collection-api-refacil-mcp 1.0.5 → 1.0.7

package/README.md

@@ -270,12 +270,6 @@ Each request must include the correct headers. Tokens have time-based expiration
 - You must include both `x-secret-id` and `Authorization: Bearer` headers to request it.
     
 
-### 📥 Request Body Parameters
-
-| Field | Type | Required | Description |
-| --- | --- | --- | --- |
-| `service` | string | ✅ | Service path for which the OTT is requested (e.g. `/collection/submit-payment`). Min. 1 character, max. 256 characters. |
-
 ### 🔐 **Endpoints that require One-Time Token**
 
 | HTTP Method | Endpoint URL | Description |
@@ -299,12 +293,12 @@ This endpoint handles financial transactions and collections. It processes payme
 
 | Field | Type | Required | Description |
 | --- | --- | --- | --- |
-| `reference` | Integer | ✅ | Unique transaction reference number. Min. 1 digit, max. 50 digits. |
-| `agreementId` | Integer | ✅ | ID of the agreement (company) that is making the payment. Only authorized values (e.g. 18252, 18253). |
-| `amount` | Integer | ✅ | Amount to be charged, in COP (Colombian Pesos). Min. 1, max. per agreement. |
-| `date` | String | ✅ | Transaction date in format `YYYY-MM-DD` (10 characters). |
-| `time` | String | ✅ | Transaction time in format `HH:mm` (24-hour clock, Bogotá time zone). 5 characters. |
-| `ip` | String | ✅ | IP address of the client. Min. 7 characters (IPv4), max. 45 (IPv6). |
+| `reference` | Integer | ✅ | The reference for the transaction. Min. 1 character, max. 50 characters. |
+| `agreementId` | Integer | ✅ | ID of the agreement (company) that is making the payment |
+| `amount` | Integer | ✅ | Amount to be charged, in COP (Colombian Pesos) |
+| `date` | String | ✅ | Transaction date in format `YYYY-MM-DD` |
+| `time` | String | ✅ | Transaction time in format `HH:mm` (24-hour clock, Bogotá time zone) |
+| `ip` | String | ✅ | IP address of the client |
 
 ---
 
@@ -330,23 +324,23 @@ This endpoint handles financial transactions and collections. It processes payme
 | amount | number | Campo del body: amount |
 | date | string | Campo del body: date |
 | time | string | Campo del body: time |
+| ip | string | Campo del body: ip |
 
 ### `auth_validate`
 
-## 📝Recommendations
+Collection of Own Network services. Integrators expose these endpoints so the platform can query bills, submit payments, and receive notifications in a consistent way.
+
+## 📝 Recommendations
 
 - Establish a dedicated **QA environment** to perform thorough testing before production deployment.
-    
 - Set a minimum timeout of **60 milliseconds** for API requests to handle longer processes reliably.
-    
 - Provide clear and **standardized error mapping**, detailing error codes, messages, and causes for better troubleshooting.
-    
 
-## 🔐Authorization
+## 🔐 Authorization
 
 To establish a secure connection with our clients' APIs, we will generate and provide you with an authorization token. This token will allow us to authenticate with the API that our clients build.
 
-**Token Format:**
+**Token format:**
 
 `Authorization: Token {generate_token_value}`
 
@@ -354,6 +348,42 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 
 `Authorization: Token eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9**`
 
+## ❗ Error handling
+
+All errors must return an HTTP status code in the **4xx or 5xx family** (i.e. **400 or above**). Do not return 2xx codes when the operation has failed.
+
+- **4xx (client errors)**: 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, etc.
+- **5xx (server errors)**: 500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, etc.
+
+## 🧱 Error response structure
+
+There is no single mandatory error schema across all endpoints. One of the following patterns is recommended depending on the endpoint type.
+
+### Option A — Minimum structure (recommended for all endpoints)
+
+Return a JSON body with at least:
+
+- `statusCode` (number): HTTP status code of the response (must match the HTTP status).
+- `message` (string): Human-readable message describing the error.
+- `errorCode` (string, optional): Internal error code for integration/support (e.g. `auth.invalid`, `billing.not_found`).
+
+### Option B — Transactional endpoints (`queryBill`, `submitTransaction`, `rollbackTransaction`)
+
+For transactional operations, use this structure:
+
+- `message` (string): Message describing the error.
+- `reference` (string): Reference associated with the operation.
+- `amount` (number): Amount (0 in case of error).
+- `code` (string): Business status code (e.g. `003`, `004`).
+- `user_code` (string): User code when applicable.
+- `additional_data` (array): List of `{ "label", "value" }` objects with additional information.
+
+### Authentication errors (401/403)
+
+Some examples only return `detail` (string) or a combination of `message`, `error`, and `statusCode`. When possible, align these responses with Option A for consistency.
+
+In all cases, the error body must be JSON and must provide enough information for the integrator to identify the failure, correct the data, or decide whether to retry.
+
  This endpoint allows you to validate a JWT token by sending an HTTP POST request to {{base_url}}/auth/validate.
 
