import * as ed25119 from "@noble/ed25519";
/**
 * Key used to sign ODIN-Tokens.
 */
export type SecretKey = ed25119.Bytes;
/**
 * Generates a new ODIN access, which is a 44 character long Base64-String that consists of an
 * internal version number, a set of random bytes and a checksum.
 *
 * @returns The new ODIN access key.
 */
export declare function generateAccessKey(): string;
/**
 * Validates an ODIN access key and loads its key pair.
 *
 * @param accessKey - The ODIN access key as a Base64-encoded string from which to load a key pair.
 * @returns The loaded key pair.
 */
export declare function loadAccessKey(accessKey: string): Promise<SecretKey>;
/**
 * Generates a key ID from a given secret key.
 *
 * @param key - The key from which to generate a key ID.
 * @returns The generated key ID as a Base64-encoded string.
 */
export declare function getKeyId(key: SecretKey): Promise<string>;
/**
 * Exports the public key from a given secret key.
 *
 * @param key The secret key
 * @returns The public key as Base64-Uri-encoded string.
 */
export declare function getPublicKey(key: SecretKey): Promise<string>;
/** Additional fields that can be set inside a Token  */
export interface TokenOptions {
    /** set the customer identification */
    customer?: string;
    /** restrict who can accept the token */
    audience?: "gateway" | "sfu";
    /** restrict the purpose of the token */
    subject?: string | string[];
    /** set the specific server address to use */
    address?: string;
    /** set optional tags to assign to the client */
    tags?: string[];
    /** set the specific upstream address to use */
    upstream?: string;
    /** how long the token remains valid */
    lifetime?: number;
    /** custom properties to store */
    internal?: Record<string, unknown>;
}
/**
 * Generates tokens that can be used to access the ODIN network.
 */
export declare class TokenGenerator {
    private readonly keyId;
    private readonly secretKey;
    /**
     * Creates a TokenGenerator.
     *
     * @param accessKey used to sign the generated tokens
     */
    constructor(accessKey: string);
    /**
     * Creates a TokenGenerator.
     *
     * @param key used to sign the generated tokens
     */
    constructor(key: SecretKey);
    /**
     * Creates a signed JWT with a custom payload using the EdDSA signature scheme.
     *
     * @param payload - The payload object to sign.
     * @returns A signed token string.
     */
    sign(payload: Record<string, unknown>): Promise<string>;
    /**
     * Creates a signed JWT to grant access to an ODIN room using the EdDSA signature scheme.
     *
     * @param roomId - The room ID(s) for which the token is being generated.
     * @param userId - The ID of the user for whom the token is being generated.
     * @param options - An optional object containing additional token parameters.
     * @returns A signed token string.
     */
    createToken(roomId: string | string[], userId: string, options?: TokenOptions): Promise<string>;
}