{
  "shell": {
    "title": "彩票接入文档",
    "admin": "管理后台",
    "adminLogin": "管理后台"
  },
  "nav": {
    "overview": "概览",
    "api": "接口",
    "ship": "发布",
    "home": "总览",
    "delivery": "接入交付",
    "quickstart": "快速开始",
    "fundamentals": "资金模型",
    "setup": "接入配置",
    "sso": "单点登录",
    "iframe": "iframe 协议",
    "wallet": "钱包网关",
    "transfer": "划转（参考）",
    "errors": "错误码",
    "troubleshooting": "联调排错",
    "golive": "上线清单",
    "operations": "运营手册",
    "adminGuide": "后台管理手册",
    "apiReference": "API 对接参考"
  },
  "headers": {
    "component": ["组件", "职责", "实现方"],
    "convention": ["项", "规则"],
    "claim": ["字段", "类型", "必填", "说明"],
    "param": ["参数", "用途"],
    "methodPath": ["方法", "路径", ""],
    "query": ["参数", "类型", ""],
    "field": ["字段", "类型", "说明"],
    "code": ["错误码", "说明"],
    "http": ["状态码", "message", "原因"],
    "message": ["方向", "消息类型", "载荷"],
    "balance": ["字段", "账户", "说明"],
    "call": ["方向", "接口", "鉴权"],
    "sequence": ["步骤", "发起方", "说明"],
    "envMap": ["项", "后台接入站点", "主站配置项", "说明"],
    "account": ["账号", "密码", "site_player_id"],
    "contract": ["场景", "HTTP", "响应体"],
    "adminField": ["字段", "说明", "示例"],
    "handoffTable": ["项", "说明", "负责方"],
    "env": ["环境", "地址示例", "说明"],
    "envelopeTable": ["方向", "消息字段", "说明"],
    "faq": ["现象", "排查方向"]
  },
  "pages": {
    "overview": {
      "title": "接入总览",
      "description": "面向主站开发/集成工程师。您需实现：JWT 签发 + 钱包网关；彩票提供 H5 与 API。",
      "roles": "职责划分",
      "flow": "业务链路",
      "e2eSequence": "端到端时序",
      "conventions": "通用约定",
      "readingOrder": "建议阅读顺序",
      "matrix": [
        ["主站（客户）", "用户登录；服务端签发 JWT；实现钱包网关", "客户"],
        ["彩票 API（我方）", "验签 JWT、划转、下注、开奖、结算", "我方"],
        ["彩票 H5（我方）", "玩家界面；iframe 或 URL 跳转入场", "我方"]
      ],
      "flowItems": [
        "用户在主站登录 → 主站服务端签发短效 JWT",
        "进入彩票 H5（iframe 嵌入或 URL ?token= 跳转）",
        "玩家在 H5 内「转入」→ 彩票回调主站扣款 → 彩票内加款",
        "玩家在 H5 内下注 / 派奖（使用彩票内余额）",
        "（可选）玩家在 H5 内「转出」→ 彩票回调主站加款"
      ],
      "e2eRows": [
        ["1", "主站", "用户登录；服务端签发 JWT（含 site_code、site_player_id）"],
        ["2", "主站", "iframe 嵌入彩票 H5，或跳转 lottery_h5_base_url/?token="],
        ["3", "彩票 H5", "收到 JWT；调用 GET /api/v1/player/me 验签并自动建档"],
        ["4", "玩家", "在 H5 内点击「转入」"],
        ["5", "彩票 API", "服务端回调主站 POST /wallet/debit-for-lottery"],
        ["6", "主站钱包", "扣减 main_balance；返回 success: true"],
        ["7", "彩票 API", "彩票内余额增加"],
        ["8", "玩家", "在 H5 内下注 / 等待派奖"],
        ["9", "玩家", "（可选）在 H5 内点击「转出」"],
        ["10", "彩票 API", "回调主站 POST /wallet/credit-from-lottery"]
      ],
      "conventionRows": [
        ["金额", "最小货币单位整数（minor），如 2000 = 20.00 NPR"],
        ["编码", "UTF-8 JSON"],
        ["时间", "JWT 使用 Unix 秒（iat / exp），建议 exp - iat ≤ 300 秒"],