 **Base URL:**
@@ -391,20 +421,19 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 
 ### `ping`
 
-## 📝Recommendations
+Collection of Own Network services. Integrators expose these endpoints so the platform can query bills, submit payments, and receive notifications in a consistent way.
+
+## 📝 Recommendations
 
 - Establish a dedicated **QA environment** to perform thorough testing before production deployment.
-    
 - Set a minimum timeout of **60 milliseconds** for API requests to handle longer processes reliably.
-    
 - Provide clear and **standardized error mapping**, detailing error codes, messages, and causes for better troubleshooting.
-    
 
-## 🔐Authorization
+## 🔐 Authorization
 
 To establish a secure connection with our clients' APIs, we will generate and provide you with an authorization token. This token will allow us to authenticate with the API that our clients build.
 
-**Token Format:**
+**Token format:**
 
 `Authorization: Token {generate_token_value}`
 
@@ -412,6 +441,42 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 
 `Authorization: Token eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9**`
 
+## ❗ Error handling
+
+All errors must return an HTTP status code in the **4xx or 5xx family** (i.e. **400 or above**). Do not return 2xx codes when the operation has failed.
+
+- **4xx (client errors)**: 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, etc.
+- **5xx (server errors)**: 500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, etc.
+
+## 🧱 Error response structure
+
+There is no single mandatory error schema across all endpoints. One of the following patterns is recommended depending on the endpoint type.
+
+### Option A — Minimum structure (recommended for all endpoints)
+
+Return a JSON body with at least:
+
+- `statusCode` (number): HTTP status code of the response (must match the HTTP status).
+- `message` (string): Human-readable message describing the error.
+- `errorCode` (string, optional): Internal error code for integration/support (e.g. `auth.invalid`, `billing.not_found`).
+
+### Option B — Transactional endpoints (`queryBill`, `submitTransaction`, `rollbackTransaction`)
+
+For transactional operations, use this structure:
+
+- `message` (string): Message describing the error.
+- `reference` (string): Reference associated with the operation.
+- `amount` (number): Amount (0 in case of error).
+- `code` (string): Business status code (e.g. `003`, `004`).
+- `user_code` (string): User code when applicable.
+- `additional_data` (array): List of `{ "label", "value" }` objects with additional information.
+
+### Authentication errors (401/403)
+
+Some examples only return `detail` (string) or a combination of `message`, `error`, and `statusCode`. When possible, align these responses with Option A for consistency.
+
+In all cases, the error body must be JSON and must provide enough information for the integrator to identify the failure, correct the data, or decide whether to retry.
+
  This endpoint sends an HTTP GET request to {{customer.domain.com}}/ping/ in order to check the availability of the server.
 
 ### Benefits 🩺
@@ -433,20 +498,19 @@ The request does not contain a request body.
 
 ### `querybill`
 
-## 📝Recommendations
+Collection of Own Network services. Integrators expose these endpoints so the platform can query bills, submit payments, and receive notifications in a consistent way.
+
+## 📝 Recommendations
 
 - Establish a dedicated **QA environment** to perform thorough testing before production deployment.
-    
 - Set a minimum timeout of **60 milliseconds** for API requests to handle longer processes reliably.
-    
 - Provide clear and **standardized error mapping**, detailing error codes, messages, and causes for better troubleshooting.
-    
 
-## 🔐Authorization
+## 🔐 Authorization
 
 To establish a secure connection with our clients' APIs, we will generate and provide you with an authorization token. This token will allow us to authenticate with the API that our clients build.
 
-**Token Format:**
+**Token format:**
 
 `Authorization: Token {generate_token_value}`
 
@@ -454,6 +518,42 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 
 `Authorization: Token eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9**`
 
+## ❗ Error handling
+
+All errors must return an HTTP status code in the **4xx or 5xx family** (i.e. **400 or above**). Do not return 2xx codes when the operation has failed.
+
+- **4xx (client errors)**: 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, etc.
+- **5xx (server errors)**: 500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, etc.
+
+## 🧱 Error response structure
+
+There is no single mandatory error schema across all endpoints. One of the following patterns is recommended depending on the endpoint type.
+
+### Option A — Minimum structure (recommended for all endpoints)
+
+Return a JSON body with at least:
+
+- `statusCode` (number): HTTP status code of the response (must match the HTTP status).
+- `message` (string): Human-readable message describing the error.
+- `errorCode` (string, optional): Internal error code for integration/support (e.g. `auth.invalid`, `billing.not_found`).
+
+### Option B — Transactional endpoints (`queryBill`, `submitTransaction`, `rollbackTransaction`)
+
+For transactional operations, use this structure:
+
+- `message` (string): Message describing the error.
+- `reference` (string): Reference associated with the operation.
+- `amount` (number): Amount (0 in case of error).
+- `code` (string): Business status code (e.g. `003`, `004`).
+- `user_code` (string): User code when applicable.
+- `additional_data` (array): List of `{ "label", "value" }` objects with additional information.
+
+### Authentication errors (401/403)
+
+Some examples only return `detail` (string) or a combination of `message`, `error`, and `statusCode`. When possible, align these responses with Option A for consistency.
+
+In all cases, the error body must be JSON and must provide enough information for the integrator to identify the failure, correct the data, or decide whether to retry.
+
  This endpoint allows you to query a bill by sending an HTTP POST request to `{{customer.domain.com}}/queryBill/`.
 
