wip

packages/application/ports/IAuthenticationService.ts

@@ -1,9 +1,10 @@
 import { AuthenticationState } from '../../domain/value-objects/AuthenticationState';
+import { BrowserAuthenticationState } from '../../domain/value-objects/BrowserAuthenticationState';
 import { Result } from '../../shared/result/Result';
 
 /**
  * Port for authentication services implementing zero-knowledge login.
- * 
+ *
  * GridPilot never sees, stores, or transmits user credentials.
  * Authentication is handled by opening a visible browser window where
  * the user logs in directly with iRacing. GridPilot only observes
@@ -13,7 +14,7 @@ export interface IAuthenticationService {
   /**
    * Check if user has a valid session without prompting login.
    * Navigates to a protected iRacing page and checks for login redirects.
-   * 
+   *
    * @returns Result containing the current authentication state
    */
   checkSession(): Promise<Result<AuthenticationState>>;
@@ -22,7 +23,7 @@ export interface IAuthenticationService {
    * Open browser for user to login manually.
    * The browser window is visible so user can verify they're on the real iRacing site.
    * GridPilot waits for URL change indicating successful login.
-   * 
+   *
    * @returns Result indicating success (login complete) or failure (cancelled/timeout)
    */
   initiateLogin(): Promise<Result<void>>;
@@ -30,7 +31,7 @@ export interface IAuthenticationService {
   /**
    * Clear the persistent session (logout).
    * Removes stored browser context and cookies.
-   * 
+   *
    * @returns Result indicating success or failure
    */
   clearSession(): Promise<Result<void>>;
@@ -38,8 +39,38 @@ export interface IAuthenticationService {
   /**
    * Get current authentication state.
    * Returns cached state without making network requests.
-   * 
+   *
    * @returns The current AuthenticationState
    */
   getState(): AuthenticationState;
+
+  /**
+   * Validate session with server-side check.
+   * Makes a lightweight HTTP request to verify cookies are still valid on the server.
+   *
+   * @returns Result containing true if server confirms validity, false otherwise
+   */
+  validateServerSide(): Promise<Result<boolean>>;
+
+  /**
+   * Refresh session state from cookie store.
+   * Re-reads cookies and updates internal state without server validation.
+   *
+   * @returns Result indicating success or failure
+   */
+  refreshSession(): Promise<Result<void>>;
+
+  /**
+   * Get session expiry date.
+   * Returns the expiry time extracted from session cookies.
+   *
+   * @returns Result containing the expiry Date or null if no expiration
+   */
+  getSessionExpiry(): Promise<Result<Date | null>>;
+
+  /**
+   * Verify browser page shows authenticated state.
+   * Checks page content for authentication indicators.
+   */
+  verifyPageAuthentication(): Promise<Result<BrowserAuthenticationState>>;
 }

packages/application/ports/ICheckoutConfirmationPort.ts

@@ -0,0 +1,21 @@
+import { Result } from '../../shared/result/Result';
+import { CheckoutConfirmation } from '../../domain/value-objects/CheckoutConfirmation';
+import { CheckoutPrice } from '../../domain/value-objects/CheckoutPrice';
+import { CheckoutState } from '../../domain/value-objects/CheckoutState';
+
+export interface CheckoutConfirmationRequest {
+  price: CheckoutPrice;
+  state: CheckoutState;
+  sessionMetadata: {
+    sessionName: string;
+    trackId: string;
+    carIds: string[];
+  };
+  timeoutMs: number;
+}
+
+export interface ICheckoutConfirmationPort {
+  requestCheckoutConfirmation(
+    request: CheckoutConfirmationRequest
+  ): Promise<Result<CheckoutConfirmation>>;
+}

packages/application/ports/ICheckoutService.ts

@@ -0,0 +1,14 @@
+import { Result } from '../../shared/result/Result';
+import { CheckoutPrice } from '../../domain/value-objects/CheckoutPrice';
+import { CheckoutState } from '../../domain/value-objects/CheckoutState';
+
+export interface CheckoutInfo {
+  price: CheckoutPrice | null;
+  state: CheckoutState;
+  buttonHtml: string;
+}
+
+export interface ICheckoutService {
+  extractCheckoutInfo(): Promise<Result<CheckoutInfo>>;
+  proceedWithCheckout(): Promise<Result<void>>;
+}

packages/application/ports/IUserConfirmationPort.ts

@@ -0,0 +1,3 @@
+export interface IUserConfirmationPort {
+  confirm(message: string): Promise<boolean>;
+}

packages/application/use-cases/CheckAuthenticationUseCase.ts

@@ -1,22 +1,98 @@
 import { AuthenticationState } from '../../domain/value-objects/AuthenticationState';
 import { Result } from '../../shared/result/Result';
 import type { IAuthenticationService } from '../ports/IAuthenticationService';
+import { SessionLifetime } from '../../domain/value-objects/SessionLifetime';
+
+/**
+ * Port for optional server-side session validation.
+ */
+export interface ISessionValidator {
+  validateSession(): Promise<Result<boolean>>;
+}
 
 /**
  * Use case for checking if the user has a valid iRacing session.
- * 
+ *
  * This validates the session before automation starts, allowing
  * the system to prompt for re-authentication if needed.
+ *
+ * Implements hybrid validation strategy:
+ * - File-based validation (fast, always executed)
+ * - Optional server-side validation (slow, requires network)
  */
 export class CheckAuthenticationUseCase {
-  constructor(private readonly authService: IAuthenticationService) {}
+  constructor(
+    private readonly authService: IAuthenticationService,
+    private readonly sessionValidator?: ISessionValidator
+  ) {}
 
   /**
    * Execute the authentication check.
-   * 
+   *
+   * @param options Optional configuration for validation
    * @returns Result containing the current AuthenticationState
    */
-  async execute(): Promise<Result<AuthenticationState>> {
-    return this.authService.checkSession();
+  async execute(options?: {
+    requireServerValidation?: boolean;
+    verifyPageContent?: boolean;
+  }): Promise<Result<AuthenticationState>> {
+    // Step 1: File-based validation (fast)
+    const fileResult = await this.authService.checkSession();
+    if (fileResult.isErr()) {
+      return fileResult;
+    }
+
+    const fileState = fileResult.unwrap();
+
+    // Step 2: Check session expiry if authenticated
+    if (fileState === AuthenticationState.AUTHENTICATED) {
+      const expiryResult = await this.authService.getSessionExpiry();
+      if (expiryResult.isErr()) {
+        // Don't fail completely if we can't get expiry, use file-based state
+        return Result.ok(fileState);
+      }
+
+      const expiry = expiryResult.unwrap();
+      if (expiry !== null) {
+        try {
+          const sessionLifetime = new SessionLifetime(expiry);
+          if (sessionLifetime.isExpired()) {
+            return Result.ok(AuthenticationState.EXPIRED);
+          }
+        } catch {
+          // Invalid expiry date, treat as expired for safety
+          return Result.ok(AuthenticationState.EXPIRED);
+        }
+      }
+    }
+
+    // Step 3: Optional page content verification
+    if (options?.verifyPageContent && fileState === AuthenticationState.AUTHENTICATED) {
+      const pageResult = await this.authService.verifyPageAuthentication();
+      
+      if (pageResult.isOk()) {
+        const browserState = pageResult.unwrap();
+        // If cookies valid but page shows login UI, session is expired
+        if (!browserState.isFullyAuthenticated()) {
+          return Result.ok(AuthenticationState.EXPIRED);
+        }
+      }
+      // Don't block on page verification errors, continue with file-based state
+    }
+
+    // Step 4: Optional server-side validation
+    if (this.sessionValidator && fileState === AuthenticationState.AUTHENTICATED) {
+      const serverResult = await this.sessionValidator.validateSession();
+      
+      // Don't block on server validation errors
+      if (serverResult.isOk()) {
+        const isValid = serverResult.unwrap();
+        if (!isValid) {
+          return Result.ok(AuthenticationState.EXPIRED);
+        }
+      }
+    }
+
+    return Result.ok(fileState);
   }
 }

