import type { AuthProviderConfig, WorkOSConfig, AuthUser, TokenValidationResult, AuthRequestContext, AuthHealthCheck } from "../../types/index.js";
import { BaseAuthProvider } from "./BaseAuthProvider.js";
/**
 * WorkOS Authentication Provider
 *
 * Supports WorkOS for enterprise SSO and user management.
 * Validates JWTs issued by WorkOS and fetches user information.
 *
 * Features:
 * - JWT validation using WorkOS JWKS
 * - SSO token validation
 * - Enterprise directory integration
 * - Organization support for multi-tenant apps
 * - Session management (inherited from BaseAuthProvider)
 *
 * @example
 * ```typescript
 * const workos = new WorkOSProvider({
 *   type: "workos",
 *   apiKey: "sk_...",
 *   clientId: "client_..."
 * });
 *
 * const result = await workos.authenticateToken(accessToken);
 * if (result.valid) {
 *   console.log("Authenticated user:", result.user);
 * }
 * ```
 */
export declare class WorkOSProvider extends BaseAuthProvider {
    readonly type: "workos";
    private apiKey;
    private clientId;
    private organizationId?;
    private jwks;
    constructor(config: AuthProviderConfig & WorkOSConfig);
    /**
     * Initialize JWKS for WorkOS token verification
     */
    initialize(): Promise<void>;
    /**
     * Validate WorkOS access token
     */
    authenticateToken(token: string, _context?: AuthRequestContext): Promise<TokenValidationResult>;
    /**
     * Validate session via WorkOS API
     */
    private validateSessionViaAPI;
    /**
     * Get user by ID via WorkOS API
     */
    getUser(userId: string): Promise<AuthUser | null>;
    /**
     * Get user by email via WorkOS API
     */
    getUserByEmail(email: string): Promise<AuthUser | null>;
    /**
     * Health check
     */
    healthCheck(): Promise<AuthHealthCheck>;
}