestamp of the response |\n| payload | object | The response payload containing validation results |\n| payload.valid | boolean | Indicates whether the token is valid or not |\n| payload.message | string | A message related to the validation result |\n| payload.data | object | Optional decoded token data if the token is valid |\n\n### ping\n\n**Method**: `GET`\n\n**Path**: `/ping/`\n\nThis endpoint sends an HTTP GET request to {{customer.domain.com}}/ping/ in order to check the availability of the server.\n\n### Benefits 🩺\n\n- **Fail-fast**: detects unavailability before critical operations.\n \n- **SLO-aware**: monitor per-client availability and trigger mitigations.\n \n- **Proactive ops**: enables circuit breakers and routing policies.\n \n\nThe request does not contain a request body.\n\n### Response\n\n- Status: 200\n \n- Body: \"pong\"\n\n### queryBill\n\n**Method**: `POST`\n\n**Path**: `/queryBill/`\n\nThis endpoint allows you to query a bill by sending an HTTP POST request to `{{customer.domain.com}}/queryBill/`.\n\n### Benefits 🔎\n\n- **Real-time validation**: fresh billing info from the originator.\n- **Standard error handling**: predictable codes/messages simplify UX and support.\n- **Lower coupling**: each client exposes its endpoint; the bridge resolves routing by agreement.\n- **Observability**: traceability via `transactionId` from query to payment.\n \n\n<img src=\"https://content.pstmn.io/11553f47-b117-42c5-b0e2-6a754de3c7a5/aW1hZ2UucG5n\" width=\"752\" height=\"1429\">\n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |\n| `reference` | string | ✅ | ID of the agreement (company) that is making the payment |\n| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |\n\n### **📤 Response body parameters**\n\n| **Field** | **Type** | **Description** |\n| --- | --- | --- |\n| `message` | string | A message related to the query. |\n| `reference` | string | The reference of the bill. |\n| `amount` | number | The amount of the bill. |\n| `code` | string | The code related to the bill. |\n| `user_code` | string | The user code related to the bill. |\n| `additional_data` | array | An array of additional data containing label and value pairs. |\n\n### submitTransaction\n\n**Method**: `POST`\n\n**Path**: `/submitTransaction/`\n\nThis API endpoint allows you to submit a transaction via an HTTP POST request to {{customer.domain.com}}/submitTransaction/.\n\n### Benefits 💳\n\n- **Transactional idempotency**: `transactionId` avoids double charges on retries/timeouts.\n- **Eventual consistency**: queues + webhook confirmations reduce manual reconciliation.\n- **Operational scalability**: async processing absorbs traffic spikes.\n \n\n<img src=\"https://content.pstmn.io/2a2fa301-1c9a-4346-9f5f-92dcffc49343/aW1hZ2UucG5n\" width=\"960\" height=\"1544\">\n\n### 📥 Request Body Parameters\n\n| **Field** | **Type** | **Required** | **Description** |\n| --- | --- | --- | --- |\n| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |\n| `trasanctionId` | string | ✅ | The transaction ID. |\n| `reference` | string | ✅ | The reference for the transaction. |\n| `amount` | number | ✅ | The amount of the transaction. |\n| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |\n\n### 📤 Response Body Parameters\n\n| **Field** | **Type** | **Description** |\n| --- | --- | --- |\n| `message` | string | A message regarding the transaction submission. |\n| `reference` | string | The reference for the submitted transaction. |\n| `amount` | number | The amount of the submitted transaction. |\n| `code` | string | A code related to the transaction. |\n| `user_code` | string | User-specific code related to the transaction. |\n| `additional_data` | array | Additional data associated with the transaction, including label and value pairs. |\n\n### rollbackTransaction\n\n**Method**: `POST`\n\n**Path**: `/rollbackTransaction/`\n\nThis API endpoint allows you to submit a transaction via an HTTP POST request to {{customer.domain.com}}/rollbackTransaction/.\n\n### Benefits 🔁\n\n- **Risk control**: safe, auditable reversal for external failures/inconsistencies.\n- **Full traceability**: reversal events and contingency log.\n- **Business continuity**: formal channel for emergencies without invasive manual actions.