packages/application/use-cases/CompleteRaceCreationUseCase.ts

@@ -0,0 +1,38 @@
+import { Result } from '../../shared/result/Result';
+import { RaceCreationResult } from '../../domain/value-objects/RaceCreationResult';
+import type { ICheckoutService } from '../ports/ICheckoutService';
+
+export class CompleteRaceCreationUseCase {
+  constructor(private readonly checkoutService: ICheckoutService) {}
+
+  async execute(sessionId: string): Promise<Result<RaceCreationResult>> {
+    if (!sessionId || sessionId.trim() === '') {
+      return Result.err(new Error('Session ID is required'));
+    }
+
+    const infoResult = await this.checkoutService.extractCheckoutInfo();
+    
+    if (infoResult.isErr()) {
+      return Result.err(infoResult.unwrapErr());
+    }
+
+    const info = infoResult.unwrap();
+
+    if (!info.price) {
+      return Result.err(new Error('Could not extract price from checkout page'));
+    }
+
+    try {
+      const raceCreationResult = RaceCreationResult.create({
+        sessionId,
+        price: info.price.toDisplayString(),
+        timestamp: new Date(),
+      });
+
+      return Result.ok(raceCreationResult);
+    } catch (error) {
+      const err = error instanceof Error ? error : new Error('Unknown error');
+      return Result.err(err);
+    }
+  }
+}

packages/application/use-cases/ConfirmCheckoutUseCase.ts

@@ -0,0 +1,65 @@
+import { Result } from '../../shared/result/Result';
+import { ICheckoutService } from '../ports/ICheckoutService';
+import { ICheckoutConfirmationPort } from '../ports/ICheckoutConfirmationPort';
+import { CheckoutStateEnum } from '../../domain/value-objects/CheckoutState';
+
+interface SessionMetadata {
+  sessionName: string;
+  trackId: string;
+  carIds: string[];
+}
+
+export class ConfirmCheckoutUseCase {
+  private static readonly DEFAULT_TIMEOUT_MS = 30000;
+
+  constructor(
+    private readonly checkoutService: ICheckoutService,
+    private readonly confirmationPort: ICheckoutConfirmationPort
+  ) {}
+
+  async execute(sessionMetadata?: SessionMetadata): Promise<Result<void>> {
+    const infoResult = await this.checkoutService.extractCheckoutInfo();
+    
+    if (infoResult.isErr()) {
+      return Result.err(infoResult.unwrapErr());
+    }
+
+    const info = infoResult.unwrap();
+
+    if (info.state.getValue() === CheckoutStateEnum.INSUFFICIENT_FUNDS) {
+      return Result.err(new Error('Insufficient funds to complete checkout'));
+    }
+
+    if (!info.price) {
+      return Result.err(new Error('Could not extract price from checkout page'));
+    }
+
+    // Request confirmation via port with full checkout context
+    const confirmationResult = await this.confirmationPort.requestCheckoutConfirmation({
+      price: info.price,
+      state: info.state,
+      sessionMetadata: sessionMetadata || {
+        sessionName: 'Unknown Session',
+        trackId: 'unknown',
+        carIds: [],
+      },
+      timeoutMs: ConfirmCheckoutUseCase.DEFAULT_TIMEOUT_MS,
+    });
+
+    if (confirmationResult.isErr()) {
+      return Result.err(confirmationResult.unwrapErr());
+    }
+
+    const confirmation = confirmationResult.unwrap();
+
+    if (confirmation.isCancelled()) {
+      return Result.err(new Error('Checkout cancelled by user'));
+    }
+
+    if (confirmation.isTimeout()) {
+      return Result.err(new Error('Checkout confirmation timeout'));
+    }
+
+    return await this.checkoutService.proceedWithCheckout();
+  }
+}

packages/application/use-cases/VerifyAuthenticatedPageUseCase.ts

@@ -0,0 +1,37 @@
+import { IAuthenticationService } from '../ports/IAuthenticationService';
+import { Result } from '../../shared/result/Result';
+import { BrowserAuthenticationState } from '../../domain/value-objects/BrowserAuthenticationState';
+
+/**
+ * Use case for verifying browser shows authenticated page state.
+ * Combines cookie validation with page content verification.
+ */
+export class VerifyAuthenticatedPageUseCase {
+  constructor(
+    private readonly authService: IAuthenticationService
+  ) {}
+  
+  async execute(): Promise<Result<BrowserAuthenticationState>> {
+    try {
+      const result = await this.authService.verifyPageAuthentication();
+      
+      if (result.isErr()) {
+        return Result.err(result.error);
+      }
+      
+      const browserState = result.unwrap();
+      
+      // Log verification result
+      if (browserState.isFullyAuthenticated()) {
+        // Success case - no logging needed in use case
+      } else if (browserState.requiresReauthentication()) {
+        // Requires re-auth - caller should handle
+      }
+      
+      return Result.ok(browserState);
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      return Result.err(new Error(`Page verification failed: ${message}`));
+    }
+  }
+}