        ["玩家 API 鉴权", "Authorization: Bearer {JWT}（主站签发，彩票验签）"],
        ["钱包网关鉴权", "Authorization: Bearer {wallet_api_key}（彩票回调时携带）"]
      ],
      "readingItems": [
        "接入交付 — 确认双方交付物与环境地址",
        "快速开始 — 按步骤完成首次联调",
        "接入配置 — 后台建站与密钥映射",
        "单点登录 → iframe 协议 → 钱包网关",
        "联调排错 — 常见问题",
        "上线清单 — 生产发布检查"
      ]
    },
    "delivery": {
      "title": "接入交付",
      "description": "联调开始前，请与商务/技术支持确认以下交付物。测试与生产环境须完全隔离。",
      "handoffScope": "接入范围（您需要做什么）",
      "weProvide": "我方提供",
      "youProvide": "客户需提供",
      "environment": "环境地址",
      "process": "典型接入流程",
      "note": "密钥（sso_jwt_secret、wallet_api_key）创建后仅展示一次，请立即安全保存。密钥仅保存在主站服务端，禁止写入前端或移动端。下列地址为 Tanumo 当前默认环境；客户独立部署时以商务交付为准。",
      "handoffRows": [
        ["JWT 签发", "主站登录后由服务端签发 HS256 JWT，无「登录换票」接口", "客户"],
        ["钱包网关", "实现 balance / debit / credit 三个 HTTPS 接口", "客户"],
        ["iframe 或 URL 入场", "嵌入彩票 H5 或跳转并携带 JWT", "客户"],
        ["彩票 H5 + API", "玩法、划转、下注、开奖", "我方"],
        ["接入站点与密钥", "创建 site_code 并下发密钥", "我方（超管）"]
      ],
      "provideRows": [
        ["site_code", "站点编码，写入 JWT"],
        ["sso_jwt_secret", "JWT 签名密钥（主站持有并签发）"],
        ["wallet_api_key", "彩票回调钱包网关时的 Bearer 密钥"],
        ["lottery_h5_base_url", "彩票 H5 入口（iframe src 或跳转地址）；当前默认 https://front.tanumo.com"],
        ["lottery_api_base_url", "彩票 API 根地址（联调 curl）；当前默认 https://lotterylaravel.tanumo.com"]
      ],
      "submitRows": [
        ["wallet_api_url", "客户钱包网关 HTTPS 根地址（公网可达）"],
        ["iframe_allowed_origins", "主站 origin 白名单（iframe 模式必填，每行一个）"],
        ["测试账号", "若干 site_player_id 及初始 main_balance（联调用）"],
        ["出口 IP（如需）", "若网关有 IP 白名单，请索取彩票服务端出口 IP"]
      ],
      "environmentRows": [
        ["彩票 API", "https://lotterylaravel.tanumo.com", "联调 curl：GET /api/v1/player/me"],
        ["彩票 H5 入口", "https://front.tanumo.com", "iframe / URL ?token= 跳转；钱包页示例 /wallet"],
        ["接入文档", "https://lotteryadmin.tanumo.com/docs/integration", "本文档（公开，无需登录）"],
        ["管理后台", "https://lotteryadmin.tanumo.com/admin", "超管登录；接入站点：配置 → 接入站点"],
        ["生产环境", "独立域名与密钥", "site_code、密钥、域名均不与联调共用"]
      ],
      "processSteps": [
        "商务开通接入 → 我方超管创建「接入站点」并交付密钥与 H5 地址",
        "客户实现钱包三接口并部署到公网 HTTPS（联调可先内网穿透）",
        "客户在后台填入 wallet_api_url、iframe_allowed_origins，执行连通性测试",
        "客户实现 JWT 签发与 iframe postMessage（或 URL 跳转）",
        "按「快速开始」验收清单完成联调",
        "生产环境重新建站、换密钥、全链路复测后上线"
      ]
    },
    "quickstart": {
      "title": "快速开始",
      "description": "假设已完成「接入交付」并拿到 site_code、密钥与 H5 地址。按下列步骤完成首次联调。",
      "prereq": "前置条件",
      "steps": "联调步骤",
      "acceptance": "验收清单",
      "note": "JWT 必须在主站服务端签发，禁止在前端硬编码 sso_jwt_secret。生产环境 wallet_api_url 须为公网 HTTPS。",
      "prereqItems": [
