fix(ancpi): recognize AMAuthCookie as valid OpenAM session cookie

ANCPI's OpenAM uses AMAuthCookie instead of iPlanetDirectoryPro.
Accept AMAuthCookie, iPlanetDirectoryPro, or JSESSIONID as valid
session indicators. Navigate to ePay after auth to establish JSESSIONID.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

src/modules/parcel-sync/services/epay-client.ts

@@ -202,27 +202,28 @@ export class EpayClient {
       JSON.stringify(allCookies),
     );
 
-    const hasSession = allCookies.some(
-      (c) => c.key === "iPlanetDirectoryPro" || c.key === "JSESSIONID",
+    // OpenAM at ANCPI uses AMAuthCookie (not iPlanetDirectoryPro)
+    const SESSION_COOKIE_NAMES = [
+      "AMAuthCookie",
+      "iPlanetDirectoryPro",
+      "JSESSIONID",
+    ];
+    const hasSession = allCookies.some((c) =>
+      SESSION_COOKIE_NAMES.includes(c.key),
     );
 
     if (!hasSession) {
-      // Last resort: try the full HTML for credit info — if we can see credits, we're logged in
-      const checkResponse = await this.client.get(
-        `${BASE_URL}/LogIn.action`,
-        {
+      throw new Error("ePay login failed (no session cookie)");
+    }
+
+    // Navigate to ePay to establish JSESSIONID (if not already there)
+    const hasJsessionId = allCookies.some((c) => c.key === "JSESSIONID");
+    if (!hasJsessionId) {
+      await this.client.get(`${BASE_URL}/LogIn.action`, {
         timeout: DEFAULT_TIMEOUT_MS,
         maxRedirects: 5,
         validateStatus: () => true,
-        },
-      );
-      const checkHtml = String(checkResponse.data ?? "");
-      if (checkHtml.includes("puncte de credit")) {
-        console.log("[epay] Login successful (verified via credit check).");
-        return;
-      }
-
-      throw new Error("ePay login failed (no session cookie)");
+      });
     }
 
     console.log("[epay] Login successful.");