 ### Benefits 🔎
@@ -471,17 +571,17 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 
 | Field | Type | Required | Description |
 | --- | --- | --- | --- |
-| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier). Min. 1 character, max. 50 characters. |
-| `reference` | string | ✅ | Invoice or agreement reference to query. Min. 1 character, max. 50 characters. |
-| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` (10 characters). |
-| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone). 8 characters. |
+| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |
+| `reference` | string | ✅ | ID of the agreement (company) that is making the payment |
+| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |
+| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |
 
 ### **📤 Response body parameters**
 
 | **Field** | **Type** | **Description** |
 | --- | --- | --- |
 | `message` | string | A message related to the query. |
-| `reference` | string | The reference of the bill. |
+| `reference` | string | The reference of the bill. Must be unique per transaction; once a payment has been made with a given reference, that reference cannot be reused. |
 | `amount` | number | The amount of the bill. |
 | `code` | string | The code related to the bill. |
 | `user_code` | string | The user code related to the bill. |
@@ -510,20 +610,19 @@ When `paymentOrder` is present in the response, it contains the following struct
 
 ### `submittransaction`
 
-## 📝Recommendations
+Collection of Own Network services. Integrators expose these endpoints so the platform can query bills, submit payments, and receive notifications in a consistent way.
+
+## 📝 Recommendations
 
 - Establish a dedicated **QA environment** to perform thorough testing before production deployment.
-    
 - Set a minimum timeout of **60 milliseconds** for API requests to handle longer processes reliably.
-    
 - Provide clear and **standardized error mapping**, detailing error codes, messages, and causes for better troubleshooting.
-    
 
-## 🔐Authorization
+## 🔐 Authorization
 
 To establish a secure connection with our clients' APIs, we will generate and provide you with an authorization token. This token will allow us to authenticate with the API that our clients build.
 
-**Token Format:**
+**Token format:**
 
 `Authorization: Token {generate_token_value}`
 
@@ -531,13 +630,52 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 
 `Authorization: Token eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9**`
 
+## ❗ Error handling
+
+All errors must return an HTTP status code in the **4xx or 5xx family** (i.e. **400 or above**). Do not return 2xx codes when the operation has failed.
+
+- **4xx (client errors)**: 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, etc.
+- **5xx (server errors)**: 500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, etc.
+
+## 🧱 Error response structure
+
+There is no single mandatory error schema across all endpoints. One of the following patterns is recommended depending on the endpoint type.
+
+### Option A — Minimum structure (recommended for all endpoints)
+
+Return a JSON body with at least:
+
+- `statusCode` (number): HTTP status code of the response (must match the HTTP status).
+- `message` (string): Human-readable message describing the error.
+- `errorCode` (string, optional): Internal error code for integration/support (e.g. `auth.invalid`, `billing.not_found`).
+
+### Option B — Transactional endpoints (`queryBill`, `submitTransaction`, `rollbackTransaction`)
+
+For transactional operations, use this structure:
+
+- `message` (string): Message describing the error.
+- `reference` (string): Reference associated with the operation.
+- `amount` (number): Amount (0 in case of error).
+- `code` (string): Business status code (e.g. `003`, `004`).
+- `user_code` (string): User code when applicable.
+- `additional_data` (array): List of `{ "label", "value" }` objects with additional information.
+
+### Authentication errors (401/403)
+
+Some examples only return `detail` (string) or a combination of `message`, `error`, and `statusCode`. When possible, align these responses with Option A for consistency.
+
+In all cases, the error body must be JSON and must provide enough information for the integrator to identify the failure, correct the data, or decide whether to retry.
+
  This API endpoint allows you to submit a transaction via an HTTP POST request to {{customer.domain.com}}/submitTransaction/.
 
 ### Benefits 💳
 
 - **Transactional idempotency**: `transactionId` avoids double charges on retries/timeouts.
+    
 - **Eventual consistency**: queues + webhook confirmations reduce manual reconciliation.
+    
 - **Operational scalability**: async processing absorbs traffic spikes.
+    
 - **Multiple payment items**: support for partial payments or multiple concepts within a single transaction via `paymentOrderItems`.
     
