import type { AuthHealthCheck, AuthProviderConfig, AuthRequestContext, JWTConfig, TokenValidationResult } from "../../types/index.js";
import { BaseAuthProvider } from "./BaseAuthProvider.js";
/**
 * Generic JWT Provider
 *
 * Supports validation of JWT tokens using either symmetric secrets (HS256/384/512)
 * or asymmetric keys (RS256/384/512, ES256/384/512).
 *
 * Features:
 * - Symmetric secret validation (HMAC)
 * - Asymmetric key validation (RSA, ECDSA)
 * - Configurable algorithms
 * - Issuer and audience validation
 * - Token signing (symmetric keys only)
 * - Session management (inherited from BaseAuthProvider)
 *
 * @example
 * ```typescript
 * // Symmetric key (HMAC)
 * const jwtProvider = new JWTProvider({
 *   type: "jwt",
 *   secret: "your-256-bit-secret",
 *   algorithms: ["HS256"],
 *   issuer: "your-app",
 *   audience: "your-api",
 * });
 *
 * // Asymmetric key (RSA/ECDSA)
 * const jwtProvider = new JWTProvider({
 *   type: "jwt",
 *   publicKey: "-----BEGIN PUBLIC KEY-----...",
 *   algorithms: ["RS256"],
 *   issuer: "your-app",
 * });
 *
 * const result = await jwtProvider.authenticateToken(token);
 * ```
 */
export declare class JWTProvider extends BaseAuthProvider {
    readonly type: "jwt";
    private secret?;
    private publicKey?;
    private algorithms;
    private issuer?;
    private audience?;
    private keyObject;
    constructor(config: AuthProviderConfig & JWTConfig);
    /**
     * Initialize the key for verification
     */
    initialize(): Promise<void>;
    /**
     * Validate JWT token
     */
    authenticateToken(token: string, _context?: AuthRequestContext): Promise<TokenValidationResult>;
    /**
     * Create a signed JWT token
     *
     * Useful for issuing tokens from this provider.
     */
    signToken(payload: Record<string, unknown>, options?: {
        expiresIn?: string;
    }): Promise<string>;
    /**
     * Health check
     */
    healthCheck(): Promise<AuthHealthCheck>;
}