import { Token } from "../token/types.js";
import { SignClaimOptions } from "../claim/types.js";
import { Identity, Nametag } from "../identity/types.js";
export type VerifyLoginOptions = {
    session: Session;
    appOrigins: string[];
};
export type LoginSignClaimOptions<C> = Omit<SignClaimOptions<C>, "session" | "appOrigin">;
/** a login session */
export type Session = {
    /** private key for a login session */
    secret: string;
    /** proof for this session */
    proofToken: string;
};
export type GenerateSessionOptions = {
    expiresAt: number;
    identity: Identity;
    appOrigin: string;
    authorityOrigin: string;
};
/** proof that a session was signed by the user's identity */
export type Proof = {
    sessionId: string;
    nametag: Nametag;
};
export type SignProofOptions = {
    identitySecret: string;
    expiresAt: number;
    proof: Proof;
    appOrigin: string;
    authorityOrigin: string;
};
export type VerifyProofOptions = {
    proofToken: string;
    appOrigins: string[];
    atTime?: number | null;
};
/** token payload that contains proof */
export type ProofPayload = {
    data: Proof;
    exp: number;
    sub: string;
    iss: string;
    aud: string;
} & Token;