\n\n<img src=\"https://content.pstmn.io/0dc93101-f9e1-4d85-afea-2d299173587d/aW1hZ2UucG5n\" width=\"960\" height=\"1805\">\n\n#### 📥 Request Body Parameters\n\n| Field | Type | **Required** | **Description** |\n| --- | --- | --- | --- |\n| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |\n| `transactionId` | string | ✅ | The transaction ID. |\n| `reference` | string | ✅ | The reference for the transaction. |\n| `amount` | number | ✅ | The amount of the transaction. |\n| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |\n\n#### 📤 Response Body Parameters\n\n| **Field** | **Type** | **Description** |\n| --- | --- | --- |\n| `message` | string | A message indicating the status of the rollback process. |\n| `reference` | string | The reference number of the transaction. |\n| `amount` | number | The amount of the transaction. |\n| `code` | string | A status code for the rollback process. |\n| `user_code` | string | A user-specific code related to the rollback process. |\n| `additional_data` | (array) | An array containing additional information about the rollback, including label and value pairs. |\n\n### webhook\n\n**Method**: `POST`\n\n**Path**: `/webhook/`\n\nThis endpoint allows you to receive transaction notifications processed by the payment system. The merchant must implement this endpoint to receive transaction status updates.\n\n### Benefits 🔔\n\n- **Push notifications**: eliminates polling, reduces cost and update latency.\n- **Security**: signature/auth validation for trusted origin.\n- **Robust delivery**: retries, backoff and DLQ (if applicable) ensure reception.\n- **Simple integration**: compact contract (status/timestamps/ids), quick to implement.\n \n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| realAmount | number | ✅ | Real transaction amount (without costs) |\n| amount | number | ✅ | Total transaction amount (including costs) |\n| cost | string | ✅ | Total transaction cost |\n| referenceId | string | ✅ | Unique transaction identifier |\n| customerReference | string | ✅ | Customer reference provided during the transaction |\n| updatedAt | string | ✅ | Date and time of last update (format: \"YYYY-MM-DD HH:mm:ss\") |\n| status | number | ✅ | Transaction status ID : 1 Pending , 2 Approved ,3 Failed |\n| sign | string | ✅ | Security signature to validate message integrity |\n\n### 📤 Response Body Parameters\n\n| Field | Type | Description |\n| --- | --- | --- |\n| statusCode | number | HTTP status code of the response |\n| message | string | Message indicating the operation result |\n| date | number | Response timestamp |\n| payload | object | Response payload (optional) |\n\n### 🔐 Security Validation\n\nThe sign field must be validated to ensure message integrity. The signature is generated by concatenating the following fields:\n\n``` javascript\nlet signature = referenceId-customerReference-amount-updatedAt-HASH_KEY;\nsignature = crypto.createHmac(\"sha1\", HASH_KEY).update(signature).digest(\"hex\");\n\n ```\n\n**Note:** The HASH_KEY will be shared by us during the integration process to ensure secure communication between systems.\n\n"
34
+ },
35
+ {
36
+ "uri": "postman://collection/refacil-collection-api/endpoint/get/auth/jwt",
37
+ "name": "GET /auth/jwt - Endpoint Documentation",
38
+ "description": "This endpoint allows third-party clients to generate a temporary **JWT Bearer token** using their assigned Secret ID. \n \nThe token is required to authenticate and access protected endpoints in the Collection API.\n\n- The token is valid for **60 minutes**.\n \n- You must include the `x-secret-id` header to request it.",
39
+ "mimeType": "text/markdown",
40
+ "content": "# Generate JWT Authorization Token\n\n## Request Details\n\n**Method**: `GET`\n\n**Path**: `/auth/jwt`\n\n## Description\n\nThis endpoint allows third-party clients to generate a temporary **JWT Bearer token** using their assigned Secret ID. \n \nThe token is required to authenticate and access protected endpoints in the Collection API.\n\n- The token is valid for **60 minutes**.\n \n- You must include the `x-secret-id` header to request it.\n\n## Headers\n\n- **x-secret-id**: 64c0f2660d7b59d35197e5c77a5543c1aaf94c17************\n\n"
41
+ },
42
+ {
43
+ "uri": "postman://collection/refacil-collection-api/endpoint/post/auth/one-time-token",
44
+ "name": "POST /auth/one-time-token - Endpoint Documentation",
45
+ "description": "This endpoint generates a **single-use token** that provides an extra layer of security for sensitive operations.\n\n- The token is valid for **60 seconds** and can only be used **once**.\n \n- You must include both `x-secret-id` and `Authorization: Bearer` headers to request it.\n \n\n### 🔐 **Endpoints that require One-Time Token**\n\n| HTTP Method | Endpoint URL | Description |\n| --- | --- | --- |\n| `POST` | `/collection/submit-payment` | Registers a payment or top-up at a branch |",
46
+ "mimeType": "text/markdown",
47