        "已收到 site_code、sso_jwt_secret、wallet_api_key、lottery_h5_base_url",
        "主站已实现 GET /wallet/balance、POST /wallet/debit-for-lottery、POST /wallet/credit-from-lottery",
        "后台「接入站点」已填入 wallet_api_url 与 iframe_allowed_origins，连通性测试通过",
        "已准备至少一个测试 site_player_id 及足够 main_balance"
      ],
      "stepItems": [
        "主站服务端实现 JWT 签发（见「单点登录」jsonwebtoken 示例）",
        "用 curl 自测：Bearer JWT 调用 GET https://lotterylaravel.tanumo.com/api/v1/player/me，应返回 code=0",
        "主站页面嵌入 <iframe src=\"https://front.tanumo.com\">，监听 postMessage",
        "收到 LOTTERY_READY 后，发送 MAIN_INIT_TOKEN（token 放在消息顶层，见 iframe 页示例）",
        "H5 进入大厅后，在 H5 内发起「转入」",
        "确认主站收到 POST /wallet/debit-for-lottery 且返回 success: true",
        "确认 H5 内彩票余额增加，尝试下注",
        "（可选）H5 内转出，确认 POST /wallet/credit-from-lottery 被回调",
        "按下方验收清单逐项勾选"
      ],
      "acceptanceItems": [
        "JWT 自测：curl https://lotterylaravel.tanumo.com/api/v1/player/me 返回 code=0，data.site_player_id 正确",
        "钱包自测：curl POST /wallet/debit-for-lottery 返回 success:true，main_balance 正确扣减",
        "幂等：相同 idempotent_key 重放，响应与首次一致，余额不重复扣",
        "iframe：LOTTERY_READY → MAIN_INIT_TOKEN 后可进入 H5 大厅",
        "转入：H5 内转入成功，主站网关日志有 debit-for-lottery 记录",
        "续签：等待 JWT 临近过期或触发 LOTTERY_TOKEN_NEEDED 后，MAIN_REFRESH_TOKEN 可续签成功"
      ]
    },
    "fundamentals": {
      "title": "资金模型",
      "balances": "两层余额",
      "calls": "调用方向",
      "note": "金额一律使用 minor 整数。信用盘（代理授信）不在本文档范围；本文档仅覆盖主站钱包盘。",
      "balanceRows": [
        ["main_balance", "主站钱包", "客户实现网关；彩票服务端回调扣款/加款"],
        ["lottery balance", "彩票内余额", "玩家转入后用于下注；由彩票 H5 展示与操作"]
      ],
      "callRows": [
        ["彩票 → 主站", "GET balance / POST debit / POST credit", "Bearer wallet_api_key"],
        ["彩票 H5 → 彩票 API", "me / 划转 / 下注 / 查余额", "Bearer 玩家 JWT（主站无需对接）"]
      ]
    },
    "setup": {
      "title": "接入配置",
      "description": "由我方超管在管理后台创建「接入站点」。创建成功后密钥仅展示一次，请立即保存。",
      "weProvide": "创建站点后我方提供",
      "youProvide": "客户需回填/提供",
      "defaultPaths": "钱包网关默认路径",
      "envMapping": "配置映射表",
      "adminSop": "后台建站步骤（我方超管）",
      "network": "网络要求",
      "note": "测试与生产的 site_code、密钥、域名须完全隔离。密钥写入主站服务端配置，不会从后台自动同步到客户系统。",
      "receiveRows": [
        ["site_code", "站点编码，写入 JWT"],
        ["sso_jwt_secret", "JWT 签名密钥（主站持有）"],
        ["wallet_api_key", "钱包回调鉴权（主站校验）"],
        ["lottery_h5_base_url", "彩票 H5 入口地址"]
      ],
      "provideRows": [
        ["wallet_api_url", "客户钱包网关 HTTPS 根地址（无 path 后缀）"],
        ["iframe_allowed_origins", "主站 origin 白名单（iframe 模式）"],
        ["测试账号", "site_player_id 列表 + 初始余额"]
      ],
      "pathRows": [
        ["GET", "/wallet/balance", "余额查询"],
        ["POST", "/wallet/debit-for-lottery", "扣款（转入时）"],
        ["POST", "/wallet/credit-from-lottery", "加款（转出时）"]
