import type { Plugin } from '@envelop/types';
import type { BusinessScopeParseResult } from '../shared/types/auth.js';
export interface RawAuth {
    authType: 'jwt' | 'apiKey' | 'devBypass' | 'gatewayControlPlane' | null;
    token: string | null;
    /**
     * Parsed `X-Business-Scope` header, present only when the header was sent.
     * Auth context validates it against the user's memberships.
     */
    requestedBusinessScope?: BusinessScopeParseResult;
}
/**
 * AuthPlugin - Extracts authentication credentials from request headers.
 *
 * This plugin is part of the Auth0 authentication system.
 * It ONLY handles credential extraction. Verification and context creation
 * are delegated to the AuthContextProvider.
 *
 * Responsibilities:
 * 1. Extract `X-Dev-Auth: <user-id>` (Dev Bypass, gated by ALLOW_DEV_AUTH=1)
 * 1. Extract `Authorization: Bearer <token>` (JWT)
 * 2. Extract `X-API-Key: <key>` (API Key)
 * 3. Add `rawAuth` object to Yoga context
 */
export declare const authPlugin: () => Plugin<{
    rawAuth: RawAuth;
}>;