packages/domain/services/PageStateValidator.ts

@@ -0,0 +1,91 @@
+import { Result } from '../../shared/result/Result';
+
+/**
+ * Configuration for page state validation.
+ * Defines expected and forbidden elements on the current page.
+ */
+export interface PageStateValidation {
+  /** Expected wizard step name (e.g., 'cars', 'track') */
+  expectedStep: string;
+  /** Selectors that MUST be present on the page */
+  requiredSelectors: string[];
+  /** Selectors that MUST NOT be present on the page */
+  forbiddenSelectors?: string[];
+}
+
+/**
+ * Result of page state validation.
+ */
+export interface PageStateValidationResult {
+  isValid: boolean;
+  message: string;
+  expectedStep: string;
+  missingSelectors?: string[];
+  unexpectedSelectors?: string[];
+}
+
+/**
+ * Domain service for validating page state during wizard navigation.
+ * 
+ * Purpose: Prevent navigation bugs by ensuring each step executes on the correct page.
+ * 
+ * Clean Architecture: This is pure domain logic with no infrastructure dependencies.
+ * It validates state based on selector presence/absence without knowing HOW to check them.
+ */
+export class PageStateValidator {
+  /**
+   * Validate that the page state matches expected conditions.
+   * 
+   * @param actualState Function that checks if selectors exist on the page
+   * @param validation Expected page state configuration
+   * @returns Result with validation outcome
+   */
+  validateState(
+    actualState: (selector: string) => boolean,
+    validation: PageStateValidation
+  ): Result<PageStateValidationResult, Error> {
+    try {
+      const { expectedStep, requiredSelectors, forbiddenSelectors = [] } = validation;
+
+      // Check required selectors are present
+      const missingSelectors = requiredSelectors.filter(selector => !actualState(selector));
+      
+      if (missingSelectors.length > 0) {
+        const result: PageStateValidationResult = {
+          isValid: false,
+          message: `Page state mismatch: Expected to be on "${expectedStep}" page but missing required elements`,
+          expectedStep,
+          missingSelectors
+        };
+        return Result.ok(result);
+      }
+
+      // Check forbidden selectors are absent
+      const unexpectedSelectors = forbiddenSelectors.filter(selector => actualState(selector));
+      
+      if (unexpectedSelectors.length > 0) {
+        const result: PageStateValidationResult = {
+          isValid: false,
+          message: `Page state mismatch: Found unexpected elements on "${expectedStep}" page`,
+          expectedStep,
+          unexpectedSelectors
+        };
+        return Result.ok(result);
+      }
+
+      // All checks passed
+      const result: PageStateValidationResult = {
+        isValid: true,
+        message: `Page state valid for "${expectedStep}"`,
+        expectedStep
+      };
+      return Result.ok(result);
+    } catch (error) {
+      return Result.err(
+        error instanceof Error 
+          ? error 
+          : new Error(`Page state validation failed: ${String(error)}`)
+      );
+    }
+  }
+}

packages/domain/value-objects/BrowserAuthenticationState.ts

@@ -0,0 +1,39 @@
+import { AuthenticationState } from './AuthenticationState';
+
+export class BrowserAuthenticationState {
+  private readonly cookiesValid: boolean;
+  private readonly pageAuthenticated: boolean;
+  
+  constructor(cookiesValid: boolean, pageAuthenticated: boolean) {
+    this.cookiesValid = cookiesValid;
+    this.pageAuthenticated = pageAuthenticated;
+  }
+  
+  isFullyAuthenticated(): boolean {
+    return this.cookiesValid && this.pageAuthenticated;
+  }
+  
+  getAuthenticationState(): AuthenticationState {
+    if (!this.cookiesValid) {
+      return AuthenticationState.UNKNOWN;
+    }
+    
+    if (!this.pageAuthenticated) {
+      return AuthenticationState.EXPIRED;
+    }
+    
+    return AuthenticationState.AUTHENTICATED;
+  }
+  
+  requiresReauthentication(): boolean {
+    return !this.isFullyAuthenticated();
+  }
+  
+  getCookieValidity(): boolean {
+    return this.cookiesValid;
+  }
+  
+  getPageAuthenticationStatus(): boolean {
+    return this.pageAuthenticated;
+  }
+}

packages/domain/value-objects/CheckoutConfirmation.ts

@@ -0,0 +1,42 @@
+export type CheckoutConfirmationDecision = 'confirmed' | 'cancelled' | 'timeout';
+
+const VALID_DECISIONS: CheckoutConfirmationDecision[] = [
+  'confirmed',
+  'cancelled',
+  'timeout',
+];
+
+export class CheckoutConfirmation {
+  private readonly _value: CheckoutConfirmationDecision;
+
+  private constructor(value: CheckoutConfirmationDecision) {
+    this._value = value;
+  }
+
+  static create(value: CheckoutConfirmationDecision): CheckoutConfirmation {
+    if (!VALID_DECISIONS.includes(value)) {
+      throw new Error('Invalid checkout confirmation decision');
+    }
+    return new CheckoutConfirmation(value);
+  }
+
+  get value(): CheckoutConfirmationDecision {
+    return this._value;
+  }
+
+  equals(other: CheckoutConfirmation): boolean {
+    return this._value === other._value;
+  }
+
+  isConfirmed(): boolean {
+    return this._value === 'confirmed';
+  }
+
+  isCancelled(): boolean {
+    return this._value === 'cancelled';
+  }
+
+  isTimeout(): boolean {
+    return this._value === 'timeout';
+  }
+}

packages/domain/value-objects/CheckoutPrice.ts

@@ -0,0 +1,49 @@
+export class CheckoutPrice {
+  private constructor(private readonly amountUsd: number) {
+    if (amountUsd < 0) {
+      throw new Error('Price cannot be negative');
+    }
+    if (amountUsd > 10000) {
+      throw new Error('Price exceeds maximum of $10,000');
+    }
+  }
+
+  static fromString(priceStr: string): CheckoutPrice {
+    const trimmed = priceStr.trim();
+    
+    if (!trimmed.startsWith('$')) {
+      throw new Error('Invalid price format: missing dollar sign');
+    }
+
+    const dollarSignCount = (trimmed.match(/\$/g) || []).length;
+    if (dollarSignCount > 1) {
+      throw new Error('Invalid price format: multiple dollar signs');
+    }
+
+    const numericPart = trimmed.substring(1).replace(/,/g, '');
+    
+    if (numericPart === '') {
+      throw new Error('Invalid price format: no numeric value');
+    }
+
+    const amount = parseFloat(numericPart);
+    
+    if (isNaN(amount)) {
+      throw new Error('Invalid price format: not a valid number');
+    }
+
+    return new CheckoutPrice(amount);
+  }
+
+  toDisplayString(): string {
+    return `$${this.amountUsd.toFixed(2)}`;
+  }
+
+  getAmount(): number {
+    return this.amountUsd;
+  }
+
+  isZero(): boolean {
+    return this.amountUsd < 0.001;
+  }
+}

packages/domain/value-objects/CheckoutState.ts

@@ -0,0 +1,51 @@
+export enum CheckoutStateEnum {
+  READY = 'READY',
+  INSUFFICIENT_FUNDS = 'INSUFFICIENT_FUNDS',
+  UNKNOWN = 'UNKNOWN'
+}
+
+export class CheckoutState {
+  private constructor(private readonly state: CheckoutStateEnum) {}
+
+  static ready(): CheckoutState {
+    return new CheckoutState(CheckoutStateEnum.READY);
+  }
+
+  static insufficientFunds(): CheckoutState {
+    return new CheckoutState(CheckoutStateEnum.INSUFFICIENT_FUNDS);
+  }
+
+  static unknown(): CheckoutState {
+    return new CheckoutState(CheckoutStateEnum.UNKNOWN);
+  }
+
+  static fromButtonClasses(classes: string): CheckoutState {
+    const normalized = classes.toLowerCase().trim();
+    
+    if (normalized.includes('btn-success')) {
+      return CheckoutState.ready();
+    }
+    
+    if (normalized.includes('btn')) {
+      return CheckoutState.insufficientFunds();
+    }
+    
+    return CheckoutState.unknown();
+  }
+
+  isReady(): boolean {
+    return this.state === CheckoutStateEnum.READY;
+  }
+
+  hasInsufficientFunds(): boolean {
+    return this.state === CheckoutStateEnum.INSUFFICIENT_FUNDS;
+  }
+
+  isUnknown(): boolean {
+    return this.state === CheckoutStateEnum.UNKNOWN;
+  }
+
+  getValue(): CheckoutStateEnum {
+    return this.state;
+  }
+}