      ],
      "envMappingRows": [
        ["site_code", "code", "MAIN_SITE_CODE", "JWT 与玩家建档标识；双方须一致"],
        ["SSO 密钥", "sso_jwt_secret", "MAIN_SITE_SSO_JWT_SECRET", "主站签发 JWT；彩票验签"],
        ["钱包鉴权", "wallet_api_key", "MAIN_SITE_WALLET_API_KEY", "彩票回调主站时 Bearer 携带"],
        ["钱包根地址", "wallet_api_url", "（主站部署）", "客户 HTTPS 根地址；彩票拼接 /wallet/*"],
        ["彩票 API", "—", "—", "当前默认 https://lotterylaravel.tanumo.com；玩家/钱包业务 API 根地址"],
        ["彩票 H5", "lottery_h5_base_url", "（主站 iframe src）", "当前默认 https://front.tanumo.com"],
        ["iframe 白名单", "iframe_allowed_origins", "（主站 origin）", "须与主站实际 origin 一致"]
      ],
      "adminSopSteps": [
        "超管登录管理后台 → 左侧「配置」→「接入站点」",
        "点击新建：填写站点编码（site_code）、名称、默认币种",
        "填写 wallet_api_url（HTTPS 根地址）、lottery_h5_base_url、iframe_allowed_origins",
        "创建成功后立即保存页面展示的 sso_jwt_secret、wallet_api_key",
        "将密钥安全交付客户；客户在主站服务端配置",
        "在站点列表执行「连通性测试」（探测 GET /wallet/balance）"
      ],
      "adminFieldRows": [
        ["code", "站点编码，写入 JWT site_code", "partner_demo"],
        ["wallet_api_url", "客户钱包网关 HTTPS 根地址", "https://wallet.partner.com"],
        ["lottery_h5_base_url", "彩票 H5 入口", "https://front.tanumo.com"],
        ["iframe_allowed_origins", "允许嵌入的主站 origin", "https://www.partner.com"],
        ["sso_jwt_secret", "创建后一次性展示", "—"],
        ["wallet_api_key", "创建后一次性展示", "—"]
      ],
      "networkItems": [
        "钱包回调由彩票服务端发起（非玩家浏览器），客户网关须对彩票服务器网络可达",
        "生产环境 wallet_api_url 须为 HTTPS 公网地址（不接受 localhost / 私网 IP）",
        "默认路径 /wallet/balance、/wallet/debit-for-lottery、/wallet/credit-from-lottery（可在后台配置 path 前缀）",
        "建议接口超时 ≤ 10 秒；超时可能导致划转进入待对账状态"
      ]
    },
    "sso": {
      "title": "单点登录（SSO）",
      "description": "HS256 JWT。主站服务端签发，彩票验签。入场：URL ?token= 或 iframe postMessage。",
      "claims": "JWT 字段",
      "sign": "签发示例（Node.js）",
      "entryA": "方式 A：URL 跳转",
      "entryB": "方式 B：iframe postMessage",
      "noExchangeNote": "彩票不提供「登录换票」接口。主站登录后自行签发 JWT，后续玩家 API 统一用 Authorization: Bearer 携带同一份 JWT。首次有效 JWT 调用 GET /api/v1/player/me 时自动建档，无需先调登录接口。",
      "entryApi": "验签与建档",
      "entryApiNote": "可选：主站登录后服务端代调一次 GET /api/v1/player/me 做验签预检。日常业务（划转、下注）由彩票 H5 自行携带 JWT 调用，主站无需对接。",
      "publicApis": "公开接口（无需 token）",
      "h5ScopeNote": "划转、下注、彩票内余额查询等由我方 H5 携带 JWT 调用，不在主站接入范围内。主站只需：① 签发 JWT  ② 实现钱包网关。",
      "refreshNote": "iframe 续签：主站收到 LOTTERY_TOKEN_NEEDED 或 LOTTERY_TOKEN_REFRESH_REQUEST 后，重新签发 JWT 并发送 MAIN_REFRESH_TOKEN。详见「iframe 协议」。",
      "authResponse": "鉴权失败示例",
      "errors": "SSO 错误码",
      "iframeNote": "须配置 iframe_allowed_origins。token 通过 postMessage 顶层字段 token 传递，不要放在 payload 内。",
      "claimRows": [
        ["site_code", "string", "是", "接入站点编码，与后台一致"],