+ "content": "# Generate One-Time Token (OTT)\n\n## Request Details\n\n**Method**: `POST`\n\n**Path**: `/auth/one-time-token`\n\n## Description\n\nThis endpoint generates a **single-use token** that provides an extra layer of security for sensitive operations.\n\n- The token is valid for **60 seconds** and can only be used **once**.\n \n- You must include both `x-secret-id` and `Authorization: Bearer` headers to request it.\n \n\n### 🔐 **Endpoints that require One-Time Token**\n\n| HTTP Method | Endpoint URL | Description |\n| --- | --- | --- |\n| `POST` | `/collection/submit-payment` | Registers a payment or top-up at a branch |\n\n## Headers\n\n- **x-secret-id**: 64c0f2660d7b59d35197e5c77a5543c1aaf94c17************\n- **Authorization**: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiUGlwZSBUZXN0IiwiY3VzdG9tZXJJZCI6NzgyLCJpYXQiOjE3NTE4OTc5MzUsImV4cCI6MTc1MTkwMTUzNX0.dHKl4DduA8ySqG2KkSVoGWLi0IujplL0olDopsUR4L_bQXhJKBfTg98JukRd8JpOXSOtKwy6TgPiiLA7AMFedbthfkAR_fFBw7Bxvr88vIMfj6BkCIUm2HdO_CX1bkLK0AxMRJx1Qvvq9eyE3ojhDrrgU6QndcCMjI3EQ0EFZVuGzKkw2JEa3QygUbtN5O6sGIJxMS6fOjFqAwoLHRzY16kztWtqK3EYQNYD-eH9rt7-cdMiZ_3sxxOBKi8NPKJdlCQ3d8YA6kcdYwK74nEj6SR_19uy6lY_5AMRE6jrWyad2BwjZ74uuXtv5X3JflE5rpANe7tYUTASS-9Dwb9x3w\n\n## Request Body\n\n**Type**: `raw`\n\n```json\n{\n \"service\": \"/collection/submit-payment\"\n}\n```\n\n"
48
+ },
49
+ {
50
+ "uri": "postman://collection/refacil-collection-api/endpoint/post/collection/submit-payment",
51
+ "name": "POST /collection/submit-payment - Endpoint Documentation",
52
+ "description": "## Description\n\nThis endpoint handles financial transactions and collections. It processes payments, validates customers and companies, and integrates with a payment processing system. The service includes transaction amount validation, customer verification, and company balance management.\n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| `reference` | Integer | ✅ | Unique transaction reference number |\n| `agreementId` | Integer | ✅ | ID of the agreement (company) that is making the payment |\n| `amount` | Integer | ✅ | Amount to be charged, in COP (Colombian Pesos) |\n| `date` | String | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | String | ✅ | Transaction time in format `HH:mm` (24-hour clock, Bogotá time zone) |\n\n---\n\n### 🏢 Available Agreements\n\n| `agreementId` | Company Name |\n| --- | --- |\n| `18252` | Apostar |\n| `18253` | Susuerte |\n\n⚠️ Only the above `agreementId`s are currently authorized to use this service.\n\n---",
53
+ "mimeType": "text/markdown",
54
+ "content": "# Submit Payment\n\n## Request Details\n\n**Method**: `POST`\n\n**Path**: `/collection/submit-payment`\n\n## Description\n\n## Description\n\nThis endpoint handles financial transactions and collections. It processes payments, validates customers and companies, and integrates with a payment processing system. The service includes transaction amount validation, customer verification, and company balance management.\n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| `reference` | Integer | ✅ | Unique transaction reference number |\n| `agreementId` | Integer | ✅ | ID of the agreement (company) that is making the payment |\n| `amount` | Integer | ✅ | Amount to be charged, in COP (Colombian Pesos) |\n| `date` | String | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | String | ✅ | Transaction time in format `HH:mm` (24-hour clock, Bogotá time zone) |\n\n---\n\n### 🏢 Available Agreements\n\n| `agreementId` | Company Name |\n| --- | --- |\n| `18252` | Apostar |\n| `18253` | Susuerte |\n\n⚠️ Only the above `agreementId`s are currently authorized to use this service.\n\n---\n\n## Headers\n\n- **Content-Type**: application/json\n- **x-secret-id**: 64c0f2660d7b59d35197e5c77a5543c1aaf94c17************\n- **Authorization**: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiUGlwZSBUZXN0IiwiY3VzdG9tZXJJZCI6NzgyLCJpYXQiOjE3NTE4OTc5MzUsImV4cCI6MTc1MTkwMTUzNX0.dHKl4DduA8ySqG2KkSVoGWLi0IujplL0olDopsUR4L_bQXhJKBfTg98JukRd8JpOXSOtKwy6TgPiiLA7AMFedbthfkAR_fFBw7Bxvr88vIMfj6BkCIUm2HdO_CX1bkLK0AxMRJx1Qvvq9eyE3ojhDrrgU6QndcCMjI3EQ0EFZVuGzKkw2JEa3QygUbtN5O6sGIJxMS6fOjFqAwoLHRzY16kztWtqK3EYQNYD-eH9rt7-cdMiZ_3sxxOBKi8NPKJdlCQ3d8YA6kcdYwK74nEj6SR_19uy6lY_5AMRE6jrWyad2BwjZ74uuXtv5X3JflE5rpANe7tYUTASS-9Dwb9x3w\n- **x-one-time-token**: 741e5c62-758d-4a3f-8ba4-4c2a0e2c0828\n\n## Request Body\n\n**Type**: `raw`\n\n```json\n{\n \"reference\": 100863,\n \"agreementId\": 2,\n \"amount\": 10000,\n \"date\": \"2025-03-30\",\n \"time\": \"01:30\"\n}\n```\n\n"
55
+ },
56
+ {
57
+ "uri": "postman://collection/refacil-collection-api/endpoint/post/auth/validate",
58
+ "name": "POST /auth/validate - Endpoint Documentation",
59