 
@@ -547,13 +685,13 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 
 | **Field** | **Type** | **Required** | **Description** |
 | --- | --- | --- | --- |
-| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier). Min. 1 character, max. 50 characters. |
-| `transactionId` | string | ✅ | The transaction ID. Min. 1 character, max. 50 characters. |
+| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |
+| `transactionId` | string | ✅ | The transaction ID. |
 | `reference` | string | ✅ | The reference for the transaction. Min. 1 character, max. 50 characters. |
-| `amount` | number | ✅ | The amount of the transaction. Max. per agreement. |
-| `paymentOrderItems` | array | ❌ | Array of payment order items (max. 10 items). Each item: `id` (number, required), `description` (string, required, min. 1 max. 50 characters), `amount` (number, required). |
-| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` (10 characters). |
-| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone). 8 characters. |
+| `amount` | number | ✅ | The amount of the transaction. |
+| `paymentOrderItems` | array | ❌ | Array of payment order items representing individual payment values within a reference with multiple values. Maximum 10 items. Each item must contain: `id` (number, required), `description` (string, required, max 50 characters), and `amount` (number, required). |
+| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |
+| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |
 
 #### 📋 PaymentOrderItems Structure
 
@@ -562,7 +700,7 @@ When using `paymentOrderItems`, each element in the array must have the followin
 | **Field** | **Type** | **Required** | **Description** |
 | --- | --- | --- | --- |
 | `id` | number | ✅ | Unique numeric identifier for the payment value |
-| `description` | string | ✅ | Description of the payment value. Min. 1 character, max. 50 characters. |
+| `description` | string | ✅ | Description of the payment value (maximum 50 characters) |
 | `amount` | number | ✅ | Numeric value to be paid |
 
 **Note**: When `paymentOrderItems` is provided, it allows processing multiple payment concepts or partial payments within a single transaction. The main `amount` field should match the sum of all `amount` values in `paymentOrderItems`.
@@ -592,20 +730,19 @@ When using `paymentOrderItems`, each element in the array must have the followin
 
 ### `rollbacktransaction`
 
-## 📝Recommendations
+Collection of Own Network services. Integrators expose these endpoints so the platform can query bills, submit payments, and receive notifications in a consistent way.
+
+## 📝 Recommendations
 
 - Establish a dedicated **QA environment** to perform thorough testing before production deployment.
-    
 - Set a minimum timeout of **60 milliseconds** for API requests to handle longer processes reliably.
-    
 - Provide clear and **standardized error mapping**, detailing error codes, messages, and causes for better troubleshooting.
-    
 
-## 🔐Authorization
+## 🔐 Authorization
 
 To establish a secure connection with our clients' APIs, we will generate and provide you with an authorization token. This token will allow us to authenticate with the API that our clients build.
 
-**Token Format:**
+**Token format:**
 
 `Authorization: Token {generate_token_value}`
 
@@ -613,6 +750,42 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 
 `Authorization: Token eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9**`
 
+## ❗ Error handling
+
+All errors must return an HTTP status code in the **4xx or 5xx family** (i.e. **400 or above**). Do not return 2xx codes when the operation has failed.
+
+- **4xx (client errors)**: 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, etc.
+- **5xx (server errors)**: 500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, etc.
+
+## 🧱 Error response structure
+
+There is no single mandatory error schema across all endpoints. One of the following patterns is recommended depending on the endpoint type.
+
+### Option A — Minimum structure (recommended for all endpoints)
+
+Return a JSON body with at least:
+
+- `statusCode` (number): HTTP status code of the response (must match the HTTP status).
+- `message` (string): Human-readable message describing the error.
+- `errorCode` (string, optional): Internal error code for integration/support (e.g. `auth.invalid`, `billing.not_found`).
+
+### Option B — Transactional endpoints (`queryBill`, `submitTransaction`, `rollbackTransaction`)
+
+For transactional operations, use this structure:
+
+- `message` (string): Message describing the error.
+- `reference` (string): Reference associated with the operation.
+- `amount` (number): Amount (0 in case of error).
+- `code` (string): Business status code (e.g. `003`, `004`).
+- `user_code` (string): User code when applicable.
+- `additional_data` (array): List of `{ "label", "value" }` objects with additional information.
+
+### Authentication errors (401/403)
+
+Some examples only return `detail` (string) or a combination of `message`, `error`, and `statusCode`. When possible, align these responses with Option A for consistency.
+
+In all cases, the error body must be JSON and must provide enough information for the integrator to identify the failure, correct the data, or decide whether to retry.
+
  This API endpoint allows you to submit a transaction via an HTTP POST request to {{customer.domain.com}}/rollbackTransaction/.
 