        ["site_player_id", "string", "是", "主站用户 ID，稳定唯一"],
        ["iat", "number", "是", "签发时间（Unix 秒）"],
        ["exp", "number", "是", "过期时间（Unix 秒）；exp - iat ≤ 300"]
      ],
      "messageRows": [
        ["→ 主站", "LOTTERY_READY", "子页就绪，请求 token"],
        ["→ 主站", "LOTTERY_TOKEN_NEEDED", "token 失效，请求续签"],
        ["→ 彩票", "MAIN_INIT_TOKEN", "顶层 token 字段"],
        ["→ 彩票", "MAIN_REFRESH_TOKEN", "顶层 token 字段"]
      ],
      "publicApiRows": [
        ["GET", "/api/v1/player/ping", "玩家 API 连通性探测"],
        ["GET", "/api/v1/integration/runtime-origins", "iframe 允许嵌入的 origin 列表"]
      ],
      "errorRows": [
        ["8001", "缺少 Authorization 头"],
        ["8002", "JWT 无效或已过期（密钥不一致、exp 超时、签名错误）"],
        ["8003", "玩家未建档（SSO 首次 me 会自动建档；此码多见于内部测试）"],
        ["8004", "SSO 密钥未配置（站点侧问题，联系我方）"],
        ["8005", "账号已冻结（站点停用或玩家冻结）"]
      ]
    },
    "iframe": {
      "title": "iframe 协议",
      "description": "主站嵌入彩票 H5 时的 postMessage 约定。若使用 URL ?token= 跳转，可跳过本章。",
      "sequence": "推荐时序",
      "envelopeSection": "消息格式（注意方向差异）",
      "childMessages": "彩票 → 主站",
      "parentMessages": "主站 → 彩票",
      "example": "主站集成示例",
      "targetOrigin": "targetOrigin 安全",
      "envelopeNote": "常见错误：把 token 放在 payload.token。彩票 H5 读取的是消息顶层的 data.token。",
      "targetOriginNote": "postMessage 第二参数须为彩票 H5 的 origin（当前默认 https://front.tanumo.com），禁止使用 *。主站须校验 event.origin；iframe_allowed_origins 填入主站 origin（非彩票域名）。",
      "timingNote": "收到 MAIN_INIT_TOKEN 后彩票子页不再发送 LOTTERY_READY。续签：LOTTERY_TOKEN_NEEDED → 主站回 MAIN_REFRESH_TOKEN（顶层 token）。",
      "sequenceSteps": [
        "主站嵌入 <iframe src=\"{lottery_h5_base_url}\">",
        "彩票 H5 校验白名单后发送 LOTTERY_READY",
        "主站监听 message，校验 origin 后发送 MAIN_INIT_TOKEN（顶层 token）",
        "彩票 H5 保存 token，调用 GET /api/v1/player/me 入场",
        "JWT 将过期：彩票发 LOTTERY_TOKEN_NEEDED → 主站续签后发 MAIN_REFRESH_TOKEN"
      ],
      "envelopeRows": [
        ["彩票 → 主站", "type + payload + timestamp", "如 LOTTERY_READY，业务数据在 payload"],
        ["主站 → 彩票", "type + token + timestamp", "token 必须在顶层，不要嵌套在 payload"]
      ],
      "childMessageRows": [
        ["→ 主站", "LOTTERY_READY", "子页就绪，请求下发 token"],
        ["→ 主站", "LOTTERY_TOKEN_NEEDED", "token 失效，请求续签"],
        ["→ 主站", "LOTTERY_TOKEN_REFRESH_REQUEST", "主动请求刷新 token"],
        ["→ 主站", "LOTTERY_HEARTBEAT", "心跳（可忽略）"],
        ["→ 主站", "LOTTERY_TOKEN_REFRESHED", "续签成功通知（子 → 主）"]
      ],
      "parentMessageRows": [
        ["→ 彩票", "MAIN_INIT_TOKEN", "首次下发；顶层 token 字段"],
        ["→ 彩票", "MAIN_REFRESH_TOKEN", "续签；顶层 token 字段"],
        ["→ 彩票", "MAIN_REQUEST_STATUS", "请求子页状态"],
        ["→ 彩票", "MAIN_NAVIGATE", "导航到指定 path"]
      ]
    },
    "wallet": {
      "title": "钱包网关",
      "description": "由客户实现。彩票服务端调用（非玩家浏览器）。鉴权：Authorization: Bearer {wallet_api_key}。",
