/**
 * Base error class for all NeuroLink-specific errors.
 * This allows for easy identification of errors thrown by the SDK.
 */
export declare class BaseError extends Error {
    constructor(message: string);
}
/**
 * Thrown when a provider encounters a generic error.
 */
export declare class ProviderError extends BaseError {
    provider?: string | undefined;
    constructor(message: string, provider?: string | undefined);
}
/**
 * Thrown for authentication-related errors, such as invalid or missing API keys.
 */
export declare class AuthenticationError extends ProviderError {
    constructor(message: string, provider?: string);
}
/**
 * Thrown for authorization errors, where the user does not have permission.
 */
export declare class AuthorizationError extends ProviderError {
    constructor(message: string, provider?: string);
}
/**
 * Thrown for network-related issues, such as connectivity problems or timeouts.
 */
export declare class NetworkError extends ProviderError {
    constructor(message: string, provider?: string);
}
/**
 * Thrown when an API rate limit has been exceeded.
 */
export declare class RateLimitError extends ProviderError {
    constructor(message: string, provider?: string);
}
/**
 * Thrown when a specified model is not found or is invalid for the provider.
 */
export declare class InvalidModelError extends ProviderError {
    constructor(message: string, provider?: string);
}
/**
 * Base class for OAuth-specific errors
 */
export declare class OAuthError extends BaseError {
    code?: string | undefined;
    constructor(message: string, code?: string | undefined);
}
/**
 * Thrown when OAuth configuration is invalid or missing
 */
export declare class OAuthConfigurationError extends OAuthError {
    constructor(message: string);
}
/**
 * Thrown when authorization code exchange fails
 */
export declare class OAuthTokenExchangeError extends OAuthError {
    statusCode?: number | undefined;
    constructor(message: string, statusCode?: number | undefined);
}
/**
 * Thrown when token refresh fails
 */
export declare class OAuthTokenRefreshError extends OAuthError {
    statusCode?: number | undefined;
    constructor(message: string, statusCode?: number | undefined);
}
/**
 * Thrown when token validation fails
 */
export declare class OAuthTokenValidationError extends OAuthError {
    constructor(message: string);
}
/**
 * Thrown when token revocation fails
 */
export declare class OAuthTokenRevocationError extends OAuthError {
    statusCode?: number | undefined;
    constructor(message: string, statusCode?: number | undefined);
}
/**
 * Thrown when callback server operations fail
 */
export declare class OAuthCallbackServerError extends OAuthError {
    constructor(message: string);
}
/**
 * Token storage error for authentication-related failures
 */
export declare class TokenStoreError extends BaseError {
    readonly code: "STORAGE_ERROR" | "ENCRYPTION_ERROR" | "VALIDATION_ERROR" | "NOT_FOUND" | "REFRESH_ERROR";
    constructor(message: string, code?: "STORAGE_ERROR" | "ENCRYPTION_ERROR" | "VALIDATION_ERROR" | "NOT_FOUND" | "REFRESH_ERROR");
}
/**
 * Error thrown when model access is denied based on subscription tier
 */
export declare class ModelAccessError extends BaseError {
    readonly model: string;
    readonly tier: string;
    readonly requiredTier: string;
    constructor(model: string, tier: string, requiredTier: string);
}
/**
 * Curator P1-1: thrown when a provider rejects a request because the
 * caller's team / API key is not whitelisted for the requested model.
 *
 * LiteLLM's `team not allowed to access model. This team can only access
 * models=['glm-latest', 'kimi-latest', ...]` is the canonical example —
 * the list is parsed off the error body so callers / fallback orchestrators
 * can choose a whitelisted alternative without scraping strings.
 */
export declare class ModelAccessDeniedError extends ProviderError {
    readonly requestedModel: string | undefined;
    readonly allowedModels: string[] | undefined;
    readonly code: "MODEL_ACCESS_DENIED";
    constructor(message: string, options?: {
        provider?: string;
        requestedModel?: string;
        allowedModels?: string[];
    });
}
/**
 * Parse the `allowed_models` array out of a provider error message body.
 * Currently targets the LiteLLM team-whitelist response shape:
 *
 *   "team not allowed to access model. This team can only access
 *    models=['glm-latest', 'kimi-latest', 'open-large']"
 *
 * Implementation note: deliberately uses `indexOf`/`slice` instead of a
 * single `/models\s*=\s*\[([^\]]*)\]/` regex. CodeQL flagged the latter
 * as `js/polynomial-redos` because the `[^\]]*` greedy quantifier on
 * library-supplied input can be exploited by a crafted long string. The
 * indexOf/slice path is O(n) with no backtracking and we additionally
 * cap the input length.
 *
 * Returns undefined when no list is found.
 */
export declare function parseAllowedModels(message: string): string[] | undefined;
/**
 * Returns true when `message` looks like a model-access-denied response
 * (LiteLLM "team not allowed", generic "not allowed to access model",
 * or "team can only access models=[...]").
 */
export declare function isModelAccessDeniedMessage(message: string): boolean;