 ### Benefits 🔁
@@ -628,13 +801,13 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 
 | Field | Type | **Required** | **Description** |
 | --- | --- | --- | --- |
-| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier). Min. 1 character, max. 50 characters. |
-| `transactionId` | string | ✅ | The transaction ID. Min. 1 character, max. 50 characters. |
-| `reference` | string | ✅ | The reference for the transaction. Min. 1 character, max. 50 characters. |
-| `amount` | number | ✅ | The amount of the transaction. Max. per agreement. |
-| `paymentOrderItems` | array | ❌ | Array of payment order items (max. 10 items). Each item: `id` (number, required), `description` (string, required, min. 1 max. 50 characters), `amount` (number, required). |
-| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` (10 characters). |
-| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone). 8 characters. |
+| `codCustomer` | string | ✅ | The customer code. (Is a constant that identifies us with the supplier) |
+| `transactionId` | string | ✅ | The transaction ID. |
+| `reference` | string | ✅ | The reference for the transaction. |
+| `amount` | number | ✅ | The amount of the transaction. |
+| `paymentOrderItems` | array | ❌ | Array of payment order items representing individual payment values within a reference with multiple values. Maximum 10 items. Each item must contain: `id` (number, required), `description` (string, required, max 50 characters), and `amount` (number, required). |
+| `date` | string | ✅ | Transaction date in format `YYYY-MM-DD` |
+| `time` | string | ✅ | Transaction time in format `HH:mm:ss` (24-hour clock, Bogotá time zone) |
 
 #### 📋 PaymentOrderItems Structure
 
@@ -643,7 +816,7 @@ When using `paymentOrderItems`, each element in the array must have the followin
 | **Field** | **Type** | **Required** | **Description** |
 | --- | --- | --- | --- |
 | `id` | number | ✅ | Unique numeric identifier for the payment value |
-| `description` | string | ✅ | Description of the payment value. Min. 1 character, max. 50 characters. |
+| `description` | string | ✅ | Description of the payment value (maximum 50 characters) |
 | `amount` | number | ✅ | Numeric value to be paid |
 
 **Note**: When `paymentOrderItems` is provided, it allows rollback of transactions with multiple payment concepts. The main `amount` field should match the sum of all `amount` values in `paymentOrderItems`.
@@ -673,20 +846,19 @@ When using `paymentOrderItems`, each element in the array must have the followin
 
 ### `webhook`
 
-## 📝Recommendations
+Collection of Own Network services. Integrators expose these endpoints so the platform can query bills, submit payments, and receive notifications in a consistent way.
+
+## 📝 Recommendations
 
 - Establish a dedicated **QA environment** to perform thorough testing before production deployment.
-    
 - Set a minimum timeout of **60 milliseconds** for API requests to handle longer processes reliably.
-    
 - Provide clear and **standardized error mapping**, detailing error codes, messages, and causes for better troubleshooting.
-    
 
-## 🔐Authorization
+## 🔐 Authorization
 
 To establish a secure connection with our clients' APIs, we will generate and provide you with an authorization token. This token will allow us to authenticate with the API that our clients build.
 
-**Token Format:**
+**Token format:**
 
 `Authorization: Token {generate_token_value}`
 
@@ -694,6 +866,42 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 
 `Authorization: Token eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9**`
 
+## ❗ Error handling
+
+All errors must return an HTTP status code in the **4xx or 5xx family** (i.e. **400 or above**). Do not return 2xx codes when the operation has failed.
+
+- **4xx (client errors)**: 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, etc.
+- **5xx (server errors)**: 500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, etc.
+
+## 🧱 Error response structure
+
+There is no single mandatory error schema across all endpoints. One of the following patterns is recommended depending on the endpoint type.
+
+### Option A — Minimum structure (recommended for all endpoints)
+
+Return a JSON body with at least:
+
+- `statusCode` (number): HTTP status code of the response (must match the HTTP status).
+- `message` (string): Human-readable message describing the error.
+- `errorCode` (string, optional): Internal error code for integration/support (e.g. `auth.invalid`, `billing.not_found`).
+
+### Option B — Transactional endpoints (`queryBill`, `submitTransaction`, `rollbackTransaction`)
+
+For transactional operations, use this structure:
+
+- `message` (string): Message describing the error.
+- `reference` (string): Reference associated with the operation.
+- `amount` (number): Amount (0 in case of error).
+- `code` (string): Business status code (e.g. `003`, `004`).
+- `user_code` (string): User code when applicable.
+- `additional_data` (array): List of `{ "label", "value" }` objects with additional information.
+
+### Authentication errors (401/403)
+
+Some examples only return `detail` (string) or a combination of `message`, `error`, and `statusCode`. When possible, align these responses with Option A for consistency.
+
+In all cases, the error body must be JSON and must provide enough information for the integrator to identify the failure, correct the data, or decide whether to retry.
+
  This endpoint allows you to receive transaction notifications processed by the payment system. The merchant must implement this endpoint to receive transaction status updates.
 