      "balance": "查询余额",
      "debit": "扣款（转入）",
      "credit": "加款（转出）",
      "response": "响应示例",
      "httpContract": "HTTP 契约",
      "httpErrors": "HTTP 错误",
      "creditNote": "请求体与扣款相同；用于转出或失败回滚加款。",
      "idempotentNote": "idempotent_key：相同键 + 相同金额须返回首次 JSON（HTTP 200），禁止重复记账；同键不同金额 → success: false。",
      "queryRows": [
        ["site_code", "string", "站点编码"],
        ["site_player_id", "string", "主站用户 ID"],
        ["currency_code", "string", "币种代码"]
      ],
      "fieldRows": [
        ["site_code", "string", "站点编码"],
        ["site_player_id", "string", "主站用户 ID"],
        ["player_id", "number", "彩票玩家 ID（参考）"],
        ["currency_code", "string", "币种代码"],
        ["amount_minor", "integer", "minor 正整数"],
        ["idempotent_key", "string", "幂等键，全局唯一"]
      ],
      "httpErrorRows": [
        ["401", "unauthorized", "wallet_api_key 错误或缺失"],
        ["422", "invalid request", "字段缺失或 amount_minor 非法"],
        ["409", "main balance insufficient", "余额不足等业务拒绝"]
      ],
      "httpContractRows": [
        ["扣款/加款成功", "200", "success: true；含 external_ref_no（建议）与 data.main_balance"],
        ["余额查询成功", "200", "success: true；data.main_balance + currency_code"],
        ["参数非法", "422", "success: false；message: invalid request"],
        ["鉴权失败", "401", "success: false；message: unauthorized"],
        ["业务拒绝", "409", "success: false；message 说明原因"],
        ["幂等重放", "200", "与首次成功/拒绝响应完全一致"]
      ]
    },
    "transfer": {
      "title": "资金划转（参考）",
      "description": "本节供理解资金如何在两端移动，非客户接入面。",
      "outOfScopeNote": "客户无需实现本节 API。转入/转出由我方 H5 携带玩家 JWT 调用彩票 API；主站只需实现钱包网关 debit/credit。",
      "requestFields": "请求字段",
      "transferIn": "转入（主站 → 彩票）",
      "transferOut": "转出（彩票 → 主站）",
      "transferResponse": "成功响应",
      "errors": "常见错误码",
      "inNote": "流程：玩家 H5 发起转入 → 彩票调主站 debit-for-lottery → 彩票内加款。",
      "outNote": "流程：玩家 H5 发起转出 → 彩票内扣款 → 彩票调主站 credit-from-lottery。",
      "responseNote": "转入与转出响应结构相同；direction 为 in / out。幂等重放返回相同 data。",
      "requestFieldRows": [
        ["amount", "integer", "minor 正整数"],
        ["currency", "string", "可选；默认玩家 default_currency"],
        ["idempotent_key", "string", "全局唯一；重复须返回相同结果"]
      ],
      "errorRows": [
        ["1001", "彩票余额不足（转出时）"],
        ["1009", "主站钱包处理失败（网关不可达、401、超时等）"],
        ["1010", "幂等键冲突（同键不同金额）"],
        ["2003", "请先转入后再下注"]
      ]
    },
    "errors": {
      "title": "错误码",
      "sso": "SSO 鉴权",
      "lotteryWallet": "彩票钱包 / 划转",
      "gateway": "客户钱包网关（HTTP）",
      "idempotentNote": "幂等：同一 idempotent_key + 相同金额须返回相同结果；同键不同金额 → 1010 或 success:false。",
      "ssoRows": [
        ["8001", "缺少 Authorization 头"],
        ["8002", "JWT 无效或已过期"],
        ["8003", "玩家未建档（SSO 正常流程会自动建档）"],