packages/domain/value-objects/CookieConfiguration.ts

@@ -0,0 +1,104 @@
+interface Cookie {
+  name: string;
+  value: string;
+  domain: string;
+  path: string;
+  secure?: boolean;
+  httpOnly?: boolean;
+  sameSite?: 'Strict' | 'Lax' | 'None';
+}
+
+export class CookieConfiguration {
+  private readonly cookie: Cookie;
+  private readonly targetUrl: URL;
+  
+  constructor(cookie: Cookie, targetUrl: string) {
+    this.cookie = cookie;
+    try {
+      this.targetUrl = new URL(targetUrl);
+    } catch (error) {
+      throw new Error(`Invalid target URL: ${targetUrl}`);
+    }
+    
+    this.validate();
+  }
+  
+  private validate(): void {
+    if (!this.isValidDomain()) {
+      throw new Error(
+        `Domain mismatch: Cookie domain "${this.cookie.domain}" is invalid for target "${this.targetUrl.hostname}"`
+      );
+    }
+    
+    if (!this.isValidPath()) {
+      throw new Error(
+        `Path not valid: Cookie path "${this.cookie.path}" is invalid for target path "${this.targetUrl.pathname}"`
+      );
+    }
+  }
+  
+  private isValidDomain(): boolean {
+    const targetHost = this.targetUrl.hostname;
+    const cookieDomain = this.cookie.domain;
+    
+    // Empty domain is invalid
+    if (!cookieDomain) {
+      return false;
+    }
+    
+    // Exact match
+    if (cookieDomain === targetHost) {
+      return true;
+    }
+    
+    // Wildcard domain (e.g., ".iracing.com" matches "members-ng.iracing.com")
+    if (cookieDomain.startsWith('.')) {
+      const domainWithoutDot = cookieDomain.slice(1);
+      return targetHost === domainWithoutDot || targetHost.endsWith('.' + domainWithoutDot);
+    }
+    
+    // Subdomain compatibility: Allow cookies from related subdomains if they share the same base domain
+    // Example: "members.iracing.com" → "members-ng.iracing.com" (both share "iracing.com")
+    if (this.isSameBaseDomain(cookieDomain, targetHost)) {
+      return true;
+    }
+    
+    return false;
+  }
+  
+  /**
+   * Check if two domains share the same base domain (last 2 parts)
+   * @example
+   * isSameBaseDomain('members.iracing.com', 'members-ng.iracing.com') // true
+   * isSameBaseDomain('example.com', 'iracing.com') // false
+   */
+  private isSameBaseDomain(domain1: string, domain2: string): boolean {
+    const parts1 = domain1.split('.');
+    const parts2 = domain2.split('.');
+    
+    // Need at least 2 parts (domain.tld) for valid comparison
+    if (parts1.length < 2 || parts2.length < 2) {
+      return false;
+    }
+    
+    // Compare last 2 parts (e.g., "iracing.com")
+    const base1 = parts1.slice(-2).join('.');
+    const base2 = parts2.slice(-2).join('.');
+    
+    return base1 === base2;
+  }
+  
+  private isValidPath(): boolean {
+    // Empty path is invalid
+    if (!this.cookie.path) {
+      return false;
+    }
+    
+    // Path must be prefix of target pathname
+    return this.targetUrl.pathname.startsWith(this.cookie.path);
+  }
+  
+  getValidatedCookie(): Cookie {
+    return { ...this.cookie };
+  }
+}

packages/domain/value-objects/RaceCreationResult.ts

@@ -0,0 +1,55 @@
+export interface RaceCreationResultData {
+  sessionId: string;
+  price: string;
+  timestamp: Date;
+}
+
+export class RaceCreationResult {
+  private readonly _sessionId: string;
+  private readonly _price: string;
+  private readonly _timestamp: Date;
+
+  private constructor(data: RaceCreationResultData) {
+    this._sessionId = data.sessionId;
+    this._price = data.price;
+    this._timestamp = data.timestamp;
+  }
+
+  static create(data: RaceCreationResultData): RaceCreationResult {
+    if (!data.sessionId || data.sessionId.trim() === '') {
+      throw new Error('Session ID cannot be empty');
+    }
+    if (!data.price || data.price.trim() === '') {
+      throw new Error('Price cannot be empty');
+    }
+    return new RaceCreationResult(data);
+  }
+
+  get sessionId(): string {
+    return this._sessionId;
+  }
+
+  get price(): string {
+    return this._price;
+  }
+
+  get timestamp(): Date {
+    return this._timestamp;
+  }
+
+  equals(other: RaceCreationResult): boolean {
+    return (
+      this._sessionId === other._sessionId &&
+      this._price === other._price &&
+      this._timestamp.getTime() === other._timestamp.getTime()
+    );
+  }
+
+  toJSON(): { sessionId: string; price: string; timestamp: string } {
+    return {
+      sessionId: this._sessionId,
+      price: this._price,
+      timestamp: this._timestamp.toISOString(),
+    };
+  }
+}

packages/domain/value-objects/SessionLifetime.ts

@@ -0,0 +1,85 @@
+/**
+ * SessionLifetime Value Object
+ * 
+ * Represents the lifetime of an authentication session with expiry tracking.
+ * Handles validation of session expiry dates with a configurable buffer window.
+ */
+export class SessionLifetime {
+  private readonly expiry: Date | null;
+  private readonly bufferMinutes: number;
+
+  constructor(expiry: Date | null, bufferMinutes: number = 5) {
+    if (expiry !== null) {
+      if (isNaN(expiry.getTime())) {
+        throw new Error('Invalid expiry date provided');
+      }
+      
+      // Allow dates within buffer window to support checking expiry of recently expired sessions
+      const bufferMs = bufferMinutes * 60 * 1000;
+      const expiryWithBuffer = expiry.getTime() + bufferMs;
+      if (expiryWithBuffer < Date.now()) {
+        throw new Error('Expiry date cannot be in the past');
+      }
+    }
+
+    this.expiry = expiry;
+    this.bufferMinutes = bufferMinutes;
+  }
+
+  /**
+   * Check if the session is expired.
+   * Considers the buffer time - sessions within the buffer window are treated as expired.
+   * 
+   * @returns true if expired or expiring soon (within buffer), false otherwise
+   */
+  isExpired(): boolean {
+    if (this.expiry === null) {
+      return false;
+    }
+
+    const bufferMs = this.bufferMinutes * 60 * 1000;
+    const expiryWithBuffer = this.expiry.getTime() - bufferMs;
+    return Date.now() >= expiryWithBuffer;
+  }
+
+  /**
+   * Check if the session is expiring soon (within buffer window).
+   * 
+   * @returns true if expiring within buffer window, false otherwise
+   */
+  isExpiringSoon(): boolean {
+    if (this.expiry === null) {
+      return false;
+    }
+
+    const bufferMs = this.bufferMinutes * 60 * 1000;
+    const now = Date.now();
+    const expiryTime = this.expiry.getTime();
+    const expiryWithBuffer = expiryTime - bufferMs;
+
+    return now >= expiryWithBuffer && now < expiryTime;
+  }
+
+  /**
+   * Get the expiry date.
+   * 
+   * @returns The expiry date or null if no expiration
+   */
+  getExpiry(): Date | null {
+    return this.expiry;
+  }
+
+  /**
+   * Get remaining time until expiry in milliseconds.
+   * 
+   * @returns Milliseconds until expiry, or Infinity if no expiration
+   */
+  getRemainingTime(): number {
+    if (this.expiry === null) {
+      return Infinity;
+    }
+
+    const remaining = this.expiry.getTime() - Date.now();
+    return Math.max(0, remaining);
+  }
+}