 ### Benefits 🔔
@@ -712,12 +920,12 @@ To establish a secure connection with our clients' APIs, we will generate and pr
 | realAmount | number | ✅ | Real transaction amount (without costs) |
 | amount | number | ✅ | Total transaction amount (including costs) |
 | cost | string | ✅ | Total transaction cost |
-| referenceId | string | ✅ | Unique transaction identifier. Min. 1 character, max. 50 characters. |
-| customerReference | string | ✅ | Customer reference provided during the transaction. Min. 1 character, max. 50 characters. |
-| updatedAt | string | ✅ | Date and time of last update. Format "YYYY-MM-DD HH:mm:ss" (19 characters). |
-| status | number | ✅ | Transaction status ID: 1 Pending, 2 Approved, 3 Failed (values 1-3). |
-| sign | string | ✅ | Security signature to validate message integrity. Min. 1 character, max. 64 characters (HMAC-SHA1 hex). |
-| paymentOrderItems | array | ❌ | Array of payment order items (max. 10 items). Each item: `id` (number), `description` (min. 1 max. 50 characters), `amount` (number). |
+| referenceId | string | ✅ | Unique transaction identifier |
+| customerReference | string | ✅ | Customer reference provided during the transaction |
+| updatedAt | string | ✅ | Date and time of last update (format: "YYYY-MM-DD HH:mm:ss") |
+| status | number | ✅ | Transaction status ID : 1 Pending , 2 Approved ,3 Failed |
+| sign | string | ✅ | Security signature to validate message integrity |
+| paymentOrderItems | array | ❌ | Array of payment order items that were processed. This field is optional and will only be present when the transaction included multiple payment concepts. Each item contains: `id` (number, required), `description` (string, required), and `amount` (number, required). |
 
 #### 📋 PaymentOrderItems Structure
 
@@ -726,7 +934,7 @@ When `paymentOrderItems` is present in the webhook payload, it indicates that th
 | **Field** | **Type** | **Required** | **Description** |
 | --- | --- | --- | --- |
 | `id` | number | ✅ | Unique numeric identifier for the payment value |
-| `description` | string | ✅ | Description of the payment value. Min. 1 character, max. 50 characters. |
+| `description` | string | ✅ | Description of the payment value |
 | `amount` | number | ✅ | Numeric value that was paid |
 
 **Note**: When `paymentOrderItems` is present, the `amount` field represents the total sum of all items. Verify that the sum of `paymentOrderItems[].amount` equals the total `amount`.

package/dist/core/auth.js

@@ -128,8 +128,16 @@ export const authManager = new SecretIdAuthManager(appConfig.secretId, authUrl,
 // En STDIO mode: siempre usa el secretId del .env
 // IMPORTANTE: Para authType 'secretId', se incluyen tanto Authorization como x-secret-id
 export async function getAuthHeaders(secretId) {
-    const targetSecretId = secretId || appConfig.secretId;
-    const token = await authManager.getValidToken(secretId);
+    // Ignorar completamente el secretId de argumentos: la autenticación SIEMPRE viene de appConfig.
+    // También protegemos contra valores vacíos o placeholders como {{secretId}}.
+    const baseSecretId = appConfig.secretId && appConfig.secretId.trim() !== '' && appConfig.secretId.trim() !== '{{secretId}}'
+        ? appConfig.secretId
+        : undefined;
+    if (!baseSecretId) {
+        throw new Error('SecretId no está configurado en el MCP (appConfig.secretId). Configúralo antes de usar herramientas protegidas.');
+    }
+    const targetSecretId = baseSecretId;
+    const token = await authManager.getValidToken(targetSecretId);
     return {
         'Authorization': `Bearer ${token}`,
         'x-secret-id': targetSecretId,