        ["8004", "SSO 密钥未配置"],
        ["8005", "账号已冻结"]
      ],
      "lotteryRows": [
        ["1001", "彩票余额不足"],
        ["1009", "主站钱包处理失败"],
        ["1010", "幂等键冲突"],
        ["2003", "请先转入后再下注"]
      ],
      "gatewayRows": [
        ["401", "unauthorized", "API Key 错误"],
        ["422", "invalid request", "字段或金额非法"],
        ["409", "—", "业务拒绝（如余额不足）"]
      ]
    },
    "troubleshooting": {
      "title": "联调排错",
      "description": "按现象对照排查。仍无法解决请联系对接技术支持，并提供 site_code、时间戳与请求 ID。",
      "faq": "常见问题",
      "jwt": "JWT / 入场",
      "iframe": "iframe",
      "wallet": "钱包网关",
      "note": "联调时先用 curl 分别验证 JWT（/player/me）与钱包网关（/wallet/balance），再测 iframe 全链路。",
      "faqRows": [
        ["curl /player/me 返回 8002", "检查 sso_jwt_secret 是否与后台站点一致；site_code 是否匹配；exp 是否已过期（≤300 秒）"],
        ["iframe 白屏 / 不进大厅", "检查 token 是否在 postMessage 顶层；是否收到 LOTTERY_READY 后发送 MAIN_INIT_TOKEN；iframe_allowed_origins 是否含主站 origin"],
        ["转入失败 1009", "彩票服务端能否访问 wallet_api_url；wallet_api_key 是否正确；debit 是否返回 200 + success:true"],
        ["连通性测试失败", "wallet_api_url 须公网 HTTPS；GET /wallet/balance 可访问且 Bearer wallet_api_key 正确"],
        ["8005 账号冻结", "后台检查接入站点是否启用；该 site_player_id 是否被冻结"]
      ],
      "jwtRows": [
        ["8002 Token 无效", "密钥不一致 / exp 过期 / site_code 写错 / 算法非 HS256"],
        ["8004 SSO 未配置", "联系我方确认站点 sso_jwt_secret 已配置"],
        ["me 返回 code=0 但 H5 仍失败", "iframe 传的 token 与 curl 测试的不是同一份，或 token 在 payload 内而非顶层"]
      ],
      "iframeRows": [
        ["收不到 LOTTERY_READY", "iframe src 是否为 lottery_h5_base_url；H5 是否加载完成"],
        ["postMessage 无响应", "targetOrigin 是否为彩票 H5 的 origin（非主站 origin）"],
        ["重复刷 token", "收到 MAIN_INIT_TOKEN 后子页不应再发 LOTTERY_READY"],
        ["续签失败", "主站是否监听 LOTTERY_TOKEN_NEEDED 并回 MAIN_REFRESH_TOKEN"]
      ],
      "walletRows": [
        ["401 unauthorized", "wallet_api_key 与后台站点不一致"],
        ["409 余额不足", "测试账号 main_balance 不足；检查 amount_minor 单位"],
        ["重复扣款", "idempotent_key 未做幂等；相同 key 须返回首次响应"],
        ["彩票未回调 debit", "wallet_api_url 不可达或连通性测试未通过"]
      ]
    },
    "golive": {
      "title": "上线清单",
      "description": "生产发布前，请与客户经理确认联调已通过，并完成下列检查。",
      "deliveryChecklist": "交付与流程",
      "checklist": "技术检查项",
      "deliveryItems": [
        "生产环境已独立创建接入站点（site_code、密钥与联调隔离）",
        "密钥已安全写入主站生产配置（非前端）",
        "wallet_api_url 为生产 HTTPS 公网地址，连通性测试通过",
        "iframe_allowed_origins 已配置生产主站 origin",
        "全链路联调记录已归档（转入 → 下注 → 派奖 → 转出）"
      ],
      "items": [
        "JWT 仅服务端签发，有效期 ≤ 5 分钟",
        "钱包三接口 HTTPS，超时 ≤ 10 秒，幂等已实现",
        "iframe：postMessage token 在顶层，origin 校验已启用",
        "测试与生产：site_code、密钥、域名完全分离",
        "监控：钱包网关 4xx/5xx 与 debit/credit 日志告警",
        "回滚预案：可临时停用接入站点"
      ]
    }
  }
}