export interface UserInfo {
    /**
     * OpenID Connect field. Unique identifier for the user, even in case of rename.
     */
    sub: string;
    /**
     * OpenID Connect field. The user's full name.
     */
    name: string;
    /**
     * OpenID Connect field. The user's username.
     */
    preferred_username: string;
    /**
     * OpenID Connect field, available if scope "email" was granted.
     */
    email_verified?: boolean;
    /**
     * OpenID Connect field, available if scope "email" was granted.
     */
    email?: string;
    /**
     * OpenID Connect field. The user's profile picture URL.
     */
    picture: string;
    /**
     * OpenID Connect field. The user's profile URL.
     */
    profile: string;
    /**
     * OpenID Connect field. The user's website URL.
     */
    website?: string;
    /**
     * Hugging Face field. Whether the user is a pro user.
     */
    isPro: boolean;
    /**
     * Hugging Face field. Whether the user has a payment method set up. Needs "read-billing" scope.
     */
    canPay?: boolean;
    /**
     * Hugging Face field. The user's orgs
     */
    orgs?: Array<{
        /**
         * OpenID Connect field. Unique identifier for the org.
         */
        sub: string;
        /**
         * OpenID Connect field. The org's full name.
         */
        name: string;
        /**
         * OpenID Connect field. The org's username.
         */
        preferred_username: string;
        /**
         * OpenID Connect field. The org's profile picture URL.
         */
        picture: string;
        /**
         * Hugging Face field. The org's plan (e.g., "enterprise", "team").
         */
        plan?: string;
        /**
         * Hugging Face field. Whether the org has a payment method set up. Needs "read-billing" scope, and the user needs to approve access to the org in the OAuth page.
         */
        canPay?: boolean;
        /**
         * Hugging Face field. The user's role in the org. The user needs to approve access to the org in the OAuth page.
         */
        roleInOrg?: string;
        /**
         * @deprecated Use securityRestrictions instead with "sso"
         * HuggingFace field. When the user granted the oauth app access to the org, but didn't complete SSO.
         *
         * Should never happen directly after the oauth flow.
         */
        pendingSSO?: boolean;
        /**
         * @deprecated Use securityRestrictions instead with "mfa"
         *
         * HuggingFace field. When the user granted the oauth app access to the org, but didn't complete MFA.
         *
         * Should never happen directly after the oauth flow.
         */
        missingMFA?: boolean;
        /**
         * HuggingFace field. When the user granted the oauth app access to the org, but didn't complete following security restrictions.
         *
         * Should never happen directly after the oauth flow.
         */
        securityRestrictions?: ("mfa" | "sso" | "ip" | "token-policy")[];
    }>;
}
export interface OAuthResult {
    accessToken: string;
    accessTokenExpiresAt: Date;
    userInfo: UserInfo;
    /**
     * State passed to the OAuth provider in the original request to the OAuth provider.
     */
    state?: string;
    /**
     * Granted scope
     */
    scope: string;
}
/**
 * To call after the OAuth provider redirects back to the app.
 *
 * There is also a helper function {@link oauthHandleRedirectIfPresent}, which will call `oauthHandleRedirect` if the URL contains an oauth code
 * in the query parameters and return `false` otherwise.
 */
export declare function oauthHandleRedirect(opts?: {
    /**
     * The URL of the hub. Defaults to {@link HUB_URL}.
     */
    hubUrl?: string;
    /**
     * The URL to analyze.
     *
     * @default window.location.href
     */
    redirectedUrl?: string;
    /**
     * nonce generated by oauthLoginUrl
     *
     * @default localStorage.getItem("huggingface.co:oauth:nonce")
     */
    nonce?: string;
    /**
     * codeVerifier generated by oauthLoginUrl
     *
     * @default localStorage.getItem("huggingface.co:oauth:code_verifier")
     */
    codeVerifier?: string;
}): Promise<OAuthResult>;
/**
 * To call after the OAuth provider redirects back to the app.
 *
 * It returns false if the URL does not contain an oauth code in the query parameters, otherwise
 * it calls {@link oauthHandleRedirect}.
 *
 * Depending on your app, you may want to call {@link oauthHandleRedirect} directly instead.
 */
export declare function oauthHandleRedirectIfPresent(opts?: {
    /**
     * The URL of the hub. Defaults to {@link HUB_URL}.
     */
    hubUrl?: string;
    /**
     * The URL to analyze.
     *
     * @default window.location.href
     */
    redirectedUrl?: string;
    /**
     * nonce generated by oauthLoginUrl
     *
     * @default localStorage.getItem("huggingface.co:oauth:nonce")
     */
    nonce?: string;
    /**
     * codeVerifier generated by oauthLoginUrl
     *
     * @default localStorage.getItem("huggingface.co:oauth:code_verifier")
     */
    codeVerifier?: string;
}): Promise<OAuthResult | false>;
//# sourceMappingURL=oauth-handle-redirect.d.ts.map