package/dist/core/auth.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/core/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAO1B,MAAM,mBAAmB;IACf,UAAU,GAA4B,IAAI,GAAG,EAAE,CAAC;IACvC,QAAQ,CAAS;IACjB,YAAY,CAAS;IACrB,aAAa,CAAS;IAEvC,YAAY,QAAgB,EAAE,YAAoB,EAAE,gBAAwB,IAAI;QAC9E,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa,CAAC,QAAiB;QACnC,MAAM,cAAc,GAAG,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC;QACjD,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACnD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,gDAAgD;QAChD,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;YACrC,OAAO,MAAM,CAAC,KAAK,CAAC;QACtB,CAAC;QAED,gBAAgB;QAChB,OAAO,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC;IAC3C,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,YAAY,CAAC,QAAgB;QACzC,IAAI,CAAC;YACH,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;YAC1D,OAAO,CAAC,KAAK,CAAC,WAAW,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,CAAC,iBAAiB,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;YAE/D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE;gBACnD,QAAQ,EAAE,QAAQ;aACnB,EAAE;gBACD,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,OAAO,EAAE,KAAK,EAAE,yBAAyB;gBACzC,cAAc,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,GAAG,GAAG,CAAC,yBAAyB;aACnE,CAAC,CAAC;YAEH,OAAO,CAAC,KAAK,CAAC,+BAA+B,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YAEhE,4BAA4B;YAC5B,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,OAAO,CAAC,KAAK,CAAC,iBAAiB,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;gBAC3E,OAAO,CAAC,KAAK,CAAC,iBAAiB,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAChE,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;YACxH,CAAC;YAED,6DAA6D;YAC7D,IAAI,KAAK,GAAkB,IAAI,CAAC;YAEhC,8DAA8D;YAC9D,IAAI,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;gBAClC,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;YACtC,CAAC;YACD,wCAAwC;iBACnC,IAAI,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;gBAC9B,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC;YAC9B,CAAC;YACD,wCAAwC;iBACnC,IAAI,QAAQ,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;gBACpC,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC;YACnC,CAAC;YAED,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,KAAK,CAAC,6DAA6D,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAChH,CAAC;YAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;YAE3D,mDAAmD;YACnD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE;gBAC5B,KAAK;gBACL,SAAS;aACV,CAAC,CAAC;YAEH,OAAO,CAAC,KAAK,CAAC,4CAA4C,IAAI,CAAC,aAAa,WAAW,CAAC,CAAC;YACzF,OAAO,KAAK,CAAC;QACf,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,8BAA8B;YAC9B,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;gBAClC,OAAO,CAAC,KAAK,CAAC,+CAA+C,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;gBAClF,MAAM,IAAI,KAAK,CAAC,sFAAsF,CAAC,CAAC;YAC1G,CAAC;iBAAM,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;gBACvE,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;gBACjE,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;YAC3E,CAAC;iBAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBAC1B,qCAAqC;gBACrC,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC,QAAQ,EAAE,UAAU,IAAI,mBAAmB,CAAC;gBACpG,OAAO,CAAC,KAAK,CAAC,8BAA8B,KAAK,CAAC,QAAQ,CAAC,MAAM,MAAM,QAAQ,EAAE,CAAC,CAAC;gBACnF,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAC;YACzD,CAAC;iBAAM,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;gBACzB,6CAA6C;gBAC7C,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBAC9C,OAAO,CAAC,KAAK,CAAC,WAAW,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;gBAC9C,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,CAAC;iBAAM,CAAC;gBACN,kCAAkC;gBAClC,MAAM,QAAQ,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBAC1E,OAAO,CAAC,KAAK,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC;gBACvD,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,oBAAoB;QAClB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC;gBAC3B,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAED,yBAAyB;AACzB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,0DAA0D;AAC1D,MAAM,OAAO,GAAG,GAAG,SAAS,CAAC,OAAO,GAAG,SAAS,CAAC,YAAY,EAAE,CAAC;AAEhE,+EAA+E;AAC/E,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,mBAAmB,CAChD,SAAS,CAAC,QAAQ,EAClB,OAAO,EACP,SAAS,CAAC,aAAa,CACxB,CAAC;AAEF,mDAAmD;AACnD,2EAA2E;AAC3E,kDAAkD;AAClD,yFAAyF;AACzF,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,QAAiB;IACpD,MAAM,cAAc,GAAG,QAAQ,IAAI,SAAS,CAAC,QAAQ,CAAC;IACtD,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;IACxD,OAAO;QACL,eAAe,EAAE,UAAU,KAAK,EAAE;QAClC,aAAa,EAAE,cAAc;QAC7B,cAAc,EAAE,kBAAkB;KACnC,CAAC;AACJ,CAAC;AAID,wEAAwE;AACxE,0FAA0F;AAE1F,mEAAmE;AACnE,MAAM,UAAU,gBAAgB,CAAC,KAAa,EAAE,aAAqB;IACnE,OAAO,KAAK,KAAK,aAAa,CAAC;AACjC,CAAC;AAED,8EAA8E;AAC9E,MAAM,UAAU,cAAc,CAAC,OAAY;IACzC,qEAAqE;IACrE,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;AACnE,CAAC"}