packages/domain/value-objects/SessionState.ts

@@ -4,7 +4,9 @@ export type SessionStateValue =
   | 'PAUSED'
   | 'COMPLETED'
   | 'FAILED'
-  | 'STOPPED_AT_STEP_18';
+  | 'STOPPED_AT_STEP_18'
+  | 'AWAITING_CHECKOUT_CONFIRMATION'
+  | 'CANCELLED';
 
 const VALID_STATES: SessionStateValue[] = [
   'PENDING',
@@ -13,15 +15,19 @@ const VALID_STATES: SessionStateValue[] = [
   'COMPLETED',
   'FAILED',
   'STOPPED_AT_STEP_18',
+  'AWAITING_CHECKOUT_CONFIRMATION',
+  'CANCELLED',
 ];
 
 const VALID_TRANSITIONS: Record<SessionStateValue, SessionStateValue[]> = {
   PENDING: ['IN_PROGRESS', 'FAILED'],
-  IN_PROGRESS: ['PAUSED', 'COMPLETED', 'FAILED', 'STOPPED_AT_STEP_18'],
+  IN_PROGRESS: ['PAUSED', 'COMPLETED', 'FAILED', 'STOPPED_AT_STEP_18', 'AWAITING_CHECKOUT_CONFIRMATION'],
   PAUSED: ['IN_PROGRESS', 'FAILED'],
   COMPLETED: [],
   FAILED: [],
   STOPPED_AT_STEP_18: [],
+  AWAITING_CHECKOUT_CONFIRMATION: ['COMPLETED', 'CANCELLED', 'FAILED'],
+  CANCELLED: [],
 };
 
 export class SessionState {
@@ -66,6 +72,14 @@ export class SessionState {
     return this._value === 'STOPPED_AT_STEP_18';
   }
 
+  isAwaitingCheckoutConfirmation(): boolean {
+    return this._value === 'AWAITING_CHECKOUT_CONFIRMATION';
+  }
+
+  isCancelled(): boolean {
+    return this._value === 'CANCELLED';
+  }
+
   canTransitionTo(targetState: SessionState): boolean {
     const allowedTransitions = VALID_TRANSITIONS[this._value];
     return allowedTransitions.includes(targetState._value);
@@ -75,7 +89,8 @@ export class SessionState {
     return (
       this._value === 'COMPLETED' ||
       this._value === 'FAILED' ||
-      this._value === 'STOPPED_AT_STEP_18'
+      this._value === 'STOPPED_AT_STEP_18' ||
+      this._value === 'CANCELLED'
     );
   }
 }

packages/infrastructure/adapters/automation/AuthenticationGuard.ts

@@ -0,0 +1,41 @@
+import { Page } from 'playwright';
+import { ILogger } from '../../../application/ports/ILogger';
+
+export class AuthenticationGuard {
+  constructor(
+    private readonly page: Page,
+    private readonly logger?: ILogger
+  ) {}
+
+  async checkForLoginUI(): Promise<boolean> {
+    const loginSelectors = [
+      'text="You are not logged in"',
+      ':not(.chakra-menu):not([role="menu"]) button:has-text("Log in")',
+      'button[aria-label="Log in"]',
+    ];
+
+    for (const selector of loginSelectors) {
+      try {
+        const element = this.page.locator(selector).first();
+        const isVisible = await element.isVisible().catch(() => false);
+
+        if (isVisible) {
+          this.logger?.warn('Login UI detected - user not authenticated', {
+            selector,
+          });
+          return true;
+        }
+      } catch {
+        // Selector not found, continue checking
+      }
+    }
+
+    return false;
+  }
+
+  async failFastIfUnauthenticated(): Promise<void> {
+    if (await this.checkForLoginUI()) {
+      throw new Error('Authentication required: Login UI detected on page');
+    }
+  }
+}

packages/infrastructure/adapters/automation/CheckoutPriceExtractor.ts

@@ -0,0 +1,102 @@
+import { Result } from '../../../shared/result/Result';
+import { CheckoutPrice } from '../../../domain/value-objects/CheckoutPrice';
+import { CheckoutState } from '../../../domain/value-objects/CheckoutState';
+import { CheckoutInfo } from '../../../application/ports/ICheckoutService';
+
+interface Page {
+  locator(selector: string): Locator;
+}
+
+interface Locator {
+  getAttribute(name: string): Promise<string | null>;
+  innerHTML(): Promise<string>;
+  textContent(): Promise<string | null>;
+}
+
+export class CheckoutPriceExtractor {
+  private readonly selector = '.wizard-footer a.btn:has(span.label-pill)';
+
+  constructor(private readonly page: Page) {}
+
+  async extractCheckoutInfo(): Promise<Result<CheckoutInfo>> {
+    try {
+      // Prefer the explicit pill element which contains the price
+      const pillLocator = this.page.locator('span.label-pill');
+      const pillText = await pillLocator.first().textContent().catch(() => null);
+ 
+      let price: CheckoutPrice | null = null;
+      let state = CheckoutState.unknown();
+      let buttonHtml = '';
+ 
+      if (pillText) {
+        // Parse price if possible
+        try {
+          price = CheckoutPrice.fromString(pillText.trim());
+        } catch {
+          price = null;
+        }
+ 
+        // Try to find the containing button and its classes/html
+        // Primary: locate button via known selector that contains the pill
+        const buttonLocator = this.page.locator(this.selector).first();
+        let classes = await buttonLocator.getAttribute('class').catch(() => null);
+        let html = await buttonLocator.innerHTML().catch(() => '');
+ 
+        if (!classes) {
+          // Fallback: find ancestor <a> of the pill (XPath)
+          const ancestorButton = pillLocator.first().locator('xpath=ancestor::a[1]');
+          classes = await ancestorButton.getAttribute('class').catch(() => null);
+          html = await ancestorButton.innerHTML().catch(() => '');
+        }
+ 
+        if (classes) {
+          state = CheckoutState.fromButtonClasses(classes);
+          buttonHtml = html ?? '';
+        }
+      } else {
+        // No pill found — attempt to read button directly (best-effort)
+        const buttonLocator = this.page.locator(this.selector).first();
+        const classes = await buttonLocator.getAttribute('class').catch(() => null);
+        const html = await buttonLocator.innerHTML().catch(() => '');
+ 
+        if (classes) {
+          state = CheckoutState.fromButtonClasses(classes);
+          buttonHtml = html ?? '';
+        }
+      }
+ 
+      // Additional fallback: search the wizard-footer for any price text if pill was not present or parsing failed
+      if (!price) {
+        try {
+          const footerLocator = this.page.locator('.wizard-footer').first();
+          const footerText = await footerLocator.textContent().catch(() => null);
+          if (footerText) {
+            const match = footerText.match(/\$\d+\.\d{2}/);
+            if (match) {
+              try {
+                price = CheckoutPrice.fromString(match[0]);
+              } catch {
+                price = null;
+              }
+            }
+          }
+        } catch {
+          // ignore footer parse errors
+        }
+      }
+ 
+      return Result.ok({
+        price,
+        state,
+        buttonHtml
+      });
+    } catch (error) {
+      // On any unexpected error, return an "unknown" result (do not throw)
+      return Result.ok({
+        price: null,
+        state: CheckoutState.unknown(),
+        buttonHtml: ''
+      });
+    }
+  }
+}