+ "description": "This endpoint allows you to validate a JWT token by sending an HTTP POST request to {{base_url}}/auth/validate.\n\n**Base URL:**\n\n| **Enviroment** | **Value** |\n| --- | --- |\n| QA | [https://collection-api.qa.refacil.co](https://collection-api.qa.refacil.co) |\n| PROD | [https://collection-api.refacil.co](https://collection-api.refacil.co) |\n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| secretId | string | ✅ | The secret identifier used to validate the token. **This secretId will be shared by us with the client** |\n| token | string | ✅ | The JWT token to be validated |\n\n### 📤 Response body parameters\n\n| Field | Type | Description |\n| --- | --- | --- |\n| statusCode | number | The HTTP status code of the response |\n| message | string | A message indicating the result of the operation |\n| date | number | The timestamp of the response |\n| payload | object | The response payload containing validation results |\n| payload.valid | boolean | Indicates whether the token is valid or not |\n| payload.message | string | A message related to the validation result |\n| payload.data | object | Optional decoded token data if the token is valid |",
60
+ "mimeType": "text/markdown",
61
+ "content": "# jwt-validate\n\n## Request Details\n\n**Method**: `POST`\n\n**Path**: `/auth/validate`\n\n## Description\n\nThis endpoint allows you to validate a JWT token by sending an HTTP POST request to {{base_url}}/auth/validate.\n\n**Base URL:**\n\n| **Enviroment** | **Value** |\n| --- | --- |\n| QA | [https://collection-api.qa.refacil.co](https://collection-api.qa.refacil.co) |\n| PROD | [https://collection-api.refacil.co](https://collection-api.refacil.co) |\n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| secretId | string | ✅ | The secret identifier used to validate the token. **This secretId will be shared by us with the client** |\n| token | string | ✅ | The JWT token to be validated |\n\n### 📤 Response body parameters\n\n| Field | Type | Description |\n| --- | --- | --- |\n| statusCode | number | The HTTP status code of the response |\n| message | string | A message indicating the result of the operation |\n| date | number | The timestamp of the response |\n| payload | object | The response payload containing validation results |\n| payload.valid | boolean | Indicates whether the token is valid or not |\n| payload.message | string | A message related to the validation result |\n| payload.data | object | Optional decoded token data if the token is valid |\n\n## Headers\n\n- **Authorization**: Token {{customer_token}}\n\n## Request Body\n\n**Type**: `raw`\n\n```json\n{\n \"secretId\": \"fe4618ed155f863fb60d183e30a9634f90dce6cc725ed9fa31fab633de5416cc\",\n \"token\": \"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiQXBvc3RhciIsImN1c3RvbWVySWQiOjIxMTksInVzZXJJZCI6MTAwMzQ0MSwiaWF0IjoxNzU0MDA4MTc5LCJleHAiOjE3NTQwMTE3Nzl9.l7TdMeKfApwJVhs1CM8srG7WOARRagCxg8FRgxrabYw7l8Qk93Re4BzngIc3g5U0zUZtoajBPWCi54D27EI7DpVEp6TmhnodPWc9Ux603DmhqNviYLIQACgtj03K8xEIa4DNqlT0VKFDRDtEBMe4nLaBjYjlS-mpi-IErFxoXoJFL2lelm_H4lPzlCboP-VRP6X0xEJo3gAiaiqy5OHPi53Kq_hPCldQYXnkbLJxHyDVAlqNG5RyG5D6sCggxycfd8U2l0RaXOEDk-WaSYd7RFJreFZooEskS06DkB31zMEVskDuFugkVM7pN0XSwzPkFHjS1UIw8gvMB15-v7I5zQ\"\n}\n```\n\n"
62
+ },
63
+ {
64
+ "uri": "postman://collection/refacil-collection-api/endpoint/get/ping",
65
+ "name": "GET /ping/ - Endpoint Documentation",
66
+ "description": "This endpoint sends an HTTP GET request to {{customer.domain.com}}/ping/ in order to check the availability of the server.\n\n### Benefits 🩺\n\n- **Fail-fast**: detects unavailability before critical operations.\n \n- **SLO-aware**: monitor per-client availability and trigger mitigations.\n \n- **Proactive ops**: enables circuit breakers and routing policies.\n \n\nThe request does not contain a request body.\n\n### Response\n\n- Status: 200\n \n- Body: \"pong\"",
67
+ "mimeType": "text/markdown",
68
+ "content": "# ping\n\n## Request Details\n\n**Method**: `GET`\n\n**Path**: `/ping/`\n\n## Description\n\nThis endpoint sends an HTTP GET request to {{customer.domain.com}}/ping/ in order to check the availability of the server.\n\n### Benefits 🩺\n\n- **Fail-fast**: detects unavailability before critical operations.\n \n- **SLO-aware**: monitor per-client availability and trigger mitigations.\n \n- **Proactive ops**: enables circuit breakers and routing policies.\n \n\nThe request does not contain a request body.\n\n### Response\n\n- Status: 200\n \n- Body: \"pong\"\n\n## Headers\n\n- **Authorization**: Token {{generate_token}}\n\n"
69
+ },
70
+ {
71
+ "uri": "postman://collection/refacil-collection-api/endpoint/post/querybill",
72
+ "name": "POST /queryBill/ - Endpoint Documentation",
73