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/core/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAO1B,MAAM,mBAAmB;IACf,UAAU,GAA4B,IAAI,GAAG,EAAE,CAAC;IACvC,QAAQ,CAAS;IACjB,YAAY,CAAS;IACrB,aAAa,CAAS;IAEvC,YAAY,QAAgB,EAAE,YAAoB,EAAE,gBAAwB,IAAI;QAC9E,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa,CAAC,QAAiB;QACnC,MAAM,cAAc,GAAG,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC;QACjD,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACnD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,gDAAgD;QAChD,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;YACrC,OAAO,MAAM,CAAC,KAAK,CAAC;QACtB,CAAC;QAED,gBAAgB;QAChB,OAAO,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC;IAC3C,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,YAAY,CAAC,QAAgB;QACzC,IAAI,CAAC;YACH,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;YAC1D,OAAO,CAAC,KAAK,CAAC,WAAW,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,CAAC,iBAAiB,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;YAE/D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE;gBACnD,QAAQ,EAAE,QAAQ;aACnB,EAAE;gBACD,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,OAAO,EAAE,KAAK,EAAE,yBAAyB;gBACzC,cAAc,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,GAAG,GAAG,CAAC,yBAAyB;aACnE,CAAC,CAAC;YAEH,OAAO,CAAC,KAAK,CAAC,+BAA+B,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YAEhE,4BAA4B;YAC5B,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,OAAO,CAAC,KAAK,CAAC,iBAAiB,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;gBAC3E,OAAO,CAAC,KAAK,CAAC,iBAAiB,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAChE,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;YACxH,CAAC;YAED,6DAA6D;YAC7D,IAAI,KAAK,GAAkB,IAAI,CAAC;YAEhC,8DAA8D;YAC9D,IAAI,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;gBAClC,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;YACtC,CAAC;YACD,wCAAwC;iBACnC,IAAI,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;gBAC9B,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC;YAC9B,CAAC;YACD,wCAAwC;iBACnC,IAAI,QAAQ,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;gBACpC,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC;YACnC,CAAC;YAED,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,KAAK,CAAC,6DAA6D,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAChH,CAAC;YAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;YAE3D,mDAAmD;YACnD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE;gBAC5B,KAAK;gBACL,SAAS;aACV,CAAC,CAAC;YAEH,OAAO,CAAC,KAAK,CAAC,4CAA4C,IAAI,CAAC,aAAa,WAAW,CAAC,CAAC;YACzF,OAAO,KAAK,CAAC;QACf,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,8BAA8B;YAC9B,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;gBAClC,OAAO,CAAC,KAAK,CAAC,+CAA+C,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;gBAClF,MAAM,IAAI,KAAK,CAAC,sFAAsF,CAAC,CAAC;YAC1G,CAAC;iBAAM,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;gBACvE,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;gBACjE,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;YAC3E,CAAC;iBAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBAC1B,qCAAqC;gBACrC,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC,QAAQ,EAAE,UAAU,IAAI,mBAAmB,CAAC;gBACpG,OAAO,CAAC,KAAK,CAAC,8BAA8B,KAAK,CAAC,QAAQ,CAAC,MAAM,MAAM,QAAQ,EAAE,CAAC,CAAC;gBACnF,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAC;YACzD,CAAC;iBAAM,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;gBACzB,6CAA6C;gBAC7C,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBAC9C,OAAO,CAAC,KAAK,CAAC,WAAW,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;gBAC9C,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,CAAC;iBAAM,CAAC;gBACN,kCAAkC;gBAClC,MAAM,QAAQ,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBAC1E,OAAO,CAAC,KAAK,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC;gBACvD,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,oBAAoB;QAClB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC;gBAC3B,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAED,yBAAyB;AACzB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,0DAA0D;AAC1D,MAAM,OAAO,GAAG,GAAG,SAAS,CAAC,OAAO,GAAG,SAAS,CAAC,YAAY,EAAE,CAAC;AAEhE,+EAA+E;AAC/E,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,mBAAmB,CAChD,SAAS,CAAC,QAAQ,EAClB,OAAO,EACP,SAAS,CAAC,aAAa,CACxB,CAAC;AAEF,mDAAmD;AACnD,2EAA2E;AAC3E,kDAAkD;AAClD,yFAAyF;AACzF,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,QAAiB;IACpD,gGAAgG;IAChG,6EAA6E;IAC7E,MAAM,YAAY,GAAG,SAAS,CAAC,QAAQ,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,cAAc;QACzH,CAAC,CAAC,SAAS,CAAC,QAAQ;QACpB,CAAC,CAAC,SAAS,CAAC;IAEd,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,iHAAiH,CAAC,CAAC;IACrI,CAAC;IAED,MAAM,cAAc,GAAG,YAAY,CAAC;IAEpC,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;IAC9D,OAAO;QACL,eAAe,EAAE,UAAU,KAAK,EAAE;QAClC,aAAa,EAAE,cAAc;QAC7B,cAAc,EAAE,kBAAkB;KACnC,CAAC;AACJ,CAAC;AAID,wEAAwE;AACxE,0FAA0F;AAE1F,mEAAmE;AACnE,MAAM,UAAU,gBAAgB,CAAC,KAAa,EAAE,aAAqB;IACnE,OAAO,KAAK,KAAK,aAAa,CAAC;AACjC,CAAC;AAED,8EAA8E;AAC9E,MAAM,UAAU,cAAc,CAAC,OAAY;IACzC,qEAAqE;IACrE,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;AACnE,CAAC"}