packages/infrastructure/adapters/automation/FixtureServer.ts

@@ -11,7 +11,7 @@ export interface IFixtureServer {
 
 /**
  * Step number to fixture file mapping.
- * Steps 2-18 map to the corresponding HTML fixture files.
+ * Steps 2-17 map to the corresponding HTML fixture files.
  */
 const STEP_TO_FIXTURE: Record<number, string> = {
   2: 'step-02-hosted-racing.html',
@@ -19,18 +19,17 @@ const STEP_TO_FIXTURE: Record<number, string> = {
   4: 'step-04-race-information.html',
   5: 'step-05-server-details.html',
   6: 'step-06-set-admins.html',
-  7: 'step-07-add-admin.html',
-  8: 'step-08-time-limits.html',
-  9: 'step-09-set-cars.html',
-  10: 'step-10-add-car.html',
-  11: 'step-11-set-car-classes.html',
-  12: 'step-12-set-track.html',
-  13: 'step-13-add-track.html',
-  14: 'step-14-track-options.html',
-  15: 'step-15-time-of-day.html',
-  16: 'step-16-weather.html',
-  17: 'step-17-race-options.html',
-  18: 'step-18-track-conditions.html',
+  7: 'step-07-time-limits.html',        // Time Limits wizard step
+  8: 'step-08-set-cars.html',           // Set Cars wizard step
+  9: 'step-09-add-car-modal.html',      // Add Car modal
+  10: 'step-10-set-car-classes.html',   // Set Car Classes
+  11: 'step-11-set-track.html',         // Set Track wizard step (CORRECTED)
+  12: 'step-12-add-track-modal.html',   // Add Track modal
+  13: 'step-13-track-options.html',
+  14: 'step-14-time-of-day.html',
+  15: 'step-15-weather.html',
+  16: 'step-16-race-options.html',
+  17: 'step-17-track-conditions.html',
 };
 
 export class FixtureServer implements IFixtureServer {

packages/infrastructure/adapters/automation/IRacingSelectors.ts

@@ -111,26 +111,28 @@ export const IRACING_SELECTORS = {
     // Step 8/9: Cars
     carSearch: '.wizard-sidebar input[placeholder*="Search"], #set-cars input[placeholder*="Search"], .modal input[placeholder*="Search"]',
     carList: '#set-cars [data-list="cars"]',
-    // Add Car button - triggers the Add Car modal
-    addCarButton: '#set-cars a.btn:has(.icon-plus), #set-cars button:has-text("Add"), #set-cars a.btn:has-text("Add")',
-    // Add Car modal - appears after clicking Add Car button
-    addCarModal: '#add-car-modal, .modal:has(input[placeholder*="Search"]):has-text("Car")',
-    // Select button inside Add Car modal table row - clicking this adds the car immediately (no confirm step)
+    // Add Car button - triggers car selection interface in wizard sidebar
+    // CORRECTED: Added fallback selectors since .icon-plus cannot be verified in minified HTML
+    addCarButton: '#set-cars a.btn:has(.icon-plus), #set-cars .card-header a.btn, #set-cars button:has-text("Add"), #set-cars a.btn:has-text("Add")',
+    // Car selection interface - CORRECTED: No separate modal, uses wizard sidebar within main modal
+    addCarModal: '#create-race-modal .wizard-sidebar, #set-cars .wizard-sidebar, .wizard-sidebar:has(input[placeholder*="Search"])',
+    // Select button inside car table row - clicking this adds the car immediately (no confirm step)
     // The "Select" button is an anchor styled as: a.btn.btn-block.btn-primary.btn-xs
-    carSelectButton: '.modal table .btn-primary:has-text("Select"), .modal .btn-primary.btn-xs:has-text("Select"), .modal tbody .btn-primary',
+    carSelectButton: '.wizard-sidebar table .btn-primary.btn-xs:has-text("Select"), #set-cars table .btn-primary.btn-xs:has-text("Select"), .modal table .btn-primary:has-text("Select")',
 
     // Step 10/11/12: Track
     trackSearch: '.wizard-sidebar input[placeholder*="Search"], #set-track input[placeholder*="Search"], .modal input[placeholder*="Search"]',
     trackList: '#set-track [data-list="tracks"]',
-    // Add Track button - triggers the Add Track modal
-    addTrackButton: '#set-track a.btn:has(.icon-plus), #set-track button:has-text("Add"), #set-track a.btn:has-text("Add"), #set-track button:has-text("Select"), #set-track a.btn:has-text("Select")',
-    // Add Track modal - appears after clicking Add Track button
-    addTrackModal: '#add-track-modal, .modal:has(input[placeholder*="Search"]):has-text("Track")',
-    // Select button inside Add Track modal table row - clicking this selects the track immediately (no confirm step)
+    // Add Track button - triggers track selection interface in wizard sidebar
+    // CORRECTED: Added fallback selectors since .icon-plus cannot be verified in minified HTML
+    addTrackButton: '#set-track a.btn:has(.icon-plus), #set-track .card-header a.btn, #set-track button:has-text("Add"), #set-track a.btn:has-text("Add")',
+    // Track selection interface - CORRECTED: No separate modal, uses wizard sidebar within main modal
+    addTrackModal: '#create-race-modal .wizard-sidebar, #set-track .wizard-sidebar, .wizard-sidebar:has(input[placeholder*="Search"])',
+    // Select button inside track table row - clicking this selects the track immediately (no confirm step)
     // Prefer direct buttons (not dropdown toggles) for single-config tracks
-    trackSelectButton: '.modal table a.btn.btn-primary.btn-xs:not(.dropdown-toggle)',
+    trackSelectButton: '.wizard-sidebar table a.btn.btn-primary.btn-xs:not(.dropdown-toggle), #set-track table a.btn.btn-primary.btn-xs:not(.dropdown-toggle)',
     // Dropdown toggle for multi-config tracks - opens a menu of track configurations
-    trackSelectDropdown: '.modal table a.btn.btn-primary.btn-xs.dropdown-toggle',
+    trackSelectDropdown: '.wizard-sidebar table a.btn.btn-primary.btn-xs.dropdown-toggle, #set-track table a.btn.btn-primary.btn-xs.dropdown-toggle',
     // First item in the dropdown menu for selecting track configuration
     trackSelectDropdownItem: '.dropdown-menu.show .dropdown-item:first-child, .dropdown-menu-lg .dropdown-item:first-child',
 

packages/infrastructure/adapters/automation/SessionCookieStore.ts

@@ -1,12 +1,15 @@
 import * as fs from 'fs/promises';
 import * as path from 'path';
 import { AuthenticationState } from '../../../domain/value-objects/AuthenticationState';
+import { CookieConfiguration } from '../../../domain/value-objects/CookieConfiguration';
+import { Result } from '../../../shared/result/Result';
 import type { ILogger } from '../../../application/ports/ILogger';
 
 interface Cookie {
   name: string;
   value: string;
   domain: string;
+  path: string;
   expires: number;
 }
 