+ "description": "This endpoint allows you to query a bill by sending an HTTP POST request to `{{customer.domain.com}}/queryBill/`.\n\n### Benefits 🔎\n\n- **Real-time validation**: fresh billing info from the originator.\n- **Standard error handling**: predictable codes/messages simplify UX and support.\n- **Lower coupling**: each client exposes its endpoint; the bridge resolves routing by agreement.\n- **Observability**: traceability via `transactionId` from query to payment.\n \n\n<img src=\"https://content.pstmn.io/11553f47-b117-42c5-b0e2-6a754de3c7a5/aW1hZ2UucG5n\" width=\"752\" height=\"1429\">\n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |\n| `reference` | string | ✅ | ID of the agreement (company) that is making the payment |\n| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |\n\n### **📤 Response body parameters**\n\n| **Field** | **Type** | **Description** |\n| --- | --- | --- |\n| `message` | string | A message related to the query. |\n| `reference` | string | The reference of the bill. |\n| `amount` | number | The amount of the bill. |\n| `code` | string | The code related to the bill. |\n| `user_code` | string | The user code related to the bill. |\n| `additional_data` | array | An array of additional data containing label and value pairs. |",
74
+ "mimeType": "text/markdown",
75
+ "content": "# queryBill\n\n## Request Details\n\n**Method**: `POST`\n\n**Path**: `/queryBill/`\n\n## Description\n\nThis endpoint allows you to query a bill by sending an HTTP POST request to `{{customer.domain.com}}/queryBill/`.\n\n### Benefits 🔎\n\n- **Real-time validation**: fresh billing info from the originator.\n- **Standard error handling**: predictable codes/messages simplify UX and support.\n- **Lower coupling**: each client exposes its endpoint; the bridge resolves routing by agreement.\n- **Observability**: traceability via `transactionId` from query to payment.\n \n\n<img src=\"https://content.pstmn.io/11553f47-b117-42c5-b0e2-6a754de3c7a5/aW1hZ2UucG5n\" width=\"752\" height=\"1429\">\n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |\n| `reference` | string | ✅ | ID of the agreement (company) that is making the payment |\n| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |\n\n### **📤 Response body parameters**\n\n| **Field** | **Type** | **Description** |\n| --- | --- | --- |\n| `message` | string | A message related to the query. |\n| `reference` | string | The reference of the bill. |\n| `amount` | number | The amount of the bill. |\n| `code` | string | The code related to the bill. |\n| `user_code` | string | The user code related to the bill. |\n| `additional_data` | array | An array of additional data containing label and value pairs. |\n\n## Headers\n\n- **Authorization**: Token {{generate_token}}\n\n## Request Body\n\n**Type**: `raw`\n\n```json\n{\n \"codCustomer\": \"1\",\n \"reference\": \"52851385\",\n \"date\": \"2025-03-16\",\n \"time\": \"15:03:04\"\n}\n```\n\n"
76
+ },
77
+ {
78
+ "uri": "postman://collection/refacil-collection-api/endpoint/post/submittransaction",
79
+ "name": "POST /submitTransaction/ - Endpoint Documentation",
80
+ "description": "This API endpoint allows you to submit a transaction via an HTTP POST request to {{customer.domain.com}}/submitTransaction/.\n\n### Benefits 💳\n\n- **Transactional idempotency**: `transactionId` avoids double charges on retries/timeouts.\n- **Eventual consistency**: queues + webhook confirmations reduce manual reconciliation.\n- **Operational scalability**: async processing absorbs traffic spikes.\n \n\n<img src=\"https://content.pstmn.io/2a2fa301-1c9a-4346-9f5f-92dcffc49343/aW1hZ2UucG5n\" width=\"960\" height=\"1544\">\n\n### 📥 Request Body Parameters\n\n| **Field** | **Type** | **Required** | **Description** |\n| --- | --- | --- | --- |\n| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |\n| `trasanctionId` | string | ✅ | The transaction ID. |\n| `reference` | string | ✅ | The reference for the transaction. |\n| `amount` | number | ✅ | The amount of the transaction. |\n| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |\n\n### 📤 Response Body Parameters\n\n| **Field** | **Type** | **Description** |\n| --- | --- | --- |\n| `message` | string | A message regarding the transaction submission. |\n| `reference` | string | The reference for the submitted transaction. |\n| `amount` | number | The amount of the submitted transaction. |\n| `code` | string | A code related to the transaction. |\n| `user_code` | string | User-specific code related to the transaction. |\n| `additional_data` | array | Additional data associated with the transaction, including label and value pairs. |",
81
+ "mimeType": "text/markdown",
82
+ "content": "# submitTransaction\n\n## Request Details\n\n**Method**: `POST`\n\n**Path**: `/submitTransaction/`\n\n## Description\n\nThis API endpoint allows you to submit a transaction via an HTTP POST request to {{customer.domain.com}}/submitTransaction/.\n\n### Benefits 💳\n\n- **Transactional idempotency**: `transactionId` avoids double charges on retries/timeouts.\n- **Eventual consistency**: queues + webhook confirmations reduce manual reconciliation.\n- **Operational scalability**: async processing absorbs traffic spikes.