@@ -33,6 +36,7 @@ const IRACING_DOMAINS = [
   'iracing.com',
   '.iracing.com',
   'members.iracing.com',
+  'members-ng.iracing.com',
 ];
 
 const EXPIRY_BUFFER_SECONDS = 300;
@@ -63,13 +67,23 @@ export class SessionCookieStore {
   async read(): Promise<StorageState | null> {
     try {
       const content = await fs.readFile(this.storagePath, 'utf-8');
-      return JSON.parse(content) as StorageState;
+      const state = JSON.parse(content) as StorageState;
+      
+      // Ensure all cookies have path field (default to "/" for backward compatibility)
+      state.cookies = state.cookies.map(cookie => ({
+        ...cookie,
+        path: cookie.path || '/'
+      }));
+      
+      this.cachedState = state;
+      return state;
     } catch {
       return null;
     }
   }
 
   async write(state: StorageState): Promise<void> {
+    this.cachedState = state;
     await fs.writeFile(this.storagePath, JSON.stringify(state, null, 2), 'utf-8');
   }
 
@@ -81,6 +95,65 @@ export class SessionCookieStore {
     }
   }
 
+  /**
+   * Get session expiry date from iRacing cookies.
+   * Returns the earliest expiry date from valid session cookies.
+   */
+  async getSessionExpiry(): Promise<Date | null> {
+    try {
+      const state = await this.read();
+      if (!state || state.cookies.length === 0) {
+        return null;
+      }
+
+      // Filter to iRacing authentication cookies
+      const authCookies = state.cookies.filter(c =>
+        IRACING_DOMAINS.some(domain =>
+          c.domain === domain || c.domain.endsWith(domain)
+        ) &&
+        (IRACING_SESSION_COOKIES.some(name =>
+          c.name.toLowerCase().includes(name.toLowerCase())
+        ) ||
+        c.name.toLowerCase().includes('auth') ||
+        c.name.toLowerCase().includes('sso') ||
+        c.name.toLowerCase().includes('token'))
+      );
+
+      if (authCookies.length === 0) {
+        return null;
+      }
+
+      // Find the earliest expiry date (most restrictive)
+      // Session cookies (expires = -1 or 0) are treated as never expiring
+      const expiryDates = authCookies
+        .filter(c => c.expires > 0)
+        .map(c => {
+          // Handle both formats: seconds (standard) and milliseconds (test fixtures)
+          // If expires > year 2100 in seconds (33134745600), it's likely milliseconds
+          const isMilliseconds = c.expires > 33134745600;
+          return new Date(isMilliseconds ? c.expires : c.expires * 1000);
+        });
+
+      if (expiryDates.length === 0) {
+        // All session cookies, no expiry
+        return null;
+      }
+
+      // Return earliest expiry
+      const earliestExpiry = new Date(Math.min(...expiryDates.map(d => d.getTime())));
+      
+      this.log('debug', 'Session expiry determined', {
+        earliestExpiry: earliestExpiry.toISOString(),
+        cookiesChecked: authCookies.length
+      });
+
+      return earliestExpiry;
+    } catch (error) {
+      this.log('error', 'Failed to get session expiry', { error: String(error) });
+      return null;
+    }
+  }
+
   /**
    * Validate cookies and determine authentication state.
    *
@@ -192,4 +265,114 @@ export class SessionCookieStore {
     this.log('info', 'iRacing session cookies found but all expired');
     return AuthenticationState.EXPIRED;
   }
+
+  private cachedState: StorageState | null = null;
+
+  /**
+   * Validate stored cookies for a target URL.
+   * Note: This requires cookies to be written first via write().
+   * This is synchronous because tests expect it - uses cached state.
+   * Validates domain/path compatibility AND checks for required authentication cookies.
+   */
+  validateCookieConfiguration(targetUrl: string): Result<Cookie[]> {
+    try {
+      if (!this.cachedState || this.cachedState.cookies.length === 0) {
+        return Result.err('No cookies found in session store');
+      }
+
+      const result = this.validateCookiesForUrl(this.cachedState.cookies, targetUrl, true);
+      return result;
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      return Result.err(`Cookie validation failed: ${message}`);
+    }
+  }
+
+  /**
+   * Validate a list of cookies for a target URL.
+   * Returns only cookies that are valid for the target URL.
+   * @param requireAuthCookies - If true, checks for required authentication cookies
+   */
+  validateCookiesForUrl(
+    cookies: Cookie[],
+    targetUrl: string,
+    requireAuthCookies = false
+  ): Result<Cookie[]> {
+    try {
+      // Validate each cookie's domain/path
+      const validatedCookies: Cookie[] = [];
+      let firstValidationError: string | null = null;
+
+      for (const cookie of cookies) {
+        try {
+          new CookieConfiguration(cookie, targetUrl);
+          validatedCookies.push(cookie);
+        } catch (error) {
+          const message = error instanceof Error ? error.message : String(error);
+          
+          // Capture first validation error to return if all cookies fail
+          if (!firstValidationError) {
+            firstValidationError = message;
+          }
+          
+          this.logger?.warn('Cookie validation failed', {
+            name: cookie.name,
+            error: message,
+          });
+          // Skip invalid cookie, continue with others
+        }
+      }
+
+      if (validatedCookies.length === 0) {
+        // Return the specific validation error from the first failed cookie
+        return Result.err(firstValidationError || 'No valid cookies found for target URL');
+      }
+
+      // Check required cookies only if requested (for authentication validation)
+      if (requireAuthCookies) {
+        const cookieNames = validatedCookies.map((c) => c.name.toLowerCase());
+        
+        // Check for irsso_members
+        const hasIrssoMembers = cookieNames.some((name) =>
+          name.includes('irsso_members') || name.includes('irsso')
+        );
+        
+        // Check for authtoken_members
+        const hasAuthtokenMembers = cookieNames.some((name) =>
+          name.includes('authtoken_members') || name.includes('authtoken')
+        );
+        
+        if (!hasIrssoMembers) {
+          return Result.err('Required cookie missing: irsso_members');
+        }
+        
+        if (!hasAuthtokenMembers) {
+          return Result.err('Required cookie missing: authtoken_members');
+        }
+      }
+
+      return Result.ok(validatedCookies);
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      return Result.err(`Cookie validation failed: ${message}`);
+    }
+  }
+
+  /**
+   * Get cookies that are valid for a target URL.
+   * Returns array of cookies (empty if none valid).
+   * Uses cached state from last write().
+   */
+  getValidCookiesForUrl(targetUrl: string): Cookie[] {
+    try {
+      if (!this.cachedState || this.cachedState.cookies.length === 0) {
+        return [];
+      }
+
+      const result = this.validateCookiesForUrl(this.cachedState.cookies, targetUrl);
+      return result.isOk() ? result.unwrap() : [];
+    } catch {
+      return [];
+    }
+  }
 }

packages/infrastructure/adapters/ipc/ElectronCheckoutConfirmationAdapter.ts

@@ -0,0 +1,90 @@
+/**
+ * ElectronCheckoutConfirmationAdapter
+ * Implements ICheckoutConfirmationPort using Electron IPC for main-renderer communication.
+ */
+
+import type { BrowserWindow } from 'electron';
+import { ipcMain } from 'electron';
+import { Result } from '../../../shared/result/Result';
+import type { ICheckoutConfirmationPort, CheckoutConfirmationRequest } from '../../../application/ports/ICheckoutConfirmationPort';
+import { CheckoutConfirmation } from '../../../domain/value-objects/CheckoutConfirmation';
+
+export class ElectronCheckoutConfirmationAdapter implements ICheckoutConfirmationPort {
+  private mainWindow: BrowserWindow;
+  private pendingConfirmation: {
+    resolve: (confirmation: CheckoutConfirmation) => void;
+    reject: (error: Error) => void;
+    timeoutId: NodeJS.Timeout;
+  } | null = null;
+
+  constructor(mainWindow: BrowserWindow) {
+    this.mainWindow = mainWindow;
+    this.setupIpcHandlers();
+  }
+
+  private setupIpcHandlers(): void {
+    // Listen for confirmation response from renderer
+    ipcMain.on('checkout:confirm', (_event, decision: 'confirmed' | 'cancelled' | 'timeout') => {
+      if (!this.pendingConfirmation) {
+        return;
+      }
+
+      // Clear timeout
+      clearTimeout(this.pendingConfirmation.timeoutId);
+
+      // Create confirmation based on decision
+      const confirmation = CheckoutConfirmation.create(decision);
+      this.pendingConfirmation.resolve(confirmation);
+      this.pendingConfirmation = null;
+    });
+  }
+
+  async requestCheckoutConfirmation(
+    request: CheckoutConfirmationRequest
+  ): Promise<Result<CheckoutConfirmation>> {
+    try {
+      // Only allow one pending confirmation at a time
+      if (this.pendingConfirmation) {
+        return Result.err(new Error('Confirmation already pending'));
+      }
+
+      // Send request to renderer
+      this.mainWindow.webContents.send('checkout:request-confirmation', {
+        price: request.price.toDisplayString(),
+        state: request.state.isReady() ? 'ready' : 'insufficient_funds',
+        sessionMetadata: request.sessionMetadata,
+        timeoutMs: request.timeoutMs,
+      });
+
+      // Wait for response with timeout
+      const confirmation = await new Promise<CheckoutConfirmation>((resolve, reject) => {
+        const timeoutId = setTimeout(() => {
+          this.pendingConfirmation = null;
+          const timeoutConfirmation = CheckoutConfirmation.create('timeout');
+          resolve(timeoutConfirmation);
+        }, request.timeoutMs);
+
+        this.pendingConfirmation = {
+          resolve,
+          reject,
+          timeoutId,
+        };
+      });
+
+      return Result.ok(confirmation);
+    } catch (error) {
+      this.pendingConfirmation = null;
+      return Result.err(
+        error instanceof Error ? error : new Error('Failed to request confirmation')
+      );
+    }
+  }
+
+  public cleanup(): void {
+    if (this.pendingConfirmation) {
+      clearTimeout(this.pendingConfirmation.timeoutId);
+      this.pendingConfirmation = null;
+    }
+    ipcMain.removeAllListeners('checkout:confirm');
+  }
+}

packages/infrastructure/config/BrowserModeConfig.ts

@@ -0,0 +1,59 @@
+/**
+ * Browser mode configuration module for headed/headless browser toggle.
+ *
+ * Determines browser mode based on NODE_ENV:
+ * - development: default headed, but configurable via runtime setter
+ * - production: always headless
+ * - test: always headless
+ * - default: headless (for safety)
+ */
+
+export type BrowserMode = 'headed' | 'headless';
+
+export interface BrowserModeConfig {
+  mode: BrowserMode;
+  source: 'GUI' | 'NODE_ENV';
+}
+
+/**
+ * Loader for browser mode configuration.
+ * Determines whether browser should run in headed or headless mode based on NODE_ENV.
+ * In development mode, provides runtime control via setter method.
+ */
+export class BrowserModeConfigLoader {
+  private developmentMode: BrowserMode = 'headed'; // Default to headed in development
+
+  /**
+   * Load browser mode configuration based on NODE_ENV.
+   * - NODE_ENV=development: returns current developmentMode (default: headed)
+   * - NODE_ENV=production: always headless
+   * - NODE_ENV=test: always headless
+   * - default: headless (for safety)
+   */
+  load(): BrowserModeConfig {
+    const nodeEnv = process.env.NODE_ENV || 'production';
+    
+    if (nodeEnv === 'development') {
+      return { mode: this.developmentMode, source: 'GUI' };
+    }
+    
+    return { mode: 'headless', source: 'NODE_ENV' };
+  }
+
+  /**
+   * Set browser mode for development environment.
+   * Only affects behavior when NODE_ENV=development.
+   * @param mode - The browser mode to use in development
+   */
+  setDevelopmentMode(mode: BrowserMode): void {
+    this.developmentMode = mode;
+  }
+
+  /**
+   * Get current development browser mode setting.
+   * @returns The current browser mode for development
+   */
+  getDevelopmentMode(): BrowserMode {
+    return this.developmentMode;
+  }
+}

packages/infrastructure/config/index.ts

@@ -1,6 +1,8 @@
 /**
- * Configuration module exports for infrastructure layer.
+ * Infrastructure configuration barrel export.
+ * Exports all configuration modules for easy imports.
  */
 
-export type { AutomationMode, AutomationEnvironmentConfig } from './AutomationConfig';
-export { loadAutomationConfig, getAutomationMode } from './AutomationConfig';
+export * from './AutomationConfig';
+export * from './LoggingConfig';
+export * from './BrowserModeConfig';

packages/shared/result/Result.ts

@@ -59,4 +59,20 @@ export class Result<T, E = Error> {
     }
     return Result.err(this._error!);
   }
+
+  /**
+   * Direct access to the value (for testing convenience).
+   * Prefer using unwrap() in production code.
+   */
+  get value(): T | undefined {
+    return this._value;
+  }
+
+  /**
+   * Direct access to the error (for testing convenience).
+   * Prefer using unwrapErr() in production code.
+   */
+  get error(): E | undefined {
+    return this._error;
+  }
 }