\n \n\n<img src=\"https://content.pstmn.io/2a2fa301-1c9a-4346-9f5f-92dcffc49343/aW1hZ2UucG5n\" width=\"960\" height=\"1544\">\n\n### 📥 Request Body Parameters\n\n| **Field** | **Type** | **Required** | **Description** |\n| --- | --- | --- | --- |\n| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |\n| `trasanctionId` | string | ✅ | The transaction ID. |\n| `reference` | string | ✅ | The reference for the transaction. |\n| `amount` | number | ✅ | The amount of the transaction. |\n| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |\n\n### 📤 Response Body Parameters\n\n| **Field** | **Type** | **Description** |\n| --- | --- | --- |\n| `message` | string | A message regarding the transaction submission. |\n| `reference` | string | The reference for the submitted transaction. |\n| `amount` | number | The amount of the submitted transaction. |\n| `code` | string | A code related to the transaction. |\n| `user_code` | string | User-specific code related to the transaction. |\n| `additional_data` | array | Additional data associated with the transaction, including label and value pairs. |\n\n## Headers\n\n- **Authorization**: Token {{generate_token}}\n\n## Request Body\n\n**Type**: `raw`\n\n```json\n{\n \"codCustomer\": \"1\",\n \"transactionId\": \"5\",\n \"reference\": \"52851385\",\n \"amount\": 77926,\n \"date\": \"2025-03-16\",\n \"time\": \"15:03:04\"\n}\n```\n\n"
83
+ },
84
+ {
85
+ "uri": "postman://collection/refacil-collection-api/endpoint/post/rollbacktransaction",
86
+ "name": "POST /rollbackTransaction/ - Endpoint Documentation",
87
+ "description": "This API endpoint allows you to submit a transaction via an HTTP POST request to {{customer.domain.com}}/rollbackTransaction/.\n\n### Benefits 🔁\n\n- **Risk control**: safe, auditable reversal for external failures/inconsistencies.\n- **Full traceability**: reversal events and contingency log.\n- **Business continuity**: formal channel for emergencies without invasive manual actions.\n\n<img src=\"https://content.pstmn.io/0dc93101-f9e1-4d85-afea-2d299173587d/aW1hZ2UucG5n\" width=\"960\" height=\"1805\">\n\n#### 📥 Request Body Parameters\n\n| Field | Type | **Required** | **Description** |\n| --- | --- | --- | --- |\n| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |\n| `transactionId` | string | ✅ | The transaction ID. |\n| `reference` | string | ✅ | The reference for the transaction. |\n| `amount` | number | ✅ | The amount of the transaction. |\n| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |\n\n#### 📤 Response Body Parameters\n\n| **Field** | **Type** | **Description** |\n| --- | --- | --- |\n| `message` | string | A message indicating the status of the rollback process. |\n| `reference` | string | The reference number of the transaction. |\n| `amount` | number | The amount of the transaction. |\n| `code` | string | A status code for the rollback process. |\n| `user_code` | string | A user-specific code related to the rollback process. |\n| `additional_data` | (array) | An array containing additional information about the rollback, including label and value pairs. |",
88
+ "mimeType": "text/markdown",
89
+ "content": "# rollbackTransaction\n\n## Request Details\n\n**Method**: `POST`\n\n**Path**: `/rollbackTransaction/`\n\n## Description\n\nThis API endpoint allows you to submit a transaction via an HTTP POST request to {{customer.domain.com}}/rollbackTransaction/.\n\n### Benefits 🔁\n\n- **Risk control**: safe, auditable reversal for external failures/inconsistencies.\n- **Full traceability**: reversal events and contingency log.\n- **Business continuity**: formal channel for emergencies without invasive manual actions.\n\n<img src=\"https://content.pstmn.io/0dc93101-f9e1-4d85-afea-2d299173587d/aW1hZ2UucG5n\" width=\"960\" height=\"1805\">\n\n#### 📥 Request Body Parameters\n\n| Field | Type | **Required** | **Description** |\n| --- | --- | --- | --- |\n| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |\n| `transactionId` | string | ✅ | The transaction ID. |\n| `reference` | string | ✅ | The reference for the transaction. |\n| `amount` | number | ✅ | The amount of the transaction. |\n| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |\n| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |\n\n#### 📤 Response Body Parameters\n\n| **Field** | **Type** | **Description** |\n| --- | --- | --- |\n| `message` | string | A message indicating the status of the rollback process. |\n| `reference` | string | The reference number of the transaction. |\n| `amount` | number | The amount of the transaction. |\n| `code` | string | A status code for the rollback process. |\n| `user_code` | string | A user-specific code related to the rollback process. |\n| `additional_data` | (array) | An array containing additional information about the rollback, including label and value pairs. |\n\n## Headers\n\n- **Authorization**: Token {{generate_token}}\n\n## Request Body\n\n**Type**: `raw`\n\n```json\n{\n \"codCustomer\": \"1\",\n \"transactionId\": \"4\",\n \"reference\": \"52851385\",\n \"amount\": 77926,\n \"date\": \"2025-03-16\",\n \"time\": \"15:03:04\"\n}\n```\n\n"
90
+ },
91
+ {
92
+ "uri": "postman://collection/refacil-collection-api/endpoint/post/webhook",
93
+ "name": "POST /webhook/ - Endpoint Documentation",
94
+ "description": "This endpoint allows you to receive transaction notifications processed by the payment system. The merchant must implement this endpoint to receive transaction status updates.\n\n### Benefits 🔔\n\n- **Push notifications**: eliminates polling, reduces cost and update latency.\n- **Security**: signature/auth validation for trusted origin.\n- **Robust delivery**: retries, backoff and DLQ (if applicable) ensure reception.\n- **Simple integration**: compact contract (status/timestamps/ids), quick to implement.\n \n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| realAmount | number | ✅ | Real transaction amount (without costs) |\n| amount | number | ✅ | Total transaction amount (including costs) |\n| cost | string | ✅ | Total transaction cost |\n| referenceId | string | ✅ | Unique transaction identifier |\n| customerReference | string | ✅ | Customer reference provided during the transaction |\n| updatedAt | string | ✅ | Date and time of last update (format: \"YYYY-MM-DD HH:mm:ss\") |\n| status | number | ✅ | Transaction status ID : 1 Pending , 2 Approved ,3 Failed |\n| sign | string | ✅ | Security signature to validate message integrity |\n\n### 📤 Response Body Parameters\n\n| Field | Type | Description |\n| --- | --- | --- |\n| statusCode | number | HTTP status code of the response |\n| message | string | Message indicating the operation result |\n| date | number | Response timestamp |\n| payload | object | Response payload (optional) |\n\n### 🔐 Security Validation\n\nThe sign field must be validated to ensure message integrity. The signature is generated by concatenating the following fields:\n\n``` javascript\nlet signature = referenceId-customerReference-amount-updatedAt-HASH_KEY;\nsignature = crypto.createHmac(\"sha1\", HASH_KEY).update(signature).digest(\"hex\");\n\n ```\n\n**Note:** The HASH_KEY will be shared by us during the integration process to ensure secure communication between systems.",
95
+ "mimeType": "text/markdown",
96
+ "content": "# webhook\n\n## Request Details\n\n**Method**: `POST`\n\n**Path**: `/webhook/`\n\n## Description\n\nThis endpoint allows you to receive transaction notifications processed by the payment system. The merchant must implement this endpoint to receive transaction status updates.\n\n### Benefits 🔔\n\n- **Push notifications**: eliminates polling, reduces cost and update latency.\n- **Security**: signature/auth validation for trusted origin.\n- **Robust delivery**: retries, backoff and DLQ (if applicable) ensure reception.\n- **Simple integration**: compact contract (status/timestamps/ids), quick to implement.\n \n\n### 📥 Request Body Parameters\n\n| Field | Type | Required | Description |\n| --- | --- | --- | --- |\n| realAmount | number | ✅ | Real transaction amount (without costs) |\n| amount | number | ✅ | Total transaction amount (including costs) |\n| cost | string | ✅ | Total transaction cost |\n| referenceId | string | ✅ | Unique transaction identifier |\n| customerReference | string | ✅ | Customer reference provided during the transaction |\n| updatedAt | string | ✅ | Date and time of last update (format: \"YYYY-MM-DD HH:mm:ss\") |\n| status | number | ✅ | Transaction status ID : 1 Pending , 2 Approved ,3 Failed |\n| sign | string | ✅ | Security signature to validate message integrity |\n\n### 📤 Response Body Parameters\n\n| Field | Type | Description |\n| --- | --- | --- |\n| statusCode | number | HTTP status code of the response |\n| message | string | Message indicating the operation result |\n| date | number | Response timestamp |\n| payload | object | Response payload (optional) |\n\n### 🔐 Security Validation\n\nThe sign field must be validated to ensure message integrity. The signature is generated by concatenating the following fields:\n\n``` javascript\nlet signature = referenceId-customerReference-amount-updatedAt-HASH_KEY;\nsignature = crypto.createHmac(\"sha1\", HASH_KEY).update(signature).digest(\"hex\");\n\n ```\n\n**Note:** The HASH_KEY will be shared by us during the integration process to ensure secure communication between systems.\n\n## Headers\n\n- **Authorization**: Token {{customer_token}}\n\n## Request Body\n\n**Type**: `raw`\n\n```json\n{\n \"realAmount\": 2500,\n \"amount\": 2400,\n \"cost\": \"100\",\n \"referenceId\": \"1769505\",\n \"customerReference\": \"REF10000016\",\n \"updatedAt\": \"2025-07-31 10:21:57\",\n \"status\": 2,\n \"sign\": \"0ef1c3c2fa48121ee51f225270194f7fb62e2892\"\n}\n```\n\n"
97
+ }
98
+ ];
99
+ /**
100
+ * Busca un recurso por URI
101
+ */
102
+ export function findResourceByUri(uri) {
103
+ return resources.find(r => r.uri === uri);
104
+ }
105
+ /**
106
+ * Busca recursos por nombre (búsqueda parcial)
107
+ */
108
+ export function findResourcesByName(search) {
109
+ const searchLower = search.toLowerCase();
110
+ return resources.filter(r => r.name.toLowerCase().includes(searchLower) ||
111
+ r.description.toLowerCase().includes(searchLower));
112
+ }
113
+ /**
114
+ * Obtiene todos los URIs disponibles
115
+ */
116
+ export function getAllResourceUris() {
117
+ return resources.map(r => r.uri);
118
+ }
119
+ //# sourceMappingURL=resources.js.map
package/dist/core/resources.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"resources.js","sourceRoot":"","sources":["../../src/core/resources.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAUH,uBAAuB;AACvB,MAAM,CAAC,MAAM,SAAS,GAAkB;IACtC;QACE,KAAK,EAAE,6CAA6C;QACpD,MAAM,EAAE,4CAA4C;QACpD,aAAa,EAAE,miBAAmiB;QACljB,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,upCAAupC;KACnqC;IACD;QACE,KAAK,EAAE,mEAAmE;QAC1E,MAAM,EAAE,gCAAgC;QACxC,aAAa,EAAE,miBAAmiB;QACljB,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,2kBAA2kB;KACvlB;IACD;QACE,KAAK,EAAE,kEAAkE;QACzE,MAAM,EAAE,+BAA+B;QACvC,aAAa,EAAE,uWAAuW;QACtX,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,k4CAAk4C;KAC94C;IACD;QACE,KAAK,EAAE,2EAA2E;QAClF,MAAM,EAAE,wCAAwC;QAChD,aAAa,EAAE,wuBAAwuB;QACvvB,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,ilTAAilT;KAC7lT;IACD;QACE,KAAK,EAAE,mEAAmE;QAC1E,MAAM,EAAE,wCAAwC;QAChD,aAAa,EAAE,wUAAwU;QACvV,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,iiBAAiiB;KAC7iB;IACD;QACE,KAAK,EAAE,+EAA+E;QACtF,MAAM,EAAE,oDAAoD;QAC5D,aAAa,EAAE,mfAAmf;QAClgB,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,kzCAAkzC;KAC9zC;IACD;QACE,KAAK,EAAE,qFAAqF;QAC5F,MAAM,EAAE,0DAA0D;QAClE,aAAa,EAAE,mgCAAmgC;QAClhC,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,y+DAAy+D;KACr/D;IACD;QACE,KAAK,EAAE,yEAAyE;QAChF,MAAM,EAAE,8CAA8C;QACtD,aAAa,EAAE,2sCAA2sC;QAC1tC,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,khEAAkhE;KAC9hE;IACD;QACE,KAAK,EAAE,+DAA+D;QACtE,MAAM,EAAE,qCAAqC;QAC7C,aAAa,EAAE,ieAAie;QAChf,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,ioBAAioB;KAC7oB;IACD;QACE,KAAK,EAAE,qEAAqE;QAC5E,MAAM,EAAE,2CAA2C;QACnD,aAAa,EAAE,ogDAAogD;QACnhD,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,61DAA61D;KACz2D;IACD;QACE,KAAK,EAAE,6EAA6E;QACpF,MAAM,EAAE,mDAAmD;QAC3D,aAAa,EAAE,uoDAAuoD;QACtpD,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,miEAAmiE;KAC/iE;IACD;QACE,KAAK,EAAE,+EAA+E;QACtF,MAAM,EAAE,qDAAqD;QAC7D,aAAa,EAAE,ooDAAooD;QACnpD,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,oiEAAoiE;KAChjE;IACD;QACE,KAAK,EAAE,mEAAmE;QAC1E,MAAM,EAAE,yCAAyC;QACjD,aAAa,EAAE,28DAA28D;QAC19D,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,q7EAAq7E;KACj8E;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,GAAW;IAC3C,OAAO,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;AAC5C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;IACzC,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC1B,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC1C,CAAC,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,CAClD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AACnC,CAAC"}
package/dist/core/tools.d.ts ADDED
@@ -0,0 +1,48 @@
1
+ import { z } from 'zod';
2
+ interface Tool {
3
+ name: string;
4
+ description: string;
5
+ inputSchema: Record<string, any>;
6
+ jsonSchema: Record<string, any>;
7
+ endpoint: string;
8
+ method: string;
9
+ parameters: any[];
10
+ headers: any[];
11
+ handler: (args: any) => Promise<any>;
12
+ }
13
+ export declare const auth_jwtTool: Tool;
14
+ export declare const auth_one_time_tokenTool: Tool;
15
+ export declare const collection_submit_paymentTool: Tool;
16
+ export declare const auth_validateTool: Tool;
17
+ export declare const pingTool: Tool;
18
+ export declare const querybillTool: Tool;
19
+ export declare const submittransactionTool: Tool;
20
+ export declare const rollbacktransactionTool: Tool;
21
+ export declare const webhookTool: Tool;
22
+ export declare const tools: Tool[];
23
+ export declare const toolsConfig: {
24
+ name: string;
25
+ description: string;
26
+ version: string;
27
+ tools: number;
28
+ };
29
+ export declare function getToolsInfo(): {
30
+ tools: {
31
+ name: string;
32
+ description: string;
33
+ inputSchema: Record<string, any>;
34
+ }[];
35
+ name: string;
36
+ description: string;
37
+ version: string;
38
+ };
39
+ export declare function validateToolInput(validator: z.ZodTypeAny, input: any): any;
40
+ export declare class ToolLogger {
41
+ private toolName;
42
+ private startTime;
43
+ constructor(toolName: string);
44
+ logStart(args: any): void;
45
+ logSuccess(result: any): void;
46
+ logError(error: any): void;
47
+ }